Jump to content

Did Malware removal, now wifi rarely works


Recommended Posts

So the other day, I got an update from java on my chrome browser telling me i had to update my java before they would let me continue. I thought it was sketch at first, but I looked at it and everything seemed legit. So I updated. I ended up getting some virus that would start random sounds. 

I then proceeded with malware removal (avast didnt find anything) and malwarebytes ended up finding like 110 files. now, obviously, i was in a rush, which was a mistake, and i removed everything. now my internet rarely works

My Laptop is an Intel® Core i5-3230M CPU@2.60GHz on a 64 bit operating system (I really dont know much about computers)

I really dont know what to do. Thank you for all your help, it is really appreciated. 

Link to post
Share on other sites

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Next,

 

Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ and run it on the computer with the issue.

Make sure the following options are checked:

 


Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender

 


Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

Let me see those logs...

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013

Ran by Nick (administrator) on NICKSLAPTOP on 02-10-2013 14:13:40

Running from C:\Users\Nick\Downloads

Windows 8 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe

(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Windows\system32\dashost.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

() C:\Windows\system32\valWBFPolicyService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe

(Amazon Digital Services, LLC.) C:\Users\Nick\AppData\Local\Apps\2.0\QKQAGKZ9.TB2\EN0LAPOR.QGH\amaz..tion_f2fa081ea2183235_0002.0000_52f6f5477bfc400b\AmazonCloudDrive.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe

() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Sun Microsystems, Inc.) C:\Users\Nick\AppData\Local\Apps\2.0\QKQAGKZ9.TB2\EN0LAPOR.QGH\amaz..tion_f2fa081ea2183235_0002.0000_52f6f5477bfc400b\LocalServiceJre\bin\AmazonCloudDriveW.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\Nick\Downloads\FSS.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe

(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\system32\msiexec.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()

HKLM\...\Run: [bTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2874168 2012-09-14] (Synaptics Incorporated)

HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-05-30] (IDT, Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [405504 2012-07-25] (Microsoft Corporation)

HKCU\...\Run: [Power2GoExpress8] - C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1711680 2013-01-27] (CyberLink Corp.)

HKCU\...\Run: [DAEMON Tools Ultra Agent] - C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe [3128352 2013-06-25] (Disc Soft Ltd)

HKCU\...\Run: [Google Update] - C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-28] (Google Inc.)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [684024 2012-10-17] (Cisco Systems, Inc.)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)

HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()

HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

AppInit_DLLs:  C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL [253816 2013-03-12] ()

Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.lnk

ShortcutTarget: Amazon Cloud Drive.lnk -> C:\Users\Nick\AppData\Local\Apps\2.0\QKQAGKZ9.TB2\EN0LAPOR.QGH\amaz..tion_f2fa081ea2183235_0002.0000_52f6f5477bfc400b\AmazonCloudDrive.exe (Amazon Digital Services, LLC.)

Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKLM-x32 - DefaultScope {096AB13F-7C18-442D-AA22-6088BD3D064C} URL = 

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKCU - {096AB13F-7C18-442D-AA22-6088BD3D064C} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289847&CUI=UN35509119292399012&UM=2

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: No Name - {7F6AFBF1-E065-4627-A2FD-810366367D01} -  No File

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 138.23.146.213 138.23.201.101

 

Chrome: 

=======



CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)

CHR Plugin: (Simple Pass) - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)

CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Users\Nick\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (Google Talk Plugin) - C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Nick\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)

CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)

CHR Extension: (Google Translate) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0

CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0

CHR Extension: (Docs) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0

CHR Extension: (Google Drive) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0

CHR Extension: (Turn Off the Lights) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.21_0

CHR Extension: (YouTube) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0

CHR Extension: (Adblock Plus) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.4_0

CHR Extension: (Google Search) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0

CHR Extension: (Google Calendar) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0

CHR Extension: (Planetarium) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.2_0

CHR Extension: (AdBlock) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0

CHR Extension: (avast! Online Security) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0

CHR Extension: (Marvel Comics) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice\1.0.0.0_0

CHR Extension: (Website Logon) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof\6.0.100_0

CHR Extension: (Cloud Reader) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.4.0_0

CHR Extension: (Texas Hold'em Poker) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlopdoomnpjlpnpkppjjeknlbjlmkjpj\0.5.3.3_0

CHR Extension: (WhiteSmoke New) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.16.1.24_0

CHR Extension: (Dragon Ball Z mmorpg game !) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljhjkncoceojjbadalclgdinmijjien\1.1_0

CHR Extension: (StayFocusd) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.3.12_0

CHR Extension: (Water's Valley) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhpodmbdlgmgffpgbennemfkjhhaocfl\1.1_0

CHR Extension: (3D Solar System Web) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.50_0

CHR Extension: (Google Dictionary (by Google)) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0

CHR Extension: (Google Play Books) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0

CHR Extension: (Chrome In-App Payments service) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0

CHR Extension: (Gmail) - C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx

CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx

CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx

CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx

CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Nick\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx

 

==================== Services (Whitelisted) =================

 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)

R3 Disc Soft Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [632352 2013-06-25] (Disc Soft Ltd)

R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)

R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()

R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1871032 2013-03-15] (Microsoft Corporation)

R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)

R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)

 

==================== Drivers (Whitelisted) ====================

 

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)

R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()

R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)

R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)

R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)

R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)

R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

R3 dtscsibus; C:\Windows\system32\DRIVERS\dtscsibus.sys [29696 2013-08-26] (Disc Soft Ltd)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-10] (Intel Corporation)

S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-08-08] (Realtek Semiconductor Corp.)

S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-14] (Synaptics Incorporated)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-14] (Synaptics Incorporated)

R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows ® Win 7 DDK provider)

R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows ® Win 7 DDK provider)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-10-02 14:13 - 2013-10-02 14:13 - 00000000 ____D C:\FRST

2013-10-02 14:12 - 2013-10-01 20:41 - 00047872 _____ C:\Users\Nick\Documents\(10-2,%204,%2011)%20HesiodTheogonyTransEvelynWhite.doc_1.odt

2013-10-02 14:10 - 2013-10-02 14:11 - 01954124 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe

2013-10-02 03:02 - 2013-10-02 03:08 - 00002846 _____ C:\Users\Nick\Downloads\FSS.txt

2013-10-02 03:02 - 2013-10-02 03:02 - 00358923 _____ (Farbar) C:\Users\Nick\Downloads\FSS.exe

2013-09-30 13:52 - 2013-08-06 22:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll

2013-09-30 13:51 - 2013-10-02 14:13 - 00721304 _____ C:\Windows\WindowsUpdate.log

2013-09-30 04:21 - 2013-10-02 13:27 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-09-30 04:20 - 2013-10-02 13:27 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-09-30 04:20 - 2013-10-02 04:25 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-09-30 04:20 - 2013-09-30 04:20 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-09-30 04:20 - 2013-09-30 04:20 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-09-29 19:04 - 2013-09-30 00:37 - 00000000 ____D C:\Program Files (x86)\MyPC Backup

2013-09-29 19:03 - 2013-09-29 19:03 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Optimizer Pro

2013-09-29 19:02 - 2013-09-29 21:06 - 00000000 ____D C:\Users\Nick\AppData\Roaming\DefaultTab

2013-09-29 19:02 - 2013-09-29 21:06 - 00000000 ____D C:\ProgramData\eSafe

2013-09-29 19:02 - 2013-09-29 20:35 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Desk 365

2013-09-29 19:02 - 2013-09-29 19:02 - 00001062 _____ C:\Users\Nick\Desktop\Optimizer Pro.lnk

2013-09-29 19:02 - 2013-09-29 19:02 - 00000258 __RSH C:\Users\Nick\ntuser.pol

2013-09-29 16:29 - 2013-09-29 16:29 - 00000000 ____D C:\Users\Nick\Downloads\4787 - Pokemon - HeartGold Version (U)

2013-09-29 03:45 - 2013-09-29 03:45 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Mozilla

2013-09-29 02:52 - 2013-10-02 01:45 - 00040876 _____ C:\Windows\PFRO.log

2013-09-28 22:08 - 2013-09-28 22:20 - 512630363 _____ C:\Users\Nick\Downloads\TUF-18x4-SinisterGrin@primewire.ag -_-

2013-09-27 01:38 - 2013-09-27 01:38 - 00025832 _____ C:\Users\Nick\Documents\Backup for Registry Sep 27.reg

2013-09-23 18:42 - 2013-09-23 18:42 - 00389928 _____ C:\Users\Nick\Downloads\Schedule Fall 2k13.htm

2013-09-23 18:42 - 2013-09-23 18:42 - 00000000 ____D C:\Users\Nick\Downloads\Schedule Fall 2k13_files

2013-09-22 03:05 - 2013-09-29 14:00 - 00000000 ____D C:\Users\Nick\Downloads\TV Series

2013-09-20 17:02 - 2013-09-20 17:06 - 29036456 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jre-7u40-windows-i586.exe

2013-09-18 21:49 - 2013-09-18 21:57 - 00000000 ____D C:\Users\Nick\Downloads\Pokemon Light Platinum IPS app

2013-09-12 16:29 - 2013-09-12 16:29 - 00470592 _____ C:\Windows\system32\FNTCACHE.DAT

2013-09-12 12:34 - 2013-09-18 16:26 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-09-12 12:34 - 2013-09-18 16:26 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-09-11 23:47 - 2013-08-15 22:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys

2013-09-11 23:47 - 2013-08-15 22:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll

2013-09-11 23:47 - 2013-08-15 22:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2013-09-11 23:47 - 2013-08-15 22:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe

2013-09-11 23:47 - 2013-08-15 22:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe

2013-09-11 23:47 - 2013-08-15 22:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2013-09-11 23:47 - 2013-08-15 22:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2013-09-11 23:47 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2013-09-11 23:47 - 2013-08-15 22:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll

2013-09-11 23:47 - 2013-08-15 15:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2013-09-11 23:47 - 2013-08-15 15:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2013-09-11 23:47 - 2013-08-15 15:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll

2013-09-11 23:47 - 2013-08-15 15:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll

2013-09-11 23:45 - 2013-08-20 21:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-09-11 23:45 - 2013-08-20 21:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-09-11 23:45 - 2013-08-20 21:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-09-11 23:45 - 2013-08-20 19:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-09-11 23:44 - 2013-08-20 21:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-09-11 23:44 - 2013-08-20 21:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-09-11 23:44 - 2013-08-20 21:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-09-11 23:44 - 2013-08-20 21:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-09-11 23:44 - 2013-08-20 19:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-09-11 23:44 - 2013-08-20 19:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-09-11 23:44 - 2013-08-20 19:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-09-11 23:44 - 2013-08-20 19:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-09-11 23:44 - 2013-08-20 19:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-09-11 23:44 - 2013-08-20 18:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-09-11 23:44 - 2013-08-20 16:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

2013-09-11 23:44 - 2013-07-09 01:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys

2013-09-11 23:44 - 2013-07-08 23:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe

2013-09-11 23:44 - 2013-07-08 21:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe

2013-09-11 23:44 - 2013-07-08 20:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll

2013-09-11 23:44 - 2013-07-08 15:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll

2013-09-11 23:44 - 2013-07-08 15:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll

2013-09-11 23:44 - 2013-07-08 15:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll

2013-09-11 23:44 - 2013-07-08 15:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll

2013-09-11 23:44 - 2013-07-05 17:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2013-09-11 23:44 - 2013-07-02 17:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2013-09-11 23:44 - 2013-07-02 17:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll

2013-09-11 23:44 - 2013-07-02 17:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll

2013-09-11 23:44 - 2013-07-02 17:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2013-09-11 23:44 - 2013-07-02 17:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2013-09-11 23:44 - 2013-07-02 17:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2013-09-11 23:44 - 2013-07-02 17:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

2013-09-11 23:44 - 2013-07-01 15:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml

2013-09-11 23:44 - 2013-06-30 15:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe

2013-09-11 23:44 - 2013-06-30 15:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe

2013-09-11 23:44 - 2013-06-28 23:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys

2013-09-11 23:44 - 2013-06-28 23:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys

2013-09-11 23:44 - 2013-06-28 22:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys

2013-09-11 23:44 - 2013-06-28 18:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2013-09-11 23:44 - 2013-06-25 20:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys

2013-09-11 23:44 - 2013-06-25 19:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys

2013-09-11 23:44 - 2013-06-24 15:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2013-09-11 23:44 - 2013-06-24 15:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll

2013-09-11 23:44 - 2013-06-24 15:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll

2013-09-11 23:44 - 2013-06-18 22:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll

2013-09-11 23:44 - 2013-06-18 22:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll

2013-09-11 23:44 - 2013-06-18 15:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll

2013-09-11 23:44 - 2013-06-18 15:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll

2013-09-11 23:44 - 2013-06-11 16:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll

2013-09-11 23:44 - 2013-06-11 16:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll

2013-09-11 23:44 - 2013-06-10 14:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys

2013-09-11 23:44 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2013-09-11 23:44 - 2013-06-10 12:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2013-09-11 23:44 - 2013-06-10 12:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL

2013-09-11 23:44 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2013-09-11 23:44 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2013-09-11 23:44 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2013-09-11 23:44 - 2013-06-06 01:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

2013-09-11 23:43 - 2013-08-02 21:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-09-11 03:12 - 2013-09-11 03:12 - 00000000 ____D C:\Users\Nick\AppData\Roaming\DivX

2013-09-07 17:46 - 2013-09-07 17:46 - 00000000 ____D C:\Users\Nick\AppData\Local\Western Digital

2013-09-03 11:53 - 2013-09-03 11:54 - 00002611 _____ C:\Users\Public\Desktop\AllShare Control.lnk

2013-09-03 11:53 - 2013-09-03 11:53 - 00000000 ____D C:\Program Files (x86)\Samsung

2013-09-03 11:52 - 2013-09-03 11:52 - 00000000 ____D C:\ProgramData\Samsung

2013-09-03 11:52 - 2013-09-03 11:52 - 00000000 ____D C:\Program Files\SAMSUNG

2013-09-02 03:18 - 2013-09-02 03:18 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-09-02 03:18 - 2013-09-02 03:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-09-02 03:18 - 2013-09-02 03:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-09-02 03:18 - 2013-09-02 03:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-09-02 03:18 - 2013-09-02 03:18 - 00000000 ____D C:\Program Files (x86)\Java

2013-09-02 01:39 - 2013-09-02 19:57 - 00000000 ____D C:\Users\Nick\Downloads\Mystery

2013-09-02 01:34 - 2013-09-09 16:33 - 00000000 ____D C:\Users\Nick\Downloads\Emulator and Games

2013-09-02 01:33 - 2013-10-01 19:16 - 00000000 ____D C:\Users\Nick\Downloads\School

2013-09-02 01:33 - 2013-09-02 01:33 - 00000000 ____D C:\Users\Nick\Downloads\E-Books

2013-09-02 01:30 - 2013-09-02 01:31 - 00029120 _____ C:\Users\Nick\Documents\Backup for Registry Sep9.reg

2013-09-02 01:00 - 2013-09-02 01:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum

2013-09-02 01:00 - 2013-09-02 01:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum

2013-09-02 01:00 - 2013-09-02 01:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum

2013-09-02 00:59 - 2013-09-02 00:59 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2013-09-02 00:59 - 2013-08-30 00:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2013-09-02 00:59 - 2013-08-30 00:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2013-09-02 00:59 - 2013-08-30 00:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys

2013-09-02 00:59 - 2013-08-30 00:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2013-09-02 00:59 - 2013-08-30 00:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys

2013-09-02 00:59 - 2013-08-30 00:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2013-09-02 00:59 - 2013-08-30 00:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys

2013-09-02 00:58 - 2013-09-30 00:55 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2013-09-02 00:58 - 2013-09-18 20:36 - 00000000 _____ C:\Windows\SysWOW64\config.nt

2013-09-02 00:58 - 2013-09-02 00:58 - 00000000 ____D C:\Program Files\AVAST Software

2013-09-02 00:58 - 2013-08-30 00:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2013-09-02 00:58 - 2013-08-30 00:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2013-09-02 00:58 - 2013-08-30 00:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr

2013-09-02 00:58 - 2013-04-30 01:51 - 00040616 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

2013-09-02 00:57 - 2013-09-02 00:58 - 00000000 ____D C:\ProgramData\AVAST Software

2013-09-02 00:40 - 2013-09-02 00:40 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-09-02 00:40 - 2013-09-02 00:40 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Malwarebytes

2013-09-02 00:40 - 2013-09-02 00:40 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-09-02 00:40 - 2013-09-02 00:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-09-02 00:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

 

==================== One Month Modified Files and Folders =======

 

2013-10-02 14:13 - 2013-10-02 14:13 - 00000000 ____D C:\FRST

2013-10-02 14:13 - 2013-09-30 13:51 - 00721304 _____ C:\Windows\WindowsUpdate.log

2013-10-02 14:11 - 2013-10-02 14:10 - 01954124 _____ (Farbar) C:\Users\Nick\Downloads\FRST64.exe

2013-10-02 14:10 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\sru

2013-10-02 13:44 - 2013-08-28 14:39 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388929709-3002886532-3580485378-1001UA.job

2013-10-02 13:27 - 2013-09-30 04:21 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-10-02 13:27 - 2013-09-30 04:20 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-02 05:13 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\AUInstallAgent

2013-10-02 04:25 - 2013-09-30 04:20 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-02 03:18 - 2013-07-30 16:03 - 00000000 ____D C:\Users\Nick\AppData\Roaming\BitTorrent

2013-10-02 03:08 - 2013-10-02 03:02 - 00002846 _____ C:\Users\Nick\Downloads\FSS.txt

2013-10-02 03:02 - 2013-10-02 03:02 - 00358923 _____ (Farbar) C:\Users\Nick\Downloads\FSS.exe

2013-10-02 02:53 - 2013-03-06 17:33 - 00003164 _____ C:\Windows\System32\Tasks\HPCeeScheduleForNick

2013-10-02 02:53 - 2013-03-06 17:33 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForNick.job

2013-10-02 02:53 - 2013-02-27 03:33 - 00000000 ____D C:\Users\Nick

2013-10-02 01:45 - 2013-09-29 02:52 - 00040876 _____ C:\Windows\PFRO.log

2013-10-02 01:45 - 2012-07-26 00:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-02 01:44 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\BBI

2013-10-01 20:41 - 2013-10-02 14:12 - 00047872 _____ C:\Users\Nick\Documents\(10-2,%204,%2011)%20HesiodTheogonyTransEvelynWhite.doc_1.odt

2013-10-01 19:16 - 2013-09-02 01:33 - 00000000 ____D C:\Users\Nick\Downloads\School

2013-10-01 18:35 - 2013-04-12 11:15 - 00000000 ____D C:\Users\Nick\Downloads\Resume for everything_files

2013-10-01 14:44 - 2013-08-28 14:39 - 00000876 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388929709-3002886532-3580485378-1001Core.job

2013-10-01 14:17 - 2013-02-27 03:35 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6B3381F2-129E-4611-86AC-991A4ACE80BB}

2013-10-01 02:20 - 2013-03-03 03:15 - 00686592 ___SH C:\Users\Nick\Downloads\Thumbs.db

2013-09-30 05:02 - 2013-02-27 03:41 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-388929709-3002886532-3580485378-1001

2013-09-30 04:21 - 2013-02-27 03:46 - 00000000 ____D C:\Program Files (x86)\Google

