Jump to content

Eno

Members
  • Posts

    16
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Just wanted to come back to say Thank You MrC. You really know your stuff! Really impressed and happy with how this all went. I have followed the instructions you left me and will be using the My Preventive Maintenance info very soon. =)) Thanks again so much!
  2. MrCharlie, Thank you so very much for all the help you've given me. I can see why they have you as an expert around here you are awesome! I really appreciate this thanks again so much for all your help. I know I will be doing my best to keep the computer up to date and in good shape now.

  3. Computer has been running smoothly since I last posted. I downloaded security check and here are the results. Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 37 Java version out of Date! Adobe Flash Player 11.8.800.94 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox 12.0 Firefox out of Date! Google Chrome 29.0.1547.62 Google Chrome 29.0.1547.66 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe`````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log`````````````````````` Some things out of date I see uht oh.
  4. Wow AdwCleaner found so many things, I didn't even know half those things were still left on the computer! Here's the report from it. # AdwCleaner v3.003 - Report created 07/09/2013 at 15:45:39# Updated 07/09/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : USERNAME - MASON-PC# Running from : C:\Users\USERNAME\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Security ToolbarFolder Deleted : C:\ProgramData\BrowserProtectFolder Deleted : C:\ProgramData\PartnerFolder Deleted : C:\ProgramData\SoftSafeFolder Deleted : C:\ProgramData\TrymediaFolder Deleted : C:\Program Files (x86)\Ask.comFolder Deleted : C:\Program Files (x86)\CrawlerFolder Deleted : C:\Program Files (x86)\iMesh ApplicationsFolder Deleted : C:\Program Files (x86)\MyPC Backup Folder Deleted : C:\Program Files (x86)\Common Files\337Folder Deleted : C:\Users\Mason\AppData\Local\AskToolbarFolder Deleted : C:\Users\Mason\AppData\Local\ConduitFolder Deleted : C:\Users\Mason\AppData\Local\creFolder Deleted : C:\Users\Mason\AppData\Local\DefineExtFolder Deleted : C:\Users\Mason\AppData\Local\iMeshFolder Deleted : C:\Users\Mason\AppData\Local\PackageAwareFolder Deleted : C:\Users\Mason\AppData\Local\SwvUpdaterFolder Deleted : C:\Users\Mason\AppData\LocalLow\AskToolbarFolder Deleted : C:\Users\Mason\AppData\LocalLow\AVG Secure SearchFolder Deleted : C:\Users\Mason\AppData\LocalLow\AVG Security ToolbarFolder Deleted : C:\Users\Mason\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Mason\AppData\LocalLow\PlaybryteFolder Deleted : C:\Users\Mason\AppData\Roaming\AppGraffitiFolder Deleted : C:\Users\Mason\AppData\Roaming\Inbox ToolbarFolder Deleted : C:\Users\Mason\AppData\Roaming\PerformerSoftFolder Deleted : C:\Users\USERNAME\AppData\Local\AskToolbarFolder Deleted : C:\Users\USERNAME\AppData\LocalLow\AskToolbarFolder Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\CT3309350Folder Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\Extensions\ffxtlbr@babylon.comFolder Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\Extensions\speedanalysis02@SpeedAnalysis.comFolder Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\Extensions\toolbar@ask.comFolder Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\Extensions\{650598e1-b35a-45d3-b607-896d7acb64c3}Folder Deleted : C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\Extensions\{14323AEE-F6B8-4DC8-BCE3-E62645830585}.xpiFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\Extensions\toolbar-tbplatform@alexa.com.xpiFile Deleted : C:\ENDFile Deleted : C:\Windows\System32\roboot64.exeFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\bprotector_extensions.sqliteFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\bprotector_prefs.jsFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\22find.xmlFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\searchplugins\Askcom.xmlFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\searchplugins\Babylon.xmlFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\searchplugins\Conduit.xmlFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\searchplugins\delta.xmlFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\searchplugins\GoogleFeed.xmlFile Deleted : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\user.jsFile Deleted : C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferencesFile Deleted : C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorageFile Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfdaKey Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLLKey Deleted : HKLM\SOFTWARE\Classes\AxSHDocVw.AxWebBrowserKey Deleted : HKLM\SOFTWARE\Classes\BabyDictKey Deleted : HKLM\SOFTWARE\Classes\BabyGlossKey Deleted : HKLM\SOFTWARE\Classes\BabyOptFileKey Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\SOFTWARE\Classes\ScriptHost.ToolKey Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtilsKey Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\CToolbar_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCSValue Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvcKey Deleted : HKLM\SOFTWARE\9ededce56abf42Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3309350Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6823F25B-4D75-38A1-A163-7C696B45701F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B278D9F8-0FA9-465E-9938-0C392605D8E3}]Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\commandKey Deleted : HKCU\Software\AskToolbarKey Deleted : HKCU\Software\AppDataLow\Software\AskToolbarKey Deleted : HKLM\Software\AskToolbarKey Deleted : HKLM\Software\BabylonKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\DesksvcKey Deleted : HKLM\Software\Freeze.comKey Deleted : HKLM\Software\IminentKey Deleted : HKLM\Software\InstallIQKey Deleted : HKLM\Software\PlaybryteKey Deleted : HKLM\Software\systweakKey Deleted : HKLM\Software\V9Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 -\\ Mozilla Firefox v12.0 (en-US) [ File : C:\Users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\prefs.js ] Line Deleted : user_pref("CT3309350.FF19Solved", "true");Line Deleted : user_pref("CT3309350.UserID", "UN48161156224288278");Line Deleted : user_pref("CT3309350.addressUrlXPETakeover", "true");Line Deleted : user_pref("CT3309350.autoDisableScopes", -1);Line Deleted : user_pref("CT3309350.browser.search.defaultthis.engineName", "true");Line Deleted : user_pref("CT3309350.defaultSearchXPETakeover", "true");Line Deleted : user_pref("CT3309350.fullUserID", "UN48161156224288278.IN.20130817221204");Line Deleted : user_pref("CT3309350.installDate", "17/08/2013 22:12:04");Line Deleted : user_pref("CT3309350.installSessionId", "{2AA3EFEE-395C-4858-843A-3569B009C2B0}");Line Deleted : user_pref("CT3309350.installSp", "TRUE");Line Deleted : user_pref("CT3309350.installerVersion", "1.6.0.22");Line Deleted : user_pref("CT3309350.keyword", "true");Line Deleted : user_pref("CT3309350.originalHomepage", "about:home");Line Deleted : user_pref("CT3309350.originalSearchAddressUrl", "");Line Deleted : user_pref("CT3309350.originalSearchEngine", "");Line Deleted : user_pref("CT3309350.originalSearchEngineName", "");Line Deleted : user_pref("CT3309350.searchRevert", "false");Line Deleted : user_pref("CT3309350.searchUserMode", "2");Line Deleted : user_pref("CT3309350.smartbar.homepage", "true");Line Deleted : user_pref("CT3309350.startPageXPETakeover", "true");Line Deleted : user_pref("CT3309350.versionFromInstaller", "10.16.9.6");Line Deleted : user_pref("CT3309350.xpeMode", "3");Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");Line Deleted : user_pref("browser.search.defaultenginename", "BrowserPlus2 Customized Web Search");Line Deleted : user_pref("browser.search.defaultthis.engineName", "BrowserPlus2 Customized Web Search");Line Deleted : user_pref("browser.search.selectedEngine", "BrowserPlus2 Customized Web Search");Line Deleted : user_pref("extensions.delta.admin", false);Line Deleted : user_pref("extensions.delta.aflt", "babsst");Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");Line Deleted : user_pref("extensions.delta.autoRvrt", "false");Line Deleted : user_pref("extensions.delta.dfltLng", "en");Line Deleted : user_pref("extensions.delta.excTlbr", false);Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);Line Deleted : user_pref("extensions.delta.id", "b805afc3000000000000f07bcb8536cd");Line Deleted : user_pref("extensions.delta.instlDay", "15860");Line Deleted : user_pref("extensions.delta.instlRef", "");Line Deleted : user_pref("extensions.delta.newTab", false);Line Deleted : user_pref("extensions.delta.prdct", "delta");Line Deleted : user_pref("extensions.delta.prtnrId", "delta");Line Deleted : user_pref("extensions.delta.rvrt", "false");Line Deleted : user_pref("extensions.delta.smplGrp", "none");Line Deleted : user_pref("extensions.delta.tlbrId", "base");Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.515:43:32");Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");Line Deleted : user_pref("extensions.delta_i.babExt", "");Line Deleted : user_pref("extensions.delta_i.babTrack", ""affID=66521&tt=gc_" srcExt=def");Line Deleted : user_pref("extensions.delta_i.srcExt", "");Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3309350");Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3309350");Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3309350");Line Deleted : user_pref("smartbar.machineId", "FLMCBULZVWSB1GZRLTQAZZAOWRJLCQBUKQ7XWDEFKTMJJME4CG1YFL/O4ONS+KIGCYTV0AZI6WESSPDGM74F9W"); [ File : C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\ce65dfn4.default\prefs.js ] Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", ""); -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [21038 octets] - [07/09/2013 15:20:15]AdwCleaner[s0].txt - [21044 octets] - [07/09/2013 15:45:39] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [21105 octets] ########## After scanning with malwarebytes it didn't detect any malicious items so there was nothing for me to check for removal. Here is the report. Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.09.07.05 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16660USERNAME :: MASON-PC [administrator] 9/7/2013 3:57:09 PMmbam-log-2013-09-07 (15-57-09).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 272678Time elapsed: 6 minute(s), 19 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) I also want to mention that chromes gold bar and those annoying extensions have not made any re appearance yet either! I'm going to go about using the computer as I normally would to see if I notice anything out of the normal, but so far, things seem to be going really well. I'm exited to hear about the next steps to take
  5. I noticed two new items while scanning with rouge killer so will post the log right now, on my way to download AdwCleaner & follow the rest of the instructions. RogueKiller V8.6.9 _x64_ [sep 3 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : USERNAME [Admin rights]Mode : Scan -- Date : 09/07/2013 15:10:46| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK5065GSX ATA Device +++++--- User ---[MBR] 3e67c9d6d0fa34b29464a8a1800da399[bSP] 4ef8cdcb2c5e071c7f21c9f80d4e1ecc : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 14339 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29366820 | Size: 101 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29575665 | Size: 462497 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_09072013_151046.txt >>RKreport[0]_D_09062013_231025.txt;RKreport[0]_S_09052013_203859.txt;RKreport[0]_S_09062013_170134.txtRKreport[0]_S_09062013_222842.txt;RKreport[0]_S_09062013_234124.txt
  6. Also, after running rouge killer scan and deleting the two things you quoted, a web page opened up through google chrome and took me to a site where there was information on how to remove the zero access virus. There was some sketchy stuff on it as well as vidoes (the majority of them) with the template on how to remove it. I didn't click any of them just noted it was strange. I took screen shots through snipping tool in case this is a fake site I was directed to or something. Also noticed that new extensions were enabled, first time I ran and scanned with rouge killer as directed it enabled PlayBryte, and others unwanted extentions too. I closed webpage, opened new chrome page and went to download combo fix by following the links from here to their site. Downloaded combo fix, disconnected from internet and disabled firewall and other antivirus programs, ran combo fix and got log. Reactivated security settings ect and came back here to post. When I opened webpage this time top right of page has the three gold bars notifying of new extensions having been added.It said Avira Toolbar and 22find had been added. When I look in the extensions section of chrome it also shows BrowserPlus2, PlayBryte is still there, 22find and Avira as mentioned before, and Shopping Price Comparison. All installed by a third party and not enabled, but still show up. Not sure if this is important info to keep posting about or normal from having virus.
  7. ComboFix 13-09-06.01 - USERNAME 09/07/2013 0:32.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2615 [GMT -4:00] Running from: c:\users\USERNAME\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\wxDownload c:\programdata\wxDownload\hidgmdbledgmcimleidmgimikoogfpnj.crx c:\programdata\wxDownload\settings.ini c:\users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\extensions\50dcc43cb12ba@50dcc43cb12f3.com c:\users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\extensions\50dcc43cb12ba@50dcc43cb12f3.com\bootstrap.js c:\users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\extensions\50dcc43cb12ba@50dcc43cb12f3.com\chrome.manifest c:\users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\extensions\50dcc43cb12ba@50dcc43cb12f3.com\content\bg.js c:\users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\extensions\50dcc43cb12ba@50dcc43cb12f3.com\content\zy.xul c:\users\Mason\AppData\Roaming\Mozilla\Firefox\Profiles\9srawz8t.default\extensions\50dcc43cb12ba@50dcc43cb12f3.com\install.rdf c:\windows\PFRO.log . . ((((((((((((((((((((((((( Files Created from 2013-08-07 to 2013-09-07 ))))))))))))))))))))))))))))))) . . 2013-09-07 04:41 . 2013-09-07 04:41 -------- d-----w- c:\users\Mason\AppData\Local\temp 2013-09-07 04:41 . 2013-09-07 04:41 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-06 19:16 . 2013-09-06 19:47 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-09-06 02:06 . 2013-09-06 02:06 -------- d-----w- C:\FRST 2013-09-02 21:55 . 2013-09-02 21:56 -------- d-----w- c:\program files\HyperCam 2 2013-08-29 08:50 . 2013-08-29 08:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-08-29 08:03 . 2013-09-05 23:32 -------- d-----w- c:\users\USERNAME 2013-08-28 21:50 . 2013-08-28 22:29 -------- d-----w- c:\programdata\iptrh 2013-08-28 21:49 . 2013-08-29 03:02 -------- d-----w- c:\programdata\meakr 2013-08-28 01:02 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui 2013-08-28 01:00 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2013-08-28 01:00 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys 2013-08-28 01:00 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll 2013-08-28 01:00 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll 2013-08-28 01:00 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll 2013-08-28 01:00 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2013-08-28 01:00 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2013-08-28 01:00 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2013-08-28 01:00 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2013-08-18 02:13 . 2013-08-18 02:13 -------- d-----w- c:\users\Mason\AppData\Local\CRE 2013-08-18 02:08 . 2013-08-28 23:56 -------- d-----w- c:\users\Mason\AppData\Local\DefineExt 2013-08-17 14:04 . 2013-08-17 14:04 -------- d-----w- c:\program files\SAMSUNG 2013-08-17 14:04 . 2013-08-17 14:04 -------- d-----w- c:\programdata\Samsung 2013-08-14 08:59 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll 2013-08-14 08:59 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll 2013-08-14 08:59 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-14 08:59 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll 2013-08-14 08:59 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2013-08-14 08:59 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-04 12:29 . 2013-06-29 09:31 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2013-08-29 13:22 . 2013-06-29 15:48 81112 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2013-08-29 13:22 . 2013-06-29 09:31 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys 2013-08-21 17:49 . 2012-05-27 23:32 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-08-21 17:49 . 2011-05-16 15:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-08-21 17:48 . 2013-06-11 18:43 17737608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2013-08-14 18:00 . 2011-04-06 21:16 78161360 ----a-w- c:\windows\system32\MRT.exe 2013-07-09 04:45 . 2013-08-14 08:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-07-03 12:42 . 2013-07-03 12:42 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-07-03 12:42 . 2013-07-03 12:42 523264 ----a-w- c:\windows\SysWow64\vbscript.dll 2013-07-03 12:42 . 2013-07-03 12:42 226304 ----a-w- c:\windows\system32\elshyph.dll 2013-07-03 12:42 . 2013-07-03 12:42 185344 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-07-03 12:42 . 2013-07-03 12:42 158720 ----a-w- c:\windows\SysWow64\msls31.dll 2013-07-03 12:42 . 2013-07-03 12:42 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-07-03 12:42 . 2013-07-03 12:42 138752 ----a-w- c:\windows\SysWow64\wextract.exe 2013-07-03 12:42 . 2013-07-03 12:42 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2013-07-03 12:42 . 2013-07-03 12:42 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-07-03 12:42 . 2013-07-03 12:42 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-07-03 12:42 . 2013-07-03 12:42 61952 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-07-03 12:42 . 2013-07-03 12:42 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-07-03 12:42 . 2013-07-03 12:42 38400 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-07-03 12:42 . 2013-07-03 12:42 361984 ----a-w- c:\windows\SysWow64\html.iec 2013-07-03 12:42 . 2013-07-03 12:42 12800 ----a-w- c:\windows\SysWow64\mshta.exe 2013-07-03 12:42 . 2013-07-03 12:42 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-07-03 12:42 . 2013-07-03 12:42 97280 ----a-w- c:\windows\system32\mshtmled.dll 2013-07-03 12:42 . 2013-07-03 12:42 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-07-03 12:42 . 2013-07-03 12:42 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-07-03 12:42 . 2013-07-03 12:42 81408 ----a-w- c:\windows\system32\icardie.dll 2013-07-03 12:42 . 2013-07-03 12:42 762368 ----a-w- c:\windows\system32\ieapfltr.dll 2013-07-03 12:42 . 2013-07-03 12:42 62976 ----a-w- c:\windows\system32\pngfilt.dll 2013-07-03 12:42 . 2013-07-03 12:42 599552 ----a-w- c:\windows\system32\vbscript.dll 2013-07-03 12:42 . 2013-07-03 12:42 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-07-03 12:42 . 2013-07-03 12:42 51200 ----a-w- c:\windows\system32\imgutil.dll 2013-07-03 12:42 . 2013-07-03 12:42 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-07-03 12:42 . 2013-07-03 12:42 452096 ----a-w- c:\windows\system32\dxtmsft.dll 2013-07-03 12:42 . 2013-07-03 12:42 441856 ----a-w- c:\windows\system32\html.iec 2013-07-03 12:42 . 2013-07-03 12:42 281600 ----a-w- c:\windows\system32\dxtrans.dll 2013-07-03 12:42 . 2013-07-03 12:42 27648 ----a-w- c:\windows\system32\licmgr10.dll 2013-07-03 12:42 . 2013-07-03 12:42 270848 ----a-w- c:\windows\system32\iedkcs32.dll 2013-07-03 12:42 . 2013-07-03 12:42 247296 ----a-w- c:\windows\system32\webcheck.dll 2013-07-03 12:42 . 2013-07-03 12:42 235008 ----a-w- c:\windows\system32\url.dll 2013-07-03 12:42 . 2013-07-03 12:42 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-07-03 12:42 . 2013-07-03 12:42 216064 ----a-w- c:\windows\system32\msls31.dll 2013-07-03 12:42 . 2013-07-03 12:42 197120 ----a-w- c:\windows\system32\msrating.dll 2013-07-03 12:42 . 2013-07-03 12:42 173568 ----a-w- c:\windows\system32\ieUnatt.exe 2013-07-03 12:42 . 2013-07-03 12:42 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-07-03 12:42 . 2013-07-03 12:42 1509376 ----a-w- c:\windows\system32\inetcpl.cpl 2013-07-03 12:42 . 2013-07-03 12:42 149504 ----a-w- c:\windows\system32\occache.dll 2013-07-03 12:42 . 2013-07-03 12:42 144896 ----a-w- c:\windows\system32\wextract.exe 2013-07-03 12:42 . 2013-07-03 12:42 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2013-07-03 12:42 . 2013-07-03 12:42 1400416 ----a-w- c:\windows\system32\ieapfltr.dat 2013-07-03 12:42 . 2013-07-03 12:42 13824 ----a-w- c:\windows\system32\mshta.exe 2013-07-03 12:42 . 2013-07-03 12:42 136192 ----a-w- c:\windows\system32\iepeers.dll 2013-07-03 12:42 . 2013-07-03 12:42 135680 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-07-03 12:42 . 2013-07-03 12:42 12800 ----a-w- c:\windows\system32\msfeedssync.exe 2013-07-03 12:42 . 2013-07-03 12:42 102912 ----a-w- c:\windows\system32\inseng.dll 2013-07-03 12:42 . 2013-07-03 12:42 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-07-01 19:28 . 2013-02-09 15:55 325920 ----a-w- c:\windows\SysWow64\Sendori.dll 2013-06-29 09:25 . 2013-06-29 09:31 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2013-04-30 16:02 1521800 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-04-30 1521800] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\users\USERNAME\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512] "EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056] "BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-18 98304] "LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "Sendori Tray"="c:\program files (x86)\Sendori\SendoriTray.exe" [2013-07-01 83232] "SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264] "Aeria Ignite"="c:\program files (x86)\Aeria Games\Ignite\aeriaignite.exe" [2013-04-26 1919000] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2013-04-30 1648264] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-08-29 347192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x] R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x] R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys;c:\windows\SYSNATIVE\DRIVERS\pneteth.sys [x] R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\pnetmdm64.sys [x] R3 qrkis;Tether Miniport;c:\windows\system32\DRIVERS\qrkis.sys;c:\windows\SYSNATIVE\DRIVERS\qrkis.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x] S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x] S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x] S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x] S2 Application Sendori;Application Sendori;c:\program files (x86)\Sendori\SendoriSvc.exe;c:\program files (x86)\Sendori\SendoriSvc.exe [x] S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x] S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x] S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x] S2 Service Sendori;Service Sendori;c:\program files (x86)\Sendori\Sendori.Service.exe;c:\program files (x86)\Sendori\Sendori.Service.exe [x] S2 sndappv2;sndappv2;c:\program files (x86)\Sendori\sndappv2.exe;c:\program files (x86)\Sendori\sndappv2.exe [x] S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x] S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-04 20:03 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-09-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-27 17:49] . 2013-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 03:15] . 2013-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 03:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-15 9644576] "PLFSetI"="c:\windows\PLFSetI.exe" [2010-05-01 206208] "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-06 860192] "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> Trusted Zone: aeriagames.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\ce65dfn4.default\ FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: browser.search.selectedEngine - Ask.com FF - ExtSQL: 2013-08-17 22:08; umylsm@sqhjcpzmeselzlp.org; c:\program files (x86)\Mozilla Firefox\extensions\umylsm@sqhjcpzmeselzlp.org . - - - - ORPHANS REMOVED - - - - . BHO-{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - c:\users\Mason\AppData\Local\DefineExt\temp.dat Toolbar-{b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file) Wow6432Node-HKLM-Run-MusicFrost Updater - c:\program files (x86)\MusicFrost\MusicFrost Updater.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) Toolbar-10 - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) AddRemove-SpeedAnalysis2 - c:\program files (x86)\Speed Analysis 2\uninst.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-09-07 00:44:17 ComboFix-quarantined-files.txt 2013-09-07 04:44 . Pre-Run: 417,201,688,576 bytes free Post-Run: 419,001,470,976 bytes free . - - End Of File - - C66DBBE78D44BAD7098A2302193C595F A36C5E4F47E84449FF07ED3517B43A31
  8. scanned with rougekiller and here are the results. Also wanted to mention that after the scan was finished a new internet page was opened through google chrome, I'm unsure of the name of the icon but its the one with the three sideways lines on it, it turned gold to notify me that new extensions were added, it showed PlayBryte and other things that I had previously removed and disabled. I exited the page. RogueKiller V8.6.9 _x64_ [sep 3 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : USERNAME [Admin rights]Mode : Scan -- Date : 09/06/2013 17:01:34| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 4 ¤¤¤[RUN][ZeroAccess] HKUS\.DEFAULT\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\?��?��?��\?��?��?��\???ﯹ๛\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" >) -> FOUND[RUN][ZeroAccess] HKUS\S-1-5-18\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\?��?��?��\?��?��?��\???ﯹ๛\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" >) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤[V1][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{40490AAE-E28A-4DED-A514-3789405423D3}.exe - --uninstall=1 [x] -> FOUND[V2][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{40490AAE-E28A-4DED-A514-3789405423D3}.exe - --uninstall=1 [x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK5065GSX ATA Device +++++--- User ---[MBR] 3e67c9d6d0fa34b29464a8a1800da399[bSP] 4ef8cdcb2c5e071c7f21c9f80d4e1ecc : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 14339 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29366820 | Size: 101 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29575665 | Size: 462497 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_09062013_170134.txt >>RKreport[0]_S_09052013_203859.txt I didn't click delete or anything afterwards just posted the log results. Also left window open in case I need to go back and delete or follow new instructions from you.
  9. Hi there! I went ahead and downloaded the anti-rootkit and did a scan, afterwards it said "Congratulations, no cleanup is required!" Here are the logs for the mbar log and system log txt. Will post them in that order. Malwarebytes Anti-Rootkit BETA 1.07.0.1005www.malwarebytes.org Database version: v2013.07.26.06 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16660USERNAME :: MASON-PC [administrator] 9/6/2013 3:16:32 PMmbar-log-2013-09-06 (15-16-32).txt Scan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/ShurikenScan options disabled: Objects scanned: 285840Time elapsed: 29 minute(s), 17 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) Physical Sectors Detected: 0(No malicious items detected) (end) ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1005 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16660 Java version: 1.6.0_37 File system is: NTFSDisk drives: C:\ DRIVE_FIXEDCPU speed: 2.094000 GHzMemory total: 4021182464, free: 2819559424 Downloaded database version: v2013.09.06.08=======================================Initializing...------------ Kernel report ------------ 09/06/2013 15:16:26------------ Loaded modules -----------\SystemRoot\system32\ntoskrnl.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_AuthenticAMD.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\ACPI.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\system32\drivers\vdrvroot.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\DRIVERS\compbatt.sys\SystemRoot\system32\DRIVERS\BATTC.SYS\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\system32\drivers\pciide.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\drivers\msahci.sys\SystemRoot\system32\drivers\amdxata.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\System32\Drivers\msrpc.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\System32\Drivers\cng.sys\SystemRoot\System32\drivers\pcw.sys\SystemRoot\System32\Drivers\Fs_Rec.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\Drivers\ksecpkg.sys\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\spldr.sys\SystemRoot\System32\drivers\rdyboost.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\hwpolicy.sys\SystemRoot\System32\DRIVERS\fvevol.sys\SystemRoot\system32\DRIVERS\disk.sys\SystemRoot\system32\DRIVERS\CLASSPNP.SYS\SystemRoot\system32\DRIVERS\AtiPcie.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\system32\DRIVERS\mwlPSDFilter.sys\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\System32\DRIVERS\RDPCDD.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\system32\drivers\rdprefmp.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\system32\drivers\ws2ifsl.sys\SystemRoot\system32\DRIVERS\wfplwf.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\vwififlt.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\wanarp.sys\SystemRoot\system32\drivers\termdd.sys\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\system32\DRIVERS\mwlPSDVDisk.sys\SystemRoot\system32\DRIVERS\mwlPSDNServ.sys\SystemRoot\system32\drivers\mssmbios.sys\SystemRoot\System32\drivers\discache.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\blbdrive.sys\SystemRoot\system32\DRIVERS\avkmgr.sys\SystemRoot\system32\DRIVERS\avipbb.sys\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\amdppm.sys\SystemRoot\system32\DRIVERS\atikmpag.sys\SystemRoot\system32\DRIVERS\atipmdag.sys\SystemRoot\System32\drivers\dxgkrnl.sys\SystemRoot\System32\drivers\dxgmms1.sys\SystemRoot\system32\drivers\HDAudBus.sys\SystemRoot\system32\DRIVERS\k57nd60a.sys\SystemRoot\system32\DRIVERS\athrx.sys\SystemRoot\system32\DRIVERS\vwifibus.sys\??\C:\Windows\system32\drivers\UBHelper.sys\??\C:\Windows\system32\drivers\NTIDrvr.sys\SystemRoot\system32\DRIVERS\usbohci.sys\SystemRoot\system32\DRIVERS\USBPORT.SYS\SystemRoot\system32\DRIVERS\usbfilter.sys\SystemRoot\system32\DRIVERS\usbehci.sys\SystemRoot\system32\drivers\i8042prt.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\SynTP.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\drivers\wmiacpi.sys\SystemRoot\system32\DRIVERS\CmBatt.sys\SystemRoot\system32\drivers\CompositeBus.sys\SystemRoot\system32\DRIVERS\AgileVpn.sys\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\drivers\swenum.sys\SystemRoot\system32\drivers\ks.sys\SystemRoot\system32\drivers\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\system32\drivers\RtHDMIVX.sys\SystemRoot\system32\drivers\portcls.sys\SystemRoot\system32\drivers\drmk.sys\SystemRoot\system32\drivers\ksthunk.sys\SystemRoot\system32\drivers\RTKVHD64.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_dumpata.sys\SystemRoot\System32\Drivers\dump_msahci.sys\SystemRoot\System32\Drivers\dump_dumpfve.sys\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\System32\Drivers\LUsbFilt.Sys\SystemRoot\system32\DRIVERS\hidusb.sys\SystemRoot\system32\DRIVERS\HIDCLASS.SYS\SystemRoot\system32\DRIVERS\HIDPARSE.SYS\SystemRoot\system32\DRIVERS\LHidFilt.Sys\SystemRoot\system32\DRIVERS\mouhid.sys\SystemRoot\system32\DRIVERS\LMouFilt.Sys\SystemRoot\system32\DRIVERS\usbccgp.sys\SystemRoot\System32\Drivers\usbvideo.sys\SystemRoot\system32\DRIVERS\monitor.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\cdd.dll\SystemRoot\system32\drivers\luafv.sys\SystemRoot\system32\DRIVERS\avgntflt.sys\SystemRoot\system32\DRIVERS\lltdio.sys\SystemRoot\system32\DRIVERS\nwifi.sys\SystemRoot\system32\DRIVERS\ndisuio.sys\SystemRoot\system32\DRIVERS\rspndr.sys\SystemRoot\system32\drivers\HTTP.sys\SystemRoot\System32\DRIVERS\srvnet.sys\SystemRoot\system32\DRIVERS\vwifimp.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\System32\DRIVERS\srv2.sys\SystemRoot\System32\DRIVERS\srv.sys\SystemRoot\system32\drivers\peauth.sys\SystemRoot\System32\Drivers\secdrv.SYS\SystemRoot\System32\drivers\tcpipreg.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys\Windows\System32\ntdll.dll\Windows\System32\smss.exe\Windows\System32\apisetschema.dll\Windows\System32\autochk.exe\Windows\System32\clbcatq.dll\Windows\System32\comdlg32.dll\Windows\System32\shell32.dll\Windows\System32\iertutil.dll\Windows\System32\difxapi.dll\Windows\System32\psapi.dll\Windows\System32\msvcrt.dll\Windows\System32\setupapi.dll\Windows\System32\normaliz.dll\Windows\System32\imm32.dll\Windows\System32\gdi32.dll\Windows\System32\lpk.dll\Windows\System32\shlwapi.dll\Windows\System32\usp10.dll\Windows\System32\user32.dll\Windows\System32\sechost.dll\Windows\System32\rpcrt4.dll\Windows\System32\kernel32.dll\Windows\System32\imagehlp.dll\Windows\System32\urlmon.dll\Windows\System32\oleaut32.dll\Windows\System32\ole32.dll\Windows\System32\wininet.dll\Windows\System32\advapi32.dll\Windows\System32\Wldap32.dll\Windows\System32\ws2_32.dll\Windows\System32\nsi.dll\Windows\System32\msctf.dll\Windows\System32\crypt32.dll\Windows\System32\comctl32.dll\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll\Windows\System32\devobj.dll\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll\Windows\System32\KernelBase.dll\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll\Windows\System32\cfgmgr32.dll\Windows\System32\wintrust.dll\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll\Windows\System32\msasn1.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xfffffa80042ba790Upper Device Driver Name: \Driver\Disk\Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\Lower Device Object: 0xfffffa8004288680Lower Device Driver Name: \Driver\atapi\Cancelled update<<<2>>>Physical Sector Size: 512Drive: 0, DevicePointer: 0xfffffa80042ba790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\--------- Disk Stack ------DevicePointer: 0xfffffa80042bd040, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xfffffa80042ba790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\DevicePointer: 0xfffffa8004288680, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: CA433EDF Partition information: Partition 0 type is Other (0x27) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 29366757 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 29366820 Numsec = 208845 Partition is not bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 29575665 Numsec = 947195455 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...Done!Scan finished======================================= Removal queue found; removal startedRemoving C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_29366820_i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...Removal finished I checked internet, windows update and firewall. I had a problem with being able to turn firewall on so I ran the fix damage tool and it said it was fixed, had me restart computer and took care of the issue! All three are working now. I did not do a second scan since the first one said there was no malware found, should I go ahead and do another just in case?
