howtodumb
-
Posts
14 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by howtodumb
-
-
Update were installed successfully and I used Defraggler to defrag the drive. Unfortunately the drive is still 26% fragmented. Everything seems to be running well!
-
Results of screen317's Security Check version 0.99.46
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome 21.0.1180.79
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 33% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
-
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=ce0b3613ab14034b9bcee4d6c472b277
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-20 09:28:47
# local_time=2012-08-20 04:28:47 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1024 16777215 100 0 436 436 0 0
# compatibility_mode=5893 16776574 100 94 2967 97039527 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=193730
# found=1
# cleaned=0
# scan_time=2049
C:\Users\Compbro\Downloads\winrar setup.exe a variant of Win32/Soft32Downloader.B application (unable to clean) 00000000000000000000000000000000 I
-
WhiteSmoke toolbar is no longer present! Thank you so much for your time!
All processes killed
========== FILES ==========
C:\Users\Compbro\AppData\Local\Conduit folder moved successfully.
========== OTL ==========
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins/np-cwmp.dll moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\_locales\en folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\_locales folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\toolbarImages folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\sl folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\lib folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\core folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TWITTER\resources folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_POPUP\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_POPUP folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_EMBEDDED\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_EMBEDDED folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\autoTest\spec folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\autoTest\lib\jasmine-1.1.0 folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\autoTest\lib folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI\autoTest folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\TESTER_BCAPI folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH_IN_NEW_TAB folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\menu_dlg folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\EMAIL_NOTIFIER\js\plugins folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa\404 folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\wa folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\menu\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\menu\img folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\menu\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\menu folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\gf\img folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\gf\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\gf folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui\dlg folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ui folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\searchProtectorSettingsDialog\images folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\searchProtectorSettingsDialog folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\SearchProtectorBubbleDialog\images folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\SearchProtectorBubbleDialog folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\searchProtector folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options\js\resources folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options\images folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\options folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\myStuffDialogs folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\features\js\resources folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\features\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\features folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\api folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ac\res folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ac\img folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ac\css folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\ac folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\aboutBox\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\aboutBox\images folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al\aboutBox folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb\al folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\tb folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\toolbarAPI folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\tabs\back folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\tabs folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\popup folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\options folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js\lib folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\js folder moved successfully.
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Compbro
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5819463 bytes
->Google Chrome cache emptied: 224900410 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 70774853 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46396021 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 332.00 mb
[EMPTYFLASH]
User: All Users
User: Compbro
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.58.0 log created on 08192012_115537
Files\Folders moved on Reboot...
C:\Users\Compbro\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
File C:\Users\Compbro\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
Registry entries deleted on Reboot...
-
OTL Extras logfile created on: 8/18/2012 4:46:55 PM - Run 1
OTL by OldTimer - Version 3.2.58.0 Folder = C:\Users\Compbro\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 6.54 Gb Available Physical Memory | 81.74% Memory free
16.00 Gb Paging File | 14.59 Gb Available in Paging File | 91.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.41 Gb Total Space | 20.17 Gb Free Space | 27.10% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 76.24 Mb Free Space | 76.25% Space Free | Partition Type: NTFS
Drive E: | 1862.92 Gb Total Space | 1862.66 Gb Free Space | 99.99% Space Free | Partition Type: NTFS
Computer Name: COMPBRO-PC | User Name: Compbro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BFFE11B-99E5-4DC3-A0CF-EF333D66DDDC}" = lport=139 | protocol=6 | dir=in | app=system |
"{11DBF735-0FC2-4009-BD40-405DAA919352}" = lport=445 | protocol=6 | dir=in | app=system |
"{25FEF3DC-7012-43EC-9EC4-531995365CF8}" = rport=445 | protocol=6 | dir=out | app=system |
"{3E2FAECD-FD50-4E76-81E3-9C3434EA44A9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FCE25D7-3D3A-417B-B861-A2CC61DE643A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{413B8FC6-8A6C-4813-96AD-7E1D3CE4E464}" = rport=138 | protocol=17 | dir=out | app=system |
"{4DC8178F-87A2-491D-A903-C06E707BF893}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{54DB3C91-D1B5-48A2-A0FE-FB13F540B085}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{58AA5678-B2E0-4FFD-9114-3A2AC8DC7E6E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5C2392DB-C39D-4557-BEDF-917D46141E2F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{75FE4866-9082-4D8D-A10F-D361F6415EAC}" = lport=138 | protocol=17 | dir=in | app=system |
"{87D85696-3E13-49F6-8BDD-70EFD43AD7A5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9363C64A-59C0-46C3-8977-FC034E9CC2D0}" = rport=137 | protocol=17 | dir=out | app=system |
"{A295321F-EF36-42A0-938B-29D0124330FE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BAC7667E-2785-42A2-ADCC-95F13EC4FA72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BAC86444-0013-4DDA-BB8E-39F75AE13838}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C5961AB4-D06C-454C-89F5-9118211651AC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C8A1D39E-8023-44A3-B8A1-08659F014780}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC70A9D3-0A17-4D50-B0DA-1F19A10B63E8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6678373-E443-4010-B297-1E724BE2A6B8}" = rport=139 | protocol=6 | dir=out | app=system |
"{FCFE55D4-47AB-4D0D-B916-CA9CBB681B67}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D211C91-D991-47A5-A229-2269E7E96712}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{1E22F423-8234-42E8-8AE3-5FE7127A15C8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{1F6B6700-5138-45EB-8398-3155E6D50D00}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2529F34F-566E-4B69-97AB-B183C057AB9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3F69450D-20CF-4503-9508-89A09BFADB5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{49A18BD0-1E7C-4F93-A3AC-FD1E6E23F009}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4F875974-6E5F-43FD-BFC6-DE59D1977EDA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54998103-8713-4A42-B20C-ABB523623849}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{590E92E6-DD90-4E76-B7C3-B53403D4059A}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{59623C5E-54C0-4D30-9ED6-679FE8194C31}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{63BFF2FB-DAFF-440D-A9A0-B74AF4393D73}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{6472494E-962F-49AD-93EF-B21111660923}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C78B54B-9C3A-4350-956D-34D5937B770F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D6ACDA8-C3E6-4046-B3E1-364EB44FDE15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80A39FEA-0F0B-4745-AE75-822DD960D57E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8594CB60-55DA-4FEB-AA85-454B04587A63}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{90AB4EDE-6946-407C-81D8-1B2D4322A9C8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{92A4F0BE-AA40-4E68-9571-6BDD52405B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{96009D92-1BD6-4CE7-A8D7-1E92AA61DB98}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{9E1D344D-B6AE-494D-8F48-AC6B1A636DCC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{B128D9CE-E685-46B0-8684-227415D66871}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B2675CF9-2BB5-4E1F-8F74-BDAD129974ED}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B5F8002A-B50F-4CCB-B9A1-89C52A2030AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C10FBB44-AED8-4559-A987-CB424D4F344B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CBDC6E71-FC48-4227-AEA1-A80F4D5CB354}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DA01CC61-A287-43A1-80F4-A6D0FFF66CF3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{DACEBA01-34FA-48F3-8AB4-C7D4FD2A6761}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB2CE32E-442D-455F-8C34-5224EDFF616C}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{DF971F58-84A9-4BCB-8E95-9B1854321418}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E1591A70-49E8-403B-B18A-C4C85873BD90}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E574B053-9219-48B1-ADA5-A4779E53E042}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E970AA54-FCB6-45AE-81AE-9C49BE302F31}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EAB4A534-2F93-467F-BEFD-E412394CDF0E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F0A11CC4-8C52-4EFB-92A4-C151B914A4D8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{F40EC78E-7581-4CA1-A054-CCABFDA907B0}" = protocol=6 | dir=out | app=system |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12D93D02-3C15-DF08-581F-52E4A1EB0A3D}" = AMD Drag and Drop Transcoding
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{59B69525-1383-C84A-38EF-F442B63E69BC}" = AMD Media Foundation Decoders
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{838AF9AD-DE38-17FB-57F6-ADDF929F191E}" = AMD Accelerated Video Transcoding
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A108BD40-0A8C-4385-8874-74C4B6086CC3}" = AVG 2012
"{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"WinRAR archiver" = WinRAR 4.20 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
"{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
"{12A00DC2-1226-D9F2-13DA-F974111D439E}" = Catalyst Control Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
"{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
"{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
"{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
"{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
"{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
"{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
"{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
"{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
"{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
"{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
"{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
"{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
"{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
"{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common
"{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
"{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All
"Battlelog Web Plugins" = Battlelog Web Plugins
"ESN Sonar-0.70.4" = ESN Sonar
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Revo Uninstaller" = Revo Uninstaller 1.94
"Seagate File Recovery for WindowsNSIS" = Seagate File Recovery for Windows 2.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/10/2012 12:59:41 AM | Computer Name = Compbro-PC | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 8/10/2012 4:04:23 PM | Computer Name = Compbro-PC | Source = Application Error | ID = 1000
Description = Faulting application name: mscorsvw.exe, version: 2.0.50727.4927,
time stamp: 0x4a275ab4 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x74916a34 Faulting process id:
0xbec Faulting application start time: 0x01cd7733487fe51a Faulting application path:
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe Faulting module path:
unknown Report Id: 93dc598d-e326-11e1-afc8-002564843ccb
Error - 8/10/2012 4:04:25 PM | Computer Name = Compbro-PC | Source = Application Error | ID = 1000
Description = Faulting application name: PnkBstrA.exe, version: 0.0.0.0, time stamp:
0x4f144d4e Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74916a34 Faulting process id: 0x724 Faulting application
start time: 0x01cd7732fb3fbcb5 Faulting application path: C:\Windows\SysWOW64\PnkBstrA.exe
Faulting
module path: unknown Report Id: 9530be54-e326-11e1-afc8-002564843ccb
Error - 8/10/2012 4:04:30 PM | Computer Name = Compbro-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ToolbarUpdater.exe, version: 12.2.0.5,
time stamp: 0x501a9284 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x74916a34 Faulting process id:
0x7a0 Faulting application start time: 0x01cd7732fbb46023 Faulting application path:
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
Faulting
module path: unknown Report Id: 982a76ac-e326-11e1-afc8-002564843ccb
Error - 8/16/2012 6:57:14 PM | Computer Name = Compbro-PC | Source = Application Hang | ID = 1002
Description = The program PicasaPhotoViewer.exe version 3.9.135.93 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: fa4 Start
Time: 01cd7c0257ec0d13 Termination Time: 0 Application Path: C:\Program Files\Picasa3\PicasaPhotoViewer.exe
Report
Id: ad534faf-e7f5-11e1-b5c9-002564843ccb
Error - 8/16/2012 6:59:04 PM | Computer Name = Compbro-PC | Source = Application Hang | ID = 1002
Description = The program PicasaPhotoViewer.exe version 3.9.135.93 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 424 Start
Time: 01cd7c02829073bb Termination Time: 15 Application Path: C:\Program Files\Picasa3\PicasaPhotoViewer.exe
Report
Id: f5f20acb-e7f5-11e1-b5c9-002564843ccb
Error - 8/16/2012 11:59:56 PM | Computer Name = Compbro-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7600.16768 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: ac4 Start
Time: 01cd7c2964f62846 Termination Time: 60000 Application Path: C:\Windows\Explorer.EXE
Report
Id: d4558c00-e81f-11e1-a3b6-002564843ccb
[ System Events ]
Error - 8/18/2012 6:01:28 AM | Computer Name = Compbro-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.
Error - 8/18/2012 6:01:29 AM | Computer Name = Compbro-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.
Error - 8/18/2012 6:01:52 AM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 8/18/2012 6:03:12 AM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126
Error - 8/18/2012 5:29:26 PM | Computer Name = Compbro-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80004004: Update for Windows 7 for x64-based Systems (KB2505438).
Error - 8/18/2012 5:34:43 PM | Computer Name = Compbro-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.
Error - 8/18/2012 5:34:43 PM | Computer Name = Compbro-PC | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.
Error - 8/18/2012 5:37:07 PM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 8/18/2012 5:39:03 PM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 8/18/2012 5:40:20 PM | Computer Name = Compbro-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Defender service terminated with the following error:
%%126
< End of report >
-
========== Files - Modified Within 30 Days ==========
[2012/08/18 16:45:58 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Compbro\Desktop\OTL.exe
[2012/08/18 16:40:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/18 16:40:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/18 16:40:01 | 2146,684,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/18 16:39:10 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/18 16:39:10 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/18 16:33:07 | 004,735,580 | R--- | M] (Swearware) -- C:\Users\Compbro\Desktop\ComboFix.exe
[2012/08/18 16:31:49 | 104,295,870 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/08/18 05:07:04 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job
[2012/08/18 03:36:25 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/08/18 03:36:25 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/18 03:36:01 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/17 23:07:05 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job
[2012/08/17 22:20:21 | 000,001,264 | ---- | M] () -- C:\Users\Compbro\Desktop\Revo Uninstaller.lnk
[2012/08/17 15:57:10 | 000,771,962 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/17 15:57:10 | 000,659,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/17 15:57:10 | 000,120,508 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/17 15:57:02 | 000,771,962 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/17 14:54:24 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2012/08/16 22:35:28 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/16 17:39:58 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/08/16 17:38:40 | 000,000,009 | ---- | M] () -- C:\END
[2012/08/16 17:37:29 | 000,002,461 | ---- | M] () -- C:\Users\Compbro\Desktop\Google Chrome.lnk
[2012/08/16 17:30:12 | 000,032,888 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/08/11 21:06:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2012/08/11 21:06:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_winusb_01009.Wdf
[2012/08/10 15:08:09 | 000,001,437 | ---- | M] () -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/10 14:18:10 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/08/10 14:18:10 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/08/10 14:18:10 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/08/10 14:18:10 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/08/10 14:18:10 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/08/10 14:18:10 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/08/10 14:18:10 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/08/10 14:18:10 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/08/10 14:18:10 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/08/10 14:18:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/08/10 14:18:10 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/08/10 14:18:10 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/08/10 14:18:10 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/08/10 14:18:10 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/08/10 14:18:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/08/10 14:18:10 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/08/10 14:18:10 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/08/10 14:18:09 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/08/10 14:18:09 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/08/10 14:18:09 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/08/10 14:18:09 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/08/10 14:18:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/08/10 14:18:09 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/08/10 14:18:09 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/08/10 14:18:09 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/08/10 14:18:09 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/08/10 14:18:09 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/08/10 14:18:09 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/08/10 14:18:09 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/08/10 14:18:09 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/08/10 14:18:09 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/08/10 14:18:09 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/08/10 14:18:09 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/08/10 14:18:09 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/08/10 14:18:09 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/08/10 14:18:09 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/08/10 14:18:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/08/10 14:18:08 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/08/10 14:18:08 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/08/10 14:18:08 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/08/10 14:18:08 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/08/10 14:18:08 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/08/10 14:18:08 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/08/10 14:18:08 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/08/10 14:18:08 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/08/10 14:18:08 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/08/10 14:18:08 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/08/10 14:18:08 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/08/10 14:18:08 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/08/10 14:18:08 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/08/10 14:18:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/08/10 14:18:08 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/08/10 14:18:08 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/08/10 14:18:08 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/08/10 14:18:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/08/10 14:18:08 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/08/10 14:18:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/08/10 14:18:07 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/08/10 14:18:07 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/08/10 14:18:07 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/08/10 14:18:07 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/08/10 11:58:21 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/10 03:36:20 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012/08/09 23:59:49 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/08/09 23:48:45 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/08/09 23:48:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/08/09 23:48:07 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/08/09 22:47:05 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/08/09 16:04:46 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/08/09 16:04:46 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/08/09 16:03:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
========== Files Created - No Company Name ==========
[2012/08/18 16:31:49 | 104,295,870 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/08/18 04:57:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/18 04:57:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/18 04:57:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/18 04:57:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/18 04:57:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/17 22:20:21 | 000,001,264 | ---- | C] () -- C:\Users\Compbro\Desktop\Revo Uninstaller.lnk
[2012/08/17 14:54:15 | 000,002,453 | ---- | C] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2012/08/17 14:52:13 | 000,771,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/16 17:39:58 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2012/08/16 17:38:40 | 000,000,009 | ---- | C] () -- C:\END
[2012/08/16 17:30:12 | 000,032,888 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/08/11 21:06:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2012/08/11 21:06:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_winusb_01009.Wdf
[2012/08/10 14:18:10 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/08/10 14:18:08 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/08/10 11:53:54 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/08/10 03:36:20 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012/08/10 03:35:40 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/10 03:35:40 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/10 03:35:38 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/09 23:59:49 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012/08/09 23:48:45 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/08/09 23:48:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/08/09 23:48:07 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/08/09 23:18:18 | 000,293,889 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012/08/09 23:02:42 | 002,319,913 | ---- | C] () -- C:\Users\Compbro\Documents\data1.cab
[2012/08/09 23:02:42 | 000,553,805 | ---- | C] () -- C:\Users\Compbro\Documents\engine32.cab
[2012/08/09 23:02:42 | 000,456,860 | ---- | C] () -- C:\Users\Compbro\Documents\setup.ibt
[2012/08/09 23:02:42 | 000,351,586 | ---- | C] () -- C:\Users\Compbro\Documents\setup.inx
[2012/08/09 23:02:42 | 000,250,296 | ---- | C] () -- C:\Users\Compbro\Documents\setup.isn
[2012/08/09 23:02:42 | 000,110,592 | ---- | C] () -- C:\Users\Compbro\Documents\alcchkid.exe
[2012/08/09 23:02:42 | 000,049,152 | ---- | C] () -- C:\Users\Compbro\Documents\ChCfg.exe
[2012/08/09 23:02:42 | 000,040,448 | ---- | C] () -- C:\Users\Compbro\Documents\GETDXVER.EXE
[2012/08/09 23:02:42 | 000,031,388 | ---- | C] () -- C:\Users\Compbro\Documents\ALCXDEV.EXE
[2012/08/09 23:02:42 | 000,027,061 | ---- | C] () -- C:\Users\Compbro\Documents\data1.hdr
[2012/08/09 23:02:42 | 000,023,552 | ---- | C] () -- C:\Users\Compbro\Documents\SetCDfmt.exe
[2012/08/09 23:02:42 | 000,002,826 | ---- | C] () -- C:\Users\Compbro\Documents\setup.ini
[2012/08/09 23:02:42 | 000,000,534 | ---- | C] () -- C:\Users\Compbro\Documents\setup.iss
[2012/08/09 23:02:42 | 000,000,512 | ---- | C] () -- C:\Users\Compbro\Documents\data2.cab
[2012/08/09 23:02:42 | 000,000,473 | ---- | C] () -- C:\Users\Compbro\Documents\layout.bin
[2012/08/09 23:02:42 | 000,000,136 | ---- | C] () -- C:\Users\Compbro\Documents\SetupEx.ini
[2012/08/09 22:58:24 | 000,002,461 | ---- | C] () -- C:\Users\Compbro\Desktop\Google Chrome.lnk
[2012/08/09 22:57:42 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job
[2012/08/09 22:57:41 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job
[2012/08/09 22:56:41 | 000,001,437 | ---- | C] () -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/09 22:47:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/08/09 16:25:45 | 000,001,409 | ---- | C] () -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/08/09 16:25:39 | 000,001,443 | ---- | C] () -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/08/09 16:24:52 | 000,000,290 | ---- | C] () -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/08/09 16:24:52 | 000,000,272 | ---- | C] () -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/08/09 16:04:37 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/08/09 16:04:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/08/09 16:03:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/08/08 14:53:48 | 2146,684,927 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/11 11:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/06/11 11:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/06/10 16:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2012/08/18 16:44:52 | 000,020,940 | ---- | M] () -- C:\ComboFix.txt
[2009/06/10 16:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/08/16 17:38:40 | 000,000,009 | ---- | M] () -- C:\END
[2012/08/18 16:40:01 | 2146,684,927 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/18 16:40:01 | 4293,902,335 | -HS- | M] () -- C:\pagefile.sys
[2012/08/17 22:35:17 | 000,126,416 | ---- | M] () -- C:\TDSSKiller.2.8.6.0_17.08.2012_22.33.25_log.txt
< %systemroot%\*. /mp /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< End of report >
-
OTL logfile created on: 8/18/2012 4:46:55 PM - Run 1
OTL by OldTimer - Version 3.2.58.0 Folder = C:\Users\Compbro\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 6.54 Gb Available Physical Memory | 81.74% Memory free
16.00 Gb Paging File | 14.59 Gb Available in Paging File | 91.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.41 Gb Total Space | 20.17 Gb Free Space | 27.10% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 76.24 Mb Free Space | 76.25% Space Free | Partition Type: NTFS
Drive E: | 1862.92 Gb Total Space | 1862.66 Gb Free Space | 99.99% Space Free | Partition Type: NTFS
Computer Name: COMPBRO-PC | User Name: Compbro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/08/18 16:45:58 | 000,598,016 | ---- | M] (OldTimer Tools) -- C:\Users\Compbro\Desktop\OTL.exe
PRC - [2012/08/10 11:58:21 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/06/11 12:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/10 11:58:21 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/06/11 13:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/06/11 11:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/27 18:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 18:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 16:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 16:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A D9 17 1C FF 7B CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={8F248D18-EA45-4363-83C1-6218C0AA45ED}&mid=5067dbdcd4bc47d086aad16c2260d538-659e591a9c7c38316d869c685935caeb53f8e1ef〈=en&ds=AVG&pr=fr&d=2012-08-09 23:48:37&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9F7A5891-E0BB-42D7-AEF1-0140BCFB60C3}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Compbro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Compbro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/09 23:47:52 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3244149'>http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3244149
CHR - default_search_provider: suggest_url = http://search.conduit.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Compbro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - Extension: WhiteSmoke US New = C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.11.21.5_0\
CHR - Extension: AVG Do Not Track = C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
O1 HOSTS File: ([2012/08/18 16:40:43 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.238.96.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1E3DEBA7-42A7-422E-B07A-AD7D7C03EE70}: DhcpNameServer = 192.168.1.1 68.238.96.12
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/08/18 16:46:12 | 000,598,016 | ---- | C] (OldTimer Tools) -- C:\Users\Compbro\Desktop\OTL.exe
[2012/08/18 16:44:54 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/18 04:57:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/18 04:57:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/18 04:57:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/18 04:56:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/17 23:06:21 | 004,735,580 | R--- | C] (Swearware) -- C:\Users\Compbro\Desktop\ComboFix.exe
[2012/08/17 22:37:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/17 22:20:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/08/17 22:20:21 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/08/17 15:01:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\Seagate
[2012/08/17 15:01:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Seagate
[2012/08/17 15:01:16 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate File Recovery for Windows
[2012/08/17 15:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate File Recovery for Windows
[2012/08/17 15:01:16 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\R-TT
[2012/08/17 14:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2012/08/17 14:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/08/16 18:00:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/16 18:00:35 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/16 18:00:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/16 18:00:34 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/16 18:00:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/16 18:00:33 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/16 18:00:33 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/16 18:00:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/16 18:00:33 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/16 18:00:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/16 18:00:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/16 18:00:32 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/16 18:00:31 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/16 17:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Picasa3
[2012/08/16 17:38:36 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\CRE
[2012/08/16 17:38:27 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Conduit
[2012/08/16 11:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012/08/16 11:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/08/16 11:38:11 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/16 11:38:05 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/16 11:38:05 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/16 11:38:05 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/16 11:37:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/16 11:37:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/16 11:37:58 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/16 11:37:56 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/12 23:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/08/12 23:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2012/08/12 23:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/08/10 17:39:11 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/08/10 17:39:11 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/08/10 17:39:06 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/08/10 17:39:06 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/08/10 17:39:05 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/08/10 17:39:05 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/08/10 17:39:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/08/10 17:39:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/08/10 17:39:05 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/08/10 16:01:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/08/10 15:02:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/08/10 15:02:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/08/10 14:20:05 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2012/08/10 14:20:05 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2012/08/10 14:20:05 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2012/08/10 14:20:05 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2012/08/10 14:20:05 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2012/08/10 14:20:05 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2012/08/10 14:20:05 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2012/08/10 14:20:05 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2012/08/10 14:18:10 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/08/10 14:18:10 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/08/10 14:18:10 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/08/10 14:18:10 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/08/10 14:18:10 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/08/10 14:18:10 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/08/10 14:18:10 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/08/10 14:18:10 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/08/10 14:18:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/08/10 14:18:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/08/10 14:18:10 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/08/10 14:18:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/08/10 14:18:10 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/08/10 14:18:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/08/10 14:18:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/08/10 14:18:10 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/08/10 14:18:09 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/08/10 14:18:09 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/08/10 14:18:09 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/08/10 14:18:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/08/10 14:18:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/08/10 14:18:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/08/10 14:18:09 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/08/10 14:18:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/08/10 14:18:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/08/10 14:18:09 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/08/10 14:18:09 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/08/10 14:18:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/08/10 14:18:09 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/08/10 14:18:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/08/10 14:18:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/08/10 14:18:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/08/10 14:18:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/08/10 14:18:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/08/10 14:18:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/08/10 14:18:08 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/08/10 14:18:08 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/08/10 14:18:08 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/08/10 14:18:08 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/08/10 14:18:08 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/08/10 14:18:08 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/08/10 14:18:08 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/08/10 14:18:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/08/10 14:18:08 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/08/10 14:18:08 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/08/10 14:18:08 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/08/10 14:18:08 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/08/10 14:18:08 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/08/10 14:18:08 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/08/10 14:18:08 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/08/10 14:18:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/08/10 14:18:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/08/10 14:18:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/08/10 14:18:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/08/10 14:18:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/08/10 14:18:07 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/08/10 14:18:07 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/08/10 14:18:07 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/08/10 14:18:07 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/08/10 14:09:00 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/08/10 14:09:00 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/08/10 14:09:00 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/08/10 11:53:51 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\PunkBuster
[2012/08/10 11:53:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\Battlefield 3
[2012/08/10 11:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2012/08/10 11:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012/08/10 11:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012/08/10 03:36:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012/08/10 03:34:58 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/08/10 03:34:58 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/08/10 03:34:58 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/08/10 03:34:58 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/08/10 03:34:58 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/08/10 03:34:58 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/08/10 03:34:57 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/08/10 03:34:57 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/08/10 03:34:57 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/08/10 03:34:57 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/08/10 03:34:57 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/08/10 03:34:57 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/08/10 03:34:56 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/08/10 03:34:56 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/08/10 03:34:56 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/08/10 03:34:56 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/08/10 03:34:55 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/08/10 03:34:55 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/08/10 03:34:55 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/08/10 03:34:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/08/10 03:34:54 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/08/10 03:34:54 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/08/10 03:34:54 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/08/10 03:34:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/08/10 03:34:54 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/08/10 03:34:54 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/08/10 03:34:52 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/08/10 03:34:52 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/08/10 03:34:52 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/08/10 03:34:52 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/08/10 03:34:52 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/08/10 03:34:52 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/08/10 03:34:51 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/08/10 03:34:51 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/08/10 03:34:51 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/08/10 03:34:51 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/08/10 03:34:51 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/08/10 03:34:51 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/08/10 03:34:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/08/10 03:34:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/08/10 03:34:51 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/08/10 03:34:51 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/08/10 03:34:50 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/08/10 03:34:50 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/08/10 03:34:50 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/08/10 03:34:50 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/08/10 03:34:50 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/08/10 03:34:50 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/08/10 03:34:49 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/08/10 03:34:49 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/08/10 03:34:49 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/08/10 03:34:49 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/08/10 03:34:49 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/08/10 03:34:49 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/08/10 03:34:49 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/08/10 03:34:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/08/10 03:34:48 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/08/10 03:34:48 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/08/10 03:34:48 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/08/10 03:34:48 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/08/10 03:34:48 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/08/10 03:34:48 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/08/10 03:34:47 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/08/10 03:34:47 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/08/10 03:34:47 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/08/10 03:34:47 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/08/10 03:34:46 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/08/10 03:34:46 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/08/10 03:34:46 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/08/10 03:34:46 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/08/10 03:34:46 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/08/10 03:34:46 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/08/10 03:34:46 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/08/10 03:34:46 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/08/10 03:34:46 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/08/10 03:34:46 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/08/10 03:34:45 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/08/10 03:34:45 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/08/10 03:34:44 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/08/10 03:34:44 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/08/10 03:34:44 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/08/10 03:34:44 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/08/10 03:34:44 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/08/10 03:34:44 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/08/10 03:34:43 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/08/10 03:34:43 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/08/10 03:34:43 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/08/10 03:34:43 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/08/10 03:34:43 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/08/10 03:34:43 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/08/10 03:34:43 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/08/10 03:34:43 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/08/10 03:34:42 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/08/10 03:34:42 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/08/10 03:34:41 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/08/10 03:34:41 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/08/10 03:34:41 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/08/10 03:34:41 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/08/10 03:34:41 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/08/10 03:34:41 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/08/10 03:34:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/08/10 03:34:41 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/08/10 03:34:41 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/08/10 03:34:41 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/08/10 03:34:40 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/08/10 03:34:40 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/08/10 03:34:39 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/08/10 03:34:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/08/10 03:34:39 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/08/10 03:34:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/08/10 03:34:38 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/08/10 03:34:38 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/08/10 03:34:38 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/08/10 03:34:38 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/08/10 03:34:37 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/08/10 03:34:37 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/08/10 03:34:37 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/08/10 03:34:37 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/08/10 03:34:37 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/08/10 03:34:37 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/08/10 03:34:36 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/08/10 03:34:36 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/08/10 03:34:36 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/08/10 03:34:36 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/08/10 03:34:36 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/08/10 03:34:36 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/08/10 03:34:36 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/08/10 03:34:36 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/08/10 03:34:36 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/08/10 03:34:36 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/08/10 03:34:36 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/08/10 03:34:36 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/08/10 03:34:35 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/08/10 03:34:35 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/08/10 03:34:34 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/08/10 03:34:34 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/08/10 03:34:34 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/08/10 03:34:34 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/08/10 03:34:34 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/08/10 03:34:34 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/08/10 03:34:33 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/08/10 03:34:33 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/08/10 03:34:31 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/08/10 03:34:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/08/10 03:34:31 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/08/10 03:34:31 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/08/10 03:34:30 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/08/10 03:34:30 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/08/10 03:34:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/08/10 03:34:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/08/10 03:34:30 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/08/10 03:34:30 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/08/10 03:34:30 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/08/10 03:34:30 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/08/10 03:34:29 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/08/10 03:34:29 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/08/10 03:34:29 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/08/10 03:34:29 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/08/10 03:34:28 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/08/10 03:34:28 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/08/10 03:34:28 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/08/10 03:34:28 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/08/10 03:34:27 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/08/10 03:34:27 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/08/10 03:34:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/08/10 03:34:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/08/10 03:34:18 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/08/10 03:34:18 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/08/10 03:34:18 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/08/10 03:34:18 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/08/10 03:34:18 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/08/10 03:34:18 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/08/10 03:34:17 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/08/10 03:34:17 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/08/10 03:34:17 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/08/10 03:34:17 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/08/10 03:34:17 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/08/10 03:34:17 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/08/10 03:34:17 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/08/10 03:34:17 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/08/10 03:34:16 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/08/10 03:34:16 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/08/10 03:22:32 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2012/08/10 03:22:24 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/08/10 03:22:20 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/08/10 03:22:20 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/08/10 03:22:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/08/10 03:22:20 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/08/10 03:22:20 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/08/10 03:22:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/08/10 03:22:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/08/10 03:22:20 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/08/10 03:22:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/08/10 03:22:16 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/08/10 03:22:16 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/08/10 03:22:16 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/08/10 03:22:16 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/08/10 03:22:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/08/10 03:21:48 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/08/10 03:21:48 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/08/10 03:21:43 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/08/10 03:21:43 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/08/10 03:21:39 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/08/10 03:21:39 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/08/10 03:21:39 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/08/10 03:21:38 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/08/10 03:21:38 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/08/10 03:21:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/08/10 03:21:35 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2012/08/10 03:21:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2012/08/10 03:21:33 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/08/10 03:21:33 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/08/10 03:21:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/08/10 03:21:33 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/08/10 03:21:28 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/08/10 03:21:27 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2012/08/10 03:21:06 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2012/08/10 03:21:06 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2012/08/10 03:21:06 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2012/08/10 03:21:06 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2012/08/10 03:21:06 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2012/08/10 03:21:06 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2012/08/10 03:21:06 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2012/08/10 03:21:06 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2012/08/10 03:21:04 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/08/10 03:21:04 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/08/10 03:21:03 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/08/10 03:21:03 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/08/10 03:21:03 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/08/10 03:21:03 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/08/10 03:21:03 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/08/10 03:21:02 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/08/10 03:21:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/08/10 03:21:02 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/08/10 03:21:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/08/10 03:21:02 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/08/10 03:21:02 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/08/10 03:20:56 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2012/08/10 03:20:51 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/08/10 03:20:51 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/08/10 03:20:48 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2012/08/10 03:20:48 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2012/08/10 03:20:30 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2012/08/10 03:20:30 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2012/08/10 03:20:30 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2012/08/10 03:20:30 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2012/08/10 03:20:30 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2012/08/10 03:20:30 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2012/08/10 03:20:30 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2012/08/10 03:20:30 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2012/08/10 03:20:30 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2012/08/10 03:20:29 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2012/08/10 03:20:29 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2012/08/10 03:20:29 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2012/08/10 03:20:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2012/08/10 03:20:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2012/08/10 03:20:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2012/08/10 03:20:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2012/08/10 03:20:18 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2012/08/10 03:20:06 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/08/10 03:20:00 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/08/10 03:20:00 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/08/10 03:19:58 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/08/10 03:19:58 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/08/10 03:19:40 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2012/08/10 03:19:36 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2012/08/10 03:19:36 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2012/08/10 03:19:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2012/08/10 03:19:35 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2012/08/10 03:19:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2012/08/10 03:19:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2012/08/10 03:19:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2012/08/10 03:19:28 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/08/10 03:19:28 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/08/10 03:19:20 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/08/10 03:19:19 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/08/10 03:19:19 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/08/10 03:19:19 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/08/10 03:19:03 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2012/08/10 03:18:05 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/08/10 03:18:05 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/08/10 03:18:05 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/08/10 03:17:51 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/08/10 03:17:51 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/08/10 03:17:50 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/08/10 03:17:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/08/10 03:17:50 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/08/10 03:17:31 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/08/10 03:17:31 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/08/10 03:17:31 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/08/10 03:17:31 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/08/10 03:17:31 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/08/10 03:17:31 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/08/10 03:17:29 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2012/08/10 03:17:28 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2012/08/10 03:17:28 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2012/08/10 03:17:28 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2012/08/10 03:17:28 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2012/08/10 03:17:27 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2012/08/10 03:17:27 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012/08/10 03:17:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2012/08/10 03:17:27 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2012/08/10 03:17:27 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2012/08/10 03:17:27 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2012/08/10 03:17:27 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/08/10 03:17:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2012/08/10 03:17:13 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/08/10 03:17:11 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2012/08/10 03:17:08 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/08/10 03:17:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/08/10 03:17:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/08/10 03:17:02 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2012/08/10 03:17:02 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2012/08/10 03:17:00 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2012/08/10 03:17:00 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2012/08/10 03:16:57 | 005,505,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/08/10 03:16:56 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/08/10 03:16:56 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/08/10 03:16:42 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/08/10 03:16:42 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/08/10 03:16:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2012/08/10 03:16:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2012/08/10 03:16:42 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/08/10 03:16:42 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2012/08/10 03:16:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/08/10 03:16:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2012/08/10 03:16:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2012/08/10 03:16:42 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2012/08/10 03:16:31 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/08/10 03:16:02 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/08/10 03:16:02 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/08/10 03:16:02 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/08/10 03:16:02 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/08/10 03:16:02 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/08/10 03:16:02 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/08/10 03:16:02 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/08/10 03:16:00 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2012/08/10 03:16:00 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2012/08/10 03:15:52 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2012/08/10 03:15:48 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/08/10 03:15:47 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/08/10 03:15:32 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/08/10 03:15:32 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/08/10 03:15:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/08/10 03:15:32 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/08/10 03:15:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/08/10 03:15:32 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/08/10 03:15:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/08/10 03:15:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/08/10 03:15:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/08/10 03:15:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/08/10 03:15:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/08/10 03:15:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/08/10 03:15:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/10 03:15:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/10 03:15:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/08/10 03:15:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/08/10 03:15:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/08/10 03:15:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/08/10 03:15:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/08/10 03:15:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/08/10 03:15:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/08/10 03:15:21 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/08/10 03:15:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/08/10 03:15:19 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/08/10 03:15:19 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/08/10 03:15:19 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/08/10 03:15:19 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/08/10 03:15:16 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2012/08/10 03:15:16 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2012/08/10 03:15:15 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2012/08/10 03:15:15 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2012/08/10 03:15:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/08/10 03:15:11 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/08/10 03:15:08 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/08/10 03:15:05 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/08/10 03:15:04 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2012/08/10 03:15:01 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/08/10 03:15:01 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/08/10 03:15:00 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/08/10 03:15:00 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/08/10 03:14:34 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/08/10 03:14:31 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2012/08/10 03:14:31 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2012/08/10 03:14:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2012/08/10 03:08:28 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/08/10 03:08:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/08/10 00:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012/08/10 00:00:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Origin
[2012/08/10 00:00:39 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Origin
[2012/08/09 23:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012/08/09 23:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/08/09 23:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012/08/09 23:49:48 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\AVG2012
[2012/08/09 23:48:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/08/09 23:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/08/09 23:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/08/09 23:48:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/08/09 23:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/08/09 23:47:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012/08/09 23:47:50 | 000,000,000 | ---D | C] -- C:\$AVG
[2012/08/09 23:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/08/09 23:44:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/08/09 23:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/08/09 23:24:28 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\ATI
[2012/08/09 23:24:28 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\ATI
[2012/08/09 23:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/09 23:24:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012/08/09 23:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012/08/09 23:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/08/09 23:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012/08/09 23:24:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012/08/09 23:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/08/09 23:23:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/08/09 23:23:16 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/08/09 23:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/08/09 23:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/08/09 23:18:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/08/09 23:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/08/09 23:18:21 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/08/09 23:18:20 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/08/09 23:18:20 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/08/09 23:18:20 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/08/09 23:18:20 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/08/09 23:18:18 | 003,615,888 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/08/09 23:18:18 | 002,674,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/08/09 23:18:18 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/08/09 23:18:18 | 001,262,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/08/09 23:18:18 | 000,869,520 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/08/09 23:18:18 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/08/09 23:18:18 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/08/09 23:18:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/08/09 23:18:18 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/08/09 23:18:18 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/08/09 23:18:18 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/08/09 23:18:18 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/08/09 23:18:18 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/08/09 23:18:18 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2012/08/09 23:18:17 | 000,105,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2012/08/09 23:18:17 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll
[2012/08/09 23:18:16 | 000,897,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll
[2012/08/09 23:18:16 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll
[2012/08/09 23:18:16 | 000,626,304 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBTHX64.dll
[2012/08/09 23:18:16 | 000,561,792 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBTHX32.dll
[2012/08/09 23:18:15 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/08/09 23:18:15 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2012/08/09 23:18:15 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/08/09 23:18:14 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/08/09 23:18:12 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/08/09 23:18:12 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/08/09 23:18:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/08/09 23:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/08/09 23:18:11 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/08/09 23:18:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012/08/09 23:18:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/08/09 23:06:27 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\ElevatedDiagnostics
[2012/08/09 23:03:29 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\6305_Vista_PG537
[2012/08/09 23:02:43 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\Vista64
[2012/08/09 23:02:42 | 000,524,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\RtlExUpd.dll
[2012/08/09 23:02:42 | 000,475,648 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\AlcUpd64.exe
[2012/08/09 23:02:42 | 000,316,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\alcrmv64.exe
[2012/08/09 23:02:42 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\alcupd.exe
[2012/08/09 23:02:42 | 000,217,088 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\alcrmv.exe
[2012/08/09 23:02:42 | 000,126,976 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Users\Compbro\Documents\alcrmv9x.exe
[2012/08/09 23:02:42 | 000,121,064 | ---- | C] (Macrovision Corporation) -- C:\Users\Compbro\Documents\setup.exe
[2012/08/09 23:02:42 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\Vista
[2012/08/09 23:02:42 | 000,000,000 | ---D | C] -- C:\Users\Compbro\Documents\CONFIG
[2012/08/09 23:02:04 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\WinRAR
[2012/08/09 23:02:04 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/08/09 23:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/08/09 23:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012/08/09 22:58:22 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/08/09 22:57:41 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Google
[2012/08/09 22:57:25 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Apps
[2012/08/09 22:57:24 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Deployment
[2012/08/09 22:45:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2012/08/09 22:45:16 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2012/08/09 22:45:15 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/08/09 22:45:15 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/08/09 17:00:22 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/08/09 16:51:43 | 000,000,000 | ---D | C] -- C:\Windows.old
[2012/08/09 16:25:35 | 000,000,000 | R--D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/08/09 16:25:35 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Searches
[2012/08/09 16:25:35 | 000,000,000 | R--D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/08/09 16:25:35 | 000,000,000 | -H-D | C] -- C:\Users\Compbro\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/08/09 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Identities
[2012/08/09 16:25:22 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Contacts
[2012/08/09 16:25:19 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\VirtualStore
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\AppData\Local\Temporary Internet Files
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Templates
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Start Menu
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\SendTo
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Recent
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\PrintHood
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\NetHood
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Documents\My Videos
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Documents\My Pictures
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Documents\My Music
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\My Documents
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Local Settings
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\AppData\Local\History
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Cookies
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\Application Data
[2012/08/09 16:24:54 | 000,000,000 | -HSD | C] -- C:\Users\Compbro\AppData\Local\Application Data
[2012/08/09 16:24:52 | 000,000,000 | --SD | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Pictures
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Music
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Links
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Favorites
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Downloads
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Documents
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Desktop
[2012/08/09 16:24:52 | 000,000,000 | R--D | C] -- C:\Users\Compbro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/08/09 16:24:52 | 000,000,000 | -H-D | C] -- C:\Users\Compbro\AppData
[2012/08/09 16:24:52 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Temp
[2012/08/09 16:24:52 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Local\Microsoft
[2012/08/09 16:24:52 | 000,000,000 | ---D | C] -- C:\Users\Compbro\AppData\Roaming\Media Center Programs
[2012/08/09 16:24:51 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Videos
[2012/08/09 16:24:51 | 000,000,000 | R--D | C] -- C:\Users\Compbro\Saved Games
[2012/08/09 16:23:35 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/08/09 16:23:35 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/08/09 16:23:35 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/08/09 16:23:26 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/08/09 16:23:26 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/08/09 16:23:26 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/08/09 16:23:17 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/08/09 16:23:17 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/08/09 16:04:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/08/09 16:01:52 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/08/09 13:17:50 | 000,000,000 | ---D | C] -- C:\AMD
[2012/08/08 15:35:17 | 000,000,000 | ---D | C] -- C:\Recovery
[2012/08/08 14:53:48 | 000,000,000 | -HSD | C] -- C:\System Volume Information
-
Alright so I ran OTL and ComboFix with that script. WhiteSmoke still present unfortunately. Here are the logs. ComboFix first then OTL.
ComboFix 12-08-18.03 - Compbro 08/18/2012 16:34:51.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8191.6733 [GMT -5:00]
Running from: c:\users\Compbro\Desktop\ComboFix.exe
Command switches used :: c:\users\Compbro\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-07-18 to 2012-08-18 )))))))))))))))))))))))))))))))
.
.
2012-08-18 21:39 . 2012-08-18 21:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-18 03:20 . 2012-08-18 03:20 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-08-17 20:01 . 2012-08-17 20:01 -------- d-----w- c:\program files (x86)\Seagate File Recovery for Windows
2012-08-17 19:47 . 2012-08-17 19:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-08-16 22:39 . 2012-08-16 22:41 -------- d-----w- c:\program files\Picasa3
2012-08-16 16:38 . 2012-08-16 16:38 -------- d-----w- c:\program files (x86)\Google
2012-08-16 16:38 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-16 16:38 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-16 16:38 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-16 16:38 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-16 16:38 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe
2012-08-16 16:38 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-16 16:37 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-16 16:37 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-16 16:37 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 16:37 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-16 16:37 . 2012-07-18 17:31 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 16:37 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll
2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Common Files\Logitech
2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Logitech
2012-08-10 21:01 . 2012-08-10 21:01 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\SysWow64\Wat
2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\system32\Wat
2012-08-10 19:47 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2012-08-10 19:47 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2012-08-10 19:33 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2012-08-10 19:33 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2012-08-10 19:20 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2012-08-10 19:20 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2012-08-10 19:20 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2012-08-10 19:20 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2012-08-10 19:20 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2012-08-10 19:20 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-08-10 19:20 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-08-10 19:20 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2012-08-10 19:20 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2012-08-10 19:20 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-08-10 19:09 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-08-10 19:09 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-08-10 19:09 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-08-10 19:09 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-08-10 19:09 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-10 19:09 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-08-10 19:09 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-08-10 19:06 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2012-08-10 16:53 . 2012-08-18 08:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-10 16:51 . 2012-08-10 16:51 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2012-08-10 16:46 . 2012-08-10 16:46 -------- d-----w- c:\programdata\EA Core
2012-08-10 16:46 . 2012-08-10 20:13 -------- d-----w- c:\programdata\EA Logs
2012-08-10 08:36 . 2012-08-10 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-08-10 08:35 . 2012-08-18 08:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-10 08:35 . 2012-08-18 08:36 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-10 08:35 . 2012-08-10 16:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-08-10 08:22 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe
2012-08-10 08:21 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2012-08-10 08:20 . 2010-05-05 07:37 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
2012-08-10 08:19 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-08-10 08:18 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-08-10 08:18 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-08-10 08:18 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-08-10 08:16 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-10 08:15 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll
2012-08-10 08:14 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-10 08:08 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-08-10 08:08 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-08-10 05:00 . 2012-08-10 05:01 -------- d-----w- c:\program files (x86)\Origin Games
2012-08-10 04:59 . 2012-08-10 16:46 -------- d-----w- c:\programdata\Electronic Arts
2012-08-10 04:59 . 2012-08-10 05:01 -------- d-----w- c:\programdata\Origin
2012-08-10 04:59 . 2012-08-10 05:00 -------- d-----w- c:\program files (x86)\Origin
2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\programdata\AVG Secure Search
2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-08-10 04:48 . 2012-08-10 04:48 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-08-10 04:47 . 2012-08-18 21:31 -------- d-----w- c:\windows\system32\drivers\AVG
2012-08-10 04:47 . 2012-08-12 04:28 -------- d-----w- c:\programdata\AVG2012
2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- C:\$AVG
2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- c:\program files (x86)\AVG
2012-08-10 04:44 . 2012-08-18 21:31 -------- d-----w- c:\programdata\MFAData
2012-08-10 04:44 . 2012-08-10 04:44 -------- d--h--w- c:\programdata\Common Files
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\ATI
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\AMD
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD AVT
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD APP
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-08-10 04:23 . 2012-08-17 20:57 -------- d-sh--w- c:\windows\Installer
2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files\ATI
2012-08-10 04:22 . 2012-08-10 04:24 -------- d-----w- c:\program files\ATI Technologies
2012-08-10 04:05 . 2012-07-16 07:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0C74DAE-9047-4255-8E45-3C43E343064B}\mpengine.dll
2012-08-10 04:05 . 2012-05-31 17:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-08-10 04:02 . 2012-08-10 04:02 -------- d-----w- c:\program files\WinRAR
2012-08-10 03:47 . 2012-08-10 03:47 0 ----a-w- c:\windows\ativpsrm.bin
2012-08-10 03:45 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2012-08-10 03:45 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2012-08-10 03:45 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-08-10 03:45 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-08-10 03:45 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-08-09 22:00 . 2012-08-09 21:23 -------- d-----w- c:\windows\Panther
2012-08-09 21:51 . 2012-08-09 21:51 -------- d-----w- C:\Windows.old
2012-08-09 21:24 . 2012-08-09 21:25 -------- d-----w- c:\users\Compbro
2012-08-09 21:23 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-09 21:23 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-08-09 21:23 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-08-09 21:23 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-08-09 21:23 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-08-09 21:23 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-08-09 21:23 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-08-09 21:23 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-09 21:23 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-08-09 18:17 . 2012-08-09 18:17 -------- d-----w- C:\AMD
2012-08-08 20:35 . 2012-08-09 21:21 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:50 . 2012-06-11 18:50 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 18:50 . 2012-06-11 18:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-06-11 18:50 . 2012-06-11 18:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-06-11 18:50 . 2012-06-11 18:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-06-11 18:50 . 2012-06-11 18:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-06-11 18:50 . 2012-06-11 18:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll
2012-06-11 18:49 . 2012-06-11 18:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-11 18:48 . 2012-06-11 18:48 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-11 18:48 . 2012-06-11 18:48 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-04-20 07:09 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-11 17:23 . 2012-06-11 17:23 1090560 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-11 17:01 . 2012-06-11 17:01 6914560 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-11 16:45 . 2011-04-20 06:38 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-11 16:43 . 2011-04-20 06:30 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-11 16:27 . 2012-06-11 16:27 539136 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-04-20 06:21 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-11 16:24 . 2011-04-20 06:21 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-18_10.03.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-10 03:40 . 2012-08-18 21:28 23014 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-18 21:28 32248 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-08-09 21:26 . 2012-08-18 21:28 5268 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-447234750-1175504839-4170690110-1001_UserData.bin
- 2012-08-18 10:03 . 2012-08-18 10:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-18 21:40 . 2012-08-18 21:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-18 21:40 . 2012-08-18 21:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-18 10:03 . 2012-08-18 10:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-10 04:31 . 2012-08-18 03:44 411768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-08-10 04:31 . 2012-08-18 21:39 411768 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-08-18 10:01 230004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-18 21:39 230004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 02:34 . 2012-08-18 08:00 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-08-18 10:13 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-10 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job
- c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57]
.
2012-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job
- c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1 68.238.96.12
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Completion time: 2012-08-18 16:44:52 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-18 21:44
ComboFix2.txt 2012-08-18 10:08
ComboFix3.txt 2012-08-18 03:51
.
Pre-Run: 21,669,847,040 bytes free
Post-Run: 21,580,570,624 bytes free
.
- - End Of File - - AC0690A14340DAF94ADCC51E374FC3E6
-
You'll have to excuse my grammar and usage mistakes. It's the early morning and I haven't slept.
-
I can't find Conduit in my Uninstall screen unfortunately. But I did find its folder and deleted it. The script you posted seemed to have worked... that it until I opened my browser. Looks like the toolbar installed itself yet again. Gave me the welcome screen and everything. Nonetheless, here is the log.
ComboFix 12-08-17.03 - Compbro 08/18/2012 4:58.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8191.6417 [GMT -5:00]
Running from: c:\users\Compbro\Desktop\ComboFix.exe
Command switches used :: c:\users\Compbro\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage-journal"
"c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage"
"c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage-journal"
"c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage"
"c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage-journal"
"c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage-journal
c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage
c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage-journal
c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage
c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage-journal
c:\users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage
.
.
((((((((((((((((((((((((( Files Created from 2012-07-18 to 2012-08-18 )))))))))))))))))))))))))))))))
.
.
2012-08-18 03:20 . 2012-08-18 03:20 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-08-17 20:01 . 2012-08-17 20:01 -------- d-----w- c:\program files (x86)\Seagate File Recovery for Windows
2012-08-17 19:47 . 2012-08-17 19:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-08-16 22:39 . 2012-08-16 22:41 -------- d-----w- c:\program files\Picasa3
2012-08-16 16:38 . 2012-08-16 16:38 -------- d-----w- c:\program files (x86)\Google
2012-08-16 16:38 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-16 16:38 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-16 16:38 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-16 16:38 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-16 16:38 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe
2012-08-16 16:38 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-16 16:37 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-16 16:37 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-16 16:37 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 16:37 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-16 16:37 . 2012-07-18 17:31 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 16:37 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll
2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Common Files\Logitech
2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Logitech
2012-08-10 21:01 . 2012-08-10 21:01 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\SysWow64\Wat
2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\system32\Wat
2012-08-10 19:47 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2012-08-10 19:47 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2012-08-10 19:33 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2012-08-10 19:33 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2012-08-10 19:20 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2012-08-10 19:20 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2012-08-10 19:20 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2012-08-10 19:20 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2012-08-10 19:20 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2012-08-10 19:20 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-08-10 19:20 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-08-10 19:20 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2012-08-10 19:20 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2012-08-10 19:20 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-08-10 19:09 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-08-10 19:09 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-08-10 19:09 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-08-10 19:09 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-08-10 19:09 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-10 19:09 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-08-10 19:09 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-08-10 19:06 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2012-08-10 16:53 . 2012-08-18 08:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-10 16:51 . 2012-08-10 16:51 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2012-08-10 16:46 . 2012-08-10 16:46 -------- d-----w- c:\programdata\EA Core
2012-08-10 16:46 . 2012-08-10 20:13 -------- d-----w- c:\programdata\EA Logs
2012-08-10 08:36 . 2012-08-10 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-08-10 08:35 . 2012-08-18 08:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-10 08:35 . 2012-08-18 08:36 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-10 08:35 . 2012-08-10 16:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-08-10 08:22 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe
2012-08-10 08:21 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2012-08-10 08:20 . 2010-05-05 07:37 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
2012-08-10 08:19 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-08-10 08:18 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-08-10 08:18 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-08-10 08:18 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-08-10 08:16 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-10 08:15 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll
2012-08-10 08:14 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-10 08:08 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-08-10 08:08 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-08-10 05:00 . 2012-08-10 05:01 -------- d-----w- c:\program files (x86)\Origin Games
2012-08-10 04:59 . 2012-08-10 16:46 -------- d-----w- c:\programdata\Electronic Arts
2012-08-10 04:59 . 2012-08-10 05:01 -------- d-----w- c:\programdata\Origin
2012-08-10 04:59 . 2012-08-10 05:00 -------- d-----w- c:\program files (x86)\Origin
2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\programdata\AVG Secure Search
2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-08-10 04:48 . 2012-08-10 04:48 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-08-10 04:47 . 2012-08-18 03:14 -------- d-----w- c:\windows\system32\drivers\AVG
2012-08-10 04:47 . 2012-08-12 04:28 -------- d-----w- c:\programdata\AVG2012
2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- C:\$AVG
2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- c:\program files (x86)\AVG
2012-08-10 04:44 . 2012-08-18 03:15 -------- d-----w- c:\programdata\MFAData
2012-08-10 04:44 . 2012-08-10 04:44 -------- d--h--w- c:\programdata\Common Files
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\ATI
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\AMD
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD AVT
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD APP
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-08-10 04:23 . 2012-08-17 20:57 -------- d-sh--w- c:\windows\Installer
2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files\ATI
2012-08-10 04:22 . 2012-08-10 04:24 -------- d-----w- c:\program files\ATI Technologies
2012-08-10 04:05 . 2012-07-16 07:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0C74DAE-9047-4255-8E45-3C43E343064B}\mpengine.dll
2012-08-10 04:05 . 2012-05-31 17:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-08-10 04:02 . 2012-08-10 04:02 -------- d-----w- c:\program files\WinRAR
2012-08-10 03:47 . 2012-08-10 03:47 0 ----a-w- c:\windows\ativpsrm.bin
2012-08-10 03:45 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2012-08-10 03:45 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2012-08-10 03:45 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-08-10 03:45 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-08-10 03:45 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-08-09 22:00 . 2012-08-09 21:23 -------- d-----w- c:\windows\Panther
2012-08-09 21:51 . 2012-08-09 21:51 -------- d-----w- C:\Windows.old
2012-08-09 21:24 . 2012-08-09 21:25 -------- d-----w- c:\users\Compbro
2012-08-09 21:23 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-09 21:23 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-08-09 21:23 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-08-09 21:23 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-08-09 21:23 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-08-09 21:23 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-08-09 21:23 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-08-09 21:23 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-09 21:23 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-08-09 18:17 . 2012-08-09 18:17 -------- d-----w- C:\AMD
2012-08-08 20:35 . 2012-08-09 21:21 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:50 . 2012-06-11 18:50 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 18:50 . 2012-06-11 18:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-06-11 18:50 . 2012-06-11 18:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-06-11 18:50 . 2012-06-11 18:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-06-11 18:50 . 2012-06-11 18:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-06-11 18:50 . 2012-06-11 18:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll
2012-06-11 18:49 . 2012-06-11 18:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-11 18:48 . 2012-06-11 18:48 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-11 18:48 . 2012-06-11 18:48 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-04-20 07:09 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-11 17:23 . 2012-06-11 17:23 1090560 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-11 17:01 . 2012-06-11 17:01 6914560 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-11 16:45 . 2011-04-20 06:38 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-11 16:43 . 2011-04-20 06:30 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-11 16:27 . 2012-06-11 16:27 539136 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-04-20 06:21 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-11 16:24 . 2011-04-20 06:21 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-10 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job
- c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57]
.