2013-09-30 04:20 - 2013-09-30 04:20 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2013-09-30 04:20 - 2013-09-30 04:20 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2013-09-30 00:55 - 2013-09-02 00:58 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2013-09-30 00:37 - 2013-09-29 19:04 - 00000000 ____D C:\Program Files (x86)\MyPC Backup

2013-09-30 00:37 - 2013-02-27 03:35 - 00000000 ___RD C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-09-30 00:28 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\NDF

2013-09-29 23:17 - 2012-07-26 00:28 - 00942930 _____ C:\Windows\system32\PerfStringBackup.INI

2013-09-29 23:08 - 2013-05-11 03:55 - 00000000 ____D C:\Users\Nick\Downloads\Applications

2013-09-29 21:06 - 2013-09-29 19:02 - 00000000 ____D C:\Users\Nick\AppData\Roaming\DefaultTab

2013-09-29 21:06 - 2013-09-29 19:02 - 00000000 ____D C:\ProgramData\eSafe

2013-09-29 20:52 - 2013-08-16 03:04 - 00000000 ____D C:\Users\Nick\AppData\Roaming\vlc

2013-09-29 20:35 - 2013-09-29 19:02 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Desk 365

2013-09-29 19:03 - 2013-09-29 19:03 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Optimizer Pro

2013-09-29 19:02 - 2013-09-29 19:02 - 00001062 _____ C:\Users\Nick\Desktop\Optimizer Pro.lnk

2013-09-29 19:02 - 2013-09-29 19:02 - 00000258 __RSH C:\Users\Nick\ntuser.pol

2013-09-29 19:02 - 2012-07-26 01:12 - 00000000 ___HD C:\Windows\system32\GroupPolicy

2013-09-29 19:02 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy

2013-09-29 16:29 - 2013-09-29 16:29 - 00000000 ____D C:\Users\Nick\Downloads\4787 - Pokemon - HeartGold Version (U)

2013-09-29 14:00 - 2013-09-22 03:05 - 00000000 ____D C:\Users\Nick\Downloads\TV Series

2013-09-29 13:59 - 2013-08-27 00:26 - 00000000 ____D C:\Users\Nick\Downloads\Movies

2013-09-29 03:45 - 2013-09-29 03:45 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Mozilla

2013-09-28 22:20 - 2013-09-28 22:08 - 512630363 _____ C:\Users\Nick\Downloads\TUF-18x4-SinisterGrin@primewire.ag -_-

2013-09-27 01:38 - 2013-09-27 01:38 - 00025832 _____ C:\Users\Nick\Documents\Backup for Registry Sep 27.reg

2013-09-25 03:59 - 2013-04-23 15:42 - 00000000 ____D C:\Users\Nick\Downloads\Comics

2013-09-23 18:42 - 2013-09-23 18:42 - 00389928 _____ C:\Users\Nick\Downloads\Schedule Fall 2k13.htm

2013-09-23 18:42 - 2013-09-23 18:42 - 00000000 ____D C:\Users\Nick\Downloads\Schedule Fall 2k13_files

2013-09-22 03:13 - 2013-07-08 03:01 - 00000000 ____D C:\Users\Nick\Downloads\Winrar Files

2013-09-20 17:06 - 2013-09-20 17:02 - 29036456 _____ (Oracle Corporation) C:\Users\Nick\Downloads\jre-7u40-windows-i586.exe

2013-09-19 08:31 - 2013-02-28 18:33 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log

2013-09-19 08:31 - 2013-02-28 18:33 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2013-09-18 21:57 - 2013-09-18 21:49 - 00000000 ____D C:\Users\Nick\Downloads\Pokemon Light Platinum IPS app

2013-09-18 20:36 - 2013-09-02 00:58 - 00000000 _____ C:\Windows\SysWOW64\config.nt

2013-09-18 16:26 - 2013-09-12 12:34 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-09-18 16:26 - 2013-09-12 12:34 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-09-16 16:02 - 2013-02-27 03:34 - 00000000 ____D C:\Users\Nick\AppData\Local\VirtualStore

2013-09-14 05:58 - 2013-08-16 03:08 - 00000000 ____D C:\Program Files (x86)\DivX

2013-09-14 05:58 - 2013-08-16 03:07 - 00000000 ____D C:\ProgramData\DivX

2013-09-12 18:15 - 2013-07-31 01:22 - 00000000 ____D C:\Users\Nick\Downloads\Torrents

2013-09-12 16:29 - 2013-09-12 16:29 - 00470592 _____ C:\Windows\system32\FNTCACHE.DAT

2013-09-12 13:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\rescache

2013-09-12 12:29 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\WinStore

2013-09-12 12:28 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-09-12 12:28 - 2012-07-25 22:38 - 00000000 ____D C:\Windows\system32\oobe

2013-09-12 08:39 - 2012-08-03 17:02 - 00000000 ____D C:\SWSetup

2013-09-12 05:53 - 2013-07-28 21:20 - 00000000 ____D C:\Windows\system32\MRT

2013-09-12 05:51 - 2013-03-01 00:38 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-09-11 03:12 - 2013-09-11 03:12 - 00000000 ____D C:\Users\Nick\AppData\Roaming\DivX

2013-09-09 16:33 - 2013-09-02 01:34 - 00000000 ____D C:\Users\Nick\Downloads\Emulator and Games

2013-09-07 17:46 - 2013-09-07 17:46 - 00000000 ____D C:\Users\Nick\AppData\Local\Western Digital

2013-09-05 10:50 - 2012-12-22 23:56 - 00000000 ____D C:\Windows\Hewlett-Packard

2013-09-03 11:54 - 2013-09-03 11:53 - 00002611 _____ C:\Users\Public\Desktop\AllShare Control.lnk

2013-09-03 11:53 - 2013-09-03 11:53 - 00000000 ____D C:\Program Files (x86)\Samsung

2013-09-03 11:52 - 2013-09-03 11:52 - 00000000 ____D C:\ProgramData\Samsung

2013-09-03 11:52 - 2013-09-03 11:52 - 00000000 ____D C:\Program Files\SAMSUNG

2013-09-02 19:57 - 2013-09-02 01:39 - 00000000 ____D C:\Users\Nick\Downloads\Mystery

2013-09-02 04:55 - 2013-03-10 03:44 - 00000000 ____D C:\Users\Nick\Downloads\Pictures of Lady

2013-09-02 03:18 - 2013-09-02 03:18 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2013-09-02 03:18 - 2013-09-02 03:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2013-09-02 03:18 - 2013-09-02 03:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2013-09-02 03:18 - 2013-09-02 03:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2013-09-02 03:18 - 2013-09-02 03:18 - 00000000 ____D C:\Program Files (x86)\Java

2013-09-02 03:18 - 2013-03-09 22:04 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2013-09-02 03:18 - 2013-03-09 22:04 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2013-09-02 01:39 - 2013-04-25 03:53 - 00000000 ____D C:\Users\Nick\Downloads\Images

2013-09-02 01:33 - 2013-09-02 01:33 - 00000000 ____D C:\Users\Nick\Downloads\E-Books

2013-09-02 01:31 - 2013-09-02 01:30 - 00029120 _____ C:\Users\Nick\Documents\Backup for Registry Sep9.reg

2013-09-02 01:00 - 2013-09-02 01:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum

2013-09-02 01:00 - 2013-09-02 01:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum

2013-09-02 01:00 - 2013-09-02 01:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum

2013-09-02 00:59 - 2013-09-02 00:59 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2013-09-02 00:58 - 2013-09-02 00:58 - 00000000 ____D C:\Program Files\AVAST Software

2013-09-02 00:58 - 2013-09-02 00:57 - 00000000 ____D C:\ProgramData\AVAST Software

2013-09-02 00:56 - 2012-07-26 01:12 - 00000000 ___HD C:\Windows\ELAMBKUP

2013-09-02 00:55 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\ELAM

2013-09-02 00:51 - 2013-05-12 21:19 - 00000000 ____D C:\Users\Nick\AppData\Roaming\SearchProtect

2013-09-02 00:51 - 2013-05-12 21:19 - 00000000 ____D C:\Program Files (x86)\SearchProtect

2013-09-02 00:50 - 2013-05-12 21:18 - 00000000 ____D C:\ProgramData\Vaaudixx

2013-09-02 00:40 - 2013-09-02 00:40 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-09-02 00:40 - 2013-09-02 00:40 - 00000000 ____D C:\Users\Nick\AppData\Roaming\Malwarebytes

2013-09-02 00:40 - 2013-09-02 00:40 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-09-02 00:40 - 2013-09-02 00:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

 

Some content of TEMP:

====================

C:\Users\Nick\AppData\Local\Temp\BackupSetup.exe

C:\Users\Nick\AppData\Local\Temp\Java.exe

C:\Users\Nick\AppData\Local\Temp\vcredist_x64.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-09-29 13:32

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013

Ran by Nick at 2013-10-02 14:14:30

Running from C:\Users\Nick\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

4 Elements II (x32 Version: 2.2.0.98)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636)

AIM for Windows (HKCU)

AllShare Control (x32 Version: 1.5)

Amazon Cloud Drive (HKCU Version: 2.0.2013.841)

Amazon Kindle (HKCU)

AuthenTec TrueAPI 64-bit (Version: 1.6.0.87)

avast! Free Antivirus (x32 Version: 8.0.1497.0)

Bejeweled 3 (x32 Version: 2.2.0.98)

Bonjour (Version: 3.0.0.10)

Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98)

CCleaner (Version: 4.04)

Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.1.01065)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.01065)

Comical 0.8 (x32)

ComicRack v0.9.168 (Version: v0.9.168)

Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98)

Cradle of Rome 2 (x32 Version: 2.2.0.98)

CyberLink LabelPrint (x32 Version: 2.5.3.6326)

CyberLink Media Suite 10 (x32 Version: 10.0.3.2608)

