howtodumb

Thank you so much for your help! I thought this was just another internet forum when I stumbled upon it, but I can see now that malwarebytes.org is teeming with experts on computer security. Again, thank you!

Update were installed successfully and I used Defraggler to defrag the drive. Unfortunately the drive is still 26% fragmented. Everything seems to be running well!

Results of screen317's Security Check version 0.99.46 Windows 7 x64 (UAC is enabled) Out of date service pack!! Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Anti-Virus Free Edition 2012 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Google Chrome 21.0.1180.79 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgtray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 33% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````

ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=ce0b3613ab14034b9bcee4d6c472b277 # end=finished # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-08-20 09:28:47 # local_time=2012-08-20 04:28:47 (-0600, Central Daylight Time) # country="United States" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=1024 16777215 100 0 436 436 0 0 # compatibility_mode=5893 16776574 100 94 2967 97039527 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=193730 # found=1 # cleaned=0 # scan_time=2049 C:\Users\Compbro\Downloads\winrar setup.exe a variant of Win32/Soft32Downloader.B application (unable to clean) 00000000000000000000000000000000 I

WhiteSmoke toolbar is no longer present! Thank you so much for your time! All processes killed ========== FILES ========== C:\Users\Compbro\AppData\Local\Conduit folder moved successfully. ========== OTL ========== Use Chrome's Settings page to remove the default_search_provider items. Use Chrome's Settings page to remove the default_search_provider items. Use Chrome's Settings page to remove the default_search_provider items. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins/np-cwmp.dll moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\_locales\en folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\_locales folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\toolbarImages folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\sl folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\lib\jquery.alerts\images folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\lib\jquery.alerts folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\lib folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\core folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\WEATHER\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\WEATHER\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\WEATHER folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TWITTER\resources folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TWITTER\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TWITTER\img folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TWITTER folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_POPUP\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_POPUP folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_EMBEDDED folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\view\style\rsx folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\view\style folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\view\script folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\view folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\resources folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\Css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\buildSettings folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\images folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\Optimizer\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\Optimizer folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\images\light folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\images\dark folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\images folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS\img folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\HIGHLIGHTER\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\HIGHLIGHTER folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\404 folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\menu\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\menu\img folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\menu\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\menu folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\gf\img folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\gf\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\gf folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\gadgetFrame folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\dlg\ftd\images folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\dlg\ftd folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\dlg folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options\js\resources folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options\images folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\myStuffDialogs folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\features\js\resources folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\features\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\features folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\api folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ac\res folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ac\img folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ac\css folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ac folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\aboutBox\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\aboutBox\images folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\aboutBox folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\toolbarAPI folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\tabs\back folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\tabs folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\popup folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\options folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\lib folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js folder moved successfully. C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0 folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Compbro ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 5819463 bytes ->Google Chrome cache emptied: 224900410 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 70774853 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46396021 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 332.00 mb [EMPTYFLASH] User: All Users User: Compbro User: Default User: Default User User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.58.0 log created on 08192012_115537 Files\Folders moved on Reboot... C:\Users\Compbro\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\Compbro\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot...

OTL Extras logfile created on: 8/18/2012 4:46:55 PM - Run 1 OTL by OldTimer - Version 3.2.58.0 Folder = C:\Users\Compbro\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 8.00 Gb Total Physical Memory | 6.54 Gb Available Physical Memory | 81.74% Memory free 16.00 Gb Paging File | 14.59 Gb Available in Paging File | 91.18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74.41 Gb Total Space | 20.17 Gb Free Space | 27.10% Space Free | Partition Type: NTFS Drive D: | 100.00 Mb Total Space | 76.24 Mb Free Space | 76.25% Space Free | Partition Type: NTFS Drive E: | 1862.92 Gb Total Space | 1862.66 Gb Free Space | 99.99% Space Free | Partition Type: NTFS Computer Name: COMPBRO-PC | User Name: Compbro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0BFFE11B-99E5-4DC3-A0CF-EF333D66DDDC}" = lport=139 | protocol=6 | dir=in | app=system | "{11DBF735-0FC2-4009-BD40-405DAA919352}" = lport=445 | protocol=6 | dir=in | app=system | "{25FEF3DC-7012-43EC-9EC4-531995365CF8}" = rport=445 | protocol=6 | dir=out | app=system | "{3E2FAECD-FD50-4E76-81E3-9C3434EA44A9}" = lport=10243 | protocol=6 | dir=in | app=system | "{3FCE25D7-3D3A-417B-B861-A2CC61DE643A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{413B8FC6-8A6C-4813-96AD-7E1D3CE4E464}" = rport=138 | protocol=17 | dir=out | app=system | "{4DC8178F-87A2-491D-A903-C06E707BF893}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{54DB3C91-D1B5-48A2-A0FE-FB13F540B085}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{58AA5678-B2E0-4FFD-9114-3A2AC8DC7E6E}" = rport=10243 | protocol=6 | dir=out | app=system | "{5C2392DB-C39D-4557-BEDF-917D46141E2F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{75FE4866-9082-4D8D-A10F-D361F6415EAC}" = lport=138 | protocol=17 | dir=in | app=system | "{87D85696-3E13-49F6-8BDD-70EFD43AD7A5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9363C64A-59C0-46C3-8977-FC034E9CC2D0}" = rport=137 | protocol=17 | dir=out | app=system | "{A295321F-EF36-42A0-938B-29D0124330FE}" = lport=2869 | protocol=6 | dir=in | app=system | "{BAC7667E-2785-42A2-ADCC-95F13EC4FA72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BAC86444-0013-4DDA-BB8E-39F75AE13838}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C5961AB4-D06C-454C-89F5-9118211651AC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{C8A1D39E-8023-44A3-B8A1-08659F014780}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{DC70A9D3-0A17-4D50-B0DA-1F19A10B63E8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E6678373-E443-4010-B297-1E724BE2A6B8}" = rport=139 | protocol=6 | dir=out | app=system | "{FCFE55D4-47AB-4D0D-B916-CA9CBB681B67}" = lport=137 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0D211C91-D991-47A5-A229-2269E7E96712}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{1E22F423-8234-42E8-8AE3-5FE7127A15C8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{1F6B6700-5138-45EB-8398-3155E6D50D00}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2529F34F-566E-4B69-97AB-B183C057AB9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{3F69450D-20CF-4503-9508-89A09BFADB5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{49A18BD0-1E7C-4F93-A3AC-FD1E6E23F009}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{4F875974-6E5F-43FD-BFC6-DE59D1977EDA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{54998103-8713-4A42-B20C-ABB523623849}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{590E92E6-DD90-4E76-B7C3-B53403D4059A}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | "{59623C5E-54C0-4D30-9ED6-679FE8194C31}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{63BFF2FB-DAFF-440D-A9A0-B74AF4393D73}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{6472494E-962F-49AD-93EF-B21111660923}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6C78B54B-9C3A-4350-956D-34D5937B770F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{7D6ACDA8-C3E6-4046-B3E1-364EB44FDE15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{80A39FEA-0F0B-4745-AE75-822DD960D57E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{8594CB60-55DA-4FEB-AA85-454B04587A63}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{90AB4EDE-6946-407C-81D8-1B2D4322A9C8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{92A4F0BE-AA40-4E68-9571-6BDD52405B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{96009D92-1BD6-4CE7-A8D7-1E92AA61DB98}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{9E1D344D-B6AE-494D-8F48-AC6B1A636DCC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{B128D9CE-E685-46B0-8684-227415D66871}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{B2675CF9-2BB5-4E1F-8F74-BDAD129974ED}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{B5F8002A-B50F-4CCB-B9A1-89C52A2030AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{C10FBB44-AED8-4559-A987-CB424D4F344B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{CBDC6E71-FC48-4227-AEA1-A80F4D5CB354}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DA01CC61-A287-43A1-80F4-A6D0FFF66CF3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{DACEBA01-34FA-48F3-8AB4-C7D4FD2A6761}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{DB2CE32E-442D-455F-8C34-5224EDFF616C}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | "{DF971F58-84A9-4BCB-8E95-9B1854321418}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E1591A70-49E8-403B-B18A-C4C85873BD90}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{E574B053-9219-48B1-ADA5-A4779E53E042}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{E970AA54-FCB6-45AE-81AE-9C49BE302F31}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EAB4A534-2F93-467F-BEFD-E412394CDF0E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{F0A11CC4-8C52-4EFB-92A4-C151B914A4D8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{F40EC78E-7581-4CA1-A054-CCABFDA907B0}" = protocol=6 | dir=out | app=system | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{12D93D02-3C15-DF08-581F-52E4A1EB0A3D}" = AMD Drag and Drop Transcoding "{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10 "{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012 "{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{59B69525-1383-C84A-38EF-F442B63E69BC}" = AMD Media Foundation Decoders "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64) "{838AF9AD-DE38-17FB-57F6-ADDF929F191E}" = AMD Accelerated Video Transcoding "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{A108BD40-0A8C-4385-8874-74C4B6086CC3}" = AVG 2012 "{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64 "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "AVG" = AVG 2012 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "WinRAR archiver" = WinRAR 4.20 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish "{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish "{12A00DC2-1226-D9F2-13DA-F974111D439E}" = Catalyst Control Center "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy "{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish "{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional "{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French "{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek "{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish "{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German "{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean "{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian "{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai "{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian "{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch "{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian "{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian "{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish "{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish "{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common "{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard "{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese "{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding "{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All "Battlelog Web Plugins" = Battlelog Web Plugins "ESN Sonar-0.70.4" = ESN Sonar "Origin" = Origin "Picasa 3" = Picasa 3 "PunkBusterSvc" = PunkBuster Services "Revo Uninstaller" = Revo Uninstaller 1.94 "Seagate File Recovery for WindowsNSIS" = Seagate File Recovery for Windows 2.