Jump to content

MadameHardy

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by MadameHardy

  1. I just found out we'd exceeded our (very high) Internet data cap. I started installing Internet usage checkers on our computers, and found that one was using far more data than it should (it's unused most of the day.) I Googled and found Malwarebytes, ran Process Explorer, and found that the computer's having two running instances of csrss.exe wasn't good. Herewith the logs: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014 Ran by Elizabeth (administrator) on ELIZABETH-PC on 15-06-2014 19:21:44Running from C:\Users\Elizabeth\DownloadsPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe(SugarSync, Inc.) C:\Program Files (x86)\SugarSync\SugarSync.exe(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\PlayOn.exe(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe(PFU LIMITED) C:\Windows\SSDriver\fi5110\SsWiaChecker.exe() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe( ) C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe(Sysinternals - www.sysinternals.com) C:\Program Files (x86)\Procexp\procexp.exe(Sysinternals - www.sysinternals.com) C:\Users\Elizabeth\AppData\Local\Temp\procexp64.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(OldTimer Tools) C:\Users\Elizabeth\Downloads\OTL.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [scanSnap WIA Service Checker] => C:\Windows\SSDriver\fi5110\SsWiaChecker.exe [86016 2009-09-30] (PFU LIMITED)HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-06-06] (Comodo Security Solutions, Inc.)Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]HKU\.DEFAULT\...\RunOnce: [sPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-21] (Microsoft Corporation)HKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\Elizabeth\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=f94c2ef0443247d3a0c0d16f6bccd0f4-8ef3814ccf598f88d202c4ef86d692c3e0fa97ec /CMPID=1113aHKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [sugarSync] => C:\Program Files (x86)\SugarSync\SugarSync.exe [13119328 2014-05-06] (SugarSync, Inc.)HKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [PlayOn] => C:\Program Files (x86)\MediaMall\PlayOn.exe [67904 2014-03-05] (MediaMall Technologies, Inc.)HKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [GoogleChromeAutoLaunch_BC42A7D22EA4C9EEEC843EF2870E3FB5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)HKU\S-1-5-21-1674408116-3729613793-3804784409-1000\...\Run: [62CF4B14FAA12E534B4ED8B0C8F7755415803ECD._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnkShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe ( )Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnkShortcutTarget: ScanSnap Manager.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU LIMITED)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnkShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnkShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\system32\SSCbFsMntNtf3.dll (EldoS Corporation)SSODL-x32: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll (EldoS Corporation)BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:TabsHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6822DBB640E6CE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-USSearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={9F6D5DA2-67A9-49B9-A5FE-CAC77D8A26DA}&mid=f94c2ef0443247d3a0c0d16f6bccd0f4-8ef3814ccf598f88d202c4ef86d692c3e0fa97ec〈=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-11-22 09:21:04&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms} BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No FileToolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No FileTcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox:========FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @playon.tv/PlayOnToolbar - C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: =======CHR HomePage: hxxp://my.yahoo.com/CHR StartupUrls: "hxxp://mail.google.com/"CHR Extension: (Google Translate) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2013-11-22]CHR Extension: (Text URL Linker) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegfbpchoheaflicfmggkmlmcccpjpgd [2013-11-22]CHR Extension: (Duolingo) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2013-11-22]CHR Extension: (Angry Birds) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-11-22]CHR Extension: (Google Docs) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-22]CHR Extension: (Google Drive) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-22]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-07]CHR Extension: (YouTube) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-22]CHR Extension: (Webmail Ad Blocker) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2013-11-22]CHR Extension: (Send to Kindle for Google Chrome™) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2014-04-28]CHR Extension: (Remember The Milk) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni [2013-11-22]CHR Extension: (Google Search) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-22]CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-04-04]CHR Extension: (Timer) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd [2013-11-22]CHR Extension: (Chromebleed) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-13]CHR Extension: (Camera) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabandfpdnfaojfnelmcgcplhbecchpn [2014-04-13]CHR Extension: (XKit) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-04-02]CHR Extension: (MagicScroll eBook Reader) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2013-11-22]CHR Extension: (AdBlock) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-22]CHR Extension: (Hola Better Internet) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-11-22]CHR Extension: (Pin It Button) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-03-26]CHR Extension: (TinEye Reverse Image Search) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-01-11]CHR Extension: (Don't Starve) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2013-11-22]CHR Extension: (Kindle Cloud Reader) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-02-28]CHR Extension: (PlayOn) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ienaefcpghbmccojmklhdffdobkbencj [2014-02-12]CHR Extension: (Evernote Web) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2013-11-22]CHR Extension: (Google Maps) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-11-22]CHR Extension: (Window Close Protector) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnpifgapnmpninomacbhdlconlpikdai [2013-11-22]CHR Extension: (Ghostery) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2013-11-22]CHR Extension: (Google Play Books) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-11-22]CHR Extension: (Extensions Update Notifier) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlldbplhbaopldicmcoogopmkonpebjm [2014-01-17]CHR Extension: (Google Wallet) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-22]CHR Extension: (Tumblr Savior) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2013-12-15]CHR Extension: (Modern New Tab Page) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogllliimbhgmclkgjldeffhjbhaenapo [2014-04-13]CHR Extension: (Twitter Preview URLs) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijgblonhcagdhfbgjilnpjipmijimmn [2014-01-21]CHR Extension: (Send from Gmail (by Google)) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2013-11-22]CHR Extension: (Gmail) - C:\Users\Elizabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-22]CHR HKLM-x32\...\Chrome\Extension: [ienaefcpghbmccojmklhdffdobkbencj] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-01-03] ==================== Services (Whitelisted) ================= R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-06-10] (Comodo Security Solutions, Inc.)R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-06-06] (Comodo Security Solutions, Inc.)S2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5425968 2014-03-05] (MediaMall Technologies, Inc.)R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== R3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [114176 2013-07-22] (ASIX Electronics Corp.)R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2013-05-07] (Windows ® Win 7 DDK provider) [File not signed]R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2013-10-06] ()R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R3 SSCBFS3; C:\Windows\System32\DRIVERS\sscbfs3.sys [347904 2013-01-30] (EldoS Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-15 19:21 - 2014-06-15 19:22 - 00017204 _____ () C:\Users\Elizabeth\Downloads\FRST.txt2014-06-15 19:21 - 2014-06-15 19:21 - 02081280 _____ (Farbar) C:\Users\Elizabeth\Downloads\FRST64.exe2014-06-15 19:21 - 2014-06-15 19:21 - 00000000 ____D () C:\FRST2014-06-15 19:05 - 2014-06-15 19:05 - 00052736 _____ () C:\Users\Elizabeth\Downloads\Extras.Txt2014-06-15 19:04 - 2014-06-15 19:04 - 00095254 _____ () C:\Users\Elizabeth\Downloads\OTL.Txt2014-06-15 18:54 - 2014-06-15 18:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-15 18:54 - 2014-06-15 18:54 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-15 18:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-06-15 18:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-06-15 18:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-06-15 18:53 - 2014-06-15 18:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elizabeth\Downloads\mbam-setup-2.0.2.1012.exe2014-06-15 18:50 - 2014-06-15 18:50 - 00380416 _____ () C:\Users\Elizabeth\Downloads\8frw3bx8.exe2014-06-15 18:49 - 2014-06-15 18:49 - 00602112 _____ (OldTimer Tools) C:\Users\Elizabeth\Downloads\OTL.exe2014-06-15 18:34 - 2014-06-15 19:21 - 00000000 ____D () C:\ProgramData\Bitmeter22014-06-15 18:34 - 2014-06-15 18:52 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\Bitmeter22014-06-15 18:34 - 2014-06-15 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitMeter2014-06-15 18:34 - 2014-06-15 18:34 - 00000000 ____D () C:\Program Files (x86)\Codebox2014-06-15 18:33 - 2014-06-15 18:33 - 01360256 _____ () C:\Users\Elizabeth\Downloads\BitMeter2.zip2014-06-15 18:25 - 2014-06-15 18:25 - 00372376 _____ (AddGadgets.com) C:\Users\Elizabeth\Downloads\NetworkMeterVersion96.exe2014-06-14 15:00 - 2014-06-14 15:00 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e08.hannibal.torrent2014-06-14 15:00 - 2014-06-14 15:00 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e07.hannibal.torrent2014-06-14 14:59 - 2014-06-14 14:59 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e06.hannibal.torrent2014-06-14 14:59 - 2014-06-14 14:59 - 00019327 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e05.hannibal.torrent2014-06-13 21:09 - 2014-06-13 21:09 - 00020930 _____ () C:\Users\Elizabeth\Downloads\Mock the Week s13e01.hannibal.torrent2014-06-11 01:37 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-06-11 01:37 - 2014-05-30 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-06-11 01:37 - 2014-05-30 02:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-06-11 01:37 - 2014-05-30 02:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-06-11 01:37 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-06-11 01:37 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-06-11 01:37 - 2014-05-30 01:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-06-11 01:37 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-06-11 01:37 - 2014-05-30 01:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-06-11 01:37 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-06-11 01:37 - 2014-05-30 01:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-06-11 01:37 - 2014-05-30 01:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-06-11 01:37 - 2014-05-30 01:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-06-11 01:37 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-06-11 01:37 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-06-11 01:37 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-06-11 01:37 - 2014-05-30 01:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-06-11 01:37 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-06-11 01:37 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-06-11 01:37 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-06-11 01:37 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-06-11 01:37 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-06-11 01:37 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-06-11 01:37 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll2014-06-11 01:37 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll2014-06-11 01:37 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll2014-06-11 01:37 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll2014-06-11 01:37 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys2014-06-11 01:37 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS2014-06-11 01:37 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll2014-06-11 01:37 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-06-11 01:37 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll2014-06-11 01:37 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-06-11 01:37 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll2014-06-11 01:37 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-06-11 01:37 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll2014-06-11 01:37 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-06-11 01:36 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-06-11 01:36 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-06-11 01:36 - 2014-05-30 02:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-06-11 01:36 - 2014-05-30 02:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-06-11 01:36 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-06-11 01:36 - 2014-05-30 02:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-06-11 01:36 - 2014-05-30 02:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-06-11 01:36 - 2014-05-30 02:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-06-11 01:36 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-06-11 01:36 - 2014-05-30 02:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-06-11 01:36 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-06-11 01:36 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-06-11 01:36 - 2014-05-30 01:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-06-11 01:36 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-06-11 01:36 - 2014-05-30 01:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-06-11 01:36 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-06-11 01:36 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-06-11 01:36 - 2014-05-30 01:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-06-11 01:36 - 2014-05-30 01:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-06-11 01:36 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-06-11 01:36 - 2014-05-30 01:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-06-11 01:36 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-06-11 01:36 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-06-11 01:36 - 2014-05-30 00:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-06-11 01:36 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-06-11 01:36 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-06-11 01:36 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-06-11 01:36 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-06-11 01:36 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-06-11 01:34 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-06-11 01:34 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-06-10 21:05 - 2014-06-10 21:05 - 00000373 _____ () C:\Users\Elizabeth\Documents\googleprob.txt2014-06-08 20:10 - 2014-06-08 20:10 - 00019487 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e04.hannibal.torrent2014-06-08 20:09 - 2014-06-08 20:09 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e03.hannibal.torrent2014-06-08 20:09 - 2014-06-08 20:09 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e03.hannibal (1).torrent2014-06-08 13:03 - 2014-06-08 13:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-06-08 13:03 - 2014-06-08 13:03 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-06-08 13:03 - 2014-06-08 13:03 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-06-08 13:03 - 2014-06-08 13:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2014-06-08 13:03 - 2014-06-08 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-06-08 13:03 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe2014-06-08 13:02 - 2014-06-08 13:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22014-06-08 13:01 - 2014-06-08 13:02 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Elizabeth\Downloads\spybot-2.3.exe2014-06-07 17:17 - 2014-06-07 17:17 - 00000000 ____D () C:\Program Files (x86)\Comodo2014-06-01 13:02 - 2014-06-01 13:02 - 00019720 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e09.hannibal.torrent2014-06-01 13:01 - 2014-06-01 13:01 - 00019600 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e08.hannibal.torrent2014-05-30 22:03 - 2014-05-30 22:03 - 00031638 _____ () C:\Users\Elizabeth\Downloads\A Very British Murder with Lucy Worsley - Series 1 (2013) [PDTV (XviD)][sUBS].torrent2014-05-30 20:37 - 2014-05-30 20:37 - 00021007 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e01.hannibal.torrent2014-05-30 20:37 - 2014-05-30 20:37 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e02.hannibal.torrent2014-05-30 20:36 - 2014-05-30 20:36 - 00021642 _____ () C:\Users\Elizabeth\Downloads\Only Connect - series 7 (2013) [PDTV(XviD)].torrent2014-05-28 19:58 - 2014-05-28 19:58 - 00020252 _____ () C:\Users\Elizabeth\Downloads\The Duchess of Malfi.HD.hannibal.torrent2014-05-28 19:55 - 2014-05-28 19:59 - 243283968 _____ () C:\Users\Elizabeth\Downloads\IC219.avi2014-05-28 19:54 - 2014-05-28 19:58 - 243746816 _____ () C:\Users\Elizabeth\Downloads\IC217.avi2014-05-27 20:43 - 2014-05-27 20:45 - 329862086 _____ () C:\Users\Elizabeth\Downloads\IC215.avi2014-05-27 20:38 - 2014-05-27 20:40 - 243292160 _____ () C:\Users\Elizabeth\Downloads\IC216.avi2014-05-27 20:37 - 2014-05-27 20:39 - 244226048 _____ () C:\Users\Elizabeth\Downloads\IC110.avi2014-05-23 20:57 - 2014-05-23 20:57 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e05.hannibal.torrent2014-05-23 20:57 - 2014-05-23 20:57 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e04.hannibal.torrent2014-05-23 20:56 - 2014-05-23 20:56 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e03.hannibal.torrent2014-05-23 20:56 - 2014-05-23 20:56 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e02.hannibal.torrent2014-05-23 20:15 - 2014-05-23 20:15 - 00019727 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e01.hannibal.torrent2014-05-21 19:59 - 2014-05-21 19:59 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\NVIDIA2014-05-21 19:51 - 2014-05-26 20:19 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\avidemux2014-05-21 19:51 - 2014-05-21 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64bits)2014-05-21 19:51 - 2014-05-21 19:51 - 00000000 ____D () C:\Program Files\Avidemux 2.6 - 64bits2014-05-21 19:41 - 2014-05-21 19:43 - 16456460 _____ () C:\Users\Elizabeth\Downloads\avidemux_2.6.8_win64_v2.exe2014-05-21 19:40 - 2014-05-21 19:42 - 242352128 _____ () C:\Users\Elizabeth\Downloads\IC308.avi2014-05-21 19:36 - 2014-05-21 19:39 - 243767296 _____ () C:\Users\Elizabeth\Downloads\IC618.avi2014-05-21 19:33 - 2014-05-21 19:33 - 00001621 _____ () C:\Users\Elizabeth\Desktop\DivX Movies.lnk2014-05-21 19:33 - 2014-05-21 19:33 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk2014-05-21 19:32 - 2014-05-21 19:33 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\DivX2014-05-21 19:32 - 2014-05-21 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX2014-05-21 19:32 - 2014-05-21 19:32 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk2014-05-21 19:32 - 2014-05-21 19:32 - 00000000 ____D () C:\Program Files\DivX2014-05-21 19:31 - 2014-05-21 19:33 - 00000000 ____D () C:\ProgramData\DivX2014-05-21 19:31 - 2014-05-21 19:33 - 00000000 ____D () C:\Program Files (x86)\DivX2014-05-21 19:31 - 2014-05-21 19:31 - 01001280 _____ (DivX, LLC) C:\Users\Elizabeth\Downloads\DivXWebPlayerInstaller.exe2014-05-21 19:30 - 2014-05-21 19:37 - 243724288 _____ () C:\Users\Elizabeth\Downloads\IC329.avi2014-05-19 10:14 - 2014-05-19 10:14 - 00015521 _____ () C:\Users\Elizabeth\Downloads\Peaky Blinders s01e01.hannibal.mkv.torrent2014-05-16 20:42 - 2014-05-16 20:42 - 00019840 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e07.hannibal.torrent2014-05-16 01:32 - 2014-05-16 01:32 - 00289728 _____ () C:\Windows\Minidump\051614-21044-01.dmp2014-05-16 01:29 - 2014-05-16 01:29 - 00289728 _____ () C:\Windows\Minidump\051614-22994-01.dmp2014-05-16 01:28 - 2014-05-16 01:28 - 00000000 _____ () C:\Users\Elizabeth\AppData\Local\{0696DE3E-19AF-4D80-8B57-CEB9D467074D}2014-05-16 01:27 - 2014-05-16 01:27 - 00291792 _____ () C:\Windows\Minidump\051614-27003-01.dmp ==================== One Month Modified Files and Folders ======= 2014-06-15 19:22 - 2014-06-15 19:21 - 00017204 _____ () C:\Users\Elizabeth\Downloads\FRST.txt2014-06-15 19:22 - 2013-11-20 12:23 - 00000000 ____D () C:\Users\Elizabeth\AppData\Local\Temp2014-06-15 19:21 - 2014-06-15 19:21 - 02081280 _____ (Farbar) C:\Users\Elizabeth\Downloads\FRST64.exe2014-06-15 19:21 - 2014-06-15 19:21 - 00000000 ____D () C:\FRST2014-06-15 19:21 - 2014-06-15 18:34 - 00000000 ____D () C:\ProgramData\Bitmeter22014-06-15 19:18 - 2014-05-04 20:14 - 01442529 _____ () C:\Windows\system32\Drivers\sfi.dat2014-06-15 19:06 - 2013-11-22 13:33 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-06-15 19:05 - 2014-06-15 19:05 - 00052736 _____ () C:\Users\Elizabeth\Downloads\Extras.Txt2014-06-15 19:04 - 2014-06-15 19:04 - 00095254 _____ () C:\Users\Elizabeth\Downloads\OTL.Txt2014-06-15 18:54 - 2014-06-15 18:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-06-15 18:54 - 2014-06-15 18:54 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-06-15 18:54 - 2014-06-15 18:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-06-15 18:53 - 2014-06-15 18:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elizabeth\Downloads\mbam-setup-2.0.2.1012.exe2014-06-15 18:52 - 2014-06-15 18:34 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\Bitmeter22014-06-15 18:50 - 2014-06-15 18:50 - 00380416 _____ () C:\Users\Elizabeth\Downloads\8frw3bx8.exe2014-06-15 18:49 - 2014-06-15 18:49 - 00602112 _____ (OldTimer Tools) C:\Users\Elizabeth\Downloads\OTL.exe2014-06-15 18:34 - 2014-06-15 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitMeter2014-06-15 18:34 - 2014-06-15 18:34 - 00000000 ____D () C:\Program Files (x86)\Codebox2014-06-15 18:34 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup2014-06-15 18:33 - 2014-06-15 18:33 - 01360256 _____ () C:\Users\Elizabeth\Downloads\BitMeter2.zip2014-06-15 18:33 - 2010-08-28 13:59 - 01378637 _____ () C:\Users\Elizabeth\Downloads\BitMeterInstaller.exe2014-06-15 18:25 - 2014-06-15 18:25 - 00372376 _____ (AddGadgets.com) C:\Users\Elizabeth\Downloads\NetworkMeterVersion96.exe2014-06-15 17:35 - 2013-11-20 11:06 - 01595351 _____ () C:\Windows\WindowsUpdate.log2014-06-15 17:29 - 2013-11-22 13:40 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\Azureus2014-06-15 17:10 - 2009-07-13 21:45 - 00019136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-06-15 17:10 - 2009-07-13 21:45 - 00019136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-06-15 17:06 - 2013-11-22 13:33 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-06-15 16:58 - 2013-11-21 15:49 - 00000000 ____D () C:\ProgramData\NVIDIA2014-06-15 16:58 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-06-15 16:58 - 2009-07-13 21:51 - 00021837 _____ () C:\Windows\setupact.log2014-06-15 16:57 - 2013-11-29 13:00 - 00000000 ____D () C:\ProgramData\MediaMall2014-06-15 16:49 - 2013-11-20 14:56 - 00237152 _____ () C:\Windows\PFRO.log2014-06-14 15:00 - 2014-06-14 15:00 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e08.hannibal.torrent2014-06-14 15:00 - 2014-06-14 15:00 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e07.hannibal.torrent2014-06-14 14:59 - 2014-06-14 14:59 - 00019334 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e06.hannibal.torrent2014-06-14 14:59 - 2014-06-14 14:59 - 00019327 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e05.hannibal.torrent2014-06-13 21:09 - 2014-06-13 21:09 - 00020930 _____ () C:\Users\Elizabeth\Downloads\Mock the Week s13e01.hannibal.torrent2014-06-12 21:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache2014-06-12 20:29 - 2013-11-22 19:51 - 00000000 ____D () C:\Users\Elizabeth\AppData\Local\SugarSync2014-06-12 02:36 - 2014-05-04 20:12 - 00002013 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk2014-06-12 02:36 - 2014-05-04 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo2014-06-11 09:09 - 2013-11-22 13:33 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-06-11 03:05 - 2013-11-20 13:04 - 00000000 ____D () C:\Windows\system32\MRT2014-06-11 03:03 - 2013-11-20 13:04 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-06-11 03:00 - 2014-05-06 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-06-10 21:05 - 2014-06-10 21:05 - 00000373 _____ () C:\Users\Elizabeth\Documents\googleprob.txt2014-06-08 20:10 - 2014-06-08 20:10 - 00019487 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e04.hannibal.torrent2014-06-08 20:09 - 2014-06-08 20:09 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e03.hannibal.torrent2014-06-08 20:09 - 2014-06-08 20:09 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e03.hannibal (1).torrent2014-06-08 13:08 - 2014-06-08 13:03 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-06-08 13:05 - 2014-06-08 13:02 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22014-06-08 13:03 - 2014-06-08 13:03 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-06-08 13:03 - 2014-06-08 13:03 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-06-08 13:03 - 2014-06-08 13:03 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2014-06-08 13:03 - 2014-06-08 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-06-08 13:02 - 2014-06-08 13:01 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Elizabeth\Downloads\spybot-2.3.exe2014-06-08 02:13 - 2014-06-11 01:34 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-06-08 02:08 - 2014-06-11 01:34 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-06-07 17:19 - 2014-05-04 20:14 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll2014-06-07 17:19 - 2014-05-04 20:11 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll2014-06-07 17:17 - 2014-06-07 17:17 - 00000000 ____D () C:\Program Files (x86)\Comodo2014-06-01 13:02 - 2014-06-01 13:02 - 00019720 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e09.hannibal.torrent2014-06-01 13:01 - 2014-06-01 13:01 - 00019600 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e08.hannibal.torrent2014-05-30 22:03 - 2014-05-30 22:03 - 00031638 _____ () C:\Users\Elizabeth\Downloads\A Very British Murder with Lucy Worsley - Series 1 (2013) [PDTV (XviD)][sUBS].torrent2014-05-30 20:37 - 2014-05-30 20:37 - 00021007 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e01.hannibal.torrent2014-05-30 20:37 - 2014-05-30 20:37 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s08e02.hannibal.torrent2014-05-30 20:36 - 2014-05-30 20:36 - 00021642 _____ () C:\Users\Elizabeth\Downloads\Only Connect - series 7 (2013) [PDTV(XviD)].torrent2014-05-30 03:21 - 2014-06-11 01:36 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-05-30 03:02 - 2014-06-11 01:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-05-30 03:02 - 2014-06-11 01:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-05-30 02:45 - 2014-06-11 01:36 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-05-30 02:39 - 2014-06-11 01:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-05-30 02:39 - 2014-06-11 01:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-05-30 02:38 - 2014-06-11 01:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-05-30 02:28 - 2014-06-11 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-05-30 02:27 - 2014-06-11 01:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-05-30 02:24 - 2014-06-11 01:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-05-30 02:21 - 2014-06-11 01:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-05-30 02:21 - 2014-06-11 01:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-05-30 02:20 - 2014-06-11 01:36 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-05-30 02:18 - 2014-06-11 01:37 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-05-30 02:11 - 2014-06-11 01:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-05-30 02:08 - 2014-06-11 01:36 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-05-30 02:06 - 2014-06-11 01:37 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-05-30 02:02 - 2014-06-11 01:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-05-30 01:55 - 2014-06-11 01:37 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-05-30 01:49 - 2014-06-11 01:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-05-30 01:46 - 2014-06-11 01:36 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-05-30 01:44 - 2014-06-11 01:36 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-05-30 01:44 - 2014-06-11 01:36 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-05-30 01:43 - 2014-06-11 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-05-30 01:42 - 2014-06-11 01:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-05-30 01:38 - 2014-06-11 01:37 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-05-30 01:35 - 2014-06-11 01:36 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-05-30 01:34 - 2014-06-11 01:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-05-30 01:33 - 2014-06-11 01:37 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-05-30 01:30 - 2014-06-11 01:37 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-05-30 01:29 - 2014-06-11 01:37 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-05-30 01:28 - 2014-06-11 01:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-05-30 01:27 - 2014-06-11 01:37 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-05-30 01:24 - 2014-06-11 01:36 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-05-30 01:23 - 2014-06-11 01:36 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-05-30 01:16 - 2014-06-11 01:37 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-05-30 01:10 - 2014-06-11 01:37 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-05-30 01:06 - 2014-06-11 01:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-05-30 01:04 - 2014-06-11 01:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-05-30 01:02 - 2014-06-11 01:37 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-05-30 00:56 - 2014-06-11 01:36 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-05-30 00:56 - 2014-06-11 01:36 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-05-30 00:54 - 2014-06-11 01:37 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-05-30 00:50 - 2014-06-11 01:36 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-05-30 00:49 - 2014-06-11 01:37 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-05-30 00:43 - 2014-06-11 01:36 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-05-30 00:40 - 2014-06-11 01:36 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-05-30 00:30 - 2014-06-11 01:37 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-05-30 00:21 - 2014-06-11 01:36 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-05-30 00:15 - 2014-06-11 01:37 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-05-30 00:13 - 2014-06-11 01:36 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-05-30 00:13 - 2014-06-11 01:36 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-05-28 19:59 - 2014-05-28 19:55 - 243283968 _____ () C:\Users\Elizabeth\Downloads\IC219.avi2014-05-28 19:58 - 2014-05-28 19:58 - 00020252 _____ () C:\Users\Elizabeth\Downloads\The Duchess of Malfi.HD.hannibal.torrent2014-05-28 19:58 - 2014-05-28 19:54 - 243746816 _____ () C:\Users\Elizabeth\Downloads\IC217.avi2014-05-27 20:45 - 2014-05-27 20:43 - 329862086 _____ () C:\Users\Elizabeth\Downloads\IC215.avi2014-05-27 20:40 - 2014-05-27 20:38 - 243292160 _____ () C:\Users\Elizabeth\Downloads\IC216.avi2014-05-27 20:39 - 2014-05-27 20:37 - 244226048 _____ () C:\Users\Elizabeth\Downloads\IC110.avi2014-05-26 20:19 - 2014-05-21 19:51 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\avidemux2014-05-23 20:57 - 2014-05-23 20:57 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e05.hannibal.torrent2014-05-23 20:57 - 2014-05-23 20:57 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e04.hannibal.torrent2014-05-23 20:56 - 2014-05-23 20:56 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e03.hannibal.torrent2014-05-23 20:56 - 2014-05-23 20:56 - 00019567 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e02.hannibal.torrent2014-05-23 20:15 - 2014-05-23 20:15 - 00019727 _____ () C:\Users\Elizabeth\Downloads\Only Connect s09e01.hannibal.torrent2014-05-21 19:59 - 2014-05-21 19:59 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\NVIDIA2014-05-21 19:51 - 2014-05-21 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64bits)2014-05-21 19:51 - 2014-05-21 19:51 - 00000000 ____D () C:\Program Files\Avidemux 2.6 - 64bits2014-05-21 19:43 - 2014-05-21 19:41 - 16456460 _____ () C:\Users\Elizabeth\Downloads\avidemux_2.6.8_win64_v2.exe2014-05-21 19:42 - 2014-05-21 19:40 - 242352128 _____ () C:\Users\Elizabeth\Downloads\IC308.avi2014-05-21 19:39 - 2014-05-21 19:36 - 243767296 _____ () C:\Users\Elizabeth\Downloads\IC618.avi2014-05-21 19:37 - 2014-05-21 19:30 - 243724288 _____ () C:\Users\Elizabeth\Downloads\IC329.avi2014-05-21 19:33 - 2014-05-21 19:33 - 00001621 _____ () C:\Users\Elizabeth\Desktop\DivX Movies.lnk2014-05-21 19:33 - 2014-05-21 19:33 - 00001066 _____ () C:\Users\Public\Desktop\DivX Player.lnk2014-05-21 19:33 - 2014-05-21 19:32 - 00000000 ____D () C:\Users\Elizabeth\AppData\Roaming\DivX2014-05-21 19:33 - 2014-05-21 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX2014-05-21 19:33 - 2014-05-21 19:31 - 00000000 ____D () C:\ProgramData\DivX2014-05-21 19:33 - 2014-05-21 19:31 - 00000000 ____D () C:\Program Files (x86)\DivX2014-05-21 19:32 - 2014-05-21 19:32 - 00001131 _____ () C:\Users\Public\Desktop\DivX Converter.lnk2014-05-21 19:32 - 2014-05-21 19:32 - 00000000 ____D () C:\Program Files\DivX2014-05-21 19:31 - 2014-05-21 19:31 - 01001280 _____ (DivX, LLC) C:\Users\Elizabeth\Downloads\DivXWebPlayerInstaller.exe2014-05-19 10:14 - 2014-05-19 10:14 - 00015521 _____ () C:\Users\Elizabeth\Downloads\Peaky Blinders s01e01.hannibal.mkv.torrent2014-05-16 20:42 - 2014-05-16 20:42 - 00019840 _____ () C:\Users\Elizabeth\Downloads\Have I Got News For You s47e07.hannibal.torrent2014-05-16 01:32 - 2014-05-16 01:32 - 00289728 _____ () C:\Windows\Minidump\051614-21044-01.dmp2014-05-16 01:32 - 2013-11-20 11:03 - 457800814 _____ () C:\Windows\MEMORY.DMP2014-05-16 01:32 - 2013-11-20 11:03 - 00000000 ____D () C:\Windows\Minidump2014-05-16 01:29 - 2014-05-16 01:29 - 00289728 _____ () C:\Windows\Minidump\051614-22994-01.dmp2014-05-16 01:28 - 2014-05-16 01:28 - 00000000 _____ () C:\Users\Elizabeth\AppData\Local\{0696DE3E-19AF-4D80-8B57-CEB9D467074D}2014-05-16 01:27 - 2014-05-16 01:27 - 00291792 _____ () C:\Windows\Minidump\051614-27003-01.dmp Some content of TEMP:====================C:\Users\Elizabeth\AppData\Local\Temp\i4jdel0.exeC:\Users\Elizabeth\AppData\Local\Temp\procexp64.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-08 00:40 ==================== End Of Log ============================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2014Ran by Elizabeth at 2014-06-15 19:22:32Running from C:\Users\Elizabeth\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== ==================== Installed Programs ====================== Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.183.7 - Adobe Systems Incorporated)Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )BitMeter (HKLM-x32\...\BitMeter) (Version: - )Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - )COMODO Antivirus (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)GeekBuddy (HKLM\...\{3FFD7EE1-7D2D-4F57-ADF7-914CE0CAC616}) (Version: 4.13.104 - Comodo Security Solutions Inc)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) HiddenMalwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) HiddenNVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) HiddenNVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) HiddenNVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) HiddenPlayLater (HKLM-x32\...\{5ABDB125-7725-40B6-A1E3-B7D8BFFAA303}) (Version: 1.4.15 - MediaMall Technologies, Inc.)PlayOn (HKLM-x32\...\{9489257A-CED5-45E7-8D16-7B20A2E48744}) (Version: 3.8.14 - MediaMall Technologies, Inc.)ScanSnap (x32 Version: 5.1.30.19 - PFU Limited) HiddenScanSnap Manager (HKLM-x32\...\{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}) (Version: V5.1L30 - PFU)Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)SugarSync (HKLM-x32\...\SugarSync) (Version: 2.0.46.127183 - SugarSync, Inc.)TP-LINK TL-WDN3200 Driver (HKLM-x32\...\{C0C6BCBC-0884-4C66-B5EF-0B7668FE2B10}) (Version: 1.1.0 - TP-LINK)TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.1.0 - TP-LINK)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) HiddenVisual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.) ==================== Restore Points ========================= Could not list Restore Points. Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== 2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {10BAFF3E-ADA7-43E9-887F-1E01814BECAE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: {16B1E1E2-F6E5-4D63-B77D-F2477BF7CA4E} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: {1CAC9922-FA1A-41EC-BD5C-74AF661B3A58} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exeTask: {6978169E-B576-442D-AC70-E8E29EB148F3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exeTask: {85240FD8-3568-418A-A29F-B04ED39BFFC7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeTask: {9E01E993-01F3-455E-89B9-2C1922DD028E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22] (Google Inc.)Task: {A7D96285-F4C3-4DD0-8CE3-D40A2B81BEAD} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: {B4853E33-2F02-4CB8-BFD4-14578B5FBF43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22] (Google Inc.)Task: {DFD6C514-934E-4B91-8E50-31F5272B9061} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-15 19:07 - 2014-05-06 11:03 - 00301920 _____ () C:\Program Files (x86)\SugarSync\x64\SugarSyncVFSNamespace64.dll2013-12-30 14:45 - 2012-02-23 12:09 - 00838656 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe2014-01-09 22:26 - 2014-01-09 22:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Elizabeth\Downloads\avg_remover_stf_x64_2014_4116.exe:BDUAlternateDataStreams: C:\Users\Elizabeth\Downloads\cav_installer.exe:BDU ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors:==================Error: (06/04/2014 02:34:47 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: The volume SugarSync Drive was not defragmented because an error was encountered: Incorrect function. (0x80070001) Error: (06/01/2014 05:12:40 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6cFaulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x000223e0Faulting