CyberLink PhotoDirector (x32 Version: 2.0.2.3317)

CyberLink Power2Go 8 (x32 Version: 8.0.3.2527)

CyberLink PowerDirector 10 (x32 Version: 10.0.3.2606)

CyberLink PowerDVD (x32 Version: 10.0.6.4319)

CyberLink YouCam (x32 Version: 3.5.6.6119)

D3DX10 (x32 Version: 15.4.2368.0902)

DAEMON Tools Ultra (x32 Version: 1.1.0.0103)

Defraggler (Version: 2.15)

DivX Setup (x32 Version: 2.6.1.84)

Download Updater (AOL Inc.) (x32)

Energy Star (x32 Version: 1.0.9)

Farm Frenzy (x32 Version: 2.2.0.98)

FATE: The Cursed King (x32 Version: 2.2.0.97)

Final Drive Fury (x32 Version: 2.2.0.95)

Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32)

Google Chrome (x32 Version: 30.0.1599.66)

Google Talk Plugin (x32 Version: 4.7.0.15362)

Google Update Helper (x32 Version: 1.3.21.153)

Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)

Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)

House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98)

Hoyle Card Games (x32 Version: 2.2.0.95)

HP 3D DriveGuard (Version: 4.2.9.1)

HP Connected Music (Meridian - installer) (x32 Version: v1.0)

HP Connected Remote (x32 Version: 1.0.1218)

HP CoolSense (x32 Version: 2.10.51)

HP Customer Experience Enhancements (x32 Version: 6.0.1.7)

HP Documentation (x32 Version: 1.2.0.0)

HP Games (x32 Version: 1.0.3.0)

HP Postscript Converter (Version: 3.1.3591)

HP Quick Launch (x32 Version: 3.0.6)

HP Recovery Manager (x32 Version: 8.00)

HP Registration Service (Version: 1.1.6232.4245)

HP SimplePass (x32 Version: 6.0.100.272)

HP Support Assistant (x32 Version: 7.0.39.15)

HP Utility Center (x32 Version: 1.0.8)

HP Wireless Button Driver (x32 Version: 1.0.7.1)

IDT Audio (x32 Version: 1.0.6425.0)

Intel PROSet Wireless

Intel® Management Engine Components (x32 Version: 8.1.0.1252)

Intel® Processor Graphics (x32 Version: 9.17.10.2857)

Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.5.4.0423)

Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.6.1209.0268)

Intel® Rapid Storage Technology (x32 Version: 11.5.9.1002)

Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)

Intel® WiDi (Version: 3.5.40.0)

Intel® PROSet/Wireless WiFi Software (Version: 15.05.6000.1620)

Intel® Trusted Connect Service Client (Version: 1.24.388.1)

Java 7 Update 25 (x32 Version: 7.0.250)

Java Auto Updater (x32 Version: 2.1.9.5)

Jewel Match 3 (x32 Version: 2.2.0.98)

John Deere Drive Green (x32 Version: 2.2.0.95)

Luxor Evolved (x32 Version: 2.2.0.98)

Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98)

Movie Maker (x32 Version: 16.4.3503.0728)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT110 (x32 Version: 16.4.1108.0727)

MSVCRT110_amd64 (Version: 16.4.1108.0727)

Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4481.1510)

Office 15 Click-to-Run Licensing Component (Version: 15.0.4481.1510)

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4481.1510)

OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)

Peggle Nights (x32 Version: 2.2.0.98)

Penguins! (x32 Version: 2.2.0.98)

Photo Common (x32 Version: 16.4.3503.0728)

Photo Gallery (x32 Version: 16.4.3503.0728)

Polar Bowler (x32 Version: 2.2.0.97)

Polar Golfer (x32 Version: 2.2.0.98)

Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)

Realtek PCIE Card Reader (x32 Version: 6.2.8400.29034)

Roads of Rome 3 (x32 Version: 2.2.0.98)

Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32)

SAMSUNG USB Driver for Mobile Phones (Version: 1.5.14.0)

Star Wars: The Old Republic (x32 Version: 1.00)

swMSM (x32 Version: 12.0.0.1)

Synaptics Pointing Device Driver (Version: 16.2.15.0)

Tales of Lagoona (x32 Version: 2.2.0.110)

Update Installer for WildTangent Games App (x32)

Validity WBF DDK (Version: 4.4.234.0)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)

VitalSource Bookshelf (x32 Version: 5.05.0047)

VLC media player 2.0.8 (x32 Version: 2.0.8)

WildTangent Games (x32 Version: 1.0.3.0)

WildTangent Games App (x32 Version: 4.0.9.7)

Windows Live Communications Platform (x32 Version: 16.4.3503.0728)

Windows Live Essentials (x32 Version: 16.4.3503.0728)

Windows Live Installer (x32 Version: 16.4.3503.0728)

Windows Live Photo Common (x32 Version: 16.4.3503.0728)

Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)

Windows Live SOXE (x32 Version: 16.4.3503.0728)

Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)

Windows Live UX Platform (x32 Version: 16.4.3503.0728)

Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)

WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)

WinRAR 4.20 (64-bit) (Version: 4.20.0)

Youda Jewel Shop (x32 Version: 3.0.2.32)

Zuma's Revenge (x32 Version: 2.2.0.98)

 

==================== Restore Points  =========================

 

27-09-2013 17:30:50 Scheduled Checkpoint

02-10-2013 12:10:02 Windows Update

 

==================== Hosts content: ==========================

 

2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {0B54A761-D740-4A4E-B0FA-DA5995A8A4CB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-388929709-3002886532-3580485378-1001UA => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-28] (Google Inc.)

Task: {157C1445-2E6B-4545-9378-F0BA748B216A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {2F837945-6589-44A0-B3D5-B9DF66678DC7} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-15] (Microsoft Corporation)

Task: {38FB5C2F-08E9-45C5-80C8-EBDDFF40CA2B} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe

Task: {40CD09F9-4293-40EA-AA84-D7E9BD78783B} - System32\Tasks\HPCeeScheduleForNick => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)

Task: {52B21296-E217-4895-BE6E-9A3D0D474F88} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-04-05] (Microsoft Corporation)

Task: {598ECF22-3B34-4BBA-8F4C-25F5D3185B96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-30] (Google Inc.)

Task: {76BA18EA-F0AF-40A4-B2F7-10AA8DB829E5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)

Task: {815796FF-E8C5-48A1-B229-43BB15DD5384} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-30] (Google Inc.)

Task: {83296DE9-CB69-4DD4-984E-D51320930180} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

Task: {982DD7CD-0508-4EC7-BA32-B7C66248C6D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)

Task: {9C210D7A-02BB-4DC3-ACD5-E83D630AAF82} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {AAABD624-6020-4AC4-874D-62A88B725773} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)

Task: {AACBB899-1C70-49BC-9A11-B5C3D26CCE41} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-14] (Synaptics Incorporated)

Task: {C73BBCB3-E3CA-4EC9-AD2D-E59D38F2E27F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)

Task: {CDB68BBF-5E43-41D9-93D3-78C32E6F5E35} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)

Task: {DEE2A66F-E883-45B4-937C-C0A308139669} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)

Task: {E52BDC8C-ABFB-4CC9-92D4-8AD1E2BA5BC3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-03-15] (Microsoft Corporation)

Task: {E9DAE87F-0112-4459-9E17-1C38DE9BB1EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)

Task: {ECA56463-A000-4388-91BE-34572CA1F20A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-388929709-3002886532-3580485378-1001Core => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-28] (Google Inc.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388929709-3002886532-3580485378-1001Core.job => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388929709-3002886532-3580485378-1001UA.job => C:\Users\Nick\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForNick.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-02-26 08:02 - 2013-04-05 06:35 - 06523456 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2012-07-26 00:55 - 2012-07-26 00:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll

2012-12-22 23:44 - 2012-09-24 15:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2012-10-12 17:22 - 2012-10-12 17:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll

2013-02-27 03:36 - 2013-02-27 03:36 - 00120224 _____ () C:\Users\Nick\AppData\Local\assembly\dl3\N3E93ABM.0VD\PEPMR55K.D11\234a035b\008b7bc6_d8a8cd01\HPItunesModule.DLL

2012-10-12 17:22 - 2012-10-12 17:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll

2012-10-12 17:22 - 2012-10-12 17:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll

2012-10-17 10:30 - 2012-10-17 10:30 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2013-05-13 10:35 - 2012-06-07 20:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

2013-05-13 10:35 - 2013-01-27 07:13 - 00806664 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll

2013-05-13 10:35 - 2012-09-25 01:32 - 01320048 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll

2013-05-13 10:35 - 2013-01-27 07:13 - 00175880 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll

2013-02-12 19:38 - 2013-02-12 19:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

2012-08-10 16:50 - 2012-08-10 16:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll

2013-08-15 22:22 - 2013-08-15 22:22 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\580dd8b0082db602dda6a42bf4fb1b17\PSIClient.ni.dll

2012-12-22 23:43 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2013-09-30 04:21 - 2013-09-16 20:20 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libglesv2.dll

2013-09-30 04:21 - 2013-09-16 20:20 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\libegl.dll

2013-09-30 04:21 - 2013-09-16 20:21 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll

2013-09-30 04:21 - 2013-09-16 20:21 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll

2013-09-30 04:21 - 2013-09-16 20:20 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll

2013-09-30 04:21 - 2013-09-16 20:21 - 13611984 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll

2013-10-02 04:44 - 2013-10-02 01:28 - 02102784 _____ () C:\Program Files\AVAST Software\Avast\defs\13100200\algo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\ProgramData\Temp:373E1720

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== Faulty Device Manager Devices =============

 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: avast! SecureLine TAP Adapter

Description: avast! SecureLine TAP Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: TAP-Windows Provider V9

Service: tap0901

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (10/02/2013 02:09:49 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 98469

 

Error: (10/02/2013 02:09:49 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 98469

 

Error: (10/02/2013 02:09:49 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (10/02/2013 02:08:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1422

 

Error: (10/02/2013 02:08:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1422

 

Error: (10/02/2013 02:08:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (10/02/2013 02:06:46 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 899672

 

Error: (10/02/2013 02:06:46 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 899672

 

Error: (10/02/2013 02:06:46 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (10/02/2013 01:51:47 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1375

 

 

System errors:

=============

Error: (10/02/2013 04:43:36 AM) (Source: Service Control Manager) (User: )

Description: The avast! Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

 

Error: (10/02/2013 01:45:10 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)

Description: 0xc000014d0

 

Error: (09/30/2013 02:56:19 PM) (Source: Schannel) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.