  10. My bad didn't realize you attached the fixlist.txt for me. Here are the results after fixing once. Posting these before I move on to downloading the anti-rootkit and going through the rest of the steps in case something goes wrong. Thank you for being so patient with me again. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-09-2013Ran by USERNAME at 2013-09-06 14:39:33 Run:1Running from C:\Users\USERNAME\Desktop\Farbar Scan Tool FolderBoot Mode: Normal============================================== Content of fixlist:*****************U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\ \...\???\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}C:\Users\Mason\jagex_cl_runescape_LIVE.datC:\Users\Mason\jagex_cl_runescape_LIVE1.datC:\Users\USERNAME\AppData\Roaming\cache.iniDeleteJunctionsIndirectory: C:\Program Files\Windows Defender ***************** *etadpug => Service deleted successfully.C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5} => Moved successfully.C:\Users\Mason\jagex_cl_runescape_LIVE.dat => Moved successfully.C:\Users\Mason\jagex_cl_runescape_LIVE1.dat => Moved successfully.C:\Users\USERNAME\AppData\Roaming\cache.ini => Moved successfully."C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started."C:\Program Files\Windows Defender\en-US" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done."C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed. ==== End of Fixlog ====
  11. For step one how do I download the attached fixlist.txt to the same folder as the FRST?
  12. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-09-2013 Ran by USERNAME at 2013-09-05 22:08:22 Running from C:\Users\USERNAME\Desktop\Farbar Scan Tool Folder Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) (x32) Acer Backup Manager (x32 Version: 2.0.0.60) Acer Crystal Eye webcam Ver:1.1.164.323 (x32 Version: 1.1.164.323) Acer ePower Management (x32 Version: 5.00.3002) Acer eRecovery Management (x32 Version: 4.05.3007) Acer Registration (x32 Version: 1.03.3002) Acer ScreenSaver (x32 Version: 1.1.0105.2010) Acer Updater (x32 Version: 1.02.3001) Acrobat.com (x32 Version: 1.6.65) Adobe AIR (x32 Version: 3.5.0.1060) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94) Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5) Aeria Ignite (x32 Version: 1.12.2732) Akamai NetSession Interface (HKCU) AMD USB Filter Driver (x32 Version: 1.0.15.94) Ask Toolbar (x32 Version: 1.15.26.0) ATI Catalyst Install Manager (Version: 3.0.765.0) Avira Free Antivirus (x32 Version: 13.0.0.4052) Avira SearchFree Toolbar plus Web Protection Updater (HKCU Version: 1.2.6.45268) Backup Manager Basic (x32 Version: 2.0.0.60) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center Core Implementation (x32 Version: 2010.0317.2140.37057) Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0317.2140.37057) Catalyst Control Center Graphics Full New (x32 Version: 2010.0317.2140.37057) Catalyst Control Center Graphics Light (x32 Version: 2010.0317.2140.37057) Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0317.2140.37057) Catalyst Control Center InstallProxy (x32 Version: 2010.0317.2140.37057) Catalyst Control Center Localization All (x32 Version: 2010.0317.2140.37057) CCC Help Chinese Standard (x32 Version: 2010.0317.2139.37057) CCC Help Chinese Traditional (x32 Version: 2010.0317.2139.37057) CCC Help Czech (x32 Version: 2010.0317.2139.37057) CCC Help Danish (x32 Version: 2010.0317.2139.37057) CCC Help Dutch (x32 Version: 2010.0317.2139.37057) CCC Help English (x32 Version: 2010.0317.2139.37057) CCC Help Finnish (x32 Version: 2010.0317.2139.37057) CCC Help French (x32 Version: 2010.0317.2139.37057) CCC Help German (x32 Version: 2010.0317.2139.37057) CCC Help Greek (x32 Version: 2010.0317.2139.37057) CCC Help Hungarian (x32 Version: 2010.0317.2139.37057) CCC Help Italian (x32 Version: 2010.0317.2139.37057) CCC Help Japanese (x32 Version: 2010.0317.2139.37057) CCC Help Korean (x32 Version: 2010.0317.2139.37057) CCC Help Norwegian (x32 Version: 2010.0317.2139.37057) CCC Help Polish (x32 Version: 2010.0317.2139.37057) CCC Help Portuguese (x32 Version: 2010.0317.2139.37057) CCC Help Russian (x32 Version: 2010.0317.2139.37057) CCC Help Spanish (x32 Version: 2010.0317.2139.37057) CCC Help Swedish (x32 Version: 2010.0317.2139.37057) CCC Help Thai (x32 Version: 2010.0317.2139.37057) CCC Help Turkish (x32 Version: 2010.0317.2139.37057) ccc-core-static (x32 Version: 2010.0317.2140.37057) ccc-utility64 (Version: 2010.0317.2140.37057) Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000) CyberLink PowerDVD 9 (x32 Version: 9.0.2719.50) D3DX10 (x32 Version: 15.4.2368.0902) erCam 2 (Version: 2.28.01) eReg (x32 Version: 1.20.138.34) eSobi v2 (x32 Version: 2.0.4.000274) Google Chrome (x32 Version: 29.0.1547.66) Google Earth (x32 Version: 7.1.1.1888) Google Update Helper (x32 Version: 1.3.21.153) Grand Fantasia (x32) Identity Card (x32 Version: 1.00.3003) Java Auto Updater (x32 Version: 2.1.9.0) Java 6 Update 37 (x32 Version: 6.0.370) Junk Mail filter update (x32 Version: 15.4.3502.0922) K-Lite Codec Pack 7.7.0 (Basic) (x32 Version: 7.7.0) Launch Manager (x32 Version: 4.0.7) Logitech SetPoint 6.51 (Version: 6.51.8) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Standard 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Suite Activation Assistant (x32 Version: 2.9) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Works (x32 Version: 9.7.0621) MotoHelper MergeModules (x32 Version: 1.2.0) Mozilla Firefox 12.0 (x86 en-US) (x32 Version: 12.0) Mozilla Maintenance Service (x32 Version: 12.0) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MyWinLocker (x32 Version: 3.1.206.0) MyWinLocker Suite (x32 Version: 3.1.206.0) NTI Backup Now 5 (x32 Version: 5.1.2.628) NTI Backup Now Standard (x32 Version: 5.1.2.628) NTI Media Maker 8 (x32 Version: 8.0.12.6630) Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.5992) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6004) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30113) Sendori (x32 Version: 2.0.15) Shredder (Version: 2.0.5.0) Shredder (x32 Version: 2.0.5.0) Synaptics Pointing Device Driver (Version: 14.0.19.0) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update for Microsoft Office Excel 2007 Help (KB963678) (x32) Update for Microsoft Office OneNote 2007 Help (KB963670) (x32) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 Help (KB963677) (x32) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition (x32) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update for Microsoft Office Script Editor Help (KB963671) (x32) Update for Microsoft Office Word 2007 Help (KB963665) (x32) Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2) Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1) Welcome Center (x32 Version: 1.00.3013) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3538.0513) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3538.0513) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Messenger (x32 Version: 15.4.3538.0513) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Sync (x32 Version: 14.0.8089.726) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Zoo Tycoon: Complete Collection (x32) ==================== Restore Points ========================= 28-08-2013 01:00:59 Windows Update 28-08-2013 18:45:21 Removed SamsungSimpleUpgradeTool for SCH-R720 MetroPCS 28-08-2013 18:47:11 Removed SAMSUNG USB Driver for Mobile Phones V5.16.0.0. 05-09-2013 02:26:15 Scheduled Checkpoint ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {07B8A231-29F9-4B55-B5F7-DA1FDB813485} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29] (Google Inc.) Task: {09148005-CC58-4051-8FDB-00CB7DB98CA8} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe Task: {19B6092D-6C62-4664-BF77-9571DDCC6902} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1847525143-1022311554-1040229565-1000 Task: {2971B602-8BEF-45D2-8792-1D28C7E6D8EC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) Task: {43419105-3B65-4F4A-BC1D-0469B4B66AC5} - System32\Tasks\User_Feed_Synchronization-{26C4EAD3-EC47-49BB-A27C-BBE1A8127352} => C:\Windows\system32\msfeedssync.exe [2013-07-03] (Microsoft Corporation) Task: {4629713B-CA9C-4455-83CE-A5458E34B5CF} - System32\Tasks\{860C8774-1133-45A3-8185-30956947E8F9} => C:\Program Files (x86)\Tether\Tether.exe Task: {6AFF7ADD-C65F-4B06-A27F-4AC1972F8A4C} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-30] () Task: {7C5098B7-3B38-4986-9AA3-04DAFBC278C6} - System32\Tasks\RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe Task: {9D62B896-106D-4F28-9DDA-3A5B2B9ECBFA} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{40490AAE-E28A-4DED-A514-3789405423D3}.exe Task: {A8DBBC95-B61E-4B4D-8FF7-809AE1BE43D0} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe Task: {B20E2D76-43FD-49D9-A935-08126F4AB256} - System32\Tasks\WinMaximizer-Mason-Startup => C:\Program Files (x86)\WinMaximizer\WinMaximizer.exe Task: {BE3CC4AF-0E3C-48F4-996E-6085590A1B65} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29] (Google Inc.) Task: {BE51AB19-5AC5-4C9D-8953-D137A8A7BDBC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21] (Adobe Systems Incorporated) Task: {BF7B8203-C6B4-432F-8786-0FC2D5A3368A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {C2083A42-27C6-4F4A-8B0B-367DC70FD985} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe Task: {C404C055-51C5-4A66-BBFB-F38C50A47468} - System32\Tasks\{67D1C473-73C0-4852-97D5-FFF3334E5079} => C:\Program Files (x86)\Tether\Tether.exe Task: {CA1ACA9B-0EF7-47FD-83A4-139C5BD36FDA} - System32\Tasks\{C1EC80A4-2C7C-4B71-832A-22607FF0226A} => C:\Users\Mason\Downloads\Blueware2010\Blueware2010.exe Task: {E7C79CEB-F445-40C4-B9A3-4314541D35AD} - System32\Tasks\{4964C17E-FEC8-4EEB-A430-6EA7B2E80EF2} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe [2013-08-29] (Avira Operations GmbH & Co. KG) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{40490AAE-E28A-4DED-A514-3789405423D3}.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\WinMaximizer-Mason-Startup.job => C:\Program Files (x86)\WinMaximizer\WinMaximizer.exe ==================== Loaded Modules (whitelisted) ============= 2010-05-01 09:29 - 2010-02-05 23:23 - 00271904 _____ (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\SysHook.dll 2010-05-01 09:29 - 2010-02-05 23:23 - 00217120 _____ (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\CommonControl.dll 2010-05-01 09:29 - 2010-02-05 23:23 - 00218144 _____ (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\NetAdapterControl.dll 2010-05-01 09:29 - 2010-02-05 23:23 - 00218144 _____ (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\PowerSettingControl.dll 2010-05-01 09:29 - 2010-02-05 23:23 - 00219168 _____ (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\BrightnessControl.dll 2013-05-15 10:23 - 2013-04-13 01:49 - 00308736 _____ (Microsoft Corporation) C:\Windows\AppPatch\AppPatch64\AcGenral.DLL 2010-04-02 03:55 - 2010-03-08 07:07 - 00457296 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDUtl.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00106496 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3728.37142__90ba9c70f846762e\MOM.Implementation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3728.37027__90ba9c70f846762e\LOG.Foundation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00036864 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3728.37031__90ba9c70f846762e\LOG.Foundation.Private.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3728.37139__90ba9c70f846762e\LOG.Foundation.Implementation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3728.37032__90ba9c70f846762e\MOM.Foundation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3728.37032__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00019456 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3728.37141__90ba9c70f846762e\CCC.Implementation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00015360 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3728.37029__90ba9c70f846762e\NEWAEM.Foundation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00098304 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3728.37029__90ba9c70f846762e\CLI.Foundation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00057344 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3728.37038__90ba9c70f846762e\CLI.Component.SkinFactory.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3728.37141__90ba9c70f846762e\CLI.Foundation.XManifest.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3728.37037__90ba9c70f846762e\CLI.Component.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3728.37034__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3728.37033__90ba9c70f846762e\CLI.Foundation.Private.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3728.37033__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3728.37035__90ba9c70f846762e\AEM.Server.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00006144 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3728.37035__90ba9c70f846762e\AEM.Server.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3728.37155__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00006656 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3728.37146__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3728.37029__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00006144 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3728.37034__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00006656 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3728.37039__90ba9c70f846762e\DEM.Graphics.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00380928 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3728.37040__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00151552 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3728.37032__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3728.37039__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00008192 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3728.37034__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00007168 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3728.37037__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00077824 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3728.37125__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00008704 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3728.37064__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3728.37052__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3728.37070__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3728.37099__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3728.37039__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3728.37051__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00036864 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3728.37101__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3728.37093__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3728.37108__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00065536 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3728.37092__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00032768 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3728.37051__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3728.37051__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00057344 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3728.37108__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00094208 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3728.37093__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00045056 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3728.37146__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3728.37062__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00065536 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3728.37125__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00013312 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3728.37183__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00061440 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3728.37083__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3728.37062__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00028672 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3728.37119__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3728.37092__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3728.37099__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00009728 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3728.37148__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3728.37091__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3728.37036__90ba9c70f846762e\APM.Server.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3728.37030__90ba9c70f846762e\APM.Foundation.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00007168 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3728.37035__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3728.37155__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00005632 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3728.37034__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00405504 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3728.37057__90ba9c70f846762e\CLI.Component.Wizard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00040960 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3728.37044__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00007680 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3728.37030__90ba9c70f846762e\CLI.Component.Client.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00020480 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3728.37031__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00011776 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3728.37057__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3728.37058__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3728.37058__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00491520 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3728.37148__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00040960 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3728.37147__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00094208 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3728.37109__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00007168 _____ ( ) C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00409600 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3728.37118__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00307200 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3728.37071__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 01708032 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3728.37183__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00204800 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3728.37065__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 01220608 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3728.37046__90ba9c70f846762e\CLI.Component.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00024576 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3728.37030__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00010240 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3728.37044__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll 2010-03-08 13:57 - 2010-03-08 13:57 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00073728 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3728.37051__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3728.37050__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00065536 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3728.37149__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00196608 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3728.37066__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 01294336 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3728.37179__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00094208 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3728.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00397312 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3728.37093__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00323584 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3728.37102__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00376832 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3728.37087__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00356352 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3728.37109__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00573440 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3728.37066__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00827392 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3728.37094__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll 2010-05-01 09:22 - 2010-05-01 09:22 - 00118784 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3728.37147__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll 2010-03-08 20:18 - 2010-03-08 20:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll 2010-03-08 20:14 - 2010-03-08 20:14 - 00015104 _____ (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\MUI\0409\lang.dll 2010-04-02 03:55 - 2009-07-20 03:12 - 00137736 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\ComFnUtl.dll 2010-04-02 03:55 - 2009-07-14 02:53 - 00128008 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\CDRomUtl.dll 2010-04-02 03:55 - 2009-07-27 00:42 - 00062472 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MixerUtl.dll 2010-04-02 03:55 - 2009-07-27 00:47 - 00068104 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\Wnd2File.dll 2010-04-02 03:55 - 2009-07-27 06:43 - 00068104 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\PowerUtl.dll 2010-04-02 03:55 - 2009-12-30 05:13 - 00326736 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\OSDUtl2.dll 2010-04-02 03:55 - 2009-07-27 00:38 - 00088584 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\SzUPFUtl.dll 2010-04-02 03:55 - 2010-03-01 04:43 - 00351312 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\RadioWndUtl.dll 2010-04-02 03:55 - 2009-07-03 04:29 - 00147464 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\VistaVol.DLL 2010-04-02 03:55 - 2009-05-20 02:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll 2010-04-02 03:55 - 2010-02-09 21:49 - 00082000 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LmSmbKel.dll 2010-04-02 03:55 - 2010-03-03 09:21 - 00280656 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\aipflib.dll 2013-07-01 15:28 - 2013-07-01 15:28 - 00275744 _____ (Sendori, Inc.) C:\Program Files (x86)\Sendori\DynLib.dll 2013-04-25 20:52 - 2013-04-25 20:52 - 00626712 _____ (Robert Simpson, et al.) C:\Program Files (x86)\Aeria Games\Ignite\SQLite.Interop.DLL 2013-06-29 05:31 - 2013-08-29 09:16 - 00055352 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cfglib.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00349752 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccguard.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00025656 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgrdrc.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00229432 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgrdw.dll 2013-06-29 05:31 - 2013-08-29 09:20 - 00218168 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\gpipc.dll 2013-06-29 05:31 - 2013-08-29 09:20 - 00419384 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccwgrd.dll 2013-06-29 05:31 - 2013-08-29 09:20 - 00024632 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccwgrdrc.dll 2013-06-29 05:31 - 2013-08-29 09:20 - 00127544 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccwgrdw.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00807992 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgen.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00045112 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccgenrc.dll 2013-06-29 05:31 - 2013-08-29 09:20 - 00220216 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccupdate.dll 2013-06-29 05:31 - 2013-08-29 09:20 - 00025144 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccupdrc.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00083000 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cclic.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00008248 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\cclicrc.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00237624 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmsg.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00009272 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmsgrc.dll 2013-06-29 05:31 - 2013-08-29 09:19 - 00012344 _____ (Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\ccmainrc.dll 2010-04-02 03:55 - 2010-02-03 00:31 - 00071248 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\NTKCUtl.dll 2013-09-04 16:27 - 2013-09-02 16:35 - 09962960 _____ (The ICU Project) C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\icudt.dll 2013-09-04 16:27 - 2013-09-02 16:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll 2013-09-04 16:27 - 2013-09-02 16:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll 2013-09-04 16:27 - 2013-09-02 16:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll 2013-09-04 16:27 - 2013-09-02 16:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll 2013-09-04 16:27 - 2013-09-02 16:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll 2013-09-04 16:27 - 2013-09-02 16:35 - 13599184 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========== AlternateDataStreams: C:\ProgramData\Temp:1A9707AC AlternateDataStreams: C:\ProgramData\Temp:22D489B6 AlternateDataStreams: C:\ProgramData\Temp:A12FBF8D ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/05/2013 03:46:28 PM) (Source: SendoriService) (User: ) Description: In the enable methodObject reference not set to an instance of an object. Error: (09/05/2013 01:14:44 PM) (Source: SendoriService) (User: ) Description: In the enable methodObject reference not set to an instance of an object. Error: (09/05/2013 06:13:32 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (09/05/2013 05:58:39 AM) (Source: SendoriService) (User: ) Description: In the enable methodObject reference not set to an instance of an object. Error: (09/05/2013 03:46:04 AM) (Source: SendoriService) (User: ) Description: In the enable methodObject reference not set to an instance of an object. Error: (09/04/2013 09:52:36 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (09/04/2013 09:52:36 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (09/04/2013 09:52:36 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (09/04/2013 09:52:35 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (09/03/2013 05:17:56 PM) (Source: SendoriService) (User: ) Description: In the enable methodObject reference not set to an instance of an object. System errors: ============= Error: (09/05/2013 09:59:35 PM) (Source: Service Control Manager) (User: ) Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 Error: (09/05/2013 09:59:35 PM) (Source: Service Control Manager) (User: ) Description: The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 Error: (09/05/2013 09:58:41 PM) (Source: Service Control Manager) (User: ) Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. Error: (09/05/2013 09:58:41 PM) (Source: Service Control Manager) (User: ) Description: The Computer Browser service terminated with the following error: %%1060 Error: (09/05/2013 09:58:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126 Error: (09/05/2013 09:48:22 PM) (Source: Service Control Manager) (User: ) Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 Error: (09/05/2013 09:48:22 PM) (Source: Service Control Manager) (User: ) Description: The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 Error: (09/05/2013 07:45:57 PM) (Source: Service Control Manager) (User: ) Description: The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (09/05/2013 07:39:19 PM) (Source: Service Control Manager) (User: ) Description: The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 Error: (09/05/2013 07:39:19 PM) (Source: Service Control Manager) (User: ) Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2011-04-18 13:24:42.005 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-18 13:24:41.965 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-18 13:22:36.467 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-18 13:22:36.417 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-14 18:41:34.048 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-14 18:41:34.018 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-14 18:39:47.643 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-14 18:39:47.603 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-14 18:39:01.163 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. Date: 2011-04-14 18:39:01.123 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Acer\Acer ePower Management\SysHook.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 39% Total physical RAM: 3834.9 MB Available physical RAM: 2330.49 MB Total Pagefile: 7667.98 MB Available Pagefile: 5767.3 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:451.66 GB) (Free:388.84 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CA433EDF) Partition 1: (Not Active) - (Size=14 GB) - (Type=27) Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  13. Thank you for your help, Ive went ahead and downloaded the Farbar Recovery Scan Tool and here are the results. Will Post the additional scan results second since post is too long for one post. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-09-2013Ran by USERNAME (administrator) on MASON-PC on 05-09-2013 22:06:24Running from C:\Users\USERNAME\Desktop\Farbar Scan Tool FolderWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe(AMD) C:\Windows\system32\atieclxx.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe(Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe() C:\Windows\PLFSetI.exe(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe(Akamai Technologies, Inc.) C:\Users\USERNAME\AppData\Local\Akamai\netsession_win.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe(Akamai Technologies, Inc.) C:\Users\USERNAME\AppData\Local\Akamai\netsession_win.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor)HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-05-01] ()HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)HKLM\...\Policies\Explorer: [NoActiveDesktop] 1HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\USERNAME\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-24] (Egis Technology Inc.)HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-24] (Egis Technology Inc.)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)HKLM-x32\...\Run: [backupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-08] (NewTech Infosystems, Inc.)HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-18] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [MusicFrost Updater] - "C:\Program Files (x86)\MusicFrost\MusicFrost Updater.exe" [x]HKLM-x32\...\Run: [sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)HKLM-x32\...\Run: [suiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)HKLM-x32\...\Run: [Aeria Ignite] - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1919000 2013-04-25] (Aeria Games & Entertainment)HKLM-x32\...\Run: [] - [x]HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-30] (Ask)HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-08-29] (Avira Operations GmbH & Co. KG)HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2009-12-23] ()HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2009-12-23] ()HKU\Mason\...\Run: [ChicaPasswordManager] - C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe [x]HKU\Mason\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED [x]HKU\Mason\...\Run: [Akamai NetSession Interface] - C:\Users\Mason\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchSearchScopes: HKLM-x32 - DefaultScope {9D80E8B5-8E09-44B4-8001-995F6B0389A6} URL = SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)BHO-x32: Define - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\Mason\AppData\Local\DefineExt\temp.dat No FileBHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)Toolbar: HKLM - No Name - !{8dcb7100-df86-4384-8842-8fa844297b3f} - No FileToolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No FileToolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No FileToolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No FileToolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileWinsock: Catalog9 01 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 02 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 03 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 04 C:\Windows\system32\Sendori.dll File Not found ()Winsock: Catalog9 24 C:\Windows\system32\Sendori.dll File Not found ()Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\ce65dfn4.defaultFF Homepage: www.google.comFF SelectedSearchEngine: Ask.comFF SearchEngineOrder.1: Ask.comFF DefaultSearchEngine: Ask.comFF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\22find.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\bingober490857.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\bingober602787.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\bingober823856.xmlFF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\umylsm@sqhjcpzmeselzlp.orgFF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExtFF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExtFF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.comFF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.22find.com/?utm_source=b&utm_medium=amt&from=amt&uid=TOSHIBAXMK5065GSX_3059C142TXX3059C142T&ts=1362840449 Chrome: =======CHR RestoreOnStartup: "urls_to_restore_on_startup": nullCHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll No FileCHR Plugin: (Oberon com adapter) - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)CHR Plugin: (Java Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)CHR Extension: (Google Drive) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (Chrome In-App Payments service) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0CHR Extension: (Gmail) - C:\Users\USERNAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Mason\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.26.0.crxCHR HKLM-x32\...\Chrome\Extension: [ambhkbdlfkichfehonoifnkgomjpnjpb] - C:\Users\Mason\AppData\LocalLow\Playbryte\Chrome.crxCHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crxCHR HKLM-x32\...\Chrome\Extension: [gbdabnfmdemcjjadpkpjibhhacggangd] - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\novo_price_comparison.crxCHR HKLM-x32\...\Chrome\Extension: [gpicboiclhmnllnjdcfcffifpoaebgkm] - C:\Program Files (x86)\Freecorder extension\Freecorder.crxCHR HKLM-x32\...\Chrome\Extension: [hidgmdbledgmcimleidmgimikoogfpnj] - C:\ProgramData\wxDownload\hidgmdbledgmcimleidmgimikoogfpnj.crxCHR HKLM-x32\...\Chrome\Extension: [iigplimlmgilpobjilfbfeilnpiigpgl] - C:\Users\Mason\AppData\Local\CRE\iigplimlmgilpobjilfbfeilnpiigpgl.crxCHR HKLM-x32\...