process id: 0x1950Faulting application start time: 0xGoogleUpdate.exe0Faulting application path: GoogleUpdate.exe1Faulting module path: GoogleUpdate.exe2Report Id: GoogleUpdate.exe3 Error: (05/28/2014 08:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: dragon_updater.exe, version: 0.0.0.0, time stamp: 0x535051ddFaulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96fException code: 0xc0000005Fault offset: 0x00039342Faulting process id: 0x71cFaulting application start time: 0xdragon_updater.exe0Faulting application path: dragon_updater.exe1Faulting module path: dragon_updater.exe2Report Id: dragon_updater.exe3 Error: (05/28/2014 02:58:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: The volume SugarSync Drive was not defragmented because an error was encountered: Incorrect function. (0x80070001) Error: (05/26/2014 05:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6cFaulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x000223e0Faulting process id: 0x3310Faulting application start time: 0xGoogleUpdate.exe0Faulting application path: GoogleUpdate.exe1Faulting module path: GoogleUpdate.exe2Report Id: GoogleUpdate.exe3 Error: (05/23/2014 05:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6cFaulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x000223e0Faulting process id: 0x2d28Faulting application start time: 0xGoogleUpdate.exe0Faulting application path: GoogleUpdate.exe1Faulting module path: GoogleUpdate.exe2Report Id: GoogleUpdate.exe3 Error: (05/22/2014 05:12:06 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6cFaulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7Exception code: 0xc0000005Fault offset: 0x0002ff47Faulting process id: 0x1618Faulting application start time: 0xGoogleUpdate.exe0Faulting application path: GoogleUpdate.exe1Faulting module path: GoogleUpdate.exe2Report Id: GoogleUpdate.exe3 Error: (05/21/2014 07:33:08 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (05/21/2014 07:32:44 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (05/21/2014 03:29:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: The volume SugarSync Drive was not defragmented because an error was encountered: Incorrect function. (0x80070001) System errors:=============Error: (06/15/2014 04:59:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (06/15/2014 04:59:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the MediaMall Server service to connect. Error: (06/15/2014 04:50:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (06/15/2014 04:50:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 Error: (06/15/2014 04:50:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. Error: (06/11/2014 03:26:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (06/11/2014 03:25:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Windows Search service failed to start due to the following error: %%1053 Error: (06/11/2014 03:25:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. Error: (06/11/2014 03:25:49 AM) (Source: DCOM) (EventID: 10005) (User: )Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (06/10/2014 09:09:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions:=========================Error: (06/04/2014 02:34:47 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: SugarSync DriveIncorrect function. (0x80070001) Error: (06/01/2014 05:12:40 PM) (Source: Application Error) (EventID: 1000) (User: )Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e0195001cf7df66fa1b850C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dll9be8c830-e9ea-11e3-a3d9-0000000000a9 Error: (05/28/2014 08:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )Description: dragon_updater.exe0.0.0.0535051ddole32.dll6.1.7601.175144ce7b96fc00000050003934271c01cf70e1628fb760C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exeC:\Windows\syswow64\ole32.dll2a2075c0-e6e0-11e3-a3d9-0000000000a9 Error: (05/28/2014 02:58:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: SugarSync DriveIncorrect function. (0x80070001) Error: (05/26/2014 05:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e0331001cf793f7124ee60C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dll9f533f60-e534-11e3-a3d9-0000000000a9 Error: (05/23/2014 05:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c0000005000223e02d2801cf76e3f1c643b0C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dll6400bc70-e2d8-11e3-a3d9-0000000000a9 Error: (05/22/2014 05:12:06 PM) (Source: Application Error) (EventID: 1000) (User: )Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea8e7c00000050002ff47161801cf761ac75e5870C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SysWOW64\ntdll.dlldf728250-e20e-11e3-a3d9-0000000000a9 Error: (05/21/2014 07:33:08 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files (x86)\DivX\DivX Player\DPXIconHandler.dll Error: (05/21/2014 07:32:44 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll Error: (05/21/2014 03:29:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )Description: SugarSync DriveIncorrect function. (0x80070001) ==================== Memory info =========================== Percentage of memory in use: 56%Total physical RAM: 3838.55 MBAvailable physical RAM: 1663.7 MBTotal Pagefile: 7675.28 MBAvailable Pagefile: 4617.52 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:501.46 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6FE17F47)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Note: I uninstalled Vuze after I got to the end of the instructions and saw the warning. There are now no (or should be no) peer-to-peer apps running.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.