 

Error: (09/30/2013 02:55:49 PM) (Source: Schannel) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.

 

Error: (09/30/2013 02:55:19 PM) (Source: Schannel) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.

 

Error: (09/30/2013 02:16:48 PM) (Source: Schannel) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.

 

Error: (09/30/2013 02:16:19 PM) (Source: Schannel) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.

 

Error: (09/30/2013 02:15:48 PM) (Source: Schannel) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.

 

Error: (09/30/2013 01:56:39 PM) (Source: Schannel) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.

 

Error: (09/30/2013 01:56:09 PM) (Source: Schannel) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.

 

 

Microsoft Office Sessions:

=========================

Error: (10/02/2013 02:09:49 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 98469

 

Error: (10/02/2013 02:09:49 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 98469

 

Error: (10/02/2013 02:09:49 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (10/02/2013 02:08:12 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1422

 

Error: (10/02/2013 02:08:12 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1422

 

Error: (10/02/2013 02:08:12 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (10/02/2013 02:06:46 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 899672

 

Error: (10/02/2013 02:06:46 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 899672

 

Error: (10/02/2013 02:06:46 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (10/02/2013 01:51:47 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1375

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 33%

Total physical RAM: 8081.27 MB

Available physical RAM: 5353.47 MB

Total Pagefile: 9297.27 MB

Available Pagefile: 5969.76 MB

Total Virtual: 8192 MB

Available Virtual: 8191.77 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:671.92 GB) (Free:464.93 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (RECOVERY) (Fixed) (Total:25.95 GB) (Free:3.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 699 GB) (Disk ID: A50E1C7D)

 

Partition: GPT Partition Type

==================== End Of Log ============================

Link to post
Share on other sites

Farbar Service Scanner Version: 13-09-2013

Ran by Nick (administrator) on 02-10-2013 at 14:26:29

Running from "C:\Users\Nick\Downloads"

Microsoft Windows 8  (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

 

System Restore Disabled Policy: 

========================

 

 

Action Center:

============

 

 

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is set to Demand. The default start type is Auto.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv service is OK.

 

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll

[2013-09-11 23:44] - [2013-06-10 12:15] - 0723968 ____A (Microsoft Corporation) 73133A0C0CA63817BFF2CB9DE65B64E7

 

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll

[2013-09-11 23:47] - [2013-08-15 22:21] - 3275776 ____A (Microsoft Corporation) 9DEC60D4783377097014DFCCA31E69F8

 

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

 

 

**** End of log ****

Link to post
Share on other sites

Do not see a great deal with those logs, nothing to affect your internet connection... Ok we continue:

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST/FRST64 and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

 

  •  

     

  • Double click on AdwCleaner.exe to run the tool.

     

     

  • Vista/Windows 7/8 users right-click and select Run As Administrator

     

     

  • Click on the Scan button.

     

     

  • AdwCleaner will begin...be patient as the scan may take some time to complete.

     

     

  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.

     

     

  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

     

     

  • Look over the log especially under Files/Folders for any program you want to save.

     

     

  • If there's a program you want to save, just uncheck it from AdwCleaner.

     

     

  • If you're not sure, post the log for review.

     

     

  • If you're ready to clean it all up.....click the Clean button.

     

     

  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.

     

     

  • Copy and paste the contents of that logfile in your next reply.

     

     

  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

     

     

  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine

     

     

  • To restore an item that has been deleted (if necessary):

     

     

  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

     

     

 

 

Next,

 

Please download RogueKiller from here:

 

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe  <- 32 bit version

 

http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe  <- 64 bit version

                                     

 

  •  

     

  • Make sure to get the correct version for your system.

     

     

  • Quit all running programs

     

     

  • Please disconnect any USB or external drives from the computer before you run this scan!

     

     

  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe

     

     

  • Wait until Prescan has finished...

     

     

  • The following EULA will appear, please select accept

     

     

    RKLicence.png

     

     

  • Ensure MBR scan, Check faked and AntiRootkit are checked

     

     

  • Select Scan

     

     

    RK1A.png

     

     

  • When the scan completes select Report, copy and paste that to your reply.

     

     

    RK2A.png

     

     

  • The log should be found in RKreport[?].txt on your Desktop

     

     

  • Exit/Close RogueKiller

     

     

 

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop.

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Let me see those logs...

 

 

Link to post
Share on other sites

Apologies I guess I forgot to attach that file, was a very long day...... Is attached now...

 

One other point, the following entry is a Bluetooth service that is in automatic so will run at boot:

 

HKLM\...\Run: [bTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp

 

do you use that app?

fixlist.txt

Link to post
Share on other sites

hey, sorry, i really needed internet so i formatted my laptop which everything was perfectly fine until a couple hours ago. still the same problem... should i repost my logs for the first 2 apps? im on my brothers laptop right now so every response is going to be pretty delayed since I'm going to need to wait until my internet gets those little sparks of workability so i can post the logs.... thanks again, youre myh only hope ( LOL)

Link to post
Share on other sites

also, no, i dont use a bluetooth app (at least at my knowledge)

hey, if this helps, when i did the malware cleanup (when i deleted over 110 files) i think i might have deleted a registry file or a couple of them. i dont remember but I THINK i saw a registry file in the delete list (dont take my word for it though) i am doing all the transferring right now from laptop to laptop

