Jump to content

Recommended Posts

I'm having ongