Jump to content

SableRayven

Members
  • Posts

    13
  • Joined

  • Last visited

Everything posted by SableRayven

  1. I tried it again, however it still froze my entire system and I had to do a hard shutdown.
  2. Whoops sorry heres the logs All processes killed ========== OTL ========== Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{521b7300-8601-11e2-9b6a-b870f48fb9d4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521b7300-8601-11e2-9b6a-b870f48fb9d4}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{521b7300-8601-11e2-9b6a-b870f48fb9d4}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521b7300-8601-11e2-9b6a-b870f48fb9d4}\ not found. File E:\LaunchU3.exe -a not found. ========== FILES ========== File\Folder C:\Windows\SysWow64\URTTEMP not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Guest ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 6932646 bytes ->Flash cache emptied: 56900 bytes User: MOM ->Temp folder emptied: 478039 bytes ->Temporary Internet Files folder emptied: 67385 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 49716812 bytes ->Flash cache emptied: 56900 bytes User: Public User: School ->Temp folder emptied: 2443238 bytes ->Temporary Internet Files folder emptied: 492745 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 50354110 bytes ->Flash cache emptied: 56960 bytes User: Trinity ->Temp folder emptied: 20063153 bytes ->Temporary Internet Files folder emptied: 13918865 bytes ->Java cache emptied: 17872 bytes ->FireFox cache emptied: 4931345 bytes ->Google Chrome cache emptied: 58718739 bytes ->Flash cache emptied: 523 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 69988347 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42287318 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 306.00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Guest ->Flash cache emptied: 0 bytes User: MOM ->Flash cache emptied: 0 bytes User: Public User: School ->Flash cache emptied: 0 bytes User: Trinity ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0.00 mb [EMPTYJAVA] User: All Users User: Default User: Default User User: Guest ->Java cache emptied: 0 bytes User: MOM ->Java cache emptied: 0 bytes User: Public User: School ->Java cache emptied: 0 bytes User: Trinity ->Java cache emptied: 0 bytes Total Java Files Cleaned = 0.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 05232013_165241 Files\Folders moved on Reboot... C:\Users\Trinity\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Trinity\AppData\Local\Temp\MMDUtl.log moved successfully. File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot. File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... Farbar Service Scanner Version: 14-04-2013 Ran by Trinity (administrator) on 23-05-2013 at 17:07:25 Running from "C:\Users\Trinity\Downloads" Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Attempt to access Yahoo IP returned error. Yahoo IP is offline Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\iphlpsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
  3. The system in general is a lot better, the instructions you gave me took care of my lag problem with everything, if I need to boot something or surf the web its up and running like the roadrunner. As well as able to handle running multiple programs at once now, such as windows media player and the browser at the same time for example. Thank you for that. However, MBAM still freezes my entire system when its ran on either quick mode or full scan, and I did try it with the new anti-virus both activated, and disabled, same result both times.
  4. OTL Extras logfile created on: 5/23/2013 2:45:07 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Trinity\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.86 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 60.42% Memory free 7.71 Gb Paging File | 5.84 Gb Available in Paging File | 75.81% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.07 Gb Total Space | 520.67 Gb Free Space | 89.60% Space Free | Partition Type: NTFS Computer Name: ASYLUM | User Name: Trinity | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2393D680-F302-41F3-A0F2-AA894C4F85D0}" = rport=445 | protocol=6 | dir=out | app=system | "{2765B8DE-5A6B-41B2-B746-BE3D011E68C7}" = lport=445 | protocol=6 | dir=in | app=system | "{41CFCC00-0FD5-4FE2-867C-FF328E9288D1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{5D142184-9B67-4660-BB55-C3D257BCBBEF}" = rport=137 | protocol=17 | dir=out | app=system | "{6006864A-5F0C-4CC7-A077-657F995582BA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{62E27164-A347-47C0-A977-259AB1D3BC55}" = lport=138 | protocol=17 | dir=in | app=system | "{709DEF12-4F55-440F-B9B2-AF8AED8B107C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{79AC112E-549A-4BC6-A7CD-3C0CDB351BBD}" = rport=139 | protocol=6 | dir=out | app=system | "{7D19385B-4814-4441-B71B-20E4F92D8B23}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{8C7AE3C2-E9C0-40D2-83AA-2E1216D347DA}" = lport=139 | protocol=6 | dir=in | app=system | "{A342E90F-A00E-455F-9579-0BB248F48CC2}" = lport=137 | protocol=17 | dir=in | app=system | "{AF7A349E-4108-4292-AEDD-714F7EDB6C44}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C1DB417D-72AA-4F62-9C71-7AEB6DADB405}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CA517031-8DE5-4882-A3C1-17C69A0F82C1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CB27D509-4854-4939-A6BF-F919E38E02A2}" = rport=138 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05046B1B-2006-40BB-B0D0-67E60C1416F3}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{0781A19A-FB96-44F7-AC7A-0FF1E79CC86E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{0E5B01A4-D944-4839-B131-037107B2938A}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe | "{1048CB51-DDDA-44C6-86AF-6DB7E2CB4DFF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{2540A538-9027-4C48-83DD-2D83E3949933}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe | "{29360951-3331-46CD-A0DE-148E5D6F6EA9}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe | "{2C247DB9-A373-4ECC-91F3-452F6B0BA5E7}" = protocol=17 | dir=in | app=c:\programdata\turbine\the lord of the rings online\lotroclient.exe | "{38AC1780-51B4-4AD6-8581-8ABB83B6769B}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe | "{40B57CC5-0BB5-4580-839D-C47A5B2DE6D0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{42029121-E9EB-43DE-984B-C196A9B142E9}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe | "{4B2DEF7E-9FA9-4AC6-9A5A-D930AAF94ADA}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe | "{544E8FC5-9AA0-4EAB-BE97-BC06FF22EFE8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{575F4D13-6303-453B-AE8E-47A652D8CF23}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{6F937402-2CAA-49D5-AF4A-3C688AC12E23}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe | "{718DD167-8AF7-4895-B343-BE21283E72C0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7FB78CAB-DCEE-4E94-9628-FF0D279C0EAB}" = protocol=6 | dir=in | app=c:\programdata\turbine\the lord of the rings online\lotroclient.exe | "{8D382E45-C7AD-4C6B-8453-D898A6639B60}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{9FE698E6-AF89-4768-8613-5CA14B7C23DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{CEFC5A92-9AD9-4D58-BE29-611B469A70EA}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe | "{CFDB7420-5A2B-41F9-8A45-A74F498720C5}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe | "{D9B6F781-3409-4AB4-B4A3-F4D2DF120952}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DD1DE6DD-0DD2-4D02-B3E7-74694A8B4DE3}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\clml\clmlsvc.exe | "{EA83C20D-5B6B-4C64-8B05-2A1C85902C05}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{EBA8C591-58BE-48DF-9FD8-E20B84E9BE31}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{EEC92742-6433-415D-A562-78A5C3EE621C}" = protocol=17 | dir=in | app=c:\programdata\turbine\the lord of the rings online\turbinelauncher.exe | "{FAF0989A-2814-48CC-95D4-0049E6FBC973}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{FB95F0E0-86EE-4F3C-B44C-6777E87B2770}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{FEEAB045-B178-4975-A721-195CEB9D5587}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{FF39122C-0DDC-4D30-B389-10360C733D05}" = protocol=6 | dir=in | app=c:\programdata\turbine\the lord of the rings online\turbinelauncher.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit) "{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0 "{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom Gigabit NetLink Controller "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "CCleaner" = CCleaner "Defraggler" = Defraggler "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Speccy" = Speccy "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3 "{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4 "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games) "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI "{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2 "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Avira AntiVir Desktop" = Avira Free Antivirus "Google Chrome" = Google Chrome "Identity Card" = Identity Card "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam "InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager "InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9 "iWinArcade" = iWin Games (remove only) "KLiteCodecPack_is1" = K-Lite Codec Pack 8.7.0 (Full) "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "Office14.SingleImage" = Microsoft Office Professional 2010 "WildTangent acer Master Uninstall" = Acer Games "WildTangent wildgames Master Uninstall" = WildTangent Games "WinLiveSuite" = Windows Live Essentials "WTA-03c9ec30-0bae-4fcb-a5e9-0fc2bdf7c0a3" = Build-a-lot 2 "WTA-07959879-255f-4c0b-bc79-355c8afdeef0" = Penguins! "WTA-10ffddbd-8537-432a-a888-e9482007dba4" = Matches and Matrimony "WTA-12f0054b-362b-43eb-9b01-66996fe3eb69" = Zuma's Revenge "WTA-17c02fae-d943-4732-a684-9cba3e87d023" = Namco All-Stars: PAC-MAN "WTA-190f6486-006a-4c27-aec1-1b37b18e0df8" = Virtual Villagers 4 - The Tree of Life "WTA-1ae829b6-af7f-407b-9803-b0b7f171f427" = Totem Tribe "WTA-1bab4c4f-064e-460a-ac5f-dda4b90a04d5" = Build-a-lot "WTA-216836d0-e3c8-4855-abcc-0984f8132a4c" = Bejeweled 2 Deluxe "WTA-22afd31b-125c-40e6-970f-904d20d20b9f" = Cute Knight "WTA-3b839546-9fc2-45a8-a364-4a161aaadbef" = Tasty Planet: Back for Seconds "WTA-45046cf2-0f9b-4bae-98b5-f23cdabf1f2b" = Dream Builder: Amusement Park "WTA-48dae4a7-7c8a-4fb3-9983-7a5200d49c59" = Dora's World Adventure "WTA-49f8e0f8-28d7-4fa0-9f2b-e4302233bdca" = Agatha Christie - 4:50 from Paddington "WTA-4a4e9280-9e8f-4d5c-bc20-685078709bd8" = Haiku Journey "WTA-5085b143-1d0d-4cf4-9ec5-ab5438b7a6f8" = Virtual Families "WTA-509771ed-fae9-4385-a762-5f8d8b0cc54c" = Tasty Planet "WTA-5c5b61a9-0720-4e47-8ac9-b069f075fd60" = Mystery P.I. - Stolen in San Francisco "WTA-5f48ef26-3b39-4dad-bbda-45b9cbb67d09" = Tradewinds "WTA-6186ec4a-c4a0-41e5-af54-f473de2add8f" = Chuzzle Deluxe "WTA-64e0da92-fe22-425b-84b7-ecbb7f6e844f" = Virtual Families 2 "WTA-7c04e19d-455b-425b-bfc9-15115643adc5" = Plants vs. Zombies - Game of the Year "WTA-89653d3e-6559-45eb-a30c-3295bca13256" = Diner Dash 2 Restaurant Rescue "WTA-92969c64-d372-4e7c-a2e6-d5d4620c3f43" = Shaman Odyssey - Tropic Adventure "WTA-964e60ba-b571-43a3-9204-bd0cfddb574b" = Escape from Paradise 2 - A Kingdoms Quest "WTA-b0198dd9-48b0-4e23-a9ab-fd0229c63d1d" = Master of Alchemy "WTA-b2f12765-feb5-401c-9e60-a1d8a17c9d42" = Torchlight "WTA-b3ce6bbc-5f6b-4c3d-b3a1-b8712e12b4d0" = Snapshot Adventures "WTA-b3d2926e-fa32-4574-92ac-b580b9df5159" = Polar Golfer "WTA-baa6332b-1172-47ab-b22b-5d70f5eb94f7" = Teddy Factory "WTA-bb91c54d-0d9a-425b-b42c-58583afa5999" = A Magnetic Adventure "WTA-be3e0fd2-4f4f-4b48-9b4f-666d42bad6de" = Virtual Villagers 5 - New Believers "WTA-c2129fd0-dbb7-43be-b126-49875ab7826b" = ZoomBook - The Temple of the Sun "WTA-c5a90d0b-ce83-48f6-87a2-87c3f1b3e550" = Buccaneer "WTA-d088507a-68c6-4dcd-99bc-4c34896fce66" = Spellagories "WTA-d231cf91-48fb-4cfc-a1d2-0964b07dfd54" = Jojo's Fashion Show World Tour "WTA-e5daf8c9-89da-4fd9-a34a-c3a4e6183a31" = World of Goo "WTA-e73a48fd-5236-4ef7-8faa-580fecf9e9db" = Jewel Quest Heritage "WTA-f420e28e-c056-4a13-84f0-95c23459f0b0" = Final Drive: Nitro "WTA-f54dbf5b-4452-40c3-9533-a04108b8c1f7" = Bee Garden "WTA-f593b721-03bb-40ee-9bcd-4455d8978cf7" = Polar Bowler "WTA-f9f94622-3cfb-4db7-adea-94da0753ea3e" = Poker Superstars III "WTA-fb72bc05-4798-4860-acf2-97caabbe9cda" = FATE - The Traitor Soul ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "HappyCloud" = Happy Cloud Client "lotro_highres_en" = The Lord of the Rings Online ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 4/29/2013 2:38:43 PM | Computer Name = Asylum | Source = CVHSVC | ID = 100 Description = Information only. Error: The connection with the server was terminated abnormally ErrorCode: 14007(0x36b7). Error - 4/29/2013 5:05:32 PM | Computer Name = Asylum | Source = WinMgmt | ID = 10 Description = Error - 4/29/2013 10:33:54 PM | Computer Name = Asylum | Source = Application Error | ID = 1000 Description = Faulting application name: osk.exe, version: 6.1.7600.16385, time stamp: 0x4a5bd272 Faulting module name: mshwLatin.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdfdc Exception code: 0xc0000006 Fault offset: 0x000000000008d85f Faulting process id: 0x7e0 Faulting application start time: 0x01ce454a5747b471 Faulting application path: C:\Windows\System32\osk.exe Faulting module path: C:\Program Files\Common Files\Microsoft Shared\Ink\mshwLatin.dll Report Id: 666d33ac-b13e-11e2-964f-b870f48fb9d4 Error - 4/29/2013 10:33:54 PM | Computer Name = Asylum | Source = Application Error | ID = 1005 Description = Windows cannot access the file C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Accessibility On-Screen Keyboard because of this error. Program: Accessibility On-Screen Keyboard File: C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3 Error - 4/29/2013 10:42:19 PM | Computer Name = Asylum | Source = WinMgmt | ID = 10 Description = Error - 4/29/2013 10:46:07 PM | Computer Name = Asylum | Source = Application Error | ID = 1000 Description = Faulting application name: osk.exe, version: 6.1.7600.16385, time stamp: 0x4a5bd272 Faulting module name: mshwLatin.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdfdc Exception code: 0xc0000006 Fault offset: 0x000000000008d85f Faulting process id: 0x4c8 Faulting application start time: 0x01ce454cca812705 Faulting application path: C:\Windows\System32\osk.exe Faulting module path: C:\Program Files\Common Files\Microsoft Shared\Ink\mshwLatin.dll Report Id: 1ae34e5f-b140-11e2-b1ca-b870f48fb9d4 Error - 4/29/2013 10:46:07 PM | Computer Name = Asylum | Source = Application Error | ID = 1005 Description = Windows cannot access the file C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Accessibility On-Screen Keyboard because of this error. Program: Accessibility On-Screen Keyboard File: C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C0000185 Disk type: 3 Error - 4/29/2013 10:51:51 PM | Computer Name = Asylum | Source = WinMgmt | ID = 10 Description = Error - 4/29/2013 11:04:19 PM | Computer Name = Asylum | Source = Windows Search Service | ID = 7040 Description = Error - 4/29/2013 11:04:19 PM | Computer Name = Asylum | Source = Windows Search Service | ID = 7042 Description = [ System Events ] Error - 5/10/2013 8:45:33 AM | Computer Name = Asylum | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR2. Error - 5/10/2013 8:56:46 AM | Computer Name = Asylum | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk1\DR2. Error - 5/11/2013 4:54:51 PM | Computer Name = Asylum | Source = volsnap | ID = 393230 Description = The shadow copies of volume C: were aborted because of an IO failure on volume C:. Error - 5/15/2013 11:51:01 PM | Computer Name = Asylum | Source = volsnap | ID = 393230 Description = The shadow copies of volume C: were aborted because of an IO failure on volume C:. Error - 5/16/2013 8:48:54 AM | Computer Name = Asylum | Source = EventLog | ID = 6008 Description = The previous system shutdown at 7:42:10 AM on ?5/?16/?2013 was unexpected. Error - 5/16/2013 8:53:53 AM | Computer Name = Asylum | Source = Service Control Manager | ID = 7022 Description = The Windows Update service hung on starting. Error - 5/16/2013 8:59:40 AM | Computer Name = Asylum | Source = volsnap | ID = 393230 Description = The shadow copies of volume C: were aborted because of an IO failure on volume C:. Error - 5/16/2013 9:04:41 AM | Computer Name = Asylum | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2804576). Error - 5/16/2013 11:37:31 AM | Computer Name = Asylum | Source = EventLog | ID = 6008 Description = The previous system shutdown at 10:34:43 AM on ?5/?16/?2013 was unexpected. Error - 5/16/2013 8:59:33 PM | Computer Name = Asylum | Source = EventLog | ID = 6008 Description = The previous system shutdown at 7:57:27 PM on ?5/?16/?2013 was unexpected. < End of report > Results of screen317's Security Check version 0.99.64 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 17 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.7.700.169 Adobe Reader 9 Mozilla Firefox 20.0.1 Firefox out of Date! Google Chrome 26.0.1410.43 Google Chrome 26.0.1410.64 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 7% ````````````````````End of Log``````````````````````
  5. Nevermind if it wasn't safe with it you wouldn't have suggested it. Heres the reports in order OTL logfile created on: 5/23/2013 2:45:07 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Trinity\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.86 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 60.42% Memory free 7.71 Gb Paging File | 5.84 Gb Available in Paging File | 75.81% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.07 Gb Total Space | 520.67 Gb Free Space | 89.60% Space Free | Partition Type: NTFS Computer Name: ASYLUM | User Name: Trinity | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/05/23 14:44:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Trinity\Downloads\OTL.exe PRC - [2013/05/23 14:36:50 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013/05/23 14:35:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013/05/23 14:35:55 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013/04/22 22:28:45 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe PRC - [2013/04/22 22:28:45 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2013/04/22 22:28:43 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2013/04/22 22:28:43 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2013/04/09 03:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012/04/05 14:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe PRC - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/04/08 10:17:40 | 000,176,848 | ---- | M] (iWin Inc.) -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe PRC - [2011/02/22 13:02:16 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe PRC - [2011/02/22 13:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe PRC - [2011/02/15 13:36:10 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe PRC - [2011/02/15 13:35:34 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe PRC - [2011/02/01 16:24:42 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2011/02/01 16:24:40 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2010/09/27 21:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe PRC - [2010/09/17 18:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2010/09/17 18:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2010/09/13 20:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/09/13 20:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2010/04/26 21:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe ========== Modules (No Company Name) ========== MOD - [2013/05/16 07:56:57 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll MOD - [2013/05/16 07:56:40 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll MOD - [2013/05/16 07:56:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll MOD - [2013/04/09 03:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll MOD - [2013/04/09 03:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll MOD - [2013/04/09 03:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll MOD - [2013/04/09 03:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll MOD - [2013/04/09 03:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll MOD - [2013/03/13 21:39:06 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013/03/13 21:39:06 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll MOD - [2013/03/13 21:39:04 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll MOD - [2013/03/13 21:38:56 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013/03/13 21:38:45 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013/03/13 17:13:28 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013/03/13 17:13:19 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2011/02/22 13:01:38 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll MOD - [2011/02/22 13:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe MOD - [2011/02/15 13:37:10 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ========== Services (SafeList) ========== SRV:64bit: - [2012/04/05 14:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service) SRV:64bit: - [2011/02/23 00:00:46 | 000,873,064 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2010/10/08 05:24:16 | 000,150,016 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013/05/23 14:36:50 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/05/23 14:35:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013/04/22 22:28:43 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2013/04/10 01:58:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/03/05 01:07:19 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/10/01 07:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 07:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/04/08 10:17:40 | 000,176,848 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe -- (iWinTrusted) SRV - [2011/02/15 13:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2011/02/01 16:24:42 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011/02/01 16:24:40 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010/09/27 20:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service) SRV - [2010/09/13 20:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/05/23 14:37:16 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013/05/23 14:37:16 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013/05/23 14:37:16 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/10/01 07:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 07:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 07:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 07:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011/04/06 15:55:03 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2011/04/06 15:55:03 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2011/04/06 15:55:03 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2011/03/25 20:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/03/09 23:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2011/03/09 23:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2011/01/20 20:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp) DRV:64bit: - [2011/01/20 20:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd) DRV:64bit: - [2011/01/19 22:28:26 | 000,052,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa) DRV:64bit: - [2011/01/17 17:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2011/01/13 20:22:24 | 000,085,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa) DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010/11/09 05:26:46 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010/10/08 05:23:38 | 000,019,192 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010/09/30 00:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/09/30 00:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/09/13 20:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/07/29 08:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll () FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/07 14:09:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/07 14:09:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Trinity\AppData\Roaming\Mozilla\Extensions [2013/05/07 14:09:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013/04/10 01:58:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013/04/10 01:57:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013/04/10 01:57:54 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - Extension: Adblock Plus = C:\Users\Trinity\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll (iWin Inc.) O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [suiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35DBCDA7-76D7-4497-93B0-376EA72DE8AF}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC165E47-7983-45DC-B201-36594D8A9BC9}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{521b7300-8601-11e2-9b6a-b870f48fb9d4}\Shell - "" = AutoRun O33 - MountPoints2\{521b7300-8601-11e2-9b6a-b870f48fb9d4}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/05/23 14:46:45 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Roaming\Avira [2013/05/23 14:41:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013/05/23 14:41:21 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013/05/23 14:41:21 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013/05/23 14:41:21 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013/05/23 14:41:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013/05/23 14:41:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013/05/23 14:38:35 | 000,000,000 | ---D | C] -- C:\8026df074ef51e14c1 [2013/05/23 12:59:24 | 000,000,000 | ---D | C] -- C:\FRST [2013/05/23 12:49:02 | 000,000,000 | ---D | C] -- C:\Users\Trinity\Desktop\RK_Quarantine [2013/05/21 07:45:09 | 000,000,000 | ---D | C] -- C:\Users\Trinity\Desktop\Manga [2013/05/16 19:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/05/16 19:56:51 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/05/16 19:56:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/05/16 12:26:44 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Roaming\dingogames [2013/05/16 12:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\dingogames [2013/05/16 10:57:28 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Trinity\Desktop\dds.com [2013/05/16 10:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PrevxCSI [2013/05/16 07:38:30 | 000,000,000 | ---D | C] -- C:\18c9759adbc9954f12 [2013/05/16 07:37:15 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/05/16 07:37:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/05/16 07:37:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/05/16 07:37:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/05/16 07:37:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/05/16 07:37:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/05/16 07:37:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/05/16 07:37:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/05/16 07:37:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/05/16 07:37:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/05/16 07:37:11 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/05/16 07:37:11 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/05/16 07:37:11 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/05/16 07:37:10 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/05/16 07:37:10 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/05/15 13:49:50 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013/05/15 13:49:50 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013/05/15 13:49:38 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013/05/15 13:49:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013/05/15 13:49:36 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013/05/15 13:49:36 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013/05/15 13:49:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013/05/10 09:48:21 | 000,000,000 | ---D | C] -- C:\Users\Trinity\Documents\My eBooks [2013/05/10 09:48:21 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Roaming\Mobipocket [2013/05/10 09:45:19 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobipocket.com [2013/05/10 09:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobipocket.com [2013/05/09 23:31:19 | 000,000,000 | ---D | C] -- C:\Users\Trinity\Documents\New folder [2013/05/07 14:11:53 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\Macromedia [2013/05/07 14:10:55 | 000,691,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/05/07 14:10:55 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/05/07 14:10:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013/05/07 14:09:23 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Roaming\Mozilla [2013/05/07 14:09:23 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\Mozilla [2013/05/07 14:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013/05/07 14:09:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013/05/07 14:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/05/07 13:55:12 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\{8D8669B4-799C-42F5-81D1-CAF93E46BAA5} [2013/05/07 13:55:11 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\{8A8EA87C-DFC7-48E2-9C22-B4B33EB59B7E} [2013/05/07 13:54:59 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Roaming\Windows Live Writer [2013/05/07 13:54:59 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\Windows Live Writer [2013/05/04 12:34:23 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\Chromium [2013/05/04 12:31:15 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\The Lord of the Rings Online [2013/05/04 12:19:16 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\Turbine [2013/05/04 12:19:16 | 000,000,000 | ---D | C] -- C:\Users\Trinity\Documents\The Lord of the Rings Online [2013/05/04 12:16:52 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2013/05/04 12:16:28 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2013/05/04 12:16:26 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2013/05/04 12:16:25 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2013/05/04 12:15:43 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\ApplicationHistory [2013/05/04 12:14:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP [2013/05/04 12:13:07 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbine [2013/05/04 12:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Turbine [2013/05/04 12:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\HappyCloud [2013/05/04 12:12:53 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud [2013/05/02 09:32:57 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/05/02 09:32:57 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/05/02 09:32:57 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/05/02 09:32:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/05/02 09:32:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/05/02 09:32:57 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/05/02 09:32:57 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/05/02 09:32:57 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/05/02 09:32:57 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/05/02 