Link to post
Share on other sites

Here are the new logs for My reformatted laptop (ugh)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Nicks Laptop (administrator) on NICKS on 03-10-2013 17:40:03
Running from C:\Users\Nicks Laptop\Downloads
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\system32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-14] (IDT, Inc.)
HKLM\...\Run: [bTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2874168 2012-09-14] (Synaptics Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [405504 2012-07-25] (Microsoft Corporation)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR Extension: (Google Translate) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0
CHR Extension: (Google Docs) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Turn Off the Lights) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.22_0
CHR Extension: (YouTube) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0
CHR Extension: (Google Search) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Calendar) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0
CHR Extension: (Website Logon) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo\6.0.100_0
CHR Extension: (Planetarium) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.2_0
CHR Extension: (AdBlock) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0
CHR Extension: (avast! Online Security) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Marvel Comics) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice\1.0.0.0_0
CHR Extension: (Cloud Reader) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.4.0_0
CHR Extension: (Texas Hold'em Poker) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlopdoomnpjlpnpkppjjeknlbjlmkjpj\0.5.3.3_0
CHR Extension: (Dragon Ball Z mmorpg game !) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljhjkncoceojjbadalclgdinmijjien\1.1_0
CHR Extension: (StayFocusd) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.4.3_0
CHR Extension: (Water's Valley) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhpodmbdlgmgffpgbennemfkjhhaocfl\1.1_0
CHR Extension: (3D Solar System Web) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.50_0
CHR Extension: (Google Dictionary (by Google)) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0
CHR Extension: (Norton Identity Protection) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0
CHR Extension: (Google Play Books) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\NICKSL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\Exts\Chrome.crx
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe [143928 2012-06-14] (Symantec Corporation)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2012-09-06] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-24] (Symantec Corporation)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-24] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [121728 2012-08-27] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1400000.088\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-10-03] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-10-03] (Symantec Corporation)
U3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-10-03] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131002.001\IDSvia64.sys [520280 2013-10-02] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131002.001\IDSvia64.sys [520280 2013-10-02] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131003.002\ENG64.SYS [126040 2013-10-03] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131003.002\ENG64.SYS [126040 2013-10-03] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131003.002\EX64.SYS [2099288 2013-10-03] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131003.002\EX64.SYS [2099288 2013-10-03] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-10] (Intel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-08-08] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-14] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1400000.088\SRTSP64.SYS [753312 2012-05-24] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1400000.088\SRTSPX64.SYS [37496 2012-01-11] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1400000.088\SYMDS64.SYS [485024 2012-05-24] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1400000.088\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1400000.088\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2012-12-23] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1400000.088\Ironx64.SYS [222368 2012-05-24] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NISx64\1400000.088\SYMNETS.SYS [431224 2012-05-09] (Symantec Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows ® Win 7 DDK provider)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows ® Win 7 DDK provider)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-10-03 17:39 - 2013-10-03 17:39 - 00000000 ____D C:\FRST
2013-10-03 17:28 - 2013-10-03 17:28 - 00000000 ____D C:\Users\Nicks Laptop\Downloads\School
2013-10-03 17:28 - 2013-10-03 17:28 - 00000000 ____D C:\Users\Nicks Laptop\Downloads\Resume for everything_files
2013-10-03 17:28 - 2013-10-03 17:28 - 00000000 ____D C:\Users\Nicks Laptop\Downloads\Pictures of Lady
2013-10-03 17:28 - 2013-10-02 14:38 - 00047384 _____ C:\Users\Nicks Laptop\Downloads\(10-2,%204,%2011)%20HesiodTheogonyTransEvelynWhite.doc_0.odt
2013-10-03 17:27 - 2013-10-03 17:28 - 00000000 ____D C:\Users\Nicks Laptop\Downloads\Applications
2013-10-03 17:27 - 2013-10-02 14:26 - 00002846 _____ C:\Users\Nicks Laptop\Downloads\FSS.txt
2013-10-03 17:27 - 2013-10-02 14:11 - 01954124 _____ (Farbar) C:\Users\Nicks Laptop\Downloads\FRST64.exe
2013-10-03 17:27 - 2013-10-02 03:02 - 00358923 _____ (Farbar) C:\Users\Nicks Laptop\Downloads\FSS.exe
2013-10-03 17:27 - 2013-10-01 20:41 - 00047872 _____ C:\Users\Nicks Laptop\Downloads\(10-2,%204,%2011)%20HesiodTheogonyTransEvelynWhite.doc_1.odt
2013-10-03 09:39 - 2013-10-03 09:39 - 964337399 _____ C:\Windows\MEMORY.DMP
2013-10-03 09:39 - 2013-10-03 09:39 - 00755392 _____ C:\Windows\Minidump\100313-36281-01.dmp
2013-10-03 09:39 - 2013-10-03 09:39 - 00000000 ____D C:\Windows\Minidump
2013-10-03 09:11 - 2013-10-03 09:11 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\hpqlog
2013-10-03 09:01 - 2013-10-03 09:01 - 00174592 _____ C:\Users\Nicks Laptop\Downloads\soc2a2 crime law and criminology.ppt
2013-10-03 08:46 - 2013-10-03 08:46 - 00000117 ____H C:\Users\Nicks Laptop\Downloads\.~lock.CLA40SyllabusF13Rev2.doc#
2013-10-03 08:37 - 2013-10-03 08:37 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-03 08:37 - 2013-08-30 00:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-10-03 08:37 - 2013-08-30 00:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-03 08:37 - 2013-08-30 00:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-03 08:37 - 2013-08-30 00:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-03 08:37 - 2013-08-30 00:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-03 08:37 - 2013-08-30 00:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-10-03 08:37 - 2013-08-30 00:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-10-03 08:36 - 2013-10-03 08:36 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-03 08:36 - 2013-10-03 08:36 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-03 08:36 - 2013-10-03 08:36 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-03 08:36 - 2013-10-03 08:36 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-03 08:36 - 2013-08-30 00:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-10-03 08:36 - 2013-08-30 00:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-10-03 08:36 - 2013-08-30 00:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-10-03 08:33 - 2013-10-03 08:36 - 131918888 _____ C:\Users\Nicks Laptop\Downloads\avast_free_antivirus_setup.exe
2013-10-03 08:13 - 2013-10-03 08:50 - 00013121 _____ C:\Users\Nicks Laptop\Downloads\Critical Thinking Lecture 2 (October 3rd).odt
2013-10-03 08:13 - 2013-10-03 08:50 - 00000117 ____H C:\Users\Nicks Laptop\Downloads\.~lock.Critical Thinking Lecture 2 (October 3rd).odt#
2013-10-03 08:10 - 2013-10-03 08:10 - 00001112 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-03 08:10 - 2013-10-03 08:10 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\OpenOffice
2013-10-03 08:09 - 2013-10-03 08:09 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-03 08:06 - 2013-10-03 08:06 - 00004032 _____ C:\Windows\System32\Tasks\HPGenoobeReminder
2013-10-03 08:06 - 2013-10-03 08:06 - 00000000 ____D C:\Users\Nicks Laptop\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
2013-10-03 08:04 - 2013-10-03 08:06 - 143485940 _____ C:\Users\Nicks Laptop\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_en-US.exe
2013-10-03 07:59 - 2013-10-03 07:59 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\HP
2013-10-03 07:21 - 2013-10-03 07:21 - 00000000 ____D C:\ProgramData\TrueSuite
2013-10-03 07:19 - 2013-10-03 17:33 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-62496195-318707196-799956928-1001
2013-10-03 07:16 - 2013-10-03 17:23 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-03 07:16 - 2013-10-03 17:21 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-03 07:16 - 2013-10-03 07:16 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-03 07:16 - 2013-10-03 07:16 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-03 07:16 - 2013-10-03 07:16 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-03 07:16 - 2013-10-03 07:16 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Google
2013-10-03 07:16 - 2013-10-03 07:16 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Deployment
2013-10-03 07:16 - 2013-10-03 07:16 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Apps\2.0
2013-10-03 07:16 - 2013-10-03 07:16 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-03 07:15 - 2013-10-03 07:15 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Macromedia
2013-10-03 07:14 - 2013-10-03 07:14 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-10-03 07:14 - 2013-10-03 07:14 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Hewlett-Packard
2013-10-03 07:13 - 2013-10-03 07:13 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1142FFFD-5F77-430F-94C0-E482A81DBB76}
2013-10-03 07:13 - 2013-10-03 07:13 - 00001426 _____ C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-03 07:13 - 2013-10-03 07:13 - 00000000 ___RD C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-03 07:13 - 2013-10-03 07:13 - 00000000 ___RD C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-03 07:13 - 2013-10-03 07:13 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Adobe
2013-10-03 07:12 - 2013-10-03 08:06 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Hewlett-Packard
2013-10-03 07:12 - 2013-10-03 07:12 - 00000141 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-10-03 07:12 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Synaptics
2013-10-03 07:12 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Power2Go8
2013-10-03 07:12 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\AuthenTec
2013-10-03 07:11 - 2013-10-03 07:13 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Packages
2013-10-03 07:11 - 2013-10-03 07:11 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2013-10-03 07:11 - 2013-10-03 07:11 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Intel
2013-10-03 07:11 - 2013-10-03 07:11 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\VirtualStore
2013-10-03 07:10 - 2013-10-03 17:37 - 00311583 _____ C:\Windows\WindowsUpdate.log
2013-10-03 07:10 - 2013-10-03 07:13 - 00000000 ____D C:\Users\Nicks Laptop
2013-10-03 07:10 - 2013-10-03 07:10 - 00000020 ___SH C:\Users\Nicks Laptop\ntuser.ini
2013-10-03 07:10 - 2012-10-31 18:51 - 00002096 _____ C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-10-03 07:10 - 2012-10-31 18:41 - 00000000 ___HD C:\Users\Nicks Laptop\Documents\hp.system.package.metadata
2013-10-03 07:10 - 2012-07-26 01:13 - 00000000 ___RD C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-03 07:10 - 2012-07-26 01:13 - 00000000 ___RD C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-03 07:10 - 2012-07-26 01:13 - 00000000 ___RD C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-03 07:10 - 2012-07-26 01:13 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-03 04:51 - 2013-10-03 04:51 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-62496195-318707196-799956928-500
2013-10-03 04:49 - 2013-10-03 04:49 - 00000000 _____ C:\Recovery.txt
 
==================== One Month Modified Files and Folders =======
 
2013-10-03 17:39 - 2013-10-03 17:39 - 00000000 ____D C:\FRST
2013-10-03 17:37 - 2013-10-03 07:10 - 00311583 _____ C:\Windows\WindowsUpdate.log
2013-10-03 17:33 - 2013-10-03 07:19 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-62496195-318707196-799956928-1001
2013-10-03 17:28 - 2013-10-03 17:28 - 00000000 ____D C:\Users\Nicks Laptop\Downloads\School
2013-10-03 17:28 - 2013-10-03 17:28 - 00000000 ____D C:\Users\Nicks Laptop\Downloads\Resume for everything_files
2013-10-03 17:28 - 2013-10-03 17:28 - 00000000 ____D C:\Users\Nicks Laptop\Downloads\Pictures of Lady
2013-10-03 17:28 - 2013-10-03 17:27 - 00000000 ____D C:\Users\Nicks Laptop\Downloads\Applications
2013-10-03 17:28 - 2012-07-26 00:28 - 00942930 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-03 17:26 - 2012-07-26 00:21 - 00037956 _____ C:\Windows\setupact.log
2013-10-03 17:23 - 2013-10-03 07:16 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-03 17:22 - 2012-08-03 15:23 - 00004302 _____ C:\Windows\PFRO.log
2013-10-03 17:22 - 2012-07-26 01:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-03 17:22 - 2012-07-26 00:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-03 17:21 - 2013-10-03 07:16 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-03 17:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-03 09:39 - 2013-10-03 09:39 - 964337399 _____ C:\Windows\MEMORY.DMP
2013-10-03 09:39 - 2013-10-03 09:39 - 00755392 _____ C:\Windows\Minidump\100313-36281-01.dmp
2013-10-03 09:39 - 2013-10-03 09:39 - 00000000 ____D C:\Windows\Minidump
2013-10-03 09:39 - 2012-10-31 18:33 - 00318416 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-03 09:11 - 2013-10-03 09:11 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\hpqlog
2013-10-03 09:01 - 2013-10-03 09:01 - 00174592 _____ C:\Users\Nicks Laptop\Downloads\soc2a2 crime law and criminology.ppt
2013-10-03 08:50 - 2013-10-03 08:13 - 00013121 _____ C:\Users\Nicks Laptop\Downloads\Critical Thinking Lecture 2 (October 3rd).odt
2013-10-03 08:50 - 2013-10-03 08:13 - 00000117 ____H C:\Users\Nicks Laptop\Downloads\.~lock.Critical Thinking Lecture 2 (October 3rd).odt#
2013-10-03 08:46 - 2013-10-03 08:46 - 00000117 ____H C:\Users\Nicks Laptop\Downloads\.~lock.CLA40SyllabusF13Rev2.doc#
2013-10-03 08:37 - 2013-10-03 08:37 - 00001922 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-10-03 08:36 - 2013-10-03 08:36 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-03 08:36 - 2013-10-03 08:36 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-03 08:36 - 2013-10-03 08:36 - 00000000 ____D C:\Program Files\AVAST Software
2013-10-03 08:36 - 2013-10-03 08:36 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-03 08:36 - 2013-10-03 08:33 - 131918888 _____ C:\Users\Nicks Laptop\Downloads\avast_free_antivirus_setup.exe
2013-10-03 08:10 - 2013-10-03 08:10 - 00001112 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-10-03 08:10 - 2013-10-03 08:10 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\OpenOffice
2013-10-03 08:09 - 2013-10-03 08:09 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-03 08:06 - 2013-10-03 08:06 - 00004032 _____ C:\Windows\System32\Tasks\HPGenoobeReminder
2013-10-03 08:06 - 2013-10-03 08:06 - 00000000 ____D C:\Users\Nicks Laptop\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
2013-10-03 08:06 - 2013-10-03 08:04 - 143485940 _____ C:\Users\Nicks Laptop\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_en-US.exe
2013-10-03 08:06 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Hewlett-Packard
2013-10-03 08:06 - 2012-12-23 00:10 - 00000000 ____D C:\ProgramData\Norton
2013-10-03 08:06 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\restore
2013-10-03 07:59 - 2013-10-03 07:59 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\HP
2013-10-03 07:21 - 2013-10-03 07:21 - 00000000 ____D C:\ProgramData\TrueSuite
2013-10-03 07:16 - 2013-10-03 07:16 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-03 07:16 - 2013-10-03 07:16 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-03 07:16 - 2013-10-03 07:16 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-03 07:16 - 2013-10-03 07:16 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Google
2013-10-03 07:16 - 2013-10-03 07:16 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Deployment
2013-10-03 07:16 - 2013-10-03 07:16 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Apps\2.0
2013-10-03 07:16 - 2013-10-03 07:16 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-03 07:15 - 2013-10-03 07:15 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Macromedia
2013-10-03 07:14 - 2013-10-03 07:14 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-10-03 07:14 - 2013-10-03 07:14 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Hewlett-Packard
2013-10-03 07:13 - 2013-10-03 07:13 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1142FFFD-5F77-430F-94C0-E482A81DBB76}
2013-10-03 07:13 - 2013-10-03 07:13 - 00001426 _____ C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-03 07:13 - 2013-10-03 07:13 - 00000000 ___RD C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-03 07:13 - 2013-10-03 07:13 - 00000000 ___RD C:\Users\Nicks Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-03 07:13 - 2013-10-03 07:13 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Adobe
2013-10-03 07:13 - 2013-10-03 07:11 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Packages
2013-10-03 07:13 - 2013-10-03 07:10 - 00000000 ____D C:\Users\Nicks Laptop
2013-10-03 07:13 - 2012-10-31 18:54 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-10-03 07:13 - 2012-08-03 17:02 - 00000000 ___HD C:\SYSTEM.SAV
2013-10-03 07:12 - 2013-10-03 07:12 - 00000141 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-10-03 07:12 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Synaptics
2013-10-03 07:12 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\Power2Go8
2013-10-03 07:12 - 2013-10-03 07:12 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\AuthenTec
2013-10-03 07:11 - 2013-10-03 07:11 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2013-10-03 07:11 - 2013-10-03 07:11 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Roaming\Intel
2013-10-03 07:11 - 2013-10-03 07:11 - 00000000 ____D C:\Users\Nicks Laptop\AppData\Local\VirtualStore
2013-10-03 07:11 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-03 07:10 - 2013-10-03 07:10 - 00000020 ___SH C:\Users\Nicks Laptop\ntuser.ini
2013-10-03 07:10 - 2012-08-03 16:21 - 00000000 ____D C:\Windows\Panther
2013-10-03 07:05 - 2012-10-31 18:54 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-10-03 04:55 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\rescache
2013-10-03 04:53 - 2012-07-25 22:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-03 04:52 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\system32\Recovery
2013-10-03 04:51 - 2013-10-03 04:51 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-62496195-318707196-799956928-500
2013-10-03 04:51 - 2012-08-03 15:40 - 00010342 _____ C:\Windows\iis.log
2013-10-03 04:51 - 2012-07-26 01:13 - 00004552 _____ C:\Windows\DtcInstall.log
2013-10-03 04:49 - 2013-10-03 04:49 - 00000000 _____ C:\Recovery.txt
2013-10-03 04:49 - 2012-07-26 01:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-10-02 14:38 - 2013-10-03 17:28 - 00047384 _____ C:\Users\Nicks Laptop\Downloads\(10-2,%204,%2011)%20HesiodTheogonyTransEvelynWhite.doc_0.odt
2013-10-02 14:26 - 2013-10-03 17:27 - 00002846 _____ C:\Users\Nicks Laptop\Downloads\FSS.txt
2013-10-02 14:11 - 2013-10-03 17:27 - 01954124 _____ (Farbar) C:\Users\Nicks Laptop\Downloads\FRST64.exe
2013-10-02 03:02 - 2013-10-03 17:27 - 00358923 _____ (Farbar) C:\Users\Nicks Laptop\Downloads\FSS.exe
2013-10-01 20:41 - 2013-10-03 17:27 - 00047872 _____ C:\Users\Nicks Laptop\Downloads\(10-2,%204,%2011)%20HesiodTheogonyTransEvelynWhite.doc_1.odt
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2012-08-03 15:23
 
==================== End Of Log ============================
 
 
and here is the addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Nicks Laptop at 2013-10-03 17:41:05
Running from C:\Users\Nicks Laptop\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
4 Elements II (x32 Version: 2.2.0.98)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.6.636)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.86)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98)
Cradle of Rome 2 (x32 Version: 2.2.0.98)
CyberLink LabelPrint (x32 Version: 2.5.2.5712)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2110)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126)
CyberLink PowerDVD (x32 Version: 10.0.7.4528)
CyberLink YouCam (x32 Version: 3.5.5.5811)
D3DX10 (x32 Version: 15.4.2368.0902)
Energy Star (x32 Version: 1.0.9)
Farm Frenzy (x32 Version: 2.2.0.98)
FATE: The Cursed King (x32 Version: 2.2.0.97)
Final Drive Fury (x32 Version: 2.2.0.95)
Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32)
Google Chrome (x32 Version: 30.0.1599.66)
Google Update Helper (x32 Version: 1.3.21.153)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98)
Hoyle Card Games (x32 Version: 2.2.0.95)
HP 3D DriveGuard (Version: 4.2.8.1)
HP Connected Music (Meridian - installer) (x32 Version: v1.0)
HP Connected Remote (x32 Version: 1.0.1218)
HP CoolSense (x32 Version: 2.10.42)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Documentation (x32 Version: 1.2.0.0)
HP Games (x32 Version: 1.0.3.0)
HP Postscript Converter (Version: 3.1.3591)
HP Quick Launch (x32 Version: 3.0.6)
HP Recovery Manager (x32 Version: 8.00)
HP Registration Service (Version: 1.1.6232.4245)
HP SimplePass (x32 Version: 6.0.100.244)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Utility Center (x32 Version: 1.0.8)
HP Wireless Button Driver (x32 Version: 1.0.6.1)
IDT Audio (x32 Version: 1.0.6423.0)
Intel PROSet Wireless
Intel® Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Processor Graphics (x32 Version: 9.17.10.2857)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.5.4.0423)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.6.1209.0268)
Intel® Rapid Storage Technology (x32 Version: 11.5.9.1002)
Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® WiDi (Version: 3.5.40.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.05.6000.1620)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Luxor Evolved (x32 Version: 2.2.0.98)
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98)
Movie Maker (x32 Version: 16.4.3503.0728)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98)
Norton Internet Security (x32 Version: 20.0.0.136)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
Peggle Nights (x32 Version: 2.2.0.98)
Penguins! (x32 Version: 2.2.0.98)
Photo Common (x32 Version: 16.4.3503.0728)
Photo Gallery (x32 Version: 16.4.3503.0728)
Polar Bowler (x32 Version: 2.2.0.97)
Polar Golfer (x32 Version: 2.2.0.98)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.29034)
Roads of Rome 3 (x32 Version: 2.2.0.98)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.15.0)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update Installer for WildTangent Games App (x32)
Validity WBF DDK (Version: 4.4.234.0)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.7)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728)
Windows Live Essentials (x32 Version: 16.4.3503.0728)
Windows Live Installer (x32 Version: 16.4.3503.0728)
Windows Live Photo Common (x32 Version: 16.4.3503.0728)
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)
Windows Live SOXE (x32 Version: 16.4.3503.0728)
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)
Windows Live UX Platform (x32 Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)
Youda Jewel Shop (x32 Version: 3.0.2.32)
Zuma's Revenge (x32 Version: 2.2.0.98)
 
==================== Restore Points  =========================
 
03-10-2013 15:06:31 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
 
==================== Hosts content: ==========================
 
2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {157C1445-2E6B-4545-9378-F0BA748B216A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {1B58A74A-06DE-4214-A9F2-94C067FB0746} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2012-09-17] ()
Task: {29F628E2-6A6D-40C5-B753-12EA21302D7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {394D2186-8F94-4500-B120-4AACB2AE4DC0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\WSCStub.exe [2012-07-24] (Symantec Corporation)
Task: {55E7269A-1261-4C05-A162-47C50F86678A} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe [2012-07-05] (Symantec Corporation)
Task: {6475200E-A06E-45F2-90F2-BE66ED69F322} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {8DB2275B-EB2D-4CC2-B8F4-BB40DE710F3D} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\SYSTEM32\OOBE\SETUPSQM.EXE [2012-07-25] (Microsoft Corporation)
Task: {9208001C-284B-459F-A88F-B10A4FA62755} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-12] (CyberLink)
Task: {A7D1C2FB-BE81-4892-8D63-61D947FA3ACD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-03] (Google Inc.)
Task: {AACBB899-1C70-49BC-9A11-B5C3D26CCE41} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-14] (Synaptics Incorporated)
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-25] (Microsoft Corporation)
Task: {B178463D-3590-4CEA-B540-36DC52E072C4} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {B9D6FAE7-033F-4D21-BA4F-650535385225} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe [2012-07-05] (Symantec Corporation)
Task: {D95EC295-E668-48BF-8D1B-75AEFA9CDFB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {DBDCAB84-3454-4ADD-82D6-DCEB9B82CE61} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-03] (Google Inc.)
Task: {F8E9F306-F34A-402E-A5B7-FB560F72E779} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\system32\AppxDeploymentClient.dll [2012-07-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-12-22 23:44 - 2012-09-24 15:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2013-10-03 07:12 - 2013-10-03 07:12 - 00120224 _____ () C:\Users\Nicks Laptop\AppData\Local\assembly\dl3\CGAOGPN0.8QB\OQVGXJJ1.7YA\4ea07b5f\008b7bc6_d8a8cd01\HPItunesModule.DLL
2012-10-12 17:22 - 2012-10-12 17:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 17:22 - 2012-10-12 17:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-10-03 17:25 - 2013-10-03 10:15 - 02104320 _____ () C:\Program Files\AVAST Software\Avast\defs\13100301\algo.dll
2012-12-23 00:08 - 2012-06-07 20:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-12-22 23:54 - 2012-12-22 23:54 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\c75683e43d43d5cdd7b4ffb20431f8fa\PSIClient.ni.dll
2013-10-03 07:16 - 2013-09-26 12:07 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.66\libglesv2.dll
2013-10-03 07:16 - 2013-09-26 12:07 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.66\libegl.dll
2013-10-03 07:16 - 2013-09-26 12:08 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.66\pdf.dll
2013-10-03 07:16 - 2013-09-26 12:08 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.66\ppGoogleNaClPluginChrome.dll
2013-10-03 07:16 - 2013-09-26 12:07 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.66\ffmpegsumo.dll
2012-12-22 23:43 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-12-23 00:10 - 2012-05-29 23:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.0.0.136\wincfi39.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/03/2013 01:31:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1281
 
Error: (10/03/2013 01:31:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1281
 
Error: (10/03/2013 01:31:08 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 01:05:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2746391
 
Error: (10/03/2013 01:05:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2746391
 
Error: (10/03/2013 01:05:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 00:19:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
 
Error: (10/03/2013 00:19:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172
 
Error: (10/03/2013 00:19:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 08:06:55 AM) (Source: HP Registration Service) (User: )
Description: The system cannot find the file specified. (Exception from HRESULT: 0x80070002)     at TaskScheduler.ITaskFolder.DeleteTask(String Name, Int32 flags)
   at HPMetrics.ScheduleTask.DeleteTask(String TaskName)
 
 
System errors:
=============
Error: (10/03/2013 05:22:27 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (10/03/2013 09:55:18 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (10/03/2013 09:55:32 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:39:53 AM on ‎10/‎3/‎2013 was unexpected.
 
Error: (10/03/2013 09:39:11 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0
 
Error: (10/03/2013 09:39:54 AM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa80084bd7f0, 0xfffff802cf9387e0, 0xfffffa80094a6c60)C:\Windows\MEMORY.DMP100313-36281-01
 
Error: (10/03/2013 09:39:53 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:14:26 AM on ‎10/‎3/‎2013 was unexpected.
 
Error: (10/03/2013 09:23:39 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.
 
Error: (10/03/2013 09:23:09 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.
 
Error: (10/03/2013 09:22:44 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.
 
Error: (10/03/2013 09:22:24 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 1203.
 
 
Microsoft Office Sessions:
=========================
Error: (10/03/2013 01:31:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1281
 
Error: (10/03/2013 01:31:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1281
 
Error: (10/03/2013 01:31:08 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 01:05:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2746391
 
Error: (10/03/2013 01:05:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2746391
 
Error: (10/03/2013 01:05:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 00:19:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
 
Error: (10/03/2013 00:19:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172
 
Error: (10/03/2013 00:19:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/03/2013 08:06:55 AM) (Source: HP Registration Service)(User: )
Description: The system cannot find the file specified. (Exception from HRESULT: 0x80070002)     at TaskScheduler.ITaskFolder.DeleteTask(String Name, Int32 flags)
   at HPMetrics.ScheduleTask.DeleteTask(String TaskName)
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 25%
Total physical RAM: 8081.27 MB
Available physical RAM: 5990.96 MB
Total Pagefile: 16273.27 MB
Available Pagefile: 14050.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:671.92 GB) (Free:622.55 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:25.95 GB) (Free:3.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:0.94 GB) (Free:0.23 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: A50E1C7D)
 
Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 980 MB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
 
==================== End Of Log ============================
Link to post
Share on other sites

here is the FSS for my formatted laptop

Farbar Service Scanner Version: 13-09-2013
Ran by Nicks Laptop (administrator) on 03-10-2013 at 17:50:52
Running from "C:\Users\Nicks Laptop\Downloads"
Microsoft Windows 8  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll
[2012-10-31 19:25] - [2012-10-31 19:25] - 0331776 ____A (Microsoft Corporation) CFB72DF4B2364AF6D4D685DCD310E942
 
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2012-07-25 16:40] - [2012-07-25 20:06] - 0904704 ____A (Microsoft Corporation) 411EA973A1961C287927DF13891EB41E
 
C:\Windows\System32\bfe.dll
[2012-07-25 17:00] - [2012-07-25 20:05] - 0718848 ____A (Microsoft Corporation) 407F85D5387EDBB665A7969DF4D4712B
 
C:\Windows\System32\drivers\mpsdrv.sys
[2012-07-25 19:23] - [2012-07-25 19:23] - 0074752 ____A (Microsoft Corporation) 36BF4D86F166ACBC14F0B8B8F90CBCEA
 
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2012-10-31 19:25] - [2012-10-31 19:25] - 3340800 ____A (Microsoft Corporation) 69DDDAF7BB4D39A4CC928EA434A3E258
 
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
Link to post
Share on other sites

here is the fixlog (this is so much easier with 2 laptops and a usb drive)

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by Nicks Laptop at 2013-10-03 17:55:11 Run:1
Running from C:\Users\Nicks Laptop\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
C:\Users\Nick\AppData\Local\Temp\BackupSetup.exe
C:\Users\Nick\AppData\Local\Temp\Java.exe
C:\Users\Nick\AppData\Local\Temp\vcredist_x64.exe
AlternateDataStreams: C:\ProgramData\Temp:373E1720
End
 
*****************
 
"C:\Users\Nick\AppData\Local\Temp\BackupSetup.exe" => File/Directory not found.
"C:\Users\Nick\AppData\Local\Temp\Java.exe" => File/Directory not found.
"C:\Users\Nick\AppData\Local\Temp\vcredist_x64.exe" => File/Directory not found.
"C:\ProgramData\Temp" => ":373E1720" ADS not found.
 
==== End of Fixlog ====
Link to post
Share on other sites

here is the ADWcleaner log

# AdwCleaner v3.006 - Report created 03/10/2013 at 17:58:44
# Updated 01/10/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Nicks Laptop - NICKS
# Running from : C:\Users\Nicks Laptop\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16384
 
 
-\\ Google Chrome v30.0.1599.66
 
[ File : C:\Users\Nicks Laptop\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [970 octets] - [03/10/2013 17:57:42]
AdwCleaner[s0].txt - [824 octets] - [03/10/2013 17:58:44]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [883 octets] ##########
Link to post
Share on other sites

here is the rogue killer report

RogueKiller V8.7.1 _x64_ [Oct  3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Nicks Laptop [Admin rights]
Mode : Scan -- Date : 10/03/2013 18:10:01
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) (Standard disk drives) - Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] 5563ee86216a1c21e78cfa8297c1cea8
[bSP] 6a3125a7f090a24988d63ba5cae1a61d : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_10032013_181001.txt >>
Link to post
Share on other sites

Here is the security checkup log

 

 Results of screen317's Security Check version 0.99.74  

   x64 (UAC is enabled)  

 Internet Explorer 10  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

avast! Antivirus           

Windows Defender           

Norton Internet Security   

 Antivirus up to date!   

`````````Anti-malware/Other Utilities Check:````````` 

 Google Chrome 30.0.1599.66  

````````Process Check: objlist.exe by Laurent````````  

 Norton ccSvcHst.exe 

 AVAST Software Avast AvastSvc.exe  

 AVAST Software Avast AvastUI.exe  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 

Link to post
Share on other sites

You can close out RogueKiller, Farbar Service Scanner does not show any obvious connection problems. There are two security systems running on your system, Avast and Norton. It will be counterproductive and could be the reason for the connection issues. I suggest you remove Norton...

 

Download and install the Norton removal tool from Here

 

Alternative link

 

Install and run the tool, follow any prompts that are given. Re-boot.

 

Next,

 

Select start, into the search box type device manager select ok or hit enter. Expand "Network Adapter" do you see any question or exclamation marks?

 

Next,

 

If connection is still an issue, right click on the connection icon next to clock on Taskbar and select  "Trouble shoot problems"...

Link to post
Share on other sites

Hey, so I seriously can't tell if my internet if fixed or not. Basically, when im on campus, everything seems perfectly fine. I'm at home right now and everything seems perfectly fine. But when I'm at my apartment (at college), theres those moments where my internet goes out. I can't tell if its because im too far from the router or if the problem persists and is simply less common than before. 

Also, I did as instructed, no ? or ! and troubleshoot never finds a problem. Next time the problem persists (would have to wait till tomorrow or monday when im back at school), i will troubleshoot. 

Thank you, i will keep you updated

Link to post
Share on other sites

Did you tell me the laptop connects ok at home and on campus, only have issues at your apartment... Seems odd..

 

OK do the following and see if you can connect..

 

From the Run Dialogue box type services.msc hit enter, in the new window check these entries are running and set to automatic:

 

DHCP Client

DNS Client

 

As an administrator from the cmd prompt type and Enter each of these cmds :-

 

Run the following commands hit the enter key after each one

 

netsh winsock reset catalog

netsh int ipv4 reset reset.log

netsh int ipv6 reset reset.log

ipconfig /flushdns

ipconfig /release

ipconfig /renew

ipconfig /registerdns

 

Then reboot.

 

Can you connect?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.