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 8/10/2012 12:59:41 AM | Computer Name = Compbro-PC | Source = Windows Installer 3.1 | ID = 921877 Description = Error - 8/10/2012 4:04:23 PM | Computer Name = Compbro-PC | Source = Application Error | ID = 1000 Description = Faulting application name: mscorsvw.exe, version: 2.0.50727.4927, time stamp: 0x4a275ab4 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x74916a34 Faulting process id: 0xbec Faulting application start time: 0x01cd7733487fe51a Faulting application path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe Faulting module path: unknown Report Id: 93dc598d-e326-11e1-afc8-002564843ccb Error - 8/10/2012 4:04:25 PM | Computer Name = Compbro-PC | Source = Application Error | ID = 1000 Description = Faulting application name: PnkBstrA.exe, version: 0.0.0.0, time stamp: 0x4f144d4e Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x74916a34 Faulting process id: 0x724 Faulting application start time: 0x01cd7732fb3fbcb5 Faulting application path: C:\Windows\SysWOW64\PnkBstrA.exe Faulting module path: unknown Report Id: 9530be54-e326-11e1-afc8-002564843ccb Error - 8/10/2012 4:04:30 PM | Computer Name = Compbro-PC | Source = Application Error | ID = 1000 Description = Faulting application name: ToolbarUpdater.exe, version: 12.2.0.5, time stamp: 0x501a9284 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x74916a34 Faulting process id: 0x7a0 Faulting application start time: 0x01cd7732fbb46023 Faulting application path: C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe Faulting module path: unknown Report Id: 982a76ac-e326-11e1-afc8-002564843ccb Error - 8/16/2012 6:57:14 PM | Computer Name = Compbro-PC | Source = Application Hang | ID = 1002 Description = The program PicasaPhotoViewer.exe version 3.9.135.93 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: fa4 Start Time: 01cd7c0257ec0d13 Termination Time: 0 Application Path: C:\Program Files\Picasa3\PicasaPhotoViewer.exe Report Id: ad534faf-e7f5-11e1-b5c9-002564843ccb Error - 8/16/2012 6:59:04 PM | Computer Name = Compbro-PC | Source = Application Hang | ID = 1002 Description = The program PicasaPhotoViewer.exe version 3.9.135.93 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 424 Start Time: 01cd7c02829073bb Termination Time: 15 Application Path: C:\Program Files\Picasa3\PicasaPhotoViewer.exe Report Id: f5f20acb-e7f5-11e1-b5c9-002564843ccb Error - 8/16/2012 11:59:56 PM | Computer Name = Compbro-PC | Source = Application Hang | ID = 1002 Description = The program Explorer.EXE version 6.1.7600.16768 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: ac4 Start Time: 01cd7c2964f62846 Termination Time: 60000 Application Path: C:\Windows\Explorer.EXE Report Id: d4558c00-e81f-11e1-a3b6-002564843ccb [ System Events ] Error - 8/18/2012 6:01:28 AM | Computer Name = Compbro-PC | Source = Application Popup | ID = 1060 Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 8/18/2012 6:01:29 AM | Computer Name = Compbro-PC | Source = Application Popup | ID = 1060 Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 8/18/2012 6:01:52 AM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 8/18/2012 6:03:12 AM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7023 Description = The Windows Defender service terminated with the following error: %%126 Error - 8/18/2012 5:29:26 PM | Computer Name = Compbro-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installation Failure: Windows failed to install the following update with error 0x80004004: Update for Windows 7 for x64-based Systems (KB2505438). Error - 8/18/2012 5:34:43 PM | Computer Name = Compbro-PC | Source = Application Popup | ID = 1060 Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 8/18/2012 5:34:43 PM | Computer Name = Compbro-PC | Source = Application Popup | ID = 1060 Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 8/18/2012 5:37:07 PM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 8/18/2012 5:39:03 PM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 8/18/2012 5:40:20 PM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7023 Description = The Windows Defender service terminated with the following error: %%126 < End of report >

========== Files - Modified Within 30 Days ========== [2012/08/18 16:45:58 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Compbro\Desktop\OTL.exe [2012/08/18 16:40:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/08/18 16:40:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/18 16:40:01 | 2146,684,927 | -HS- | M] () -- C:\hiberfil.sys [2012/08/18 16:39:10 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/18 16:39:10 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/18 16:33:07 | 004,735,580 | R--- | M] (Swearware) -- C:\Users\Compbro\Desktop\ComboFix.exe [2012/08/18 16:31:49 | 104,295,870 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/08/18 05:07:04 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job [2012/08/18 03:36:25 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012/08/18 03:36:25 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/08/18 03:36:01 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012/08/17 23:07:05 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job [2012/08/17 22:20:21 | 000,001,264 | ---- | M] () -- C:\Users\Compbro\Desktop\Revo Uninstaller.lnk [2012/08/17 15:57:10 | 000,771,962 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/08/17 15:57:10 | 000,659,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/17 15:57:10 | 000,120,508 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/17 15:57:02 | 000,771,962 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/17 14:54:24 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk [2012/08/16 22:35:28 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/08/16 17:39:58 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2012/08/16 17:38:40 | 000,000,009 | ---- | M] () -- C:\END [2012/08/16 17:37:29 | 000,002,461 | ---- | M] () -- C:\Users\Compbro\Desktop\Google Chrome.lnk [2012/08/16 17:30:12 | 000,032,888 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/08/11 21:06:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf [2012/08/11 21:06:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_winusb_01009.Wdf [2012/08/10 15:08:09 | 000,001,437 | ---- | M] () -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/08/10 14:18:10 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012/08/10 14:18:10 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012/08/10 14:18:10 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012/08/10 14:18:10 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012/08/10 14:18:10 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012/08/10 14:18:10 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012/08/10 14:18:10 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012/08/10 14:18:10 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012/08/10 14:18:10 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012/08/10 14:18:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012/08/10 14:18:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012/08/10 14:18:10 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012/08/10 14:18:10 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012/08/10 14:18:10 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012/08/10 14:18:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012/08/10 14:18:10 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012/08/10 14:18:10 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012/08/10 14:18:09 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012/08/10 14:18:09 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012/08/10 14:18:09 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012/08/10 14:18:09 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012/08/10 14:18:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012/08/10 14:18:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012/08/10 14:18:09 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012/08/10 14:18:09 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012/08/10 14:18:09 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012/08/10 14:18:09 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012/08/10 14:18:09 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012/08/10 14:18:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012/08/10 14:18:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012/08/10 14:18:09 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012/08/10 14:18:09 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012/08/10 14:18:09 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012/08/10 14:18:09 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012/08/10 14:18:09 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012/08/10 14:18:09 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012/08/10 14:18:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012/08/10 14:18:08 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012/08/10 14:18:08 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012/08/10 14:18:08 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012/08/10 14:18:08 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012/08/10 14:18:08 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012/08/10 14:18:08 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012/08/10 14:18:08 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012/08/10 14:18:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012/08/10 14:18:08 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012/08/10 14:18:08 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012/08/10 14:18:08 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012/08/10 14:18:08 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012/08/10 14:18:08 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012/08/10 14:18:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012/08/10 14:18:08 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012/08/10 14:18:08 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012/08/10 14:18:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012/08/10 14:18:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012/08/10 14:18:08 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012/08/10 14:18:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012/08/10 14:18:07 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/08/10 14:18:07 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/08/10 14:18:07 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012/08/10 14:18:07 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012/08/10 11:58:21 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/08/10 03:36:20 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2012/08/09 23:59:49 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk [2012/08/09 23:48:45 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012/08/09 23:48:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012/08/09 23:48:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012/08/09 22:47:05 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012/08/09 16:04:46 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012/08/09 16:04:46 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012/08/09 16:03:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf ========== Files Created - No Company Name ========== [2012/08/18 16:31:49 | 104,295,870 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/08/18 04:57:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/08/18 04:57:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/08/18 04:57:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/08/18 04:57:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/08/18 04:57:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/08/17 22:20:21 | 000,001,264 | ---- | C] () -- C:\Users\Compbro\Desktop\Revo Uninstaller.lnk [2012/08/17 14:54:15 | 000,002,453 | ---- | C] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk [2012/08/17 14:52:13 | 000,771,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/08/16 17:39:58 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2012/08/16 17:38:40 | 000,000,009 | ---- | C] () -- C:\END [2012/08/16 17:30:12 | 000,032,888 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/08/11 21:06:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf [2012/08/11 21:06:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_winusb_01009.Wdf [2012/08/10 14:18:10 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012/08/10 14:18:08 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012/08/10 11:53:54 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012/08/10 03:36:20 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk [2012/08/10 03:35:40 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/08/10 03:35:40 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012/08/10 03:35:38 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/08/09 23:59:49 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk [2012/08/09 23:48:45 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2012/08/09 23:48:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2012/08/09 23:48:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2012/08/09 23:18:18 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2012/08/09 23:02:42 | 002,319,913 | ---- | C] () -- C:\Users\Compbro\Documents\data1.cab [2012/08/09 23:02:42 | 000,553,805 | ---- | C] () -- C:\Users\Compbro\Documents\engine32.cab [2012/08/09 23:02:42 | 000,456,860 | ---- | C] () -- C:\Users\Compbro\Documents\setup.ibt [2012/08/09 23:02:42 | 000,351,586 | ---- | C] () -- C:\Users\Compbro\Documents\setup.inx [2012/08/09 23:02:42 | 000,250,296 | ---- | C] () -- C:\Users\Compbro\Documents\setup.isn [2012/08/09 23:02:42 | 000,110,592 | ---- | C] () -- C:\Users\Compbro\Documents\alcchkid.exe [2012/08/09 23:02:42 | 000,049,152 | ---- | C] () -- C:\Users\Compbro\Documents\ChCfg.exe [2012/08/09 23:02:42 | 000,040,448 | ---- | C] () -- C:\Users\Compbro\Documents\GETDXVER.EXE [2012/08/09 23:02:42 | 000,031,388 | ---- | C] () -- C:\Users\Compbro\Documents\ALCXDEV.EXE [2012/08/09 23:02:42 | 000,027,061 | ---- | C] () -- C:\Users\Compbro\Documents\data1.hdr [2012/08/09 23:02:42 | 000,023,552 | ---- | C] () -- C:\Users\Compbro\Documents\SetCDfmt.exe [2012/08/09 23:02:42 | 000,002,826 | ---- | C] () -- C:\Users\Compbro\Documents\setup.ini [2012/08/09 23:02:42 | 000,000,534 | ---- | C] () -- C:\Users\Compbro\Documents\setup.iss [2012/08/09 23:02:42 | 000,000,512 | ---- | C] () -- C:\Users\Compbro\Documents\data2.cab [2012/08/09 23:02:42 | 000,000,473 | ---- | C] () -- C:\Users\Compbro\Documents\layout.bin [2012/08/09 23:02:42 | 000,000,136 | ---- | C] () -- C:\Users\Compbro\Documents\SetupEx.ini [2012/08/09 22:58:24 | 000,002,461 | ---- | C] () -- C:\Users\Compbro\Desktop\Google Chrome.lnk [2012/08/09 22:57:42 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job [2012/08/09 22:57:41 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job [2012/08/09 22:56:41 | 000,001,437 | ---- | C] () -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/08/09 22:47:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012/08/09 16:25:45 | 000,001,409 | ---- | C] () -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012/08/09 16:25:39 | 000,001,443 | ---- | C] () -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012/08/09 16:24:52 | 000,000,290 | ---- | C] () -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012/08/09 16:24:52 | 000,000,272 | ---- | C] () -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2012/08/09 16:04:37 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012/08/09 16:04:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012/08/09 16:03:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012/08/08 14:53:48 | 2146,684,927 | -HS- | C] () -- C:\hiberfil.sys [2012/06/11 11:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012/06/11 11:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2012/08/18 16:44:52 | 000,020,940 | ---- | M] () -- C:\ComboFix.txt [2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2012/08/16 17:38:40 | 000,000,009 | ---- | M] () -- C:\END [2012/08/18 16:40:01 | 2146,684,927 | -HS- | M] () -- C:\hiberfil.sys [2012/08/18 16:40:01 | 4293,902,335 | -HS- | M] () -- C:\pagefile.sys [2012/08/17 22:35:17 | 000,126,416 | ---- | M] () -- C:\TDSSKiller.2.8.6.0_17.08.2012_22.33.25_log.txt < %systemroot%\*. /mp /s > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report >