09:32:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/05/02 09:32:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/05/02 09:32:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/05/02 09:32:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/05/02 09:32:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/05/02 09:32:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/05/02 09:32:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/05/02 09:32:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/05/02 09:32:57 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/05/02 09:32:57 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/05/02 09:32:56 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/05/02 09:32:56 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/05/02 09:32:56 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/05/02 09:32:56 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/05/02 09:32:56 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/05/02 09:32:56 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/05/02 09:32:56 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/05/02 09:32:55 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/05/02 09:32:54 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/05/02 09:32:54 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013/05/02 09:32:54 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/05/02 09:32:53 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/05/02 09:32:52 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/05/02 09:32:52 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/05/02 09:32:52 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/05/02 09:32:52 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/05/02 09:32:52 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/05/02 09:32:52 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/05/02 09:32:51 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/05/02 09:32:50 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/05/02 09:32:50 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/05/02 09:32:50 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013/04/28 15:30:03 | 000,000,000 | ---D | C] -- C:\Users\Trinity\AppData\Local\2DBoy [2013/04/28 15:30:03 | 000,000,000 | ---D | C] -- C:\ProgramData\2DBoy [2013/04/27 14:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst [2013/04/24 15:47:05 | 000,000,000 | ---D | C] -- C:\Users\Trinity\Documents\Master of Alchemy [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/05/23 14:41:27 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013/05/23 14:40:56 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif [2013/05/23 14:37:16 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013/05/23 14:37:16 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013/05/23 14:37:16 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013/05/23 14:30:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/05/23 14:30:55 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/05/23 12:55:16 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/05/23 12:55:16 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/05/23 12:52:29 | 000,733,930 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/05/23 12:52:29 | 000,629,248 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/05/23 12:52:29 | 000,108,790 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/05/23 12:48:07 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/05/23 12:47:51 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys [2013/05/22 16:59:58 | 000,007,104 | ---- | M] () -- C:\Users\Trinity\Desktop\Raven'sKey_BLOG.jpg [2013/05/19 10:19:32 | 000,140,488 | ---- | M] () -- C:\Users\Trinity\Desktop\Dynamic Fact Finding.pdf [2013/05/16 20:53:03 | 000,002,792 | ---- | M] () -- C:\Users\Trinity\Desktop\vba.ini [2013/05/16 19:56:52 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/05/16 10:57:32 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Trinity\Desktop\dds.com [2013/05/16 10:42:32 | 000,000,052 | ---- | M] () -- C:\Windows\wininit.ini [2013/05/16 10:25:37 | 000,429,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/05/16 10:23:04 | 000,014,086 | ---- | M] () -- C:\Users\Trinity\Desktop\cc_20130516_102208.reg [2013/05/10 09:45:19 | 000,003,083 | ---- | M] () -- C:\Users\Trinity\Desktop\Mobipocket Reader.lnk [2013/05/07 14:10:55 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/05/07 14:10:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/05/07 14:09:10 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/05/04 18:49:11 | 000,002,049 | ---- | M] () -- C:\Users\Trinity\Desktop\The Lord of the Rings Online™.lnk [2013/05/04 12:21:42 | 000,000,095 | ---- | M] () -- C:\Users\Trinity\AppData\Local\fusioncache.dat [2013/05/04 12:15:31 | 000,756,952 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/05/02 09:32:57 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/05/02 09:32:57 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/05/02 09:32:57 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/05/02 09:32:57 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/05/02 09:32:57 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/05/02 09:32:57 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/05/02 09:32:57 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/05/02 09:32:57 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/05/02 09:32:57 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/05/02 09:32:57 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/05/02 09:32:57 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/05/02 09:32:57 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/05/02 09:32:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/05/02 09:32:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/05/02 09:32:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/05/02 09:32:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/05/02 09:32:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/05/02 09:32:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/05/02 09:32:57 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/05/02 09:32:57 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/05/02 09:32:56 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/05/02 09:32:56 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/05/02 09:32:56 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/05/02 09:32:56 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/05/02 09:32:56 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/05/02 09:32:56 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/05/02 09:32:56 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/05/02 09:32:55 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/05/02 09:32:54 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013/05/02 09:32:54 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/05/02 09:32:53 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/05/02 09:32:52 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/05/02 09:32:52 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/05/02 09:32:52 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/05/02 09:32:52 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/05/02 09:32:52 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/05/02 09:32:52 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/05/02 09:32:51 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/05/02 09:32:51 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/05/02 09:32:50 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/05/02 09:32:50 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/05/23 14:41:27 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013/05/23 14:40:56 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif [2013/05/22 16:57:49 | 000,007,104 | ---- | C] () -- C:\Users\Trinity\Desktop\Raven'sKey_BLOG.jpg [2013/05/19 10:19:32 | 000,140,488 | ---- | C] () -- C:\Users\Trinity\Desktop\Dynamic Fact Finding.pdf [2013/05/16 19:56:52 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/05/16 10:42:28 | 000,000,052 | ---- | C] () -- C:\Windows\wininit.ini [2013/05/16 10:22:13 | 000,014,086 | ---- | C] () -- C:\Users\Trinity\Desktop\cc_20130516_102208.reg [2013/05/10 09:45:19 | 000,003,083 | ---- | C] () -- C:\Users\Trinity\Desktop\Mobipocket Reader.lnk [2013/05/07 14:09:10 | 000,001,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/05/07 14:09:10 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/05/04 12:21:42 | 000,000,095 | ---- | C] () -- C:\Users\Trinity\AppData\Local\fusioncache.dat [2013/05/04 12:19:21 | 000,002,049 | ---- | C] () -- C:\Users\Trinity\Desktop\The Lord of the Rings Online™.lnk [2013/03/10 11:54:59 | 000,756,952 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013/03/09 15:36:20 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2013/03/05 23:41:00 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll ========== ZeroAccess Check ========== [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 00:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 23:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013/05/16 12:26:44 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\dingogames [2013/04/22 23:55:27 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\Easy BitTorrent Client [2013/04/22 14:45:41 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\EscapeFromParadise2 [2013/04/02 16:58:08 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\Magnet's Story [2013/04/16 09:10:41 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\Mind Control Software [2013/05/10 10:10:56 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\Mobipocket [2013/04/22 23:55:02 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\Namco [2013/04/27 14:45:50 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\PlayFirst [2013/04/22 23:55:02 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\qBittorrent [2013/04/08 16:40:40 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\RenPy [2013/04/18 11:45:55 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\runic games [2013/05/13 12:19:35 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\SoftGrid Client [2013/04/22 23:53:04 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\WildTangent [2013/05/07 13:54:59 | 000,000,000 | ---D | M] -- C:\Users\Trinity\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:1F96ED45 @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:2702A8B3 < End of report >
  6. Quick Question, both antivirus softwares' are saying that MalwareBytes may interfere with them, do I install anyway?
  7. 1: Yes this is a Laptop its an Acer Aspire 5750 model. I will consider getting my computer a cooling system like the one you suggested for right now I got a stool with a screen like top I can use as a table that way it has plenty of ventilation. I also used some q-tips and cleaned the vents. 2. Because last time I had a problem I went to my brother to fix it (he owns and runs some servers) and left it with him overnight. He basically hard wiped the thing and told me that it was the antivirus causing the problems, then he installed a program called Speccy and gave me these instructions here [Do not touch Speccy that is so I can check your system preformace and issues quickly next time. Moving on, run MBAM at lease once a week, run Defraggler at least once every two weeks pending usage, and run CCleaner at least once every two weeks as well.] and told me I should be fine from there on out. A month or so later and these problems start happening, short to say I will not be going back to him again. If there are any antivirus programs that a person with little to no money can use then please feel free to suggest it. Here are the reports you asked for: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-05-2013 01 Ran by SYSTEM at 2013-05-23 12:47:15 Run:1 Running from G:\ Boot Mode: Recovery ============================================== HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully. ==== End of Fixlog ==== RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Trinity [Admin rights] Mode : Scan -- Date : 05/23/2013 12:50:06 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD6400BPVT-22HXZT1 +++++ --- User --- [MBR] e86b244933ef60bf832a248c64bc5e1a [bSP] 745cb106adff39d6143c794484175a77 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 595018 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_05232013_02d1250.txt >> RKreport[1]_S_05232013_02d1250.txt
  8. Alright this is what that gave me(not that I understand any of it lol): Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-05-2013 01 Ran by SYSTEM on 23-05-2013 09:59:40 Running from G:\ Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-10-08] () HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11785832 2011-03-10] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [2189416 2011-03-08] (Realtek Semiconductor) HKLM\...\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated) HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [340336 2010-09-27] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-09-17] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [201584 2010-09-17] (Egis Technology Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k [297280 2011-02-15] (NTI Corporation) HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-04-26] (Renesas Electronics Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [506712 2011-02-03] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2013-04-22] (Dritek System Inc.) HKU\Default\...\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} [x] HKU\Default User\...\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} [x] ==================== Services (Whitelisted) ================= S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation) ==================== Drivers (Whitelisted) ==================== S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-23 09:59 - 2013-05-23 09:59 - 00000000 ____D C:\FRST 2013-05-23 06:46 - 2013-05-23 06:46 - 01878472 ____A (Farbar) C:\Users\Trinity\Downloads\FRST64.exe 2013-05-23 06:37 - 2013-05-23 06:37 - 00295144 ____A C:\Users\Trinity\Downloads\American Harry Prequel 40.htm 2013-05-23 06:36 - 2013-05-23 06:36 - 00000813 ____A C:\Users\Trinity\Downloads\Chapter 25 Temp Review Responses.txt 2013-05-21 04:45 - 2013-05-21 11:56 - 00000000 ____D C:\Users\Trinity\Desktop\Manga 2013-05-20 16:33 - 2013-05-20 16:33 - 01858040 ____A (Coupons.com Incorporated) C:\Users\Trinity\Downloads\CouponPrinter.exe 2013-05-20 04:09 - 2013-05-20 04:11 - 00000000 ____D C:\5c38e8688987a12b88722c5948 2013-05-19 05:02 - 2013-05-19 05:06 - 00000000 ____D C:\d2f3026c5dce386e2deb51 2013-05-16 16:56 - 2013-05-16 16:56 - 00001117 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-16 16:56 - 2013-05-16 16:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-16 16:56 - 2013-04-04 11:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2013-05-16 16:55 - 2013-05-16 16:55 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Trinity\Downloads\mbam-setup-1.75.0.1300.exe 2013-05-16 09:26 - 2013-05-16 09:26 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\dingogames 2013-05-16 09:26 - 2013-05-16 09:26 - 00000000 ____D C:\ProgramData\dingogames 2013-05-16 07:59 - 2013-05-16 07:59 - 00022211 ____A C:\Users\Trinity\Desktop\dds.txt 2013-05-16 07:59 - 2013-05-16 07:59 - 00009745 ____A C:\Users\Trinity\Desktop\attach.txt 2013-05-16 07:57 - 2013-05-16 07:57 - 00688992 ____R (Swearware) C:\Users\Trinity\Desktop\dds.com 2013-05-16 07:42 - 2013-05-16 07:42 - 00945272 ____A (Prevx) C:\Users\Trinity\Downloads\prevxcsibus.exe 2013-05-16 07:42 - 2013-05-16 07:42 - 00945272 ____A (Prevx) C:\Users\Trinity\Downloads\717D47915A5042389969.EXE 2013-05-16 07:42 - 2013-05-16 07:42 - 00000052 ____A C:\Windows\wininit.ini 2013-05-16 07:42 - 2013-05-16 07:42 - 00000000 ____D C:\ProgramData\PrevxCSI 2013-05-16 07:25 - 2013-05-16 16:59 - 00000168 ____A C:\Windows\setupact.log 2013-05-16 07:25 - 2013-05-16 07:25 - 00000000 ____A C:\Windows\setuperr.log 2013-05-16 07:22 - 2013-05-16 07:23 - 00014086 ____A C:\Users\Trinity\Desktop\cc_20130516_102208.reg 2013-05-16 04:38 - 2013-05-16 04:38 - 00000000 ____D C:\18c9759adbc9954f12 2013-05-16 04:38 - 2013-05-05 13:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-16 04:38 - 2013-05-05 13:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-16 04:38 - 2013-05-05 11:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-16 04:38 - 2013-05-05 11:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-16 04:37 - 2013-04-04 17:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-16 04:37 - 2013-04-04 17:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-16 04:37 - 2013-04-04 17:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-16 04:37 - 2013-04-04 17:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-16 04:37 - 2013-04-04 16:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-16 04:37 - 2013-04-04 16:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-16 04:37 - 2013-04-04 16:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-16 04:37 - 2013-04-04 16:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-16 04:37 - 2013-04-04 16:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-16 04:37 - 2013-04-04 16:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-16 04:37 - 2013-04-04 16:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-16 04:37 - 2013-04-04 16:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-16 04:37 - 2013-04-04 16:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-16 04:37 - 2013-04-04 16:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-16 04:37 - 2013-04-04 14:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-05-16 04:37 - 2013-04-04 14:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-05-16 04:37 - 2013-04-04 14:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-05-16 04:37 - 2013-04-04 14:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-05-16 04:37 - 2013-04-04 14:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-05-16 04:37 - 2013-04-04 14:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-05-16 04:37 - 2013-04-04 13:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-05-16 04:37 - 2013-04-04 13:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-05-16 04:37 - 2013-04-04 13:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-05-16 04:37 - 2013-04-04 13:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-05-16 04:37 - 2013-04-04 13:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-05-16 04:37 - 2013-04-04 13:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-05-16 04:37 - 2013-04-04 13:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-05-16 04:37 - 2013-04-04 13:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-05-15 10:49 - 2013-04-09 22:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2013-05-15 10:49 - 2013-04-09 22:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2013-05-15 10:49 - 2013-04-09 19:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-05-15 10:49 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll 2013-05-15 10:49 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll 2013-05-15 10:49 - 2013-02-26 22:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe 2013-05-15 10:49 - 2013-02-26 21:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2013-05-15 10:49 - 2013-02-26 21:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll 2013-05-15 10:49 - 2013-02-26 21:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2013-05-15 10:49 - 2013-02-26 21:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll 2013-05-15 10:49 - 2013-02-26 20:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-05-15 10:49 - 2013-02-26 20:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-05-15 10:49 - 2013-02-26 20:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-05-15 10:49 - 2011-02-03 03:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll 2013-05-12 10:08 - 2013-05-12 10:08 - 00004258 ____A C:\Users\School\Downloads\Heather's First Draft 2013-05-10 06:48 - 2013-05-10 07:10 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\Mobipocket 2013-05-10 06:48 - 2013-05-10 06:48 - 00282293 ____A C:\Users\Trinity\Downloads\last mercenary the - diana palmer.mobi 2013-05-10 06:48 - 2013-05-10 06:48 - 00000000 ____D C:\Users\Trinity\Documents\My eBooks 2013-05-10 06:45 - 2013-05-10 06:45 - 00003083 ____A C:\Users\Trinity\Desktop\Mobipocket Reader.lnk 2013-05-10 06:45 - 2013-05-10 06:45 - 00000000 ____D C:\Program Files (x86)\Mobipocket.com 2013-05-10 06:44 - 2013-05-10 06:44 - 05606400 ____A C:\Users\Trinity\Downloads\mobireadersetup.msi 2013-05-10 06:42 - 2013-05-10 06:44 - 23407736 ____A ( ) C:\Users\Trinity\Downloads\setup.exe 2013-05-09 20:31 - 2013-05-13 16:37 - 00000000 ____D C:\Users\Trinity\Documents\New folder 2013-05-09 20:30 - 2013-05-09 20:30 - 00138421 ____A C:\Users\Trinity\Downloads\Next I go to Seven Gates.html 2013-05-09 20:30 - 2013-05-09 20:30 - 00034401 ____A C:\Users\Trinity\Downloads\In the Springtime of His.mobi 2013-05-07 11:11 - 2013-05-07 11:11 - 00000000 ____D C:\Users\Trinity\AppData\Local\Macromedia 2013-05-07 11:10 - 2013-05-07 11:10 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-05-07 11:10 - 2013-05-07 11:10 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-05-07 11:10 - 2013-05-07 11:10 - 00000000 ____D C:\Windows\System32\Macromed 2013-05-07 11:09 - 2013-05-07 11:09 - 00001155 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\Mozilla 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\Users\Trinity\AppData\Local\Mozilla 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\ProgramData\Mozilla 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-05-07 11:08 - 2013-05-07 11:08 - 21036128 ____A (Mozilla) C:\Users\Trinity\Downloads\Firefox Setup 20.0.1.exe 2013-05-07 10:55 - 2013-05-07 10:55 - 00000000 ____D C:\Users\Trinity\AppData\Local\{8D8669B4-799C-42F5-81D1-CAF93E46BAA5} 2013-05-07 10:55 - 2013-05-07 10:55 - 00000000 ____D C:\Users\Trinity\AppData\Local\{8A8EA87C-DFC7-48E2-9C22-B4B33EB59B7E} 2013-05-07 10:54 - 2013-05-07 10:55 - 00000000 ____D C:\Users\Trinity\AppData\Local\Windows Live Writer 2013-05-07 10:54 - 2013-05-07 10:54 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\Windows Live Writer 2013-05-04 09:34 - 2013-05-04 09:34 - 00000000 ____D C:\Users\Trinity\AppData\Local\Chromium 2013-05-04 09:31 - 2013-05-04 09:31 - 00000000 ____D C:\Users\Trinity\AppData\Local\The Lord of the Rings Online 2013-05-04 09:21 - 2013-05-04 09:21 - 00000095 ____A C:\Users\Trinity\AppData\Local\fusioncache.dat 2013-05-04 09:19 - 2013-05-04 15:49 - 00002049 ____A C:\Users\Trinity\Desktop\The Lord of the Rings Online™.lnk 2013-05-04 09:19 - 2013-05-04 09:48 - 00000000 ____D C:\Users\Trinity\Documents\The Lord of the Rings Online 2013-05-04 09:19 - 2013-05-04 09:22 - 00000000 ____D C:\Users\Trinity\AppData\Local\Turbine 2013-05-04 09:16 - 2009-09-04 14:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll 2013-05-04 09:16 - 2009-09-04 14:29 - 01892184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll 2013-05-04 09:16 - 2009-09-04 14:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2013-05-04 09:16 - 2007-03-12 13:42 - 03495784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll 2013-05-04 09:13 - 2013-05-04 09:13 - 00000000 ____D C:\ProgramData\Turbine 2013-05-04 09:12 - 2013-05-13 08:40 - 00000000 ____D C:\ProgramData\HappyCloud 2013-05-04 09:12 - 2013-05-04 09:12 - 04010432 ____A C:\Users\Trinity\Downloads\LOTROProgressive_1.368.exe 2013-05-03 02:55 - 2013-05-03 02:55 - 00000000 ____D C:\Users\School\AppData\Roaming\Malwarebytes 2013-05-02 06:32 - 2013-05-02 06:32 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-04-28 18:53 - 2013-04-28 18:53 - 00001650 ____A C:\Users\School\Desktop\URLLink.acsm 2013-04-28 12:30 - 2013-04-28 12:30 - 00000000 ____D C:\Users\Trinity\AppData\Local\2DBoy 2013-04-28 12:30 - 2013-04-28 12:30 - 00000000 ____D C:\ProgramData\2DBoy 2013-04-28 11:44 - 2013-04-28 11:45 - 06640101 ____A C:\Users\School\Desktop\Climate Change-HeatherHeath.pptx 2013-04-27 11:45 - 2013-04-27 11:45 - 00000000 ____D C:\ProgramData\PlayFirst 2013-04-27 10:09 - 2013-04-27 10:09 - 00001392 ____A C:\Users\School\Downloads\AFA2.tmp 2013-04-27 09:45 - 2013-04-28 18:54 - 00000000 ____D C:\Users\School\Documents\My Digital Editions 2013-04-27 09:45 - 2013-04-27 09:45 - 00000000 ____D C:\Users\School\AppData\Local\Adobe_Systems_Incorporate 2013-04-24 12:47 - 2013-04-24 12:47 - 00000000 ____D C:\Users\Trinity\Documents\Master of Alchemy 2013-04-23 17:05 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2013-05-23 09:59 - 2013-05-23 09:59 - 00000000 ____D C:\FRST 2013-05-23 06:56 - 2013-03-04 21:51 - 01184877 ____A C:\Windows\WindowsUpdate.log 2013-05-23 06:51 - 2009-07-13 20:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-23 06:51 - 2009-07-13 20:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-23 06:46 - 2013-05-23 06:46 - 01878472 ____A (Farbar) C:\Users\Trinity\Downloads\FRST64.exe 2013-05-23 06:37 - 2013-05-23 06:37 - 00295144 ____A C:\Users\Trinity\Downloads\American Harry Prequel 40.htm 2013-05-23 06:36 - 2013-05-23 06:36 - 00000813 ____A C:\Users\Trinity\Downloads\Chapter 25 Temp Review Responses.txt 2013-05-23 06:27 - 2013-03-05 14:17 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-22 13:58 - 2013-03-04 19:39 - 00000000 ____D C:\Users\Trinity\AppData\Local\Windows Live 2013-05-22 07:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache 2013-05-21 11:56 - 2013-05-21 04:45 - 00000000 ____D C:\Users\Trinity\Desktop\Manga 2013-05-21 08:34 - 2009-07-13 21:13 - 00733930 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-20 18:27 - 2013-03-05 14:17 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-20 16:33 - 2013-05-20 16:33 - 01858040 ____A (Coupons.com Incorporated) C:\Users\Trinity\Downloads\CouponPrinter.exe 2013-05-20 04:11 - 2013-05-20 04:09 - 00000000 ____D C:\5c38e8688987a12b88722c5948 2013-05-19 05:06 - 2013-05-19 05:02 - 00000000 ____D C:\d2f3026c5dce386e2deb51 2013-05-16 17:53 - 2013-03-06 14:57 - 00002792 ____A C:\Users\Trinity\Desktop\vba.ini 2013-05-16 17:00 - 2013-03-05 14:16 - 00000000 ____D C:\ProgramData\clear.fi 2013-05-16 16:59 - 2013-05-16 07:25 - 00000168 ____A C:\Windows\setupact.log 2013-05-16 16:59 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-16 16:56 - 2013-05-16 16:56 - 00001117 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-05-16 16:56 - 2013-05-16 16:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-16 16:55 - 2013-05-16 16:55 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Trinity\Downloads\mbam-setup-1.75.0.1300.exe 2013-05-16 09:26 - 2013-05-16 09:26 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\dingogames 2013-05-16 09:26 - 2013-05-16 09:26 - 00000000 ____D C:\ProgramData\dingogames 2013-05-16 07:59 - 2013-05-16 07:59 - 00022211 ____A C:\Users\Trinity\Desktop\dds.txt 2013-05-16 07:59 - 2013-05-16 07:59 - 00009745 ____A C:\Users\Trinity\Desktop\attach.txt 2013-05-16 07:57 - 2013-05-16 07:57 - 00688992 ____R (Swearware) C:\Users\Trinity\Desktop\dds.com 2013-05-16 07:42 - 2013-05-16 07:42 - 00945272 ____A (Prevx) C:\Users\Trinity\Downloads\prevxcsibus.exe 2013-05-16 07:42 - 2013-05-16 07:42 - 00945272 ____A (Prevx) C:\Users\Trinity\Downloads\717D47915A5042389969.EXE 2013-05-16 07:42 - 2013-05-16 07:42 - 00000052 ____A C:\Windows\wininit.ini 2013-05-16 07:42 - 2013-05-16 07:42 - 00000000 ____D C:\ProgramData\PrevxCSI 2013-05-16 07:25 - 2013-05-16 07:25 - 00000000 ____A C:\Windows\setuperr.log 2013-05-16 07:25 - 2009-07-13 20:45 - 00429208 ____A C:\Windows\System32\FNTCACHE.DAT 2013-05-16 07:23 - 2013-05-16 07:22 - 00014086 ____A C:\Users\Trinity\Desktop\cc_20130516_102208.reg 2013-05-16 07:23 - 2013-04-11 17:01 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\Media Player Classic 2013-05-16 05:06 - 2013-03-28 07:01 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-05-16 05:04 - 2013-04-22 13:43 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-05-16 04:38 - 2013-05-16 04:38 - 00000000 ____D C:\18c9759adbc9954f12 2013-05-13 16:37 - 2013-05-09 20:31 - 00000000 ____D C:\Users\Trinity\Documents\New folder 2013-05-13 11:33 - 2013-03-10 08:56 - 00000000 ____D C:\Users\School\Desktop\Sociology 2013-05-13 09:19 - 2013-04-11 03:58 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\SoftGrid Client 2013-05-13 08:40 - 2013-05-04 09:12 - 00000000 ____D C:\ProgramData\HappyCloud 2013-05-12 14:30 - 2013-03-10 08:55 - 00000000 ____D C:\Users\School\AppData\Roaming\SoftGrid Client 2013-05-12 10:49 - 2013-03-10 08:56 - 00000000 ____D C:\Users\School\Desktop\English 2013-05-12 10:08 - 2013-05-12 10:08 - 00004258 ____A C:\Users\School\Downloads\Heather's First Draft 2013-05-11 16:33 - 2013-03-05 20:39 - 00000000 ____D C:\Users\Trinity\Desktop\VisualBoyAdvance-1.7.2 2013-05-10 07:10 - 2013-05-10 06:48 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\Mobipocket 2013-05-10 06:48 - 2013-05-10 06:48 - 00282293 ____A C:\Users\Trinity\Downloads\last mercenary the - diana palmer.mobi 2013-05-10 06:48 - 2013-05-10 06:48 - 00000000 ____D C:\Users\Trinity\Documents\My eBooks 2013-05-10 06:45 - 2013-05-10 06:45 - 00003083 ____A C:\Users\Trinity\Desktop\Mobipocket Reader.lnk 2013-05-10 06:45 - 2013-05-10 06:45 - 00000000 ____D C:\Program Files (x86)\Mobipocket.com 2013-05-10 06:44 - 2013-05-10 06:44 - 05606400 ____A C:\Users\Trinity\Downloads\mobireadersetup.msi 2013-05-10 06:44 - 2013-05-10 06:42 - 23407736 ____A ( ) C:\Users\Trinity\Downloads\setup.exe 2013-05-09 20:30 - 2013-05-09 20:30 - 00138421 ____A C:\Users\Trinity\Downloads\Next I go to Seven Gates.html 2013-05-09 20:30 - 2013-05-09 20:30 - 00034401 ____A C:\Users\Trinity\Downloads\In the Springtime of His.mobi 2013-05-07 11:11 - 2013-05-07 11:11 - 00000000 ____D C:\Users\Trinity\AppData\Local\Macromedia 2013-05-07 11:11 - 2011-04-06 12:57 - 00000000 ____D C:\ProgramData\Adobe 2013-05-07 11:10 - 2013-05-07 11:10 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-05-07 11:10 - 2013-05-07 11:10 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-05-07 11:10 - 2013-05-07 11:10 - 00000000 ____D C:\Windows\System32\Macromed 2013-05-07 11:09 - 2013-05-07 11:09 - 00001155 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\Mozilla 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\Users\Trinity\AppData\Local\Mozilla 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\ProgramData\Mozilla 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-05-07 11:09 - 2013-05-07 11:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-05-07 11:08 - 2013-05-07 11:08 - 21036128 ____A (Mozilla) C:\Users\Trinity\Downloads\Firefox Setup 20.0.1.exe 2013-05-07 10:55 - 2013-05-07 10:55 - 00000000 ____D C:\Users\Trinity\AppData\Local\{8D8669B4-799C-42F5-81D1-CAF93E46BAA5} 2013-05-07 10:55 - 2013-05-07 10:55 - 00000000 ____D C:\Users\Trinity\AppData\Local\{8A8EA87C-DFC7-48E2-9C22-B4B33EB59B7E} 2013-05-07 10:55 - 2013-05-07 10:54 - 00000000 ____D C:\Users\Trinity\AppData\Local\Windows Live Writer 2013-05-07 10:54 - 2013-05-07 10:54 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\Windows Live Writer 2013-05-05 13:36 - 2013-05-16 04:38 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-05 13:16 - 2013-05-16 04:38 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-05 11:25 - 2013-05-16 04:38 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-05-05 11:12 - 2013-05-16 04:38 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-05-04 15:49 - 2013-05-04 09:19 - 00002049 ____A C:\Users\Trinity\Desktop\The Lord of the Rings Online™.lnk 2013-05-04 09:48 - 2013-05-04 09:19 - 00000000 ____D C:\Users\Trinity\Documents\The Lord of the Rings Online 2013-05-04 09:34 - 2013-05-04 09:34 - 00000000 ____D C:\Users\Trinity\AppData\Local\Chromium 2013-05-04 09:31 - 2013-05-04 09:31 - 00000000 ____D C:\Users\Trinity\AppData\Local\The Lord of the Rings Online 2013-05-04 09:22 - 2013-05-04 09:19 - 00000000 ____D C:\Users\Trinity\AppData\Local\Turbine 2013-05-04 09:21 - 2013-05-04 09:21 - 00000095 ____A C:\Users\Trinity\AppData\Local\fusioncache.dat 2013-05-04 09:15 - 2013-03-10 08:54 - 00756952 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2013-05-04 09:15 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2013-05-04 09:13 - 2013-05-04 09:13 - 00000000 ____D C:\ProgramData\Turbine 2013-05-04 09:12 - 2013-05-04 09:12 - 04010432 ____A C:\Users\Trinity\Downloads\LOTROProgressive_1.368.exe 2013-05-03 02:55 - 2013-05-03 02:55 - 00000000 ____D C:\Users\School\AppData\Roaming\Malwarebytes 2013-05-02 15:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK 2013-05-02 15:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR 2013-05-02 15:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK 2013-05-02 15:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR 2013-05-02 06:32 - 2013-05-02 06:32 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-02 06:32 - 2013-05-02 06:32 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-01 23:06 - 2010-11-20 19:27 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2013-04-28 18:54 - 2013-04-27 09:45 - 00000000 ____D C:\Users\School\Documents\My Digital Editions 2013-04-28 18:53 - 2013-04-28 18:53 - 00001650 ____A C:\Users\School\Desktop\URLLink.acsm 2013-04-28 12:30 - 2013-04-28 12:30 - 00000000 ____D C:\Users\Trinity\AppData\Local\2DBoy 2013-04-28 12:30 - 2013-04-28 12:30 - 00000000 ____D C:\ProgramData\2DBoy 2013-04-28 11:45 - 2013-04-28 11:44 - 06640101 ____A C:\Users\School\Desktop\Climate Change-HeatherHeath.pptx 2013-04-27 11:45 - 2013-04-27 11:45 - 00000000 ____D C:\ProgramData\PlayFirst 2013-04-27 11:45 - 2013-04-05 16:09 - 00000000 ____D C:\Users\Trinity\AppData\Roaming\PlayFirst 2013-04-27 10:20 - 2013-04-07 08:29 - 00000000 ____D C:\Users\School\AppData\Local\Microsoft Help 2013-04-27 10:09 - 2013-04-27 10:09 - 00001392 ____A C:\Users\School\Downloads\AFA2.tmp 2013-04-27 09:48 - 2013-03-10 08:48 - 00000000 ____D C:\Users\School\AppData\Roaming\Adobe 2013-04-27 09:45 - 2013-04-27 09:45 - 00000000 ____D C:\Users\School\AppData\Local\Adobe_Systems_Incorporate 2013-04-24 12:47 - 2013-04-24 12:47 - 00000000 ____D C:\Users\Trinity\Documents\Master of Alchemy 2013-04-24 04:28 - 2009-07-13 18:34 - 00000478 ____A C:\Windows\win.ini 2013-04-23 13:57 - 2013-03-17 15:56 - 00000000 ____D C:\Users\Trinity\Desktop\Books ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-05-22 07:06:57 ==================== Memory info =========================== Percentage of memory in use: 17% Total physical RAM: 3947.86 MB Available physical RAM: 3262.58 MB Total Pagefile: 3946.06 MB Available Pagefile: 3248.07 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:581.07 GB) (Free:520.78 GB) NTFS (Disk=0 Partition=3) Drive e: (PQSERVICE) (Fixed) (Total:15 GB) (Free:3.28 GB) NTFS (Disk=0 Partition=1) Drive g: () (Removable) (Total:14.9 GB) (Free:2.82 GB) FAT32 (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: E01C059E) Partition 1: (Not Active) - (Size=15 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=581 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 15 GB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=15 GB) - (Type=0C) Last Boot: 2013-05-04 16:51 ==================== End Of Log ============================
  9. yes, I'm here. Sorry about that I did not get your email notification until just now. Like I said before my computer is not working very well. I'll follow your instructions on the previous post and get back with you asap.
  10. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 3/4/2013 10:39:33 PM System Uptime: 5/16/2013 10:36:50 AM (0 hours ago) . Motherboard: Acer | | JE50_HR Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU1 | 2001/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 522.967 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . A Magnetic Adventure Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Games Acer Registration Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Digital Editions 2.0 Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.1 MUI Agatha Christie - 4:50 from Paddington Backup Manager V3 Bee Garden Bejeweled 2 Deluxe Broadcom Card Reader Driver Installer Broadcom Gigabit NetLink Controller Buccaneer Build-a-lot Build-a-lot 2 CCleaner Chuzzle Deluxe clear.fi clear.fi Client Cute Knight D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Defraggler Diner Dash 2 Restaurant Rescue Dolby Advanced Audio v2 Dora's World Adventure Dream Builder: Amusement Park Escape from Paradise 2 - A Kingdoms Quest FATE - The Traitor Soul Final Drive: Nitro Galerie de photos Windows Live Google Chrome Google Update Helper Haiku Journey Happy Cloud Client Identity Card Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® Turbo Boost Technology Monitor 2.0 iWin Games (remove only) Java 7 Update 17 Java 7 Update 17 (64-bit) Java Auto Updater Jewel Quest Heritage Jojo's Fashion Show World Tour Junk Mail filter update K-Lite Codec Pack 8.7.0 (Full) Launch Manager Malwarebytes Anti-Malware version 1.75.0.1300 Master of Alchemy Matches and Matrimony Mesh Runtime Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Starter 2010 - English Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mobipocket Reader 6.2 Mozilla Firefox 20.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Mystery P.I. - Stolen in San Francisco MyWinLocker MyWinLocker 4 MyWinLocker Suite Namco All-Stars: PAC-MAN NTI Media Maker 9 Penguins! Plants vs. Zombies - Game of the Year Poker Superstars III Polar Bowler Polar Golfer Realtek High Definition Audio Driver Renesas Electronics USB 3.0 Host Controller Driver Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Shaman Odyssey - Tropic Adventure Shredder Snapshot Adventures Speccy Spellagories Synaptics Pointing Device Driver Tasty Planet Tasty Planet: Back for Seconds Teddy Factory The Lord of the Rings Online Torchlight Totem Tribe Tradewinds Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update Installer for WildTangent Games App VC80CRTRedist - 8.0.50727.6195 Virtual Families Virtual Families 2 Virtual Villagers 4 - The Tree of Life Virtual Villagers 5 - New Believers Welcome Center WildTangent Games WildTangent Games App WildTangent Games App (Acer Games) Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources World of Goo ZoomBook - The Temple of the Sun Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 5/9/2013 8:44:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service. 5/9/2013 8:44:15 AM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 5/9/2013 8:43:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. 5/9/2013 8:43:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service. 5/9/2013 8:42:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service. 5/9/2013 8:41:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 5/9/2013 8:40:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service. 5/9/2013 8:39:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service. 5/16/2013 8:04:41 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2804576). 5/16/2013 7:59:40 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 5/16/2013 7:53:53 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 5/10/2013 7:56:46 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2. . ==== End Of File ===========================
  11. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.17.2 Run by Trinity at 10:58:45 on 2013-05-16 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3948.2181 [GMT -5:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files (x86)\iWin Games\iWinTrusted.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Launch Manager\LMutilps32.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\DOLBY PCEE4\pcee4.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://acer.msn.com uDefault_Page_URL = hxxp://acer.msn.com mStart Page = hxxp://acer.msn.com mDefault_Page_URL = hxxp://acer.msn.com mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{35DBCDA7-76D7-4497-93B0-376EA72DE8AF} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{35DBCDA7-76D7-4497-93B0-376EA72DE8AF}\6427F6E64796562773138373 : DHCPNameServer = 192.168.254.254 TCP: Interfaces\{35DBCDA7-76D7-4497-93B0-376EA72DE8AF}\9667977657563747 : DHCPNameServer = 8.8.8.8 TCP: Interfaces\{EC165E47-7983-45DC-B201-36594D8A9BC9} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = hxxp://acer.msn.com x64-mDefault_Page_URL = hxxp://acer.msn.com x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Trinity\AppData\Roaming\Mozilla\Firefox\Profiles\47tlmbdx.default\ FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2011-4-6 22912] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2011-4-6 20328] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2011-4-6 62584] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-7-1 353360] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2013-3-5 873064] R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-6 13336] R2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2011-4-8 176848] R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2013-4-22 255376] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-5 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-5 701512] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-2-15 257344] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-10-8 19192] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-3-5 2656280] R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2011-1-20 67624] R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2011-1-20 19496] R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2011-1-19 52264] R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2011-1-13 85544] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-6 317440] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-1-17 412712] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-3-5 25928] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-9-30 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-9-30 180736] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-27 172912] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-8 150016] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-10 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-05-16 15:42:28 -------- d-----w- C:\ProgramData\PrevxCSI 2013-05-16 13:09:37 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{260B7FEB-9DD9-4BB5-85FF-D08AEF74A49A}\mpengine.dll 2013-05-16 12:38:30 -------- d-----w- C:\18c9759adbc9954f12 2013-05-16 12:38:01 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-16 12:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-05-15 18:49:50 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-05-10 14:48:21 -------- d-----w- C:\Users\Trinity\AppData\Roaming\Mobipocket 2013-05-10 14:45:18 -------- d-----w- C:\Program Files (x86)\Mobipocket.com 2013-05-07 19:11:53 -------- d-----w- C:\Users\Trinity\AppData\Local\Macromedia 2013-05-07 19:10:55 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-07 19:10:55 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-07 18:55:12 -------- d-----w- C:\Users\Trinity\AppData\Local\{8D8669B4-799C-42F5-81D1-CAF93E46BAA5} 2013-05-07 18:55:11 -------- d-----w- C:\Users\Trinity\AppData\Local\{8A8EA87C-DFC7-48E2-9C22-B4B33EB59B7E} 2013-05-07 18:54:59 -------- d-----w- C:\Users\Trinity\AppData\Roaming\Windows Live Writer 2013-05-07 18:54:59 -------- d-----w- C:\Users\Trinity\AppData\Local\Windows Live Writer 2013-05-04 17:34:23 -------- d-----w- C:\Users\Trinity\AppData\Local\Chromium 2013-05-04 17:31:15 -------- d-----w- C:\Users\Trinity\AppData\Local\The Lord of the Rings Online 2013-05-04 17:19:16 -------- d-----w- C:\Users\Trinity\AppData\Local\Turbine 2013-05-04 17:16:52 235344 ----a-w- C:\Windows\SysWow64\d3dx11_42.dll 2013-05-04 17:16:28 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll 2013-05-04 17:16:26 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll 2013-05-04 17:16:25 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll 2013-05-04 17:15:43 -------- d-----w- C:\Users\Trinity\AppData\Local\ApplicationHistory 2013-05-04 17:14:38 -------- d-----w- C:\Windows\SysWow64\URTTEMP 2013-05-04 17:13:03 -------- d-----w- C:\ProgramData\Turbine 2013-05-04 17:12:53 -------- d-----w- C:\ProgramData\HappyCloud 2013-04-28 20:30:03 -------- d-----w- C:\Users\Trinity\AppData\Local\2DBoy 2013-04-28 20:30:03 -------- d-----w- C:\ProgramData\2DBoy 2013-04-24 01:05:58 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-23 03:52:36 0 ----a-w- C:\Windows\SysWow64\shoE84B.tmp 2013-04-23 03:30:01 -------- d-----w- C:\Program Files (x86)\Launch Manager 2013-04-23 00:16:47 -------- d-----w- C:\Users\Trinity\AppData\Local\ElevatedDiagnostics 2013-04-22 21:33:13 -------- d-----w- C:\ProgramData\Acer 2013-04-22 19:45:41 -------- d-----w- C:\Users\Trinity\AppData\Roaming\EscapeFromParadise2 2013-04-21 22:23:31 -------- d-----w- C:\Users\Trinity\AppData\Roaming\qBittorrent 2013-04-21 22:23:03 -------- d-----w- C:\Users\Trinity\AppData\Roaming\Easy BitTorrent Client 2013-04-21 22:23:03 -------- d-----w- C:\Users\Trinity\AppData\Local\Easy BitTorrent Client 2013-04-21 12:24:06 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin 2013-04-20 18:13:54 -------- d-----w- C:\Games 2013-04-20 13:01:09 -------- d-----w- C:\Program Files (x86)\iWin.com 2013-04-20 13:00:12 -------- d-----w- C:\ProgramData\iWin Games 2013-04-20 13:00:03 -------- d-----w- C:\Program Files (x86)\iWin Games 2013-04-18 16:45:55 -------- d-----w- C:\Users\Trinity\AppData\Roaming\runic games 2013-04-18 16:38:43 -------- d-----w- C:\Users\Trinity\AppData\Roaming\Namco 2013-04-17 20:19:57 -------- d-----w- C:\Users\Trinity\AppData\Local\Grubby Games 2013-04-17 20:18:31 -------- d-----w- C:\ProgramData\Big Fish Games 2013-04-17 20:17:41 -------- d-----w- C:\BigFishGamesCache . ==================== Find3M ==================== . 2013-05-02 07:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-23 03:28:47 281680 ----a-w- C:\Windows\UNINSTLMv4.EXE 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-04-05 01:08:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-05 01:00:30 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-04-05 00:59:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-04-05 00:56:16 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-04-05 00:55:47 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-04-04 22:11:34 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-04-04 22:02:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-04-04 22:02:17 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-04-04 21:58:51 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-04-04 21:57:45 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-04-04 18:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll 2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe 2013-03-06 03:51:31 963488 ----a-w- C:\Windows\System32\deployJava1.dll 2013-03-06 03:51:31 1085344 ----a-w- C:\Windows\System32\npDeployJava1.dll 2013-03-06 03:51:31 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2013-03-06 03:50:25 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-06 03:50:25 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-03-06 03:50:25 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-27 06:02:44 111448 ----a-w- C:\Windows\System32\consent.exe 2013-02-27 05:48:00 1930752 ----a-w- C:\Windows\System32\authui.dll 2013-02-27 05:47:10 70144 ----a-w- C:\Windows\System32\appinfo.dll 2013-02-27 04:49:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll . ============= FINISH: 10:59:14.15 ===============
  12. Hello, Computer is an Acer Aspire 5750 running Windows 7 Home Premium My maintenence on the computer comprises of running the CC Cleaner and Malwarebytes every other night, and the Defraggler once a week. Everything was fine until about 3-4 days ago when I ran MalwareBytes and it suddenly froze about 4 minutes in. After that literally everything on my computer froze, I had to do an emergency shut down and ever since my computer has been overheating within an hour of having it on, it can't handle even my normal college workload of playing the media player and MS Word, it takes forever to do anything really. So I'm at a loss and I really don't want to have to reboot. So please help. I've ran the DDS as you guys have asked and it will be posted next.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.