\Chrome\Extension: [ijblflkdjdopkpdgllkmlbgcffjbnfda] - C:\Users\Mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crxCHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Mason\AppData\Local\Temp\ccex.crx ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-08-29] (Avira Operations GmbH & Co. KG)R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-08-29] (Avira Operations GmbH & Co. KG)R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-08-29] (Avira Operations GmbH & Co. KG)R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\ \...\???\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-04] (Avira Operations GmbH & Co. KG)R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-08-29] (Avira Operations GmbH & Co. KG)R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-06-29] (Avira Operations GmbH & Co. KG)S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]S3 motccgp; system32\DRIVERS\motccgp.sys [x]S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]S3 motmodem; system32\DRIVERS\motmodem.sys [x]S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-05 21:47 - 2013-09-05 22:04 - 00000000 ____D C:\Users\USERNAME\Desktop\Farbar Scan Tool Folder2013-09-05 20:38 - 2013-09-05 20:38 - 00005497 _____ C:\Users\USERNAME\Desktop\RKreport[0]_S_09052013_203859.txt2013-09-05 20:33 - 2013-09-05 20:41 - 00000000 ____D C:\Users\USERNAME\Desktop\RK_Quarantine2013-09-05 19:56 - 2013-09-05 19:57 - 03787264 _____ C:\Users\USERNAME\Desktop\RogueKillerX64.exe2013-09-05 19:33 - 2013-09-05 19:33 - 00020336 _____ C:\Users\USERNAME\Desktop\dds.txt2013-09-05 19:33 - 2013-09-05 19:33 - 00018189 _____ C:\Users\USERNAME\Desktop\attach.txt2013-09-05 19:15 - 2013-09-05 19:15 - 00688992 ____R (Swearware) C:\Users\USERNAME\Desktop\dds.com2013-09-04 20:06 - 2013-09-04 20:07 - 84262316 _____ C:\Users\USERNAME\Documents\clip0002.avi2013-09-04 20:01 - 2013-09-04 20:06 - 265814752 _____ C:\Users\USERNAME\Documents\clip0001.avi2013-09-02 18:16 - 2013-09-04 16:29 - 00000000 ____D C:\Users\USERNAME\Documents\HypercamVids2013-09-02 17:56 - 2013-09-02 17:56 - 00000939 _____ C:\Users\USERNAME\Desktop\HyperCam 2.lnk2013-09-02 17:56 - 2013-09-02 17:56 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 22013-09-02 17:55 - 2013-09-02 17:56 - 00000000 ____D C:\Program Files\HyperCam 22013-09-02 17:49 - 2013-09-02 17:50 - 05307624 _____ C:\Users\USERNAME\Downloads\HC2Setup64.exe2013-09-02 03:57 - 2013-09-02 03:57 - 95199985 _____ C:\Windows\SysWOW64\픵櫳ངE2013-08-31 21:54 - 2013-09-01 22:23 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Games2013-08-31 21:51 - 2013-08-31 21:51 - 95128664 _____ C:\Windows\SysWOW64\驷ང2013-08-30 17:45 - 2013-08-30 19:24 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Akamai2013-08-29 12:29 - 2013-08-29 12:40 - 00000004 _____ C:\Users\USERNAME\AppData\Roaming\cache.ini2013-08-29 11:32 - 2013-08-29 11:32 - 00000000 ____D C:\Users\USERNAME\AppData\Local\CrashDumps2013-08-29 11:31 - 2013-09-05 06:47 - 00000000 ____D C:\Users\USERNAME\AppData\Local\DoNotTrackPlus2013-08-29 11:31 - 2013-08-29 11:31 - 00000000 ____D C:\Users\USERNAME\AppData\Local\AskToolbar2013-08-29 11:10 - 2013-08-29 11:10 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Macromedia2013-08-29 11:09 - 2013-08-29 11:09 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Mozilla2013-08-29 11:09 - 2013-08-29 11:09 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Mozilla2013-08-29 06:51 - 2013-08-29 06:51 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Aeria Games2013-08-29 04:50 - 2013-08-29 04:50 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-08-29 04:50 - 2013-08-29 04:50 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Malwarebytes2013-08-29 04:50 - 2013-08-29 04:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-08-29 04:23 - 2013-08-29 04:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\USERNAME\Downloads\mbam-setup-1.75.0.1300.exe2013-08-29 04:09 - 2013-08-29 04:09 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Google2013-08-29 04:08 - 2013-08-29 04:08 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Avira2013-08-29 04:05 - 2013-08-29 04:05 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\ATI2013-08-29 04:05 - 2013-08-29 04:05 - 00000000 ____D C:\Users\USERNAME\AppData\Local\ATI2013-08-29 04:04 - 2013-08-29 04:04 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logitech2013-08-29 04:03 - 2013-09-05 19:32 - 00000000 ____D C:\Users\USERNAME2013-08-29 04:03 - 2013-08-29 23:48 - 00000258 __RSH C:\Users\USERNAME\ntuser.pol2013-08-29 04:03 - 2013-08-29 06:51 - 00000000 ____D C:\Users\USERNAME\AppData\Local\VirtualStore2013-08-29 04:03 - 2013-08-29 04:03 - 00080000 _____ C:\Users\USERNAME\AppData\Local\GDIPFONTCACHEV1.DAT2013-08-29 04:03 - 2013-08-29 04:03 - 00001421 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-08-29 04:03 - 2013-08-29 04:03 - 00000020 ___SH C:\Users\USERNAME\ntuser.ini2013-08-29 04:03 - 2013-08-29 04:03 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-08-29 04:03 - 2013-08-29 04:03 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-08-29 04:03 - 2013-08-29 04:03 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Adobe2013-08-29 04:03 - 2013-08-29 04:03 - 00000000 ____D C:\Users\USERNAME\AppData\Local\EgisTec IPS2013-08-29 04:03 - 2013-02-10 12:42 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Macromedia2013-08-29 04:03 - 2012-11-08 14:08 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\TuneUp Software2013-08-29 04:03 - 2011-01-21 23:45 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Help2013-08-29 04:03 - 2009-07-14 00:54 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2013-08-29 04:03 - 2009-07-14 00:49 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2013-08-28 22:38 - 2013-08-28 22:38 - 00002980 _____ C:\Windows\System32\Tasks\{4964C17E-FEC8-4EEB-A430-6EA7B2E80EF2}2013-08-28 17:59 - 2013-08-28 17:59 - 00001064 _____ C:\Users\Mason\Videos - Shortcut.lnk2013-08-28 17:50 - 2013-08-28 18:29 - 00000000 ____D C:\ProgramData\iptrh2013-08-28 17:49 - 2013-08-28 23:02 - 00000000 ____D C:\ProgramData\meakr2013-08-28 14:06 - 2013-08-28 14:06 - 01052672 _____ C:\Users\Mason\Documents\Event File.evtx2013-08-28 12:58 - 2013-08-28 12:58 - 00216467 _____ C:\Users\Mason\Downloads\Google.htm2013-08-28 12:58 - 2013-08-28 12:58 - 00000000 ____D C:\Users\Mason\Downloads\Google_files2013-08-28 11:17 - 2013-08-28 11:18 - 00784880 _____ (Google Inc.) C:\Users\Mason\Downloads\ChromeSetup (1).exe2013-08-27 21:01 - 2012-08-23 10:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll2013-08-27 21:01 - 2012-08-23 10:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys2013-08-27 21:01 - 2012-08-23 10:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys2013-08-27 21:01 - 2012-08-23 09:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll2013-08-27 21:01 - 2012-08-23 09:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll2013-08-27 21:01 - 2012-08-23 09:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe2013-08-27 21:01 - 2012-08-23 09:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll2013-08-27 21:01 - 2012-08-23 09:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2013-08-27 21:01 - 2012-08-23 09:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll2013-08-27 21:01 - 2012-08-23 09:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll2013-08-27 21:01 - 2012-08-23 09:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll2013-08-27 21:01 - 2012-08-23 09:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll2013-08-27 21:01 - 2012-08-23 08:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll2013-08-27 21:01 - 2012-08-23 07:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe2013-08-27 21:01 - 2012-08-23 07:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll2013-08-27 21:01 - 2012-08-23 07:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe2013-08-27 21:01 - 2012-08-23 07:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll2013-08-27 21:01 - 2012-08-23 06:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll2013-08-27 21:01 - 2012-08-23 06:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll2013-08-27 21:01 - 2012-08-23 06:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe2013-08-27 21:01 - 2012-08-23 06:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe2013-08-27 21:01 - 2012-08-23 05:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2013-08-27 21:01 - 2012-08-23 04:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2013-08-27 21:01 - 2012-08-23 04:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll2013-08-27 21:00 - 2012-08-24 14:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2013-08-27 21:00 - 2012-08-24 14:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys2013-08-27 21:00 - 2012-08-24 14:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2013-08-27 21:00 - 2012-08-24 14:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2013-08-27 21:00 - 2012-08-24 12:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2013-08-27 21:00 - 2012-08-24 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2013-08-27 21:00 - 2012-08-24 12:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2013-08-27 21:00 - 2012-05-04 07:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll2013-08-27 21:00 - 2012-05-04 05:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll2013-08-21 16:32 - 2013-08-21 16:32 - 00000000 ____D C:\Users\Mason\AppData\Local\{D97B0F36-C23B-402E-BE66-2DB1F3C79836}2013-08-17 22:13 - 2013-08-17 22:13 - 00000000 ____D C:\Users\Mason\AppData\Local\CRE2013-08-17 22:08 - 2013-08-28 19:56 - 00000000 ____D C:\Users\Mason\AppData\Local\DefineExt2013-08-17 10:09 - 2013-08-17 10:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ssadadb_01005.Wdf2013-08-17 10:04 - 2013-08-17 10:04 - 00000000 ____D C:\ProgramData\Samsung2013-08-17 10:04 - 2013-08-17 10:04 - 00000000 ____D C:\Program Files\SAMSUNG2013-08-16 19:23 - 2013-08-16 19:24 - 00000000 ____D C:\Users\Mason\AppData\Local\{E7945287-17C0-469E-9CEE-D5878D05ACFC}2013-08-14 14:13 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-08-14 14:13 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-08-14 14:13 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-08-14 14:13 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-08-14 14:13 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-08-14 14:13 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-08-14 14:13 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-08-14 14:13 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-08-14 14:13 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-08-14 14:13 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-08-14 14:13 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-08-14 14:13 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-08-14 14:13 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-08-14 14:13 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-08-14 14:13 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-08-14 14:13 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-08-14 14:13 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-08-14 14:13 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-08-14 14:13 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-08-14 14:13 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-08-14 14:13 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-08-14 14:13 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-08-14 14:13 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-08-14 14:13 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-08-14 14:13 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-08-14 14:13 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-08-14 14:13 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-08-14 14:13 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-08-14 14:13 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-08-14 14:13 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-08-14 14:13 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-08-14 04:59 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll2013-08-14 04:59 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll2013-08-14 04:59 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll2013-08-14 04:59 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll2013-08-14 04:59 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll2013-08-14 04:59 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll2013-08-14 04:58 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2013-08-14 04:58 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2013-08-14 04:58 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2013-08-14 04:58 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2013-08-14 04:58 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2013-08-14 04:58 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll2013-08-14 04:58 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll2013-08-14 04:58 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2013-08-14 04:58 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll2013-08-14 04:58 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-08-14 04:58 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-08-14 04:58 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll2013-08-14 04:58 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll2013-08-14 04:58 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll2013-08-14 04:58 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll2013-08-14 04:58 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe2013-08-14 04:58 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll2013-08-14 04:58 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe2013-08-14 04:58 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe2013-08-14 04:58 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2013-08-14 04:58 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys ==================== One Month Modified Files and Folders ======= 2013-09-05 22:06 - 2013-09-05 22:06 - 00000000 ____D C:\FRST2013-09-05 22:06 - 2009-07-14 00:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-09-05 22:06 - 2009-07-14 00:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-09-05 22:04 - 2013-09-05 21:47 - 00000000 ____D C:\Users\USERNAME\Desktop\Farbar Scan Tool Folder2013-09-05 22:02 - 2010-05-01 09:21 - 01302656 _____ C:\Windows\WindowsUpdate.log2013-09-05 21:58 - 2013-06-03 15:42 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job2013-09-05 21:58 - 2011-04-11 22:47 - 00000332 _____ C:\Windows\Tasks\WinMaximizer-Mason-Startup.job2013-09-05 21:58 - 2011-01-29 23:15 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-09-05 21:58 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-09-05 21:58 - 2009-07-14 00:51 - 00154547 _____ C:\Windows\setupact.log2013-09-05 21:47 - 2011-01-29 23:15 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-09-05 21:46 - 2012-05-27 19:32 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-09-05 20:41 - 2013-09-05 20:33 - 00000000 ____D C:\Users\USERNAME\Desktop\RK_Quarantine2013-09-05 20:38 - 2013-09-05 20:38 - 00005497 _____ C:\Users\USERNAME\Desktop\RKreport[0]_S_09052013_203859.txt2013-09-05 19:57 - 2013-09-05 19:56 - 03787264 _____ C:\Users\USERNAME\Desktop\RogueKillerX64.exe2013-09-05 19:33 - 2013-09-05 19:33 - 00020336 _____ C:\Users\USERNAME\Desktop\dds.txt2013-09-05 19:33 - 2013-09-05 19:33 - 00018189 _____ C:\Users\USERNAME\Desktop\attach.txt2013-09-05 19:32 - 2013-08-29 04:03 - 00000000 ____D C:\Users\USERNAME2013-09-05 19:15 - 2013-09-05 19:15 - 00688992 ____R (Swearware) C:\Users\USERNAME\Desktop\dds.com2013-09-05 15:42 - 2010-05-01 09:18 - 02116306 _____ C:\Windows\PFRO.log2013-09-05 15:27 - 2013-02-09 11:55 - 00000000 ____D C:\ProgramData\Sendori2013-09-05 12:42 - 2010-04-02 03:41 - 00000000 ____D C:\Program Files (x86)\Google2013-09-05 06:47 - 2013-08-29 11:31 - 00000000 ____D C:\Users\USERNAME\AppData\Local\DoNotTrackPlus2013-09-04 20:07 - 2013-09-04 20:06 - 84262316 _____ C:\Users\USERNAME\Documents\clip0002.avi2013-09-04 20:06 - 2013-09-04 20:01 - 265814752 _____ C:\Users\USERNAME\Documents\clip0001.avi2013-09-04 16:29 - 2013-09-02 18:16 - 00000000 ____D C:\Users\USERNAME\Documents\HypercamVids2013-09-04 08:29 - 2013-06-29 05:31 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys2013-09-02 17:56 - 2013-09-02 17:56 - 00000939 _____ C:\Users\USERNAME\Desktop\HyperCam 2.lnk2013-09-02 17:56 - 2013-09-02 17:56 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 22013-09-02 17:56 - 2013-09-02 17:55 - 00000000 ____D C:\Program Files\HyperCam 22013-09-02 17:50 - 2013-09-02 17:49 - 05307624 _____ C:\Users\USERNAME\Downloads\HC2Setup64.exe2013-09-02 03:57 - 2013-09-02 03:57 - 95199985 _____ C:\Windows\SysWOW64\픵櫳ངE2013-09-01 22:23 - 2013-08-31 21:54 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Microsoft Games2013-08-31 21:51 - 2013-08-31 21:51 - 95128664 _____ C:\Windows\SysWOW64\驷ང2013-08-30 19:24 - 2013-08-30 17:45 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Akamai2013-08-30 00:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF2013-08-29 23:48 - 2013-08-29 04:03 - 00000258 __RSH C:\Users\USERNAME\ntuser.pol2013-08-29 23:44 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries2013-08-29 15:58 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache2013-08-29 12:40 - 2013-08-29 12:29 - 00000004 _____ C:\Users\USERNAME\AppData\Roaming\cache.ini2013-08-29 11:32 - 2013-08-29 11:32 - 00000000 ____D C:\Users\USERNAME\AppData\Local\CrashDumps2013-08-29 11:31 - 2013-08-29 11:31 - 00000000 ____D C:\Users\USERNAME\AppData\Local\AskToolbar2013-08-29 11:10 - 2013-08-29 11:10 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Macromedia2013-08-29 11:09 - 2013-08-29 11:09 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Mozilla2013-08-29 11:09 - 2013-08-29 11:09 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Mozilla2013-08-29 09:22 - 2013-06-29 11:48 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys2013-08-29 09:22 - 2013-06-29 05:31 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys2013-08-29 06:54 - 2009-07-14 01:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI2013-08-29 06:51 - 2013-08-29 06:51 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Aeria Games2013-08-29 06:51 - 2013-08-29 04:03 - 00000000 ____D C:\Users\USERNAME\AppData\Local\VirtualStore2013-08-29 06:40 - 2013-03-08 13:22 - 00000000 ____D C:\Users\Mason\AppData\Local\SwvUpdater2013-08-29 06:40 - 2012-02-25 12:35 - 00000000 ____D C:\Users\Mason\Desktop\Gina2013-08-29 04:50 - 2013-08-29 04:50 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-08-29 04:50 - 2013-08-29 04:50 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Malwarebytes2013-08-29 04:50 - 2013-08-29 04:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-08-29 04:25 - 2013-08-29 04:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\USERNAME\Downloads\mbam-setup-1.75.0.1300.exe2013-08-29 04:09 - 2013-08-29 04:09 - 00000000 ____D C:\Users\USERNAME\AppData\Local\Google2013-08-29 04:08 - 2013-08-29 04:08 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Avira2013-08-29 04:05 - 2013-08-29 04:05 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\ATI2013-08-29 04:05 - 2013-08-29 04:05 - 00000000 ____D C:\Users\USERNAME\AppData\Local\ATI2013-08-29 04:04 - 2013-08-29 04:04 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Logitech2013-08-29 04:03 - 2013-08-29 04:03 - 00080000 _____ C:\Users\USERNAME\AppData\Local\GDIPFONTCACHEV1.DAT2013-08-29 04:03 - 2013-08-29 04:03 - 00001421 _____ C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-08-29 04:03 - 2013-08-29 04:03 - 00000020 ___SH C:\Users\USERNAME\ntuser.ini2013-08-29 04:03 - 2013-08-29 04:03 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-08-29 04:03 - 2013-08-29 04:03 - 00000000 ___RD C:\Users\USERNAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-08-29 04:03 - 2013-08-29 04:03 - 00000000 ____D C:\Users\USERNAME\AppData\Roaming\Adobe2013-08-29 04:03 - 2013-08-29 04:03 - 00000000 ____D C:\Users\USERNAME\AppData\Local\EgisTec IPS2013-08-29 00:59 - 2011-04-25 11:05 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{26C4EAD3-EC47-49BB-A27C-BBE1A8127352}2013-08-28 23:02 - 2013-08-28 17:49 - 00000000 ____D C:\ProgramData\meakr2013-08-28 23:01 - 2011-07-06 16:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-08-28 22:38 - 2013-08-28 22:38 - 00002980 _____ C:\Windows\System32\Tasks\{4964C17E-FEC8-4EEB-A430-6EA7B2E80EF2}2013-08-28 19:56 - 2013-08-17 22:08 - 00000000 ____D C:\Users\Mason\AppData\Local\DefineExt2013-08-28 19:56 - 2012-02-07 16:57 - 00000374 _____ C:\Windows\wininit.ini2013-08-28 19:44 - 2011-01-20 12:25 - 00000000 ____D C:\Users\Mason2013-08-28 18:29 - 2013-08-28 17:50 - 00000000 ____D C:\ProgramData\iptrh2013-08-28 17:59 - 2013-08-28 17:59 - 00001064 _____ C:\Users\Mason\Videos - Shortcut.lnk2013-08-28 14:46 - 2010-04-02 03:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2013-08-28 14:06 - 2013-08-28 14:06 - 01052672 _____ C:\Users\Mason\Documents\Event File.evtx2013-08-28 12:58 - 2013-08-28 12:58 - 00216467 _____ C:\Users\Mason\Downloads\Google.htm2013-08-28 12:58 - 2013-08-28 12:58 - 00000000 ____D C:\Users\Mason\Downloads\Google_files2013-08-28 12:23 - 2011-01-19 17:06 - 00000000 ____D C:\Users\Mason\AppData\Local\Google2013-08-28 11:18 - 2013-08-28 11:17 - 00784880 _____ (Google Inc.) C:\Users\Mason\Downloads\ChromeSetup (1).exe2013-08-28 04:02 - 2012-10-07 04:47 - 00000000 ____D C:\Users\Mason\Desktop\Ali' s Grand Fantasia Files- seperate photo file inside2013-08-27 21:03 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions2013-08-27 20:56 - 2013-07-06 01:11 - 00000000 ____D C:\Users\Mason\AppData\Local\DoNotTrackPlus2013-08-27 17:07 - 2012-01-29 15:18 - 00000000 ____D C:\Users\Mason\AppData\Local\CrashDumps2013-08-22 15:56 - 2013-04-29 10:53 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe2013-08-21 16:32 - 2013-08-21 16:32 - 00000000 ____D C:\Users\Mason\AppData\Local\{D97B0F36-C23B-402E-BE66-2DB1F3C79836}2013-08-21 13:49 - 2012-05-27 19:32 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-08-21 13:49 - 2012-05-27 19:32 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater2013-08-21 13:49 - 2011-05-16 11:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-08-21 13:48 - 2013-06-11 14:43 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2013-08-17 22:40 - 2013-06-03 10:25 - 00000000 ____D C:\Program Files (x86)\MyPC Backup2013-08-17 22:34 - 2012-02-07 19:09 - 00000000 ____D C:\Users\Mason\AppData\Local\Conduit2013-08-17 22:15 - 2013-06-03 10:22 - 00000009 _____ C:\END2013-08-17 22:13 - 2013-08-17 22:13 - 00000000 ____D C:\Users\Mason\AppData\Local\CRE2013-08-17 10:09 - 2013-08-17 10:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ssadadb_01005.Wdf2013-08-17 10:04 - 2013-08-17 10:04 - 00000000 ____D C:\ProgramData\Samsung2013-08-17 10:04 - 2013-08-17 10:04 - 00000000 ____D C:\Program Files\SAMSUNG2013-08-16 23:10 - 2012-04-30 19:43 - 00000000 ____D C:\Users\Mason\AppData\Local\Akamai2013-08-16 19:24 - 2013-08-16 19:23 - 00000000 ____D C:\Users\Mason\AppData\Local\{E7945287-17C0-469E-9CEE-D5878D05ACFC}2013-08-14 14:12 - 2010-04-02 03:24 - 00000000 ____D C:\ProgramData\Microsoft Help2013-08-14 14:03 - 2013-07-23 03:01 - 00000000 ____D C:\Windows\system32\MRT2013-08-14 14:00 - 2011-04-06 17:16 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete:====================ZeroAccess:C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}C:\Users\Mason\jagex_cl_runescape_LIVE.datC:\Users\Mason\jagex_cl_runescape_LIVE1.datC:\Users\Mason\AppData\Local\Temp\BackupSetup.exeC:\Users\Mason\AppData\Local\Temp\catalyst_mobility_64-bit_util.exeC:\Users\Mason\AppData\Local\Temp\CmdLineExt01.dllC:\Users\Mason\AppData\Local\Temp\COMAP.EXEC:\Users\Mason\AppData\Local\Temp\contentDATs.exeC:\Users\Mason\AppData\Local\Temp\CUninst.exeC:\Users\Mason\AppData\Local\Temp\EBUCE27.EXEC:\Users\Mason\AppData\Local\Temp\FlashPlayerUpdate.exeC:\Users\Mason\AppData\Local\Temp\GUninstaller.exeC:\Users\Mason\AppData\Local\Temp\GURDC8C.exeC:\Users\Mason\AppData\Local\Temp\htmlayout.dllC:\Users\Mason\AppData\Local\Temp\ietF4A3.tmp.exeC:\Users\Mason\AppData\Local\Temp\iMesh_setup.exeC:\Users\Mason\AppData\Local\Temp\Installhelper.dllC:\Users\Mason\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exeC:\Users\Mason\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exeC:\Users\Mason\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exeC:\Users\Mason\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exeC:\Users\Mason\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exeC:\Users\Mason\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exeC:\Users\Mason\AppData\Local\Temp\LMkRstPt.exeC:\Users\Mason\AppData\Local\Temp\MotoHelper_2.0.51_Driver_5.1.0.exeC:\Users\Mason\AppData\Local\Temp\mssinstaller.exeC:\Users\Mason\AppData\Local\Temp\nsdA28F.exeC:\Users\Mason\AppData\Local\Temp\nsi68B7.exeC:\Users\Mason\AppData\Local\Temp\nsi7FEF.exeC:\Users\Mason\AppData\Local\Temp\nsn5DB0.exeC:\Users\Mason\AppData\Local\Temp\nsqB6C5.exeC:\Users\Mason\AppData\Local\Temp\nsxA7AD.exeC:\Users\Mason\AppData\Local\Temp\nsy9852.exeC:\Users\Mason\AppData\Local\Temp\scs.exeC:\Users\Mason\AppData\Local\Temp\SearchWithGoogleUpdate.exeC:\Users\Mason\AppData\Local\Temp\SecurityScan_Release.exeC:\Users\Mason\AppData\Local\Temp\SendoriSetupx11903.exeC:\Users\Mason\AppData\Local\Temp\SIntf16.dllC:\Users\Mason\AppData\Local\Temp\SIntf32.dllC:\Users\Mason\AppData\Local\Temp\SIntfNT.dllC:\Users\Mason\AppData\Local\Temp\SpotifyUpgrader.exeC:\Users\Mason\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dllC:\Users\Mason\AppData\Local\Temp\tbBrow.dllC:\Users\Mason\AppData\Local\Temp\tbuTor.dllC:\Users\Mason\AppData\Local\Temp\Tsu64B4534B.dllC:\Users\Mason\AppData\Local\Temp\uninst1.exeC:\Users\Mason\AppData\Local\Temp\uninstall9477263.exeC:\Users\Mason\AppData\Local\Temp\uninstall9580473.exeC:\Users\Mason\AppData\Local\Temp\uninstall9599459.exeC:\Users\Mason\AppData\Local\Temp\uninstall9599474.exeC:\Users\Mason\AppData\Local\Temp\vcredist_x64.exeC:\Users\Mason\AppData\Local\Temp\Wajam_download.exeC:\Users\Mason\AppData\Local\Temp\WiFiPasswordHackerV4.EXEC:\Users\Mason\AppData\Local\Temp\{E8902463-AD45-4EE4-8997-ECE6729444D0}-GoogleUpdateSetup.exeC:\Users\Mason\AppData\Local\Temp\~SpUnin~.exeC:\Users\Mason\AppData\Local\Temp\{E8902B0A-3289-41D9-BB2F-2C45201CAB63}\ISSetup.dllC:\Users\Mason\AppData\Local\Temp\{E8902B0A-3289-41D9-BB2F-2C45201CAB63}\setup.exeC:\Users\Mason\AppData\Local\Temp\{BAE05678-6EEA-4AE0-8333-1CD142E30E03}\ISBEW64.exeC:\Users\Mason\AppData\Local\Temp\{B3DC9071-B8F3-4F74-A198-E8A17A9AA8F9}\ISBEW64.exeC:\Users\Mason\AppData\Local\Temp\{9B3A09A6-1FAA-4ABA-8649-2596BE1C4128}\ISSetup.dllC:\Users\Mason\AppData\Local\Temp\{9B3A09A6-1FAA-4ABA-8649-2596BE1C4128}\setup.exeC:\Users\Mason\AppData\Local\Temp\{8D628906-6D14-43D0-B667-5677E3975705}\ISSetup.dllC:\Users\Mason\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exeC:\Users\Mason\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\instApp.exeC:\Users\Mason\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exeC:\Users\Mason\AppData\Local\Temp\{64D85EE5-3BD0-45E3-9E5C-E934F328B263}\ISBEW64.exeC:\Users\Mason\AppData\Local\Temp\{460215DE-D331-41F4-90E6-29209D6CC41B}\ISBEW64.exeC:\Users\Mason\AppData\Local\Temp\{2079CAD8-543E-4F43-B5C3-0D5F8D0E40B2}\ISSetup.dllC:\Users\Mason\AppData\Local\Temp\{2079CAD8-543E-4F43-B5C3-0D5F8D0E40B2}\setup.exeC:\Users\Mason\AppData\Local\Temp\{196DBE38-E6DE-45C2-A729-AEFCC28E9CCE}\Setup.exeC:\Users\Mason\AppData\Local\Temp\{196DBE38-E6DE-45C2-A729-AEFCC28E9CCE}\_Setup.dllC:\Users\Mason\AppData\Local\Temp\{196DBE38-E6DE-45C2-A729-AEFCC28E9CCE}\_Setupx.dllC:\Users\Mason\AppData\Local\Temp\{196DBE38-E6DE-45C2-A729-AEFCC28E9CCE}\Addons\assistant_v3.exeC:\Users\Mason\AppData\Local\Temp\{196DBE38-E6DE-45C2-A729-AEFCC28E9CCE}\Addons\wsconduit__166.exeC:\Users\Mason\AppData\Local\Temp\{0C39C4C6-59CB-4F76-A99D-99320A6D9D65}\ISBEW64.exeC:\Users\Mason\AppData\Local\Temp\_ir_sf_temp_0\fccore.exeC:\Users\Mason\AppData\Local\Temp\_ir_sf_temp_0\freecorder.chrome.exeC:\Users\Mason\AppData\Local\Temp\_ir_sf_temp_0\freecorder.firefox.exeC:\Users\Mason\AppData\Local\Temp\_ir_sf_temp_0\freecorder.ie.exeC:\Users\Mason\AppData\Local\Temp\SDIAG_142af4ee-6b1a-4233-a475-7cd96279bf5d\DiagPackage.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\dgderapi.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\DIFxAPI.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\Setup.exeC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\Uninstall.exeC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang010E.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0201.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0401.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0403.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0404.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0501.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0601.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0701.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0801.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0901.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0902.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0A01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0B01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0C01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0C03.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0D01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang0E01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1001.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1101.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1201.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1301.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1401.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1501.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1601.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1602.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1801.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1901.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1a04.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1b01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1D01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1E01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang1F01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang2101.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang2201.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang2A01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang3901.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\i386\lang3E01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang010E.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0201.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0401.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0403.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0404.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0501.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0601.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0701.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0801.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0901.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0902.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0A01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0B01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0C01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0C03.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0D01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang0E01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1001.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1101.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1201.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1301.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1401.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1501.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1601.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1602.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1801.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1901.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1a04.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1b01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1D01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1E01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang1F01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang2101.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang2201.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang2A01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang3901.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\lang\amd64\lang3E01.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\21_Searsburg\i386\ssaeCoInstaller01005.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\21_Searsburg\amd64\ssaeCoInstaller01005.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\16_Shrewsbury\i386\WdfCoInstaller01005.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\16_Shrewsbury\amd64\WdfCoInstaller01005.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\nmwcdcls.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\i386\WdfCoInstaller01009.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\nmwcdclsx64.dllC:\Users\Mason\AppData\Local\Temp\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\amd64\WdfCoInstaller01009.dllC:\Users\Mason\AppData\Local\Temp\RarSFX0\IminentSetup{0.qjO2AiaP}.exeC:\Users\Mason\AppData\Local\Temp\PromoEngineInstaller\InstallerService.dllC:\Users\Mason\AppData\Local\Temp\PromoEngineInstaller\NETWrapper.dllC:\Users\Mason\AppData\Local\Temp\MSS\3.0.318.3\mcbrwsr2.dllC:\Users\Mason\AppData\Local\Temp\MSS\3.0.318.3\McInstallerRes.dllC:\Users\Mason\AppData\Local\Temp\MSS\3.0.318.3\McInstallerRes_LD.dllC:\Users\Mason\AppData\Local\Temp\MSS\3.0.318.3\McInstallerStartup.dllC:\Users\Mason\AppData\Local\Temp\MSS\3.0.318.3\McUICnt.exeC:\Users\Mason\AppData\Local\Temp\MSS\3.0.318.3\SecurityScanner.dllC:\Users\Mason\AppData\Local\Temp\msdtadmin\_7060F2E9-0A1F-418F-AC74-88E68101E198_\p0\DiagPackage.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\bm_installer.exeC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\mMSI.dll\mMSIExec.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\mIDEFunc.dll\mEXEFunc.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\F6D2C254\fr.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\F4C879D5\se.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DBD9B16A\cwebpage.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DBD9B16A\InstallerExtensions.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DBD9B16A\Launcher.exeC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DBD9B16A\rbmonitor.exeC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DBD9B16A\rbnotifier.exeC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DBD9B16A\rb_move_serial.exeC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DBD9B16A\rb_ubm.exeC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DBD9B16A\registrybooster.exeC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\DB6D4AF1\jp.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\D0E87741\pl.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\BEF5101E\de.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\A46AE25F\pt.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\A143BDAB\fi.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\9E452C1\tr.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\9E32A01C\gr.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\8779DFBB\no.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\7DBEB094\nl.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\7D7A217B\xs.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\6CF41BAE\es.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\5B07C260\en.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\3F11D5BE\dk.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\3BAC9DAF\ru.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\32DF9203\xt.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\147FC130\br.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\D038292B\12D7F711\it.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\14674720\A524F6BD\msvcp90.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\OFFLINE\14674720\A524F6BD\msvcr90.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\MSIRUN\VldDrvIDEPlug.dll\VldDrvEXEPlug.dllC:\Users\Mason\AppData\Local\Temp\miaC699.tmp\data\MSIRUN\mIDEFunc.dll\mEXEFunc.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\bm_installer.exeC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\mMSI.dll\mMSIExec.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\mIDEFunc.dll\mEXEFunc.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\F6D2C254\fr.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\F4C879D5\se.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DBD9B16A\cwebpage.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DBD9B16A\InstallerExtensions.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DBD9B16A\Launcher.exeC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DBD9B16A\rbmonitor.exeC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DBD9B16A\rbnotifier.exeC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DBD9B16A\rb_move_serial.exeC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DBD9B16A\rb_ubm.exeC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DBD9B16A\registrybooster.exeC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\DB6D4AF1\jp.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\D0E87741\pl.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\BEF5101E\de.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\A46AE25F\pt.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\A143BDAB\fi.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\9E452C1\tr.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\9E32A01C\gr.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\8779DFBB\no.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\7DBEB094\nl.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\7D7A217B\xs.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\6CF41BAE\es.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\5B07C260\en.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\3F11D5BE\dk.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\3BAC9DAF\ru.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\32DF9203\xt.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\147FC130\br.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\D038292B\12D7F711\it.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\14674720\A524F6BD\msvcp90.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\OFFLINE\14674720\A524F6BD\msvcr90.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\MSIRUN\VldDrvIDEPlug.dll\VldDrvEXEPlug.dllC:\Users\Mason\AppData\Local\Temp\mia7A5D.tmp\data\MSIRUN\mIDEFunc.dll\mEXEFunc.dllC:\Users\Mason\AppData\Local\Temp\lu\1_spp_1000091.exeC:\Users\Mason\AppData\Local\Temp\lu\2_spp_Q400A.exeC:\Users\Mason\AppData\Local\Temp\lu\sp_10064_5_setpoint_logitech_64.exeC:\Users\Mason\AppData\Local\Temp\lu\sp_20064_6_unifying_logitech_64.exeC:\Users\Mason\AppData\Local\Temp\lu\sp_30064_3b_redistr64_logitech_64.exeC:\Users\Mason\AppData\Local\Temp\lu\sp_40064_7a_lu_logitech_64.exeC:\Users\Mason\AppData\Local\Temp\Logitech\DevicePackageSAM\DPHlpr.dllC:\Users\Mason\AppData\Local\Temp\is-VUJEQ.tmp\Crawler_Setup.exeC:\Users\Mason\AppData\Local\Temp\is-VUJEQ.tmp\DownLib.dllC:\Users\Mason\AppData\Local\Temp\is-VUJEQ.tmp\PCPowerSpeedSetup.exeC:\Users\Mason\AppData\Local\Temp\is-VUJEQ.tmp\RebateInformerSetup.exeC:\Users\Mason\AppData\Local\Temp\is-VUJEQ.tmp\_isetup\_shfoldr.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\CbsProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\CompatProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\DismCore.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\DismCorePS.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\DismHost.exeC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\DismProv.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\DmiProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\FolderProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\IntlProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\LogProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\MsiProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\OSProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\SmiProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\TransmogProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\UnattendProvider.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\wdscore.dllC:\Users\Mason\AppData\Local\Temp\E2DB8975-F72A-408E-B744-25973CE0A3B6\WimProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\CbsProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\CompatProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\DismCore.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\DismCorePS.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\DismHost.exeC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\DismProv.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\DmiProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\FolderProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\IntlProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\LogProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\MsiProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\OSProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\SmiProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\TransmogProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\UnattendProvider.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\wdscore.dllC:\Users\Mason\AppData\Local\Temp\DC063855-2457-414A-9AF0-1A9FAD9DB445\WimProvider.dllC:\Users\Mason\AppData\Local\Temp\ct3309350\stub.exeC:\Users\Mason\AppData\Local\Temp\ct3309350\plugins\TBVerifier.dllC:\Users\Mason\AppData\Local\Temp\CE18.dir\InstallFlashPlayer.exeC:\Users\Mason\AppData\Local\Temp\CCIS\ccsqlh.exeC:\Users\Mason\AppData\Local\Temp\CCIS\sqlite3.dllC:\Users\Mason\AppData\Local\Temp\C0FE.dir\InstallFlashPlayer.exeC:\Users\Mason\AppData\Local\Temp\bus9F4C\ChromeExtUpdater.exeC:\Users\Mason\AppData\Local\Temp\B8277A02-BAB0-7891-9441-B87184E23EC4\Setup.exeC:\Users\Mason\AppData\Local\Temp\B8277A02-BAB0-7891-9441-B87184E23EC4\sqlite3.dllC:\Users\Mason\AppData\Local\Temp\B8277A02-BAB0-7891-9441-B87184E23EC4\Latest\IEHelper.dllC:\Users\Mason\AppData\Local\Temp\B8277A02-BAB0-7891-9441-B87184E23EC4\Latest\Setup.exeC:\Users\Mason\AppData\Local\Temp\B8277A02-BAB0-7891-9441-B87184E23EC4\Latest\sqlite3.dllC:\Users\Mason\AppData\Local\Temp\B762BC90-BAB0-7891-A0F9-681223C26D1E\BabMaint.exeC:\Users\Mason\AppData\Local\Temp\B762BC90-BAB0-7891-A0F9-681223C26D1E\BContentServerLite.dllC:\Users\Mason\AppData\Local\Temp\B762BC90-BAB0-7891-A0F9-681223C26D1E\BUCTypes.dllC:\Users\Mason\AppData\Local\Temp\B762BC90-BAB0-7891-A0F9-681223C26D1E\BUIECom.dllC:\Users\Mason\AppData\Local\Temp\B762BC90-BAB0-7891-A0F9-681223C26D1E\BUSolForMontiera.dllC:\Users\Mason\AppData\Local\Temp\B762BC90-BAB0-7891-A0F9-681223C26D1E\BUSolution.dllC:\Users\Mason\AppData\Local\Temp\B762BC90-BAB0-7891-A0F9-681223C26D1E\GUninstaller.exeC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\BabMaint.exeC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\BUSolution.dllC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\BUSUninstall.exeC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\ccp.exeC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\ChromeToolbarSetup.dllC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\CrxInstaller.dllC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\GUninstaller.exeC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\IEHelper.dllC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\Setup.exeC:\Users\Mason\AppData\Local\Temp\9048AAB4-BAB0-7891-8B82-659ECFB5CDC1\sqlite3.dllC:\Users\Mason\AppData\Local\Temp\7B67.dir\InstallFlashPlayer.exeC:\Users\Mason\AppData\Local\Temp\78B0C25E-BAB0-7891-AB77-60BE352283CC\BabMaint.exeC:\Users\Mason\AppData\Local\Temp\78B0C25E-BAB0-7891-AB77-60BE352283CC\BUSolution.dllC:\Users\Mason\AppData\Local\Temp\78B0C25E-BAB0-7891-AB77-60BE352283CC\BUSUninstall.exeC:\Users\Mason\AppData\Local\Temp\78B0C25E-BAB0-7891-AB77-60BE352283CC\ccp.exeC:\Users\Mason\AppData\Local\Temp\78B0C25E-BAB0-7891-AB77-60BE352283CC\ChromeToolbarSetup.dllC:\Users\Mason\AppData\Local\Temp\78B0C25E-BAB0-7891-AB77-60BE352283CC\CrxInstaller.dllC:\Users\Mason\AppData\Local\Temp\78B0C25E-BAB0-7891-AB77-60BE352283CC\GUninstaller.exeC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\CbsProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\CompatProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\DismCore.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\DismCorePS.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\DismHost.exeC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\DismProv.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\DmiProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\FolderProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\IntlProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\LogProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\MsiProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\OSProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\SmiProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\TransmogProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\UnattendProvider.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\wdscore.dllC:\Users\Mason\AppData\Local\Temp\719DE7A4-5A21-49FE-BABA-615B3F92FE9B\WimProvider.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BabMaint.exeC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\Babylon.exeC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BabylonDocTranslation64PI.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BabylonDocTranslationPI.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BabylonHelper64.exeC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BabylonIEPI.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BabylonOffice64PI.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BabylonOfficePI.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BabyServices.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BContentServer.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BContentServerExt.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BContentServerLite.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BException.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BUCTypes.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BUIECom.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BUSolForMontiera.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\BUSolution.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\captlib.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\captlib64.dllC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\GUninstaller.exeC:\Users\Mason\AppData\Local\Temp\606BDDA5-BAB0-7891-B754-C404AB9D7DE8\uninstbb.exeC:\Users\Mason\AppData\Local\Temp\404B.dir\InstallFlashPlayer.exeC:\Users\Mason\AppData\Local\Temp\3E57.dir\InstallFlashPlayer.exeC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\CbsProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\CompatProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\DismCore.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\DismCorePS.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\DismHost.exeC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\DismProv.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\DmiProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\FolderProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\IntlProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\LogProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\MsiProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\OSProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\SmiProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\TransmogProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\UnattendProvider.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\wdscore.dllC:\Users\Mason\AppData\Local\Temp\3D0A8434-CA77-48A2-92AD-9116A203EB46\WimProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\CbsProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\CompatProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\DismCore.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\DismCorePS.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\DismHost.exeC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\DismProv.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\DmiProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\FolderProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\IntlProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\LogProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\MsiProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\OSProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\SmiProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\TransmogProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\UnattendProvider.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\wdscore.dllC:\Users\Mason\AppData\Local\Temp\29FB521B-3208-46B6-B04E-DFEE5ED7AC5F\WimProvider.dllC:\Users\Mason\AppData\Local\Temp\251C7ABC-BAB0-7891-80AC-4EEF957866D2\BabMaint.exeC:\Users\Mason\AppData\Local\Temp\251C7ABC-BAB0-7891-80AC-4EEF957866D2\BUSolution.dllC:\Users\Mason\AppData\Local\Temp\251C7ABC-BAB0-7891-80AC-4EEF957866D2\BUSUninstall.exeC:\Users\Mason\AppData\Local\Temp\251C7ABC-BAB0-7891-80AC-4EEF957866D2\ccp.exeC:\Users\Mason\AppData\Local\Temp\251C7ABC-BAB0-7891-80AC-4EEF957866D2\ChromeToolbarSetup.dllC:\Users\Mason\AppData\Local\Temp\251C7ABC-BAB0-7891-80AC-4EEF957866D2\CrxInstaller.dllC:\Users\Mason\AppData\Local\Temp\251C7ABC-BAB0-7891-80AC-4EEF957866D2\GUninstaller.exeC:\Users\Mason\AppData\Local\Temp\24DCCE11-BAB0-7891-9ED5-095C2D62F482\BabMaint.exeC:\Users\Mason\AppData\Local\Temp\24DCCE11-BAB0-7891-9ED5-095C2D62F482\BContentServerLite.dllC:\Users\Mason\AppData\Local\Temp\24DCCE11-BAB0-7891-9ED5-095C2D62F482\BUCTypes.dllC:\Users\Mason\AppData\Local\Temp\24DCCE11-BAB0-7891-9ED5-095C2D62F482\BUIECom.dllC:\Users\Mason\AppData\Local\Temp\24DCCE11-BAB0-7891-9ED5-095C2D62F482\BUSolForMontiera.dllC:\Users\Mason\AppData\Local\Temp\24DCCE11-BAB0-7891-9ED5-095C2D62F482\BUSolution.dllC:\Users\Mason\AppData\Local\Temp\24DCCE11-BAB0-7891-9ED5-095C2D62F482\GUninstaller.exeC:\Users\Mason\AppData\Local\Temp\21F2.dir\InstallFlashPlayer.exeC:\Users\Mason\AppData\Local\Temp\1CA5.dir\InstallFlashPlayer.exeC:\Users\Mason\AppData\Local\Temp\11U6IEFP\4_elements-setup Setup\plugins\2\CustomInstallationPlugIn.dllC:\Users\Mason\AppData\Local\Temp\11U6HP13\mahjongworldcontest-510007256-setup Setup\plugins\2\CustomInstallationPlugIn.dllC:\Users\Mason\AppData\Local\Temp\11U6HC9D\alchemy-setup Setup\plugins\2\CustomInstallationPlugIn.dllC:\Users\Mason\AppData\Local\Temp\._msige60\GoogleEarth.exeC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\earthps.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\geplugin.exeC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\ge_expat.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\googleearth_free.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\msvcp80.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\msvcr80.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\npgeplugin.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\plugin\plugin_ax.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\earthflashsol.exeC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\earthps.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\ge_expat.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\googleearth.exeC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\googleearth_free.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\gpsbabel.exeC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\msvcp80.dllC:\Users\Mason\AppData\Local\Temp\._msige60\program files\Google\Google Earth\client\msvcr80.dllC:\Users\USERNAME\AppData\Roaming\cache.iniC:\Users\USERNAME\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\AskPartnerCobrandingTool.exeC:\Users\USERNAME\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\instApp.exeC:\Users\USERNAME\AppData\Local\Temp\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\RunIE.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitC:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender LastRegBack: 2013-09-01 05:03 ==================== End Of Log ============================
  14. My apologies on the double post, as I posted it said "server error" and that if I reloaded the page it might cause me to double post. I am unsure how to access my original post titled Zaccess and other problems but as I remember it, the next step was to run rouge killer and post the log here after saving to desktop, here is what it found. Not really looking good. RogueKiller V8.6.9 _x64_ [sep 3 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : USERNAME [Admin rights]Mode : Scan -- Date : 09/05/2013 20:38:59| ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤[ZeroAccess][sERVICE] ???etadpug -- "C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\ \...\???ﯹ๛\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" < [x] -> STOPPED ¤¤¤ Registry Entries : 11 ¤¤¤[RUN][ZeroAccess] HKUS\.DEFAULT\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\?��?��?��\?��?��?��\???ﯹ๛\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" >) -> FOUND[RUN][ZeroAccess] HKUS\S-1-5-18\[...]\Run : Google Update ("C:\Windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\?��?��?��\?��?��?��\???ﯹ๛\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" >) -> FOUND[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\[...]\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [x][7][x]) -> FOUND[sERVICE][ZeroAccess] HKLM\[...]\CCSet\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\ \...\???ﯹ๛\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" < [x]) -> FOUND[sERVICE][ZeroAccess] HKLM\[...]\CS001\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\ \...\???ﯹ๛\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" < [x]) -> FOUND[sERVICE][ZeroAccess] HKLM\[...]\CS002\[...]\Services : ???etadpug ("C:\Program Files (x86)\Google\Desktop\Install\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\ \...\???ﯹ๛\{e44e78b2-6533-1430-0c8d-ad5be69cc3f5}\GoogleUpdate.exe" < [x]) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HID SVC][Hidden from API] HKLM\[...]\CCSet\[...]\Services : . e () -> FOUND[HID SVC][Hidden from API] HKLM\[...]\CS001\[...]\Services : . e () -> FOUND[HID SVC][Hidden from API] HKLM\[...]\CS002\[...]\Services : . e () -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤[V1][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{40490AAE-E28A-4DED-A514-3789405423D3}.exe - --uninstall=1 [x] -> FOUND[V2][sUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{40490AAE-E28A-4DED-A514-3789405423D3}.exe - --uninstall=1 [x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤[ZeroAccess][Junction] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> FOUND[ZeroAccess][Junction] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> FOUND ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK5065GSX ATA Device +++++--- User ---[MBR] 3e67c9d6d0fa34b29464a8a1800da399[bSP] 4ef8cdcb2c5e071c7f21c9f80d4e1ecc : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 14339 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 29366820 | Size: 101 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29575665 | Size: 462497 MoUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_09052013_203859.txt >>
  15. Hello again, I hope I am reading instructions correctly by posting a new topic with the results of the dds.txt and attach.txt. as well as the rougekiller 64-bit version log. Here is the DDS.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 1.6.0_37Run by USERNAME at 19:32:27 on 2013-09-05Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2680 [GMT -4:00].AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atieclxx.exeC:\Windows\System32\spoolsv.exeC:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Launch Manager\dsiwmis.exeC:\Program Files\Acer\Acer ePower Management\ePowerSvc.exeC:\Program Files (x86)\Acer\Registration\GREGsvc.exeC:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exeC:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exeC:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exeC:\Program Files (x86)\Sendori\sndappv2.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Acer\Acer Updater\UpdaterService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Sendori\SendoriSvc.exeC:\Program Files (x86)\Sendori\Sendori.Service.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Sendori\SendoriUp.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exeC:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXEC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\PLFSetI.exeC:\Program Files\Acer\Acer ePower Management\ePowerTray.exeC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Program Files (x86)\EgisTec IPS\PmmUpdate.exeC:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exeC:\Program Files (x86)\Launch Manager\LManager.exeC:\Program Files (x86)\Sendori\SendoriTray.exeC:\Program Files (x86)\Launch Manager\MMDx64Fx.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Ask.com\Updater\Updater.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXEC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Launch Manager\LMworker.exeC:\Program Files\Acer\Acer ePower Management\ePowerEvent.exeC:\Program Files (x86)\EgisTec IPS\EgisUpdate.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uProxyOverride = <local>dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dllBHO: Define: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - BHO: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dllTB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>TB: Avira SearchFree Toolbar plus Web Protection: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dlluRun: [Akamai NetSession Interface] "C:\Users\USERNAME\AppData\Local\Akamai\netsession_win.exe"mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -dmRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -kmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [MusicFrost Updater] "C:\Program Files (x86)\MusicFrost\MusicFrost Updater.exe"mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe"mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"mRun: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silentmRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /minmRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}LSP: C:\Windows\System32\Sendori.dllLSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dllTrusted Zone: aeriagames.comTrusted Zone: aeriagames.comTCP: NameServer = 192.168.1.1TCP: Interfaces\{0B6596F4-F26B-4986-886F-986C1EB0D037} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{0B6596F4-F26B-4986-886F-986C1EB0D037}\2656C6B696E6E2236663 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{0B6596F4-F26B-4986-886F-986C1EB0D037}\6427F6E64796562763437333 : DHCPNameServer = 192.168.254.254Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [PLFSetI] C:\Windows\PLFSetI.exex64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exex64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchx64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGamingx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\ce65dfn4.default\FF - prefs.js: browser.startup.homepage - www.google.comFF - prefs.js: browser.search.selectedEngine - Ask.comFF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-08-17 22:08; umylsm@sqhjcpzmeselzlp.org; C:\Program Files (x86)\Mozilla Firefox\extensions\umylsm@sqhjcpzmeselzlp.org.============= SERVICES / DRIVERS ===============.R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-6-29 28600]R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-4-2 202752]R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-6-29 84024]R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-6-29 108088]R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-6-29 815160]R2 Application Sendori;Application Sendori;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2013-7-1 119072]R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-6-29 105344]R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-4-2 325200]R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-5-1 865824]R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-2-1 305520]R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-8 250368]R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-5 144640]R2 Service Sendori;Service Sendori;C:\Program Files (x86)\Sendori\Sendori.Service.exe [2013-7-1 22304]R2 sndappv2;sndappv2;C:\Program Files (x86)\Sendori\sndappv2.exe [2013-7-1 3623200]R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-4-2 243232]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-4-2 321064]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-5-1 38456]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe --> C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [?]S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2012-9-18 78648]S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2012-9-18 15160]S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-5 50432]S3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2011-4-19 15360]S3 pnetmdm;PdaNet Modem;C:\Windows\System32\drivers\pnetmdm64.sys [2011-4-19 17920]S3 qrkis;Tether Miniport;C:\Windows\System32\drivers\qrkis.sys [2011-4-11 50856]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-27 19456]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-2 239136]S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-27 57856]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-22 1255736].=============== Created Last 30 ================.2013-09-02 21:55:59 -------- d-----w- C:\Program Files\HyperCam 22013-09-01 01:54:04 -------- d-----w- C:\Users\USERNAME\AppData\Local\Microsoft Games2013-08-30 21:45:27 -------- d-----w- C:\Users\USERNAME\AppData\Local\Akamai2013-08-29 20:10:50 -------- d-----w- C:\Users\USERNAME\AppData\Local\Diagnostics2013-08-29 15:32:01 -------- d-----w- C:\Users\USERNAME\AppData\Local\CrashDumps2013-08-29 15:31:59 -------- d-----w- C:\Users\USERNAME\AppData\Local\DoNotTrackPlus2013-08-29 15:31:41 -------- d-----w- C:\Users\USERNAME\AppData\Local\AskToolbar2013-08-29 15:10:07 -------- d-----w- C:\Users\USERNAME\AppData\Local\Macromedia2013-08-29 15:09:12 -------- d-----w- C:\Users\USERNAME\AppData\Local\Mozilla2013-08-29 10:51:41 -------- d-----w- C:\Users\USERNAME\AppData\Local\Aeria Games2013-08-29 08:50:28 -------- d-----w- C:\Users\USERNAME\AppData\Roaming\Malwarebytes2013-08-29 08:50:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-08-29 08:33:50 -------- d-----w- C:\Users\USERNAME\AppData\Local\Programs2013-08-29 08:09:04 -------- d-----w- C:\Users\USERNAME\AppData\Local\Google2013-08-29 08:08:12 -------- d-----w- C:\Users\USERNAME\AppData\Roaming\Avira2013-08-29 08:05:09 -------- d-----w- C:\Users\USERNAME\AppData\Local\ATI2013-08-28 21:50:36 -------- d-----w- C:\ProgramData\iptrh2013-08-28 21:49:24 -------- d-----w- C:\ProgramData\meakr2013-08-28 01:02:00 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui2013-08-28 01:00:47 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2013-08-28 01:00:47 458712 ----a-w- C:\Windows\System32\drivers\cng.sys2013-08-28 01:00:47 340992 ----a-w- C:\Windows\System32\schannel.dll2013-08-28 01:00:47 247808 ----a-w- C:\Windows\SysWow64\schannel.dll2013-08-28 01:00:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2013-08-28 01:00:47 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2013-08-28 01:00:47 1448448 ----a-w- C:\Windows\System32\lsasrv.dll2013-08-28 01:00:43 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll2013-08-28 01:00:43 366592 ----a-w- C:\Windows\System32\qdvd.dll2013-08-17 14:04:32 -------- d-----w- C:\Program Files\SAMSUNG2013-08-17 14:04:20 -------- d-----w- C:\ProgramData\Samsung2013-08-14 08:59:01 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-08-14 08:59:00 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-08-14 08:59:00 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-08-14 08:59:00 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-08-14 08:59:00 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-08-14 08:59:00 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll.==================== Find3M ====================.2013-09-04 12:29:58 105344 ----a-w- C:\Windows\System32\drivers\avgntflt.sys2013-08-29 13:22:00 81112 ----a-w- C:\Windows\System32\drivers\avnetflt.sys2013-08-21 17:49:00 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-08-21 17:49:00 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-08-21 17:48:53 17737608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-07-01 19:28:10 325920 ----a-w- C:\Windows\SysWow64\Sendori.dll2013-06-29 09:25:48 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys.============= FINISH: 19:33:20.77 =============== Here is the Attach.txt .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 1/20/2011 11:25:34 AMSystem Uptime: 9/5/2013 3:40:39 PM (4 hours ago).Motherboard: Acer | | Aspire 5551 Processor: AMD Athlon II P320 Dual-Core Processor | Socket S1G4 | 798/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 452 GiB total, 389.231 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP200: 8/27/2013 9:00:59 PM - Windows UpdateRP201: 8/28/2013 2:45:21 PM - Removed SamsungSimpleUpgradeTool for SCH-R720 MetroPCSRP202: 8/28/2013 2:47:11 PM - Removed SAMSUNG USB Driver for Mobile Phones V5.16.0.0.RP203: 9/4/2013 10:26:15 PM - Scheduled Checkpoint.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)Acer Backup ManagerAcer Crystal Eye webcam Ver:1.1.164.323Acer ePower ManagementAcer eRecovery ManagementAcer RegistrationAcer ScreenSaverAcer UpdaterAcrobat.comAdobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9.5.5 MUIAeria IgniteAkamai NetSession InterfaceAMD USB Filter DriverAsk ToolbarATI Catalyst Install ManagerAvira Free AntivirusAvira SearchFree Toolbar plus Web Protection UpdaterBackup Manager BasicCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCompatibility Pack for the 2007 Office systemCyberLink PowerDVD 9D3DX10eRegeSobi v2Google ChromeGoogle EarthGoogle Update HelperGrand FantasiaHyperCam 2Identity CardJava Auto UpdaterJava 6 Update 37Junk Mail filter updateK-Lite Codec Pack 7.7.0 (Basic)Launch ManagerLogitech SetPoint 6.51Malwarebytes Anti-Malware version 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office PowerPoint Viewer 2007 (English)Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Standard 2007Microsoft Office Suite Activation AssistantMicrosoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft WorksMotoHelper MergeModulesMozilla Firefox 12.0 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MyWinLockerMyWinLocker SuiteNTI Backup Now 5NTI Backup Now StandardNTI Media Maker 8Realtek HDMI Audio Driver for ATIRealtek High Definition Audio DriverRealtek USB 2.0 Card ReaderSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition SendoriShredderSynaptics Pointing Device DriverUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 (KB2768023) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Visual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesWelcome CenterWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesZoo Tycoon: Complete Collection.==== Event Viewer Messages From Past Week ========.9/5/2013 9:58:40 AM, Error: Service Control Manager [7031] - The Service Sendori service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.9/5/2013 7:06:21 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-21470248919/5/2013 7:06:21 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-21470248919/5/2013 3:45:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom9/5/2013 3:45:40 PM, Error: Service Control Manager [7022] - The Service Sendori service hung on starting.9/5/2013 3:43:55 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.9/5/2013 3:43:55 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.9/5/2013 3:43:54 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 1269/4/2013 2:58:16 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.9/3/2013 4:14:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.9/2/2013 7:53:05 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user Mason-PC\USERNAME SID (S-1-5-21-1847525143-1022311554-1040229565-1003) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.9/2/2013 1:43:01 AM, Error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The pipe has been ended.9/1/2013 10:25:11 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The data is invalid.9/1/2013 10:25:10 PM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).9/1/2013 10:25:10 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.9/1/2013 10:25:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}9/1/2013 10:25:09 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).9/1/2013 10:25:09 PM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).9/1/2013 10:25:09 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.8/31/2013 1:22:59 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Service Sendori service, but this action failed with the following error: An instance of the service is already running.8/29/2013 3:52:38 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avipbb avkmgr ccSet_NST DfsC discache mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 3:52:38 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.8/29/2013 3:13:07 AM, Error: Service Control Manager [7034] - The sndappv2 service terminated unexpectedly. It has done this 1 time(s).8/29/2013 12:57:14 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Service Sendori service to connect.8/29/2013 12:57:14 AM, Error: Service Control Manager [7000] - The Service Sendori service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion..==== End Of File =========================== I have now selected the Follow this topic? checkbox. My next step says to Quit all running programs so I will be back to post those in a minute or so after rouge has finished.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.