OTL logfile created on: 8/18/2012 4:46:55 PM - Run 1 OTL by OldTimer - Version 3.2.58.0 Folder = C:\Users\Compbro\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 8.00 Gb Total Physical Memory | 6.54 Gb Available Physical Memory | 81.74% Memory free 16.00 Gb Paging File | 14.59 Gb Available in Paging File | 91.18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74.41 Gb Total Space | 20.17 Gb Free Space | 27.10% Space Free | Partition Type: NTFS Drive D: | 100.00 Mb Total Space | 76.24 Mb Free Space | 76.25% Space Free | Partition Type: NTFS Drive E: | 1862.92 Gb Total Space | 1862.66 Gb Free Space | 99.99% Space Free | Partition Type: NTFS Computer Name: COMPBRO-PC | User Name: Compbro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/08/18 16:45:58 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Compbro\Desktop\OTL.exe PRC - [2012/08/10 11:58:21 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/06/11 12:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012/08/10 11:58:21 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/06/11 13:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012/06/11 11:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter) DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/04/27 18:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:64bit: - [2010/04/27 18:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:64bit: - [2010/04/27 16:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:64bit: - [2010/04/27 16:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 15:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A D9 17 1C FF 7B CD 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={8F248D18-EA45-4363-83C1-6218C0AA45ED}&mid=5067dbdcd4bc47d086aad16c2260d538-659e591a9c7c38316d869c685935caeb53f8e1ef〈=en&ds=AVG&pr=fr&d=2012-08-09 23:48:37&v=12.2.0.5&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{9F7A5891-E0BB-42D7-AEF1-0140BCFB60C3}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Compbro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Compbro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/09 23:47:52 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Conduit (Enabled) CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3244149'>http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3244149 CHR - default_search_provider: suggest_url = http://search.conduit.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins/np-cwmp.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Users\Compbro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - Extension: WhiteSmoke US New = C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\ CHR - Extension: AVG Do Not Track = C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\ O1 HOSTS File: ([2012/08/18 16:40:43 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.238.96.12 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E3DEBA7-42A7-422E-B07A-AD7D7C03EE70}: DhcpNameServer = 192.168.1.1 68.238.96.12 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/08/18 16:46:12 | 000,598,016 | ---- | C] (OldTimer Tools) -- C:\Users\Compbro\Desktop\OTL.exe [2012/08/18 16:44:54 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/08/18 04:57:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/08/18 04:57:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/08/18 04:57:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/08/18 04:56:58 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/08/17 23:06:21 | 004,735,580 | R--- | C] (Swearware) -- C:\Users\Compbro\Desktop\ComboFix.exe [2012/08/17 22:37:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/08/17 22:20:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2012/08/17 22:20:21 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2012/08/17 15:01:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\Seagate [2012/08/17 15:01:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Seagate [2012/08/17 15:01:16 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate File Recovery for Windows [2012/08/17 15:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate File Recovery for Windows [2012/08/17 15:01:16 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\R-TT [2012/08/17 14:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate [2012/08/17 14:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012/08/16 18:00:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/08/16 18:00:35 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/08/16 18:00:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/08/16 18:00:34 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/08/16 18:00:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/08/16 18:00:33 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/08/16 18:00:33 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/08/16 18:00:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/08/16 18:00:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/08/16 18:00:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/08/16 18:00:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/08/16 18:00:32 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/08/16 18:00:31 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/08/16 17:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Picasa3 [2012/08/16 17:38:36 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\CRE [2012/08/16 17:38:27 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Conduit [2012/08/16 11:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2012/08/16 11:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2012/08/16 11:38:11 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012/08/16 11:38:05 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012/08/16 11:38:05 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012/08/16 11:38:05 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012/08/16 11:37:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012/08/16 11:37:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012/08/16 11:37:58 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012/08/16 11:37:56 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012/08/12 23:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012/08/12 23:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech [2012/08/12 23:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2012/08/10 17:39:11 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2012/08/10 17:39:11 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2012/08/10 17:39:06 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2012/08/10 17:39:06 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2012/08/10 17:39:05 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2012/08/10 17:39:05 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2012/08/10 17:39:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2012/08/10 17:39:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2012/08/10 17:39:05 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2012/08/10 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012/08/10 15:02:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012/08/10 15:02:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2012/08/10 14:20:05 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2012/08/10 14:20:05 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2012/08/10 14:20:05 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2012/08/10 14:20:05 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2012/08/10 14:20:05 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2012/08/10 14:20:05 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2012/08/10 14:20:05 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2012/08/10 14:20:05 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2012/08/10 14:18:10 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012/08/10 14:18:10 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012/08/10 14:18:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012/08/10 14:18:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012/08/10 14:18:10 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012/08/10 14:18:10 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012/08/10 14:18:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012/08/10 14:18:10 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012/08/10 14:18:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012/08/10 14:18:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012/08/10 14:18:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012/08/10 14:18:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012/08/10 14:18:10 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012/08/10 14:18:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012/08/10 14:18:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012/08/10 14:18:10 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012/08/10 14:18:09 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012/08/10 14:18:09 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012/08/10 14:18:09 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012/08/10 14:18:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012/08/10 14:18:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012/08/10 14:18:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012/08/10 14:18:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012/08/10 14:18:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012/08/10 14:18:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012/08/10 14:18:09 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012/08/10 14:18:09 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012/08/10 14:18:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012/08/10 14:18:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012/08/10 14:18:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012/08/10 14:18:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012/08/10 14:18:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012/08/10 14:18:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012/08/10 14:18:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012/08/10 14:18:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012/08/10 14:18:08 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012/08/10 14:18:08 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012/08/10 14:18:08 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012/08/10 14:18:08 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012/08/10 14:18:08 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012/08/10 14:18:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012/08/10 14:18:08 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012/08/10 14:18:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012/08/10 14:18:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012/08/10 14:18:08 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012/08/10 14:18:08 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012/08/10 14:18:08 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012/08/10 14:18:08 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012/08/10 14:18:08 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012/08/10 14:18:08 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012/08/10 14:18:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012/08/10 14:18:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012/08/10 14:18:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012/08/10 14:18:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012/08/10 14:18:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012/08/10 14:18:07 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012/08/10 14:18:07 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/08/10 14:18:07 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012/08/10 14:18:07 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012/08/10 14:09:00 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012/08/10 14:09:00 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012/08/10 14:09:00 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012/08/10 11:53:51 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\PunkBuster [2012/08/10 11:53:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\Battlefield 3 [2012/08/10 11:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2012/08/10 11:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2012/08/10 11:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs [2012/08/10 03:36:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2012/08/10 03:34:58 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2012/08/10 03:34:58 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2012/08/10 03:34:58 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2012/08/10 03:34:58 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2012/08/10 03:34:58 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2012/08/10 03:34:58 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2012/08/10 03:34:57 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2012/08/10 03:34:57 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2012/08/10 03:34:57 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2012/08/10 03:34:57 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2012/08/10 03:34:57 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2012/08/10 03:34:57 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2012/08/10 03:34:56 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2012/08/10 03:34:56 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2012/08/10 03:34:56 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2012/08/10 03:34:56 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2012/08/10 03:34:55 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2012/08/10 03:34:55 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2012/08/10 03:34:55 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2012/08/10 03:34:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2012/08/10 03:34:54 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2012/08/10 03:34:54 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2012/08/10 03:34:54 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2012/08/10 03:34:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2012/08/10 03:34:54 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2012/08/10 03:34:54 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2012/08/10 03:34:52 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012/08/10 03:34:52 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012/08/10 03:34:52 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012/08/10 03:34:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012/08/10 03:34:52 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2012/08/10 03:34:52 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2012/08/10 03:34:51 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2012/08/10 03:34:51 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012/08/10 03:34:51 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2012/08/10 03:34:51 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2012/08/10 03:34:51 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012/08/10 03:34:51 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012/08/10 03:34:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012/08/10 03:34:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2012/08/10 03:34:51 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012/08/10 03:34:51 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012/08/10 03:34:50 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012/08/10 03:34:50 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012/08/10 03:34:50 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012/08/10 03:34:50 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012/08/10 03:34:50 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2012/08/10 03:34:50 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2012/08/10 03:34:49 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012/08/10 03:34:49 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012/08/10 03:34:49 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2012/08/10 03:34:49 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012/08/10 03:34:49 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012/08/10 03:34:49 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012/08/10 03:34:49 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012/08/10 03:34:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012/08/10 