2012-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job
- c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3244149
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1 68.238.96.12
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Completion time: 2012-08-18 05:08:07 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-18 10:08
ComboFix2.txt 2012-08-18 03:51
.
Pre-Run: 21,801,312,256 bytes free
Post-Run: 21,741,805,568 bytes free
.
- - End Of File - - D7CAECC8523602A0C95901DE79D1A193
-
SystemLook 30.07.11 by jpshortstuff
Log created at 03:33 on 18/08/2012 by Compbro
Administrator - Elevation successful
========== filefind ==========
Searching for "*WhiteSmoke*"
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage --a---- 3072 bytes [19:56 17/08/2012] [19:56 17/08/2012] CEAC9CFA4B7BAA5DC331972C3081A832
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmoketools.ourtoolbar.com_0.localstorage-journal --a---- 3608 bytes [19:56 17/08/2012] [19:56 17/08/2012] 1D4B95391958ADFFB2D7C59BEF525B46
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage --a---- 3072 bytes [19:43 17/08/2012] [03:18 18/08/2012] 350B9721E7F97ABC556E9586939BA3CB
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_whitesmokeusnew.ourtoolbar.com_0.localstorage-journal --a---- 3608 bytes [19:43 17/08/2012] [03:18 18/08/2012] DF035E24DEF02A5CADF7635EBF05AD2B
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage --a---- 3072 bytes [19:55 17/08/2012] [03:25 18/08/2012] 350B9721E7F97ABC556E9586939BA3CB
C:\Users\Compbro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.whitesmoke.com_0.localstorage-journal --a---- 3608 bytes [19:55 17/08/2012] [03:25 18/08/2012] A474C5DDEF50A0A12E4828B3AF733D6E
========== folderfind ==========
Searching for "*WhiteSmoke*"
No folders found.
========== regfind ==========
Searching for "WhiteSmoke"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725399351616___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725399351616%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725399351616%22%2C%22onBeforeLoadData%22%3A%22%7B%
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725399820364___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725399820364%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725399820364%22%2C%22originalHeight%22%3A25%2C%
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725402320352___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725402320352%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725402320352%22%2C%22originalHeight%22%3A24%2C%
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725403414096___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725403414096%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725403414096%22%2C%22originalHeight%22%3A26%2C%
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725403726597___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725403726597%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725403726597%22%2C%22originalHeight%22%3A26%2C%22
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_1000082___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%221000082%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%221000082%22%2C%22tabInfo%22%3A%7B%7D%7D%2C%22viewId%22%3A%220.30513234599493444%22%7D"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725405445339___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725405445339%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%22129895725405445339%22%2C%22originalHeight%22%3A24%2C%22
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_4925864906806966160___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%224925864906806966160%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Afalse%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%224925864906806966160%22%2C%22originalHeight%22%3A26%2
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"CT3244149.serviceLayer_service_toolbarGrouping_activeToolbarName"="%7B%22dataType%22%3A%22string%22%2C%22data%22%3A%22WhiteSmoke_US_New%22%7D"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"CT3244149.serviceLayer_service_toolbarGrouping_activeDownloadUrl"="%7B%22dataType%22%3A%22string%22%2C%22data%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%7D"
[HKEY_CURRENT_USER\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_92dad837-b406-451b-9bd8-b8ba1103fed1___kfkcangbigakljkjeglcofaomihpejif"="%7B%22position%22%3A%7B%22left%22%3A2%2C%22top%22%3A33%2C%22right%22%3A46%2C%22isAbsolute%22%3Atrue%7D%2C%22buttonWidth%22%3A42%2C%22appId%22%3A%22129496561699250735%22%2C%22viewId%22%3A%220.32803047890774906%22%2C%22loggerData%22%3A%7B%22from%22%3A%22menu%22%2C%22action%22%3A%22menu%22%2C%22startTime%22%3A1345260323581%2C%22isApi%22%3Afalse%2C%22isWithState%22%3Atrue%7D%2C%22menuId%22%3A1%2C%22isMenu%22%3Atrue%2C%22flowid%22%3A%220.17985008819960058%22%2C%22context%22%3A%22popup%22%2C%22popupId%22%3A%221%22%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22icon%22%
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725399351616___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725399351616%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%2212989572539935161
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725399820364___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725399820364%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%2212989572539982
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725402320352___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725402320352%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%2212989572540232
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725403414096___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725403414096%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Afalse%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Afalse%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%2212989572540341
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725403726597___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725403726597%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%221298957254037265
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_1000082___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%221000082%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%221000082%22%2C%22tabInfo%22%3A%7B%7D%7D%2C%22viewId%22%3A%220.30513234599493444%22%7D"
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_129895725405445339___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%22129895725405445339%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Atrue%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%221298957254054453
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_4925864906806966160___kfkcangbigakljkjeglcofaomihpejif"="%7B%22appId%22%3A%224925864906806966160%22%2C%22context%22%3A%22embedded%22%2C%22apiPermissions%22%3A%7B%22crossDomainAjax%22%3Atrue%2C%22getMainFrameTitle%22%3Atrue%2C%22getMainFrameUrl%22%3Atrue%2C%22getSearchTerm%22%3Afalse%2C%22instantAlert%22%3Atrue%2C%22jsInjection%22%3Atrue%2C%22sslGranted%22%3Afalse%7D%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%3A%22WhiteSmoke_US_New%22%2C%22downloadUrl%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%2C%22version%22%3A%2210.11.21.5%22%2C%22cID%22%3A%22kfkcangbigakljkjeglcofaomihpejif/%22%7D%2C%22appId%22%3A%224925864906806
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"CT3244149.serviceLayer_service_toolbarGrouping_activeToolbarName"="%7B%22dataType%22%3A%22string%22%2C%22data%22%3A%22WhiteSmoke_US_New%22%7D"
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"CT3244149.serviceLayer_service_toolbarGrouping_activeDownloadUrl"="%7B%22dataType%22%3A%22string%22%2C%22data%22%3A%22http%3A//WhiteSmokeUSNew.OurToolbar.com/%22%7D"
[HKEY_USERS\S-1-5-21-447234750-1175504839-4170690110-1001\Software\AppDataLow\Software\Conduit\ChromeExtData\kfkcangbigakljkjeglcofaomihpejif\Repository]
"gadgetsContextHash_92dad837-b406-451b-9bd8-b8ba1103fed1___kfkcangbigakljkjeglcofaomihpejif"="%7B%22position%22%3A%7B%22left%22%3A2%2C%22top%22%3A33%2C%22right%22%3A46%2C%22isAbsolute%22%3Atrue%7D%2C%22buttonWidth%22%3A42%2C%22appId%22%3A%22129496561699250735%22%2C%22viewId%22%3A%220.32803047890774906%22%2C%22loggerData%22%3A%7B%22from%22%3A%22menu%22%2C%22action%22%3A%22menu%22%2C%22startTime%22%3A1345260323581%2C%22isApi%22%3Afalse%2C%22isWithState%22%3Atrue%7D%2C%22menuId%22%3A1%2C%22isMenu%22%3Atrue%2C%22flowid%22%3A%220.17985008819960058%22%2C%22context%22%3A%22popup%22%2C%22popupId%22%3A%221%22%2C%22info%22%3A%7B%22platform%22%3A%7B%22browser%22%3A%22Chrome%22%2C%22browserVersion%22%3A%2221.0.1180.79%22%2C%22locale%22%3A%22en-US%22%2C%22OS%22%3A%22Windows%22%2C%22OSVersion%22%3A%226.1%22%7D%2C%22toolbar%22%3A%7B%22id%22%3A%22CT3244149%22%2C%22name%22%
-= EOF =-
-
Sorry for the double post but here is the ComboFix log.
ComboFix 12-08-17.03 - Compbro 08/17/2012 22:40:03.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8191.6072 [GMT -5:00]
Running from: c:\users\Compbro\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-07-18 to 2012-08-18 )))))))))))))))))))))))))))))))
.
.
2012-08-18 03:43 . 2012-08-18 03:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-18 03:20 . 2012-08-18 03:20 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-08-17 20:01 . 2012-08-17 20:01 -------- d-----w- c:\program files (x86)\Seagate File Recovery for Windows
2012-08-17 19:47 . 2012-08-17 19:47 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-08-16 22:39 . 2012-08-16 22:41 -------- d-----w- c:\program files\Picasa3
2012-08-16 22:38 . 2012-08-16 22:38 -------- d-----w- c:\program files (x86)\Conduit
2012-08-16 16:38 . 2012-08-16 16:38 -------- d-----w- c:\program files (x86)\Google
2012-08-16 16:38 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-16 16:38 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-16 16:38 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-16 16:38 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-16 16:38 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe
2012-08-16 16:38 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-16 16:37 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-16 16:37 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-16 16:37 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 16:37 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-16 16:37 . 2012-07-18 17:31 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 16:37 . 2012-05-14 05:20 956416 ----a-w- c:\windows\system32\localspl.dll
2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Common Files\Logitech
2012-08-13 04:18 . 2012-08-13 04:18 -------- d-----w- c:\program files\Logitech
2012-08-10 21:01 . 2012-08-10 21:01 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\SysWow64\Wat
2012-08-10 20:02 . 2012-08-10 20:02 -------- d-----w- c:\windows\system32\Wat
2012-08-10 19:47 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2012-08-10 19:47 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2012-08-10 19:33 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2012-08-10 19:33 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2012-08-10 19:20 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2012-08-10 19:20 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2012-08-10 19:20 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2012-08-10 19:20 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2012-08-10 19:20 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2012-08-10 19:20 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2012-08-10 19:20 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2012-08-10 19:20 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2012-08-10 19:20 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2012-08-10 19:20 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2012-08-10 19:09 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-08-10 19:09 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-08-10 19:09 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2012-08-10 19:09 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2012-08-10 19:09 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-10 19:09 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-08-10 19:09 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-08-10 19:06 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2012-08-10 16:53 . 2012-08-16 16:48 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-10 16:51 . 2012-08-10 16:51 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2012-08-10 16:46 . 2012-08-10 16:46 -------- d-----w- c:\programdata\EA Core
2012-08-10 16:46 . 2012-08-10 20:13 -------- d-----w- c:\programdata\EA Logs
2012-08-10 08:36 . 2012-08-10 08:36 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-08-10 08:35 . 2012-08-16 16:48 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-10 08:35 . 2012-08-16 16:48 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-10 08:35 . 2012-08-10 16:58 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-08-10 08:22 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe
2012-08-10 08:21 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2012-08-10 08:20 . 2010-05-05 07:37 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
2012-08-10 08:19 . 2011-02-24 06:30 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-08-10 08:18 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-08-10 08:18 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-08-10 08:18 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-08-10 08:16 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-10 08:15 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll
2012-08-10 08:14 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-10 08:08 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-08-10 08:08 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-08-10 05:00 . 2012-08-10 05:01 -------- d-----w- c:\program files (x86)\Origin Games
2012-08-10 04:59 . 2012-08-10 16:46 -------- d-----w- c:\programdata\Electronic Arts
2012-08-10 04:59 . 2012-08-10 05:01 -------- d-----w- c:\programdata\Origin
2012-08-10 04:59 . 2012-08-10 05:00 -------- d-----w- c:\program files (x86)\Origin
2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\programdata\AVG Secure Search
2012-08-10 04:48 . 2012-08-17 19:50 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-08-10 04:48 . 2012-08-10 04:48 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-08-10 04:47 . 2012-08-18 03:14 -------- d-----w- c:\windows\system32\drivers\AVG
2012-08-10 04:47 . 2012-08-12 04:28 -------- d-----w- c:\programdata\AVG2012
2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- C:\$AVG
2012-08-10 04:47 . 2012-08-10 04:47 -------- d-----w- c:\program files (x86)\AVG
2012-08-10 04:44 . 2012-08-18 03:15 -------- d-----w- c:\programdata\MFAData
2012-08-10 04:44 . 2012-08-10 04:44 -------- d--h--w- c:\programdata\Common Files
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\ATI
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\programdata\AMD
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD AVT
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\AMD APP
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-08-10 04:24 . 2012-08-10 04:24 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-08-10 04:23 . 2012-08-17 20:57 -------- d-sh--w- c:\windows\Installer
2012-08-10 04:23 . 2012-08-10 04:23 -------- d-----w- c:\program files\ATI
2012-08-10 04:22 . 2012-08-10 04:24 -------- d-----w- c:\program files\ATI Technologies
2012-08-10 04:05 . 2012-07-16 07:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0C74DAE-9047-4255-8E45-3C43E343064B}\mpengine.dll
2012-08-10 04:05 . 2012-05-31 17:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-08-10 04:02 . 2012-08-10 04:02 -------- d-----w- c:\program files\WinRAR
2012-08-10 03:47 . 2012-08-10 03:47 0 ----a-w- c:\windows\ativpsrm.bin
2012-08-10 03:45 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2012-08-10 03:45 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2012-08-10 03:45 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-08-10 03:45 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-08-10 03:45 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-08-09 22:00 . 2012-08-09 21:23 -------- d-----w- c:\windows\Panther
2012-08-09 21:51 . 2012-08-09 21:51 -------- d-----w- C:\Windows.old
2012-08-09 21:24 . 2012-08-09 21:25 -------- d-----w- c:\users\Compbro
2012-08-09 21:23 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-08-09 21:23 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-08-09 21:23 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-08-09 21:23 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-08-09 21:23 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-08-09 21:23 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-08-09 21:23 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-08-09 21:23 . 2012-06-02 20:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-08-09 21:23 . 2012-06-02 20:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-08-09 18:17 . 2012-08-09 18:17 -------- d-----w- C:\AMD
2012-08-08 20:35 . 2012-08-09 21:21 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-11 18:59 . 2012-06-11 18:59 10248192 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-06-11 18:50 . 2012-06-11 18:50 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 18:50 . 2012-06-11 18:50 75264 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-06-11 18:50 . 2012-06-11 18:50 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-06-11 18:50 . 2012-06-11 18:50 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-06-11 18:50 . 2012-06-11 18:50 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-06-11 18:50 . 2012-06-11 18:50 16457728 ----a-w- c:\windows\system32\amdocl64.dll
2012-06-11 18:49 . 2012-06-11 18:49 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-11 18:48 . 2012-06-11 18:48 54784 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-11 18:48 . 2012-06-11 18:48 50176 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-06-11 18:35 . 2012-06-11 18:35 70144 ----a-w- c:\windows\system32\coinst_8.98.dll
2012-06-11 18:29 . 2012-06-11 18:29 24826368 ----a-w- c:\windows\system32\atio6axx.dll
2012-06-11 18:00 . 2012-06-11 18:00 20467712 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-06-11 17:25 . 2012-06-11 17:25 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-06-11 17:24 . 2011-04-20 07:09 924160 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-06-11 17:23 . 2012-06-11 17:23 1090560 ----a-w- c:\windows\system32\aticfx64.dll
2012-06-11 17:20 . 2012-06-11 17:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-06-11 17:19 . 2012-06-11 17:19 532992 ----a-w- c:\windows\system32\atieclxx.exe
2012-06-11 17:19 . 2012-06-11 17:19 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-06-11 17:17 . 2012-06-11 17:17 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-06-11 17:17 . 2012-06-11 17:17 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-06-11 17:17 . 2012-06-11 17:17 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-06-11 17:17 . 2012-06-11 17:17 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-06-11 17:16 . 2012-06-11 17:16 6301696 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-06-11 17:01 . 2012-06-11 17:01 6914560 ----a-w- c:\windows\system32\atidxx64.dll
2012-06-11 16:51 . 2012-06-11 16:51 4246528 ----a-w- c:\windows\system32\atiumd6a.dll
2012-06-11 16:45 . 2012-06-11 16:45 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-06-11 16:45 . 2012-06-11 16:45 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-06-11 16:45 . 2011-04-20 06:38 5480448 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-06-11 16:45 . 2012-06-11 16:45 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-06-11 16:45 . 2012-06-11 16:45 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-06-11 16:45 . 2012-06-11 16:45 15703040 ----a-w- c:\windows\system32\aticaldd64.dll
2012-06-11 16:43 . 2011-04-20 06:30 4729344 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-06-11 16:40 . 2012-06-11 16:40 13277696 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-06-11 16:36 . 2012-06-11 16:36 6605824 ----a-w- c:\windows\system32\atiumd64.dll
2012-06-11 16:27 . 2012-06-11 16:27 539136 ----a-w- c:\windows\system32\atiadlxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-06-11 16:26 . 2012-06-11 16:26 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-06-11 16:26 . 2012-06-11 16:26 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-06-11 16:26 . 2012-06-11 16:26 367616 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-06-11 16:25 . 2011-04-20 06:21 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2012-06-11 16:25 . 2012-06-11 16:25 42496 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-06-11 16:25 . 2012-06-11 16:25 45056 ----a-w- c:\windows\system32\atiu9p64.dll
2012-06-11 16:24 . 2011-04-20 06:21 32768 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-06-11 16:24 . 2012-06-11 16:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-06-11 16:23 . 2012-06-11 16:23 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-11 641704]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-10 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-11 239616]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001Core.job
- c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57]
.
2012-08-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-447234750-1175504839-4170690110-1001UA.job
- c:\users\Compbro\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-10 03:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3244149
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1 68.238.96.12
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{462be121-2b54-4218-bf00-b9bf8135b23f} - (no file)
Wow6432Node-HKLM-Run-ROC_roc_ssl_v12 - c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Completion time: 2012-08-17 22:51:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-18 03:51
.
Pre-Run: 18,371,325,952 bytes free
Post-Run: 18,095,607,808 bytes free
.
- - End Of File - - DAE11FA155E4B64C10BA99983BAB090C
-
I'm not sure how it got here, but it's here... to stay it seems. Reinstalled itself after I uninstalled. Anyway I've downloaded combofix and it's not on my desktop. What's the next step? Any help would be GREATLY appreciated. I just want this tool bar gone.
WhiteSmoke
in Resolved Malware Removal Logs
Posted
Thank you so much for your help! I thought this was just another internet forum when I stumbled upon it, but I can see now that malwarebytes.org is teeming with experts on computer security. Again, thank you!