03:34:48 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012/08/10 03:34:48 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012/08/10 03:34:48 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2012/08/10 03:34:48 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2012/08/10 03:34:48 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2012/08/10 03:34:48 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2012/08/10 03:34:47 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2012/08/10 03:34:47 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2012/08/10 03:34:47 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2012/08/10 03:34:47 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2012/08/10 03:34:46 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012/08/10 03:34:46 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012/08/10 03:34:46 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012/08/10 03:34:46 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012/08/10 03:34:46 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012/08/10 03:34:46 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012/08/10 03:34:46 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012/08/10 03:34:46 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012/08/10 03:34:46 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012/08/10 03:34:46 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012/08/10 03:34:45 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012/08/10 03:34:45 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012/08/10 03:34:44 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012/08/10 03:34:44 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012/08/10 03:34:44 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012/08/10 03:34:44 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012/08/10 03:34:44 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012/08/10 03:34:44 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012/08/10 03:34:43 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012/08/10 03:34:43 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012/08/10 03:34:43 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012/08/10 03:34:43 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012/08/10 03:34:43 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012/08/10 03:34:43 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012/08/10 03:34:43 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012/08/10 03:34:43 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012/08/10 03:34:42 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012/08/10 03:34:42 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012/08/10 03:34:41 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012/08/10 03:34:41 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012/08/10 03:34:41 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012/08/10 03:34:41 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012/08/10 03:34:41 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012/08/10 03:34:41 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012/08/10 03:34:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012/08/10 03:34:41 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012/08/10 03:34:41 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012/08/10 03:34:41 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012/08/10 03:34:40 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012/08/10 03:34:40 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012/08/10 03:34:39 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012/08/10 03:34:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012/08/10 03:34:39 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012/08/10 03:34:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012/08/10 03:34:38 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012/08/10 03:34:38 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012/08/10 03:34:38 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012/08/10 03:34:38 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012/08/10 03:34:37 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012/08/10 03:34:37 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012/08/10 03:34:37 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012/08/10 03:34:37 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012/08/10 03:34:37 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012/08/10 03:34:37 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012/08/10 03:34:36 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012/08/10 03:34:36 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012/08/10 03:34:36 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012/08/10 03:34:36 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012/08/10 03:34:36 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012/08/10 03:34:36 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012/08/10 03:34:36 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012/08/10 03:34:36 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012/08/10 03:34:36 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012/08/10 03:34:36 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012/08/10 03:34:36 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012/08/10 03:34:36 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012/08/10 03:34:35 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012/08/10 03:34:35 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012/08/10 03:34:34 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012/08/10 03:34:34 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012/08/10 03:34:34 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012/08/10 03:34:34 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012/08/10 03:34:34 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012/08/10 03:34:34 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012/08/10 03:34:33 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012/08/10 03:34:33 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012/08/10 03:34:31 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012/08/10 03:34:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012/08/10 03:34:31 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012/08/10 03:34:31 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012/08/10 03:34:30 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012/08/10 03:34:30 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012/08/10 03:34:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012/08/10 03:34:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012/08/10 03:34:30 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012/08/10 03:34:30 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012/08/10 03:34:30 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012/08/10 03:34:30 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012/08/10 03:34:29 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012/08/10 03:34:29 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012/08/10 03:34:29 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012/08/10 03:34:29 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012/08/10 03:34:28 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012/08/10 03:34:28 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012/08/10 03:34:28 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012/08/10 03:34:28 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012/08/10 03:34:27 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012/08/10 03:34:27 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012/08/10 03:34:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012/08/10 03:34:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012/08/10 03:34:18 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012/08/10 03:34:18 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012/08/10 03:34:18 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012/08/10 03:34:18 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012/08/10 03:34:18 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012/08/10 03:34:18 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012/08/10 03:34:17 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012/08/10 03:34:17 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012/08/10 03:34:17 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012/08/10 03:34:17 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012/08/10 03:34:17 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012/08/10 03:34:17 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012/08/10 03:34:17 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012/08/10 03:34:17 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012/08/10 03:34:16 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012/08/10 03:34:16 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012/08/10 03:22:32 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2012/08/10 03:22:24 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2012/08/10 03:22:20 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2012/08/10 03:22:20 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2012/08/10 03:22:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2012/08/10 03:22:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2012/08/10 03:22:20 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2012/08/10 03:22:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2012/08/10 03:22:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2012/08/10 03:22:20 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2012/08/10 03:22:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2012/08/10 03:22:16 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2012/08/10 03:22:16 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/08/10 03:22:16 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2012/08/10 03:22:16 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2012/08/10 03:22:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2012/08/10 03:21:48 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2012/08/10 03:21:48 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2012/08/10 03:21:43 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012/08/10 03:21:43 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2012/08/10 03:21:39 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2012/08/10 03:21:39 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2012/08/10 03:21:39 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2012/08/10 03:21:38 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2012/08/10 03:21:38 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2012/08/10 03:21:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2012/08/10 03:21:35 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2012/08/10 03:21:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2012/08/10 03:21:33 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012/08/10 03:21:33 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012/08/10 03:21:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012/08/10 03:21:33 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012/08/10 03:21:28 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012/08/10 03:21:27 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2012/08/10 03:21:06 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2012/08/10 03:21:06 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2012/08/10 03:21:06 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2012/08/10 03:21:06 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2012/08/10 03:21:06 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2012/08/10 03:21:06 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2012/08/10 03:21:06 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2012/08/10 03:21:06 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2012/08/10 03:21:04 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2012/08/10 03:21:04 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2012/08/10 03:21:03 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2012/08/10 03:21:03 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2012/08/10 03:21:03 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2012/08/10 03:21:03 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2012/08/10 03:21:03 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2012/08/10 03:21:02 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2012/08/10 03:21:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2012/08/10 03:21:02 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2012/08/10 03:21:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2012/08/10 03:21:02 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2012/08/10 03:21:02 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2012/08/10 03:20:56 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2012/08/10 03:20:51 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012/08/10 03:20:51 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012/08/10 03:20:48 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll [2012/08/10 03:20:48 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll [2012/08/10 03:20:30 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2012/08/10 03:20:30 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2012/08/10 03:20:30 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2012/08/10 03:20:30 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2012/08/10 03:20:30 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2012/08/10 03:20:30 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2012/08/10 03:20:30 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2012/08/10 03:20:30 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2012/08/10 03:20:30 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2012/08/10 03:20:29 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2012/08/10 03:20:29 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2012/08/10 03:20:29 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2012/08/10 03:20:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2012/08/10 03:20:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2012/08/10 03:20:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2012/08/10 03:20:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2012/08/10 03:20:18 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2012/08/10 03:20:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012/08/10 03:20:00 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012/08/10 03:20:00 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012/08/10 03:19:58 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2012/08/10 03:19:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2012/08/10 03:19:40 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2012/08/10 03:19:36 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll [2012/08/10 03:19:36 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll [2012/08/10 03:19:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2012/08/10 03:19:35 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll [2012/08/10 03:19:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll [2012/08/10 03:19:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll [2012/08/10 03:19:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll [2012/08/10 03:19:28 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2012/08/10 03:19:28 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2012/08/10 03:19:20 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2012/08/10 03:19:19 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2012/08/10 03:19:19 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2012/08/10 03:19:19 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2012/08/10 03:19:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2012/08/10 03:18:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/08/10 03:18:05 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/08/10 03:18:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/08/10 03:17:51 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012/08/10 03:17:51 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/08/10 03:17:50 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012/08/10 03:17:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012/08/10 03:17:50 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012/08/10 03:17:31 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012/08/10 03:17:31 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012/08/10 03:17:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012/08/10 03:17:31 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012/08/10 03:17:31 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012/08/10 03:17:31 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012/08/10 03:17:29 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2012/08/10 03:17:28 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2012/08/10 03:17:28 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2012/08/10 03:17:28 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2012/08/10 03:17:28 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2012/08/10 03:17:27 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2012/08/10 03:17:27 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2012/08/10 03:17:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2012/08/10 03:17:27 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2012/08/10 03:17:27 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2012/08/10 03:17:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2012/08/10 03:17:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2012/08/10 03:17:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2012/08/10 03:17:13 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2012/08/10 03:17:11 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2012/08/10 03:17:08 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2012/08/10 03:17:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2012/08/10 03:17:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2012/08/10 03:17:02 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2012/08/10 03:17:02 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2012/08/10 03:17:00 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll [2012/08/10 03:17:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll [2012/08/10 03:16:57 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/08/10 03:16:56 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/08/10 03:16:56 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/08/10 03:16:42 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2012/08/10 03:16:42 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2012/08/10 03:16:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2012/08/10 03:16:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2012/08/10 03:16:42 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2012/08/10 03:16:42 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax [2012/08/10 03:16:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2012/08/10 03:16:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax [2012/08/10 03:16:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax [2012/08/10 03:16:42 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax [2012/08/10 03:16:31 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012/08/10 03:16:02 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2012/08/10 03:16:02 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2012/08/10 03:16:02 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2012/08/10 03:16:02 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2012/08/10 03:16:02 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2012/08/10 03:16:02 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2012/08/10 03:16:02 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2012/08/10 03:16:00 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2012/08/10 03:16:00 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2012/08/10 03:15:52 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2012/08/10 03:15:48 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012/08/10 03:15:47 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012/08/10 03:15:32 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012/08/10 03:15:32 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012/08/10 03:15:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012/08/10 03:15:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012/08/10 03:15:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012/08/10 03:15:32 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012/08/10 03:15:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012/08/10 03:15:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012/08/10 03:15:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012/08/10 03:15:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012/08/10 03:15:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012/08/10 03:15:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012/08/10 03:15:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012/08/10 03:15:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012/08/10 03:15:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012/08/10 03:15:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012/08/10 03:15:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012/08/10 03:15:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012/08/10 03:15:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012/08/10 03:15:21 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2012/08/10 03:15:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2012/08/10 03:15:19 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2012/08/10 03:15:19 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2012/08/10 03:15:19 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2012/08/10 03:15:19 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2012/08/10 03:15:16 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2012/08/10 03:15:16 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2012/08/10 03:15:15 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2012/08/10 03:15:15 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2012/08/10 03:15:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2012/08/10 03:15:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2012/08/10 03:15:08 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2012/08/10 03:15:05 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012/08/10 03:15:04 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2012/08/10 03:15:01 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2012/08/10 03:15:01 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2012/08/10 03:15:00 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2012/08/10 03:15:00 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2012/08/10 03:14:34 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012/08/10 03:14:31 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2012/08/10 03:14:31 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2012/08/10 03:14:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2012/08/10 03:08:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012/08/10 03:08:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012/08/10 00:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2012/08/10 00:00:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Origin [2012/08/10 00:00:39 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Origin [2012/08/09 23:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012/08/09 23:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2012/08/09 23:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2012/08/09 23:49:48 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\AVG2012 [2012/08/09 23:48:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2012/08/09 23:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2012/08/09 23:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search [2012/08/09 23:48:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2012/08/09 23:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012 [2012/08/09 23:47:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG [2012/08/09 23:47:50 | 000,000,000 | ---D | C] -- C:\$AVG [2012/08/09 23:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2012/08/09 23:44:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012/08/09 23:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2012/08/09 23:24:28 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\ATI [2012/08/09 23:24:28 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\ATI [2012/08/09 23:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012/08/09 23:24:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012/08/09 23:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2012/08/09 23:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012/08/09 23:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012/08/09 23:24:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2012/08/09 23:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012/08/09 23:23:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012/08/09 23:23:16 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012/08/09 23:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012/08/09 23:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012/08/09 23:18:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012/08/09 23:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012/08/09 23:18:21 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2012/08/09 23:18:20 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012/08/09 23:18:20 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012/08/09 23:18:20 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012/08/09 23:18:20 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012/08/09 23:18:18 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2012/08/09 23:18:18 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2012/08/09 23:18:18 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2012/08/09 23:18:18 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2012/08/09 23:18:18 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2012/08/09 23:18:18 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012/08/09 23:18:18 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2012/08/09 23:18:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012/08/09 23:18:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012/08/09 23:18:18 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012/08/09 23:18:18 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2012/08/09 23:18:18 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012/08/09 23:18:18 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012/08/09 23:18:18 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll [2012/08/09 23:18:17 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll [2012/08/09 23:18:17 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll [2012/08/09 23:18:16 | 000,897,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll [2012/08/09 23:18:16 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll [2012/08/09 23:18:16 | 000,626,304 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll [2012/08/09 23:18:16 | 000,561,792 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll [2012/08/09 23:18:15 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2012/08/09 23:18:15 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2012/08/09 23:18:15 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012/08/09 23:18:14 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012/08/09 23:18:12 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2012/08/09 23:18:12 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2012/08/09 23:18:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012/08/09 23:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012/08/09 23:18:11 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012/08/09 23:18:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012/08/09 23:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012/08/09 23:06:27 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\ElevatedDiagnostics [2012/08/09 23:03:29 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\6305_Vista_PG537 [2012/08/09 23:02:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\Vista64 [2012/08/09 23:02:42 | 000,524,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\RtlExUpd.dll [2012/08/09 23:02:42 | 000,475,648 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\AlcUpd64.exe [2012/08/09 23:02:42 | 000,316,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\alcrmv64.exe [2012/08/09 23:02:42 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\alcupd.exe [2012/08/09 23:02:42 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\alcrmv.exe [2012/08/09 23:02:42 | 000,126,976 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\alcrmv9x.exe [2012/08/09 23:02:42 | 000,121,064 | ---- | C] (Macrovision Corporation) -- C:\Users\Compbro\Documents\setup.exe [2012/08/09 23:02:42 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\Vista [2012/08/09 23:02:42 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\CONFIG [2012/08/09 23:02:04 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\WinRAR [2012/08/09 23:02:04 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/08/09 23:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012/08/09 23:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012/08/09 22:58:22 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/08/09 22:57:41 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Google [2012/08/09 22:57:25 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Apps [2012/08/09 22:57:24 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Deployment [2012/08/09 22:45:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2012/08/09 22:45:16 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2012/08/09 22:45:15 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/08/09 22:45:15 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012/08/09 17:00:22 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012/08/09 16:51:43 | 000,000,000 | ---D | C] -- C:\Windows.old [2012/08/09 16:25:35 | 000,000,000 | R--D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012/08/09 16:25:35 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Searches [2012/08/09 16:25:35 | 000,000,000 | R--D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012/08/09 16:25:35 | 000,000,000 | -H-D | C] -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2012/08/09 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Identities [2012/08/09 16:25:22 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Contacts [2012/08/09 16:25:19 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\VirtualStore [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\AppData\Local\Temporary Internet Files [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Templates [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Start Menu [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\SendTo [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Recent [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\PrintHood [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\NetHood [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Documents\My Videos [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Documents\My Pictures [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Documents\My Music [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\My Documents [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Local Settings [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\AppData\Local\History [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Cookies [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Application Data [2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\AppData\Local\Application Data [2012/08/09 16:24:52 | 000,000,000 | --SD | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Pictures [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Music [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Links [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Favorites [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Downloads [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Documents [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Desktop [2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012/08/09 16:24:52 | 000,000,000 | -H-D | C] -- C:\Users\Compbro\AppData [2012/08/09 16:24:52 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Temp [2012/08/09 16:24:52 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Microsoft [2012/08/09 16:24:52 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Media Center Programs [2012/08/09 16:24:51 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Videos [2012/08/09 16:24:51 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Saved Games [2012/08/09 16:23:35 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/08/09 16:23:35 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012/08/09 16:23:35 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/08/09 16:23:26 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/08/09 16:23:26 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/08/09 16:23:26 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/08/09 16:23:17 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012/08/09 16:23:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012/08/09 16:04:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012/08/09 16:01:52 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012/08/09 13:17:50 | 000,000,000 | ---D | C] -- C:\AMD [2012/08/08 15:35:17 | 000,000,000 | ---D | C] -- C:\Recovery [2012/08/08 14:53:48 | 000,000,000 | -HSD | C] -- C:\System Volume Information

Alright so I ran OTL and ComboFix with that script. WhiteSmoke still present unfortunately. Here are the logs. ComboFix first then OTL. ComboFix 12-08-18.03 - Compbro 08/18/2012 16:34:51.3.2 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8191.6733 [GMT -5:00] Running from: c:\users\Compbro\Desktop\ComboFix.exe Command switches used :: c:\users\Compbro\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-07-18 to 2012-08-18 ))))))))))))))))))))))))))))))) . . 2012-08-18 21:39 . 2012-08-18 21:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-18 03:20 . 2012-08-18 03:20 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-08-17 20:01 . 2012-08-17 20:01 -------- d-----w- c:\program files (x86)\Seagate File Recovery for Windows 2012-08-17 19:47 . 2012-08-17 19:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-08-16 22:39 . 2012-08-16 22:41 -------- d-----w- c:\program files\Picasa3 2012-08-16 16:38 . 2012-08-16 16:38 -------- d-----w- c:\program files (x86)\Google 2012-08-16 16:38 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-16 16:38 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-08-16 16:38 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-16 16:38 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-16 16:38 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe 2012-08-16 16:38 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2012-08-16 16:37 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-16 16:37 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-16 16:37 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll 2012-08-16 16:37 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-16 16:37 . 2012-07-18 17:31 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-08-16 16:37 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll 2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Common Files\Logitech 2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Logitech 2012-08-10 21:01 . 2012-08-10 21:01 -------- d-----w- c:\program files (x86)\Microsoft.NET 2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\SysWow64\Wat 2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\system32\Wat 2012-08-10 19:47 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2012-08-10 19:47 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2012-08-10 19:33 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll 2012-08-10 19:33 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll 2012-08-10 19:20 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2012-08-10 19:20 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2012-08-10 19:20 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2012-08-10 19:20 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2012-08-10 19:20 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2012-08-10 19:20 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2012-08-10 19:20 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2012-08-10 19:20 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2012-08-10 19:20 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2012-08-10 19:20 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2012-08-10 19:09 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-08-10 19:09 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-08-10 19:09 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll 2012-08-10 19:09 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll 2012-08-10 19:09 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-08-10 19:09 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-08-10 19:09 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-08-10 19:06 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys 2012-08-10 16:53 . 2012-08-18 08:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-08-10 16:51 . 2012-08-10 16:51 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins 2012-08-10 16:46 . 2012-08-10 16:46 -------- d-----w- c:\programdata\EA Core 2012-08-10 16:46 . 2012-08-10 20:13 -------- d-----w- c:\programdata\EA Logs 2012-08-10 08:36 . 2012-08-10 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller 2012-08-10 08:35 . 2012-08-18 08:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-08-10 08:35 . 2012-08-18 08:36 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-08-10 08:35 . 2012-08-10 16:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-08-10 08:22 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe 2012-08-10 08:21 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe 2012-08-10 08:20 . 2010-05-05 07:37 483840 ----a-w- c:\windows\system32\StructuredQuery.dll 2012-08-10 08:19 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-08-10 08:18 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll 2012-08-10 08:18 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-08-10 08:18 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-08-10 08:16 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-10 08:15 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll 2012-08-10 08:14 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll 2012-08-10 08:08 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll 2012-08-10 08:08 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll 2012-08-10 05:00 . 2012-08-10 05:01 -------- d-----w- c:\program files (x86)\Origin Games 2012-08-10 04:59 . 2012-08-10 16:46 -------- d-----w- c:\programdata\Electronic Arts 2012-08-10 04:59 . 2012-08-10 05:01 -------- d-----w- c:\programdata\Origin 2012-08-10 04:59 . 2012-08-10 05:00 -------- d-----w- c:\program files (x86)\Origin 2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\programdata\AVG Secure Search 2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2012-08-10 04:48 . 2012-08-10 04:48 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-08-10 04:47 . 2012-08-18 21:31 -------- d-----w- c:\windows\system32\drivers\AVG 2012-08-10 04:47 . 2012-08-12 04:28 -------- d-----w- c:\programdata\AVG2012 2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- C:\$AVG 2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- c:\program files (x86)\AVG 2012-08-10 04:44 . 2012-08-18 21:31 -------- d-----w- c:\programdata\MFAData 2012-08-10 04:44 . 2012-08-10 04:44 -------- d--h--w- c:\programdata\Common Files 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\ATI 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\AMD 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD AVT 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD APP 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files\Common Files\ATI Technologies 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files (x86)\ATI Technologies 2012-08-10 04:23 . 2012-08-17 20:57 -------- d-sh--w- c:\windows\Installer 2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files\ATI 2012-08-10 04:22 . 2012-08-10 04:24 -------- d-----w- c:\program files\ATI Technologies 2012-08-10 04:05 . 2012-07-16 07:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0C74DAE-9047-4255-8E45-3C43E343064B}\mpengine.dll 2012-08-10 04:05 . 2012-05-31 17:25 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-08-10 04:02 . 2012-08-10 04:02 -------- d-----w- c:\program files\WinRAR 2012-08-10 03:47 . 2012-08-10 03:47 0 ----a-w- c:\windows\ativpsrm.bin 2012-08-10 03:45 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll 2012-08-10 03:45 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll 2012-08-10 03:45 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-08-10 03:45 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-08-10 03:45 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-08-09 22:00 . 2012-08-09 21:23 -------- d-----w- c:\windows\Panther 2012-08-09 21:51 . 2012-08-09 21:51 -------- d-----w- C:\Windows.old 2012-08-09 21:24 . 2012-08-09 21:25 -------- d-----w- c:\users\Compbro 2012-08-09 21:23 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-08-09 21:23 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-08-09 21:23 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-08-09 21:23 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-08-09 21:23 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-08-09 21:23 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-08-09 21:23 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-08-09 21:23 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-08-09 21:23 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-08-09 18:17 . 2012-08-09 18:17 -------- d-----w- C:\AMD 2012-08-08 20:35 . 2012-08-09 21:21 -------- d-----w- C:\Recovery . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-06-11 18:50 . 2012-06-11 18:50 187392 ----a-w- c:\windows\system32\clinfo.exe 2012-06-11 18:50 . 2012-06-11 18:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll 2012-06-11 18:50 . 2012-06-11 18:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll 2012-06-11 18:50 . 2012-06-11 18:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll 2012-06-11 18:50 . 2012-06-11 18:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll 2012-06-11 18:50 . 2012-06-11 18:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll 2012-06-11 18:49 . 2012-06-11 18:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll 2012-06-11 18:48 . 2012-06-11 18:48 54784 ----a-w- c:\windows\system32\OpenCL.dll 2012-06-11 18:48 . 2012-06-11 18:48 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll 2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll 2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll 2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe 2012-06-11 17:24 . 2011-04-20 07:09 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll 2012-06-11 17:23 . 2012-06-11 17:23 1090560 ----a-w- c:\windows\system32\aticfx64.dll 2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe 2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe 2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll 2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll 2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll 2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll 2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll 2012-06-11 17:01 . 2012-06-11 17:01 6914560 ----a-w- c:\windows\system32\atidxx64.dll 2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll 2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll 2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll 2012-06-11 16:45 . 2011-04-20 06:38 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll 2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll 2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll 2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll 2012-06-11 16:43 . 2011-04-20 06:30 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll 2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll 2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll 2012-06-11 16:27 . 2012-06-11 16:27 539136 ----a-w- c:\windows\system32\atiadlxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll 2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-06-11 16:25 . 2011-04-20 06:21 54784 ----a-w- c:\windows\system32\atiuxp64.dll 2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll 2012-06-11 16:24 . 2011-04-20 06:21 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll 2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll 2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll 2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-08-18_10.03.41 ))))))))))))))))))))))))))))))))))))))))) . + 2012-08-10 03:40 . 2012-08-18 21:28 23014 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-18 21:28 32248 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2012-08-09 21:26 . 2012-08-18 21:28 5268 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-447234750-1175504839-4170690110-1001_UserData.bin - 2012-08-18 10:03 . 2012-08-18 10:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-18 21:40 . 2012-08-18 21:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-18 21:40 . 2012-08-18 21:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-08-18 10:03 . 2012-08-18 10:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-08-10 04:31 . 2012-08-18 03:44 411768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2012-08-10 04:31 . 2012-08-18 21:39 411768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2009-07-14 05:01 . 2012-08-18 10:01 230004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-08-18 21:39 230004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 02:34 . 2012-08-18 08:00 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2009-07-14 02:34 . 2012-08-18 10:13 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-10 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392] . . Contents of the 'Scheduled Tasks' folder . 2012-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job - c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57] . 2012-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job - c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 68.238.96.12 . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\SysWOW64\PnkBstrA.exe c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe . ************************************************************************** . Completion time: 2012-08-18 16:44:52 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-18 21:44 ComboFix2.txt 2012-08-18 10:08 ComboFix3.txt 2012-08-18 03:51 . Pre-Run: 21,669,847,040 bytes free Post-Run: 21,580,570,624 bytes free . - - End Of File - - AC0690A14340DAF94ADCC51E374FC3E6

You'll have to excuse my grammar and usage mistakes. It's the early morning and I haven't slept.

I can't find Conduit in my Uninstall screen unfortunately. But I did find its folder and deleted it. The script you posted seemed to have worked... that it until I opened my browser. Looks like the toolbar installed itself yet again. Gave me the welcome screen and everything. Nonetheless, here is the log. ComboFix 12-08-17.03 - Compbro 08/18/2012 4:58.2.2 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8191.6417 [GMT -5:00] Running from: c:\users\Compbro\Desktop\ComboFix.exe Command switches used :: c:\users\Compbro\Desktop\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage-journal" "c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage" "c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage-journal" "c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage" "c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage-journal" "c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage-journal c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage-journal c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage-journal c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage . . ((((((((((((((((((((((((( Files Created from 2012-07-18 to 2012-08-18 ))))))))))))))))))))))))))))))) . . 2012-08-18 03:20 . 2012-08-18 03:20 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-08-17 20:01 . 2012-08-17 20:01 -------- d-----w- c:\program files (x86)\Seagate File Recovery for Windows 2012-08-17 19:47 . 2012-08-17 19:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-08-16 22:39 . 2012-08-16 22:41 -------- d-----w- c:\program files\Picasa3 2012-08-16 16:38 . 2012-08-16 16:38 -------- d-----w- c:\program files (x86)\Google 2012-08-16 16:38 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-16 16:38 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-08-16 16:38 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-16 16:38 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-16 16:38 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe 2012-08-16 16:38 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2012-08-16 16:37 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-16 16:37 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-16 16:37 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll 2012-08-16 16:37 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-16 16:37 . 2012-07-18 17:31 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-08-16 16:37 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll 2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Common Files\Logitech 2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Logitech 2012-08-10 21:01 . 2012-08-10 21:01 -------- d-----w- c:\program files (x86)\Microsoft.NET 2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\SysWow64\Wat 2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\system32\Wat 2012-08-10 19:47 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2012-08-10 19:47 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2012-08-10 19:33 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll 2012-08-10 19:33 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll 2012-08-10 19:20 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2012-08-10 19:20 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2012-08-10 19:20 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2012-08-10 19:20 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2012-08-10 19:20 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2012-08-10 19:20 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2012-08-10 19:20 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2012-08-10 19:20 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2012-08-10 19:20 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2012-08-10 19:20 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2012-08-10 19:09 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-08-10 19:09 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-08-10 19:09 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll 2012-08-10 19:09 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll 2012-08-10 19:09 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-08-10 19:09 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-08-10 19:09 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-08-10 19:06 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys 2012-08-10 16:53 . 2012-08-18 08:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-08-10 16:51 . 2012-08-10 16:51 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins 2012-08-10 16:46 . 2012-08-10 16:46 -------- d-----w- c:\programdata\EA Core 2012-08-10 16:46 . 2012-08-10 20:13 -------- d-----w- c:\programdata\EA Logs 2012-08-10 08:36 . 2012-08-10 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller 2012-08-10 08:35 . 2012-08-18 08:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-08-10 08:35 . 2012-08-18 08:36 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-08-10 08:35 . 2012-08-10 16:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-08-10 08:22 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe 2012-08-10 08:21 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe 2012-08-10 08:20 . 2010-05-05 07:37 483840 ----a-w- c:\windows\system32\StructuredQuery.dll 2012-08-10 08:19 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-08-10 08:18 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll 2012-08-10 08:18 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-08-10 08:18 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-08-10 08:16 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-10 08:15 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll 2012-08-10 08:14 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll 2012-08-10 08:08 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll 2012-08-10 08:08 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll 2012-08-10 05:00 . 2012-08-10 05:01 -------- d-----w- c:\program files (x86)\Origin Games 2012-08-10 04:59 . 2012-08-10 16:46 -------- d-----w- c:\programdata\Electronic Arts 2012-08-10 04:59 . 2012-08-10 05:01 -------- d-----w- c:\programdata\Origin 2012-08-10 04:59 . 2012-08-10 05:00 -------- d-----w- c:\program files (x86)\Origin 2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\programdata\AVG Secure Search 2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2012-08-10 04:48 . 2012-08-10 04:48 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-08-10 04:47 . 2012-08-18 03:14 -------- d-----w- c:\windows\system32\drivers\AVG 2012-08-10 04:47 . 2012-08-12 04:28 -------- d-----w- c:\programdata\AVG2012 2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- C:\$AVG 2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- c:\program files (x86)\AVG 2012-08-10 04:44 . 2012-08-18 03:15 -------- d-----w- c:\programdata\MFAData 2012-08-10 04:44 . 2012-08-10 04:44 -------- d--h--w- c:\programdata\Common Files 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\ATI 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\AMD 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD AVT 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD APP 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files\Common Files\ATI Technologies 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files (x86)\ATI Technologies 2012-08-10 04:23 . 2012-08-17 20:57 -------- d-sh--w- c:\windows\Installer 2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files\ATI 2012-08-10 04:22 . 2012-08-10 04:24 -------- d-----w- c:\program files\ATI Technologies 2012-08-10 04:05 . 2012-07-16 07:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0C74DAE-9047-4255-8E45-3C43E343064B}\mpengine.dll 2012-08-10 04:05 . 2012-05-31 17:25 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-08-10 04:02 . 2012-08-10 04:02 -------- d-----w- c:\program files\WinRAR 2012-08-10 03:47 . 2012-08-10 03:47 0 ----a-w- c:\windows\ativpsrm.bin 2012-08-10 03:45 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll 2012-08-10 03:45 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll 2012-08-10 03:45 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-08-10 03:45 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-08-10 03:45 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-08-09 22:00 . 2012-08-09 21:23 -------- d-----w- c:\windows\Panther 2012-08-09 21:51 . 2012-08-09 21:51 -------- d-----w- C:\Windows.old 2012-08-09 21:24 . 2012-08-09 21:25 -------- d-----w- c:\users\Compbro 2012-08-09 21:23 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-08-09 21:23 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-08-09 21:23 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-08-09 21:23 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-08-09 21:23 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-08-09 21:23 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-08-09 21:23 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-08-09 21:23 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-08-09 21:23 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-08-09 18:17 . 2012-08-09 18:17 -------- d-----w- C:\AMD 2012-08-08 20:35 . 2012-08-09 21:21 -------- d-----w- C:\Recovery . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-06-11 18:50 . 2012-06-11 18:50 187392 ----a-w- c:\windows\system32\clinfo.exe 2012-06-11 18:50 . 2012-06-11 18:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll 2012-06-11 18:50 . 2012-06-11 18:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll 2012-06-11 18:50 . 2012-06-11 18:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll 2012-06-11 18:50 . 2012-06-11 18:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll 2012-06-11 18:50 . 2012-06-11 18:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll 2012-06-11 18:49 . 2012-06-11 18:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll 2012-06-11 18:48 . 2012-06-11 18:48 54784 ----a-w- c:\windows\system32\OpenCL.dll 2012-06-11 18:48 . 2012-06-11 18:48 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll 2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll 2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll 2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe 2012-06-11 17:24 . 2011-04-20 07:09 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll 2012-06-11 17:23 . 2012-06-11 17:23 1090560 ----a-w- c:\windows\system32\aticfx64.dll 2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe 2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe 2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll 2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll 2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll 2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll 2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll 2012-06-11 17:01 . 2012-06-11 17:01 6914560 ----a-w- c:\windows\system32\atidxx64.dll 2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll 2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll 2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll 2012-06-11 16:45 . 2011-04-20 06:38 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll 2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll 2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll 2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll 2012-06-11 16:43 . 2011-04-20 06:30 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll 2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll 2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll 2012-06-11 16:27 . 2012-06-11 16:27 539136 ----a-w- c:\windows\system32\atiadlxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll 2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-06-11 16:25 . 2011-04-20 06:21 54784 ----a-w- c:\windows\system32\atiuxp64.dll 2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll 2012-06-11 16:24 . 2011-04-20 06:21 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll 2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll 2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll 2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-10 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392] . . Contents of the 'Scheduled Tasks' folder . 2012-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job - c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57] . 2012-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job - c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3244149 uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 68.238.96.12 . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\SysWOW64\PnkBstrA.exe c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe . ************************************************************************** . Completion time: 2012-08-18 05:08:07 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-18 10:08 ComboFix2.txt 2012-08-18 03:51 . Pre-Run: 21,801,312,256 bytes free Post-Run: 21,741,805,568 bytes free . - - End Of File - - D7CAECC8523602A0C95901DE79D1A193

SystemLook 30.07.11 by jpshortstuff Log created at 03:33 on 18/08/2012 by Compbro Administrator - Elevation successful ========== filefind ========== Searching for "*WhiteSmoke*" C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage --a---- 3072 bytes [19:56 17/08/2012] [19:56 17/08/2012] CEAC9CFA4B7BAA5DC331972C3081A832 C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage-journal --a---- 3608 bytes [19:56 17/08/2012] [19:56 17/08/2012] 1D4B95391958ADFFB2D7C59BEF525B46 C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage --a---- 3072 bytes [19:43 17/08/2012] [03:18 18/08/2012] 350B9721E7F97ABC556E9586939BA3CB C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage-journal --a---- 3608 bytes [19:43 17/08/2012] [03:18 18/08/2012] DF035E24DEF02A5CADF7635EBF05AD2B C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage --a---- 3072 bytes [19:55 17/08/2012] [03:25 18/08/2012] 350B9721E7F97ABC556E9586939BA3CB C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage-journal --a---- 3608 bytes [19:55 17/08/2012] [03:25 18/08/2012] A474C5DDEF50A0A12E4828B3AF733D6E ========== folderfind ========== Searching for "*WhiteSmoke*" No folders found. ========== regfind ========== Searching for "WhiteSmoke" [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725399351616___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725399351616%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725399351616%22%2C%22onBeforeLoadData%22%3A%22%7B% [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725399820364___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725399820364%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725399820364%22%2C%22originalHeight%22%3A25%2C% [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725402320352___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725402320352%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725402320352%22%2C%22originalHeight%22%3A24%2C% [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725403414096___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725403414096%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725403414096%22%2C%22originalHeight%22%3A26%2C% [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725403726597___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725403726597%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725403726597%22%2C%22originalHeight%22%3A26%2C%22 [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_1000082___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%221000082%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%221000082%22%2C%22tabInfo%22%3A%7B%7D%7D%2C%22viewId%22%3A%220.30513234599493444%22%7D" [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725405445339___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725405445339%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725405445339%22%2C%22originalHeight%22%3A24%2C%22 [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_4925864906806966160___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%224925864906806966160%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Afalse%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%224925864906806966160%22%2C%22originalHeight%22%3A26%2 [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "CT3244149.serviceLayer_service_toolbarGrouping_activeToolbarName"="%7B%22dataType%22%3A%22string%22%2C%22data%22%3A%22WhiteSmoke_US_New%22%7D" [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "CT3244149.serviceLayer_service_toolbarGrouping_activeDownloadUrl"="%7B%22dataType%22%3A%22string%22%2C%22data%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%7D" [HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_92dad837-b406-451b-9bd8-b8ba1103fed1___kfkcangbigakljkjeglcofaomihpejif"="%7B%22position%22%3A%7B%22left%22%3A2%2C%22top%22%3A33%2C%22right%22%3A46%2C%22isAbsolute%22%3Atrue%7D%2C%22buttonWidth%22%3A42%2C%22appId%22%3A%22129496561699250735%22%2C%22viewId%22%3A%220.32803047890774906%22%2C%22loggerData%22%3A%7B%22from%22%3A%22menu%22%2C%22action%22%3A%22menu%22%2C%22startTime%22%3A1345260323581%2C%22isApi%22%3Afalse%2C%22isWithState%22%3Atrue%7D%2C%22menuId%22%3A1%2C%22isMenu%22%3Atrue%2C%22flowid%22%3A%220.17985008819960058%22%2C%22context%22%3A%22popup%22%2C%22popupId%22%3A%221%22%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22icon%22% [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725399351616___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725399351616%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%2212989572539935161 [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725399820364___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725399820364%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%2212989572539982 [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725402320352___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725402320352%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%2212989572540232 [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725403414096___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725403414096%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%2212989572540341 [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725403726597___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725403726597%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%221298957254037265 [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_1000082___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%221000082%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%221000082%22%2C%22tabInfo%22%3A%7B%7D%7D%2C%22viewId%22%3A%220.30513234599493444%22%7D" [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_129895725405445339___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725405445339%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%221298957254054453 [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_4925864906806966160___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%224925864906806966160%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Afalse%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%224925864906806 [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "CT3244149.serviceLayer_service_toolbarGrouping_activeToolbarName"="%7B%22dataType%22%3A%22string%22%2C%22data%22%3A%22WhiteSmoke_US_New%22%7D" [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "CT3244149.serviceLayer_service_toolbarGrouping_activeDownloadUrl"="%7B%22dataType%22%3A%22string%22%2C%22data%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%7D" [HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository] "gadgetsContextHash_92dad837-b406-451b-9bd8-b8ba1103fed1___kfkcangbigakljkjeglcofaomihpejif"="%7B%22position%22%3A%7B%22left%22%3A2%2C%22top%22%3A33%2C%22right%22%3A46%2C%22isAbsolute%22%3Atrue%7D%2C%22buttonWidth%22%3A42%2C%22appId%22%3A%22129496561699250735%22%2C%22viewId%22%3A%220.32803047890774906%22%2C%22loggerData%22%3A%7B%22from%22%3A%22menu%22%2C%22action%22%3A%22menu%22%2C%22startTime%22%3A1345260323581%2C%22isApi%22%3Afalse%2C%22isWithState%22%3Atrue%7D%2C%22menuId%22%3A1%2C%22isMenu%22%3Atrue%2C%22flowid%22%3A%220.17985008819960058%22%2C%22context%22%3A%22popup%22%2C%22popupId%22%3A%221%22%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22% -= EOF =-

Sorry for the double post but here is the ComboFix log. ComboFix 12-08-17.03 - Compbro 08/17/2012 22:40:03.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8191.6072 [GMT -5:00] Running from: c:\users\Compbro\Downloads\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-07-18 to 2012-08-18 ))))))))))))))))))))))))))))))) . . 2012-08-18 03:43 . 2012-08-18 03:43 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-18 03:20 . 2012-08-18 03:20 -------- d-----w- c:\program files (x86)\VS Revo Group 2012-08-17 20:01 . 2012-08-17 20:01 -------- d-----w- c:\program files (x86)\Seagate File Recovery for Windows 2012-08-17 19:47 . 2012-08-17 19:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-08-16 22:39 . 2012-08-16 22:41 -------- d-----w- c:\program files\Picasa3 2012-08-16 22:38 . 2012-08-16 22:38 -------- d-----w- c:\program files (x86)\Conduit 2012-08-16 16:38 . 2012-08-16 16:38 -------- d-----w- c:\program files (x86)\Google 2012-08-16 16:38 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-16 16:38 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-08-16 16:38 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-16 16:38 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-16 16:38 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe 2012-08-16 16:38 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2012-08-16 16:37 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-16 16:37 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-16 16:37 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll 2012-08-16 16:37 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-16 16:37 . 2012-07-18 17:31 3146752 ----a-w- c:\windows\system32\win32k.sys 2012-08-16 16:37 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll 2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Common Files\Logitech 2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Logitech 2012-08-10 21:01 . 2012-08-10 21:01 -------- d-----w- c:\program files (x86)\Microsoft.NET 2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\SysWow64\Wat 2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\system32\Wat 2012-08-10 19:47 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2012-08-10 19:47 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2012-08-10 19:33 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll 2012-08-10 19:33 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll 2012-08-10 19:20 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2012-08-10 19:20 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2012-08-10 19:20 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2012-08-10 19:20 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2012-08-10 19:20 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2012-08-10 19:20 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2012-08-10 19:20 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2012-08-10 19:20 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2012-08-10 19:20 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2012-08-10 19:20 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2012-08-10 19:09 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-08-10 19:09 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-08-10 19:09 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll 2012-08-10 19:09 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll 2012-08-10 19:09 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-08-10 19:09 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-08-10 19:09 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-08-10 19:06 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys 2012-08-10 16:53 . 2012-08-16 16:48 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2012-08-10 16:51 . 2012-08-10 16:51 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins 2012-08-10 16:46 . 2012-08-10 16:46 -------- d-----w- c:\programdata\EA Core 2012-08-10 16:46 . 2012-08-10 20:13 -------- d-----w- c:\programdata\EA Logs 2012-08-10 08:36 . 2012-08-10 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller 2012-08-10 08:35 . 2012-08-16 16:48 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2012-08-10 08:35 . 2012-08-16 16:48 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2012-08-10 08:35 . 2012-08-10 16:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2012-08-10 08:22 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe 2012-08-10 08:21 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe 2012-08-10 08:20 . 2010-05-05 07:37 483840 ----a-w- c:\windows\system32\StructuredQuery.dll 2012-08-10 08:19 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-08-10 08:18 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll 2012-08-10 08:18 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-08-10 08:18 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-08-10 08:16 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-10 08:15 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll 2012-08-10 08:14 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll 2012-08-10 08:08 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll 2012-08-10 08:08 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll 2012-08-10 05:00 . 2012-08-10 05:01 -------- d-----w- c:\program files (x86)\Origin Games 2012-08-10 04:59 . 2012-08-10 16:46 -------- d-----w- c:\programdata\Electronic Arts 2012-08-10 04:59 . 2012-08-10 05:01 -------- d-----w- c:\programdata\Origin 2012-08-10 04:59 . 2012-08-10 05:00 -------- d-----w- c:\program files (x86)\Origin 2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\programdata\AVG Secure Search 2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search 2012-08-10 04:48 . 2012-08-10 04:48 -------- d-----w- c:\windows\SysWow64\drivers\AVG 2012-08-10 04:47 . 2012-08-18 03:14 -------- d-----w- c:\windows\system32\drivers\AVG 2012-08-10 04:47 . 2012-08-12 04:28 -------- d-----w- c:\programdata\AVG2012 2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- C:\$AVG 2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- c:\program files (x86)\AVG 2012-08-10 04:44 . 2012-08-18 03:15 -------- d-----w- c:\programdata\MFAData 2012-08-10 04:44 . 2012-08-10 04:44 -------- d--h--w- c:\programdata\Common Files 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\ATI 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\AMD 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD AVT 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD APP 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files\Common Files\ATI Technologies 2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies 2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files (x86)\ATI Technologies 2012-08-10 04:23 . 2012-08-17 20:57 -------- d-sh--w- c:\windows\Installer 2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files\ATI 2012-08-10 04:22 . 2012-08-10 04:24 -------- d-----w- c:\program files\ATI Technologies 2012-08-10 04:05 . 2012-07-16 07:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0C74DAE-9047-4255-8E45-3C43E343064B}\mpengine.dll 2012-08-10 04:05 . 2012-05-31 17:25 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-08-10 04:02 . 2012-08-10 04:02 -------- d-----w- c:\program files\WinRAR 2012-08-10 03:47 . 2012-08-10 03:47 0 ----a-w- c:\windows\ativpsrm.bin 2012-08-10 03:45 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll 2012-08-10 03:45 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll 2012-08-10 03:45 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-08-10 03:45 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-08-10 03:45 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-08-09 22:00 . 2012-08-09 21:23 -------- d-----w- c:\windows\Panther 2012-08-09 21:51 . 2012-08-09 21:51 -------- d-----w- C:\Windows.old 2012-08-09 21:24 . 2012-08-09 21:25 -------- d-----w- c:\users\Compbro 2012-08-09 21:23 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-08-09 21:23 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-08-09 21:23 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-08-09 21:23 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-08-09 21:23 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-08-09 21:23 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-08-09 21:23 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-08-09 21:23 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-08-09 21:23 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-08-09 18:17 . 2012-08-09 18:17 -------- d-----w- C:\AMD 2012-08-08 20:35 . 2012-08-09 21:21 -------- d-----w- C:\Recovery . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-06-11 18:50 . 2012-06-11 18:50 187392 ----a-w- c:\windows\system32\clinfo.exe 2012-06-11 18:50 . 2012-06-11 18:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll 2012-06-11 18:50 . 2012-06-11 18:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll 2012-06-11 18:50 . 2012-06-11 18:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll 2012-06-11 18:50 . 2012-06-11 18:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll 2012-06-11 18:50 . 2012-06-11 18:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll 2012-06-11 18:49 . 2012-06-11 18:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll 2012-06-11 18:48 . 2012-06-11 18:48 54784 ----a-w- c:\windows\system32\OpenCL.dll 2012-06-11 18:48 . 2012-06-11 18:48 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll 2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll 2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll 2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll 2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe 2012-06-11 17:24 . 2011-04-20 07:09 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll 2012-06-11 17:23 . 2012-06-11 17:23 1090560 ----a-w- c:\windows\system32\aticfx64.dll 2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe 2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe 2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll 2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll 2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll 2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll 2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll 2012-06-11 17:01 . 2012-06-11 17:01 6914560 ----a-w- c:\windows\system32\atidxx64.dll 2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll 2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll 2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll 2012-06-11 16:45 . 2011-04-20 06:38 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll 2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll 2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll 2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll 2012-06-11 16:43 . 2011-04-20 06:30 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll 2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll 2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll 2012-06-11 16:27 . 2012-06-11 16:27 539136 ----a-w- c:\windows\system32\atiadlxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll 2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll 2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll 2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-06-11 16:25 . 2011-04-20 06:21 54784 ----a-w- c:\windows\system32\atiuxp64.dll 2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll 2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll 2012-06-11 16:24 . 2011-04-20 06:21 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll 2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll 2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll 2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll 2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart . R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-10 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616] S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job - c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57] . 2012-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job - c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3244149 uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 68.238.96.12 . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{462be121-2b54-4218-bf00-b9bf8135b23f} - (no file) Wow6432Node-HKLM-Run-ROC_roc_ssl_v12 - c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\SysWOW64\PnkBstrA.exe c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe . ************************************************************************** . Completion time: 2012-08-17 22:51:49 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-18 03:51 . Pre-Run: 18,371,325,952 bytes free Post-Run: 18,095,607,808 bytes free . - - End Of File - - DAE11FA155E4B64C10BA99983BAB090C

I'm not sure how it got here, but it's here... to stay it seems. Reinstalled itself after I uninstalled. Anyway I've downloaded combofix and it's not on my desktop. What's the next step? Any help would be GREATLY appreciated. I just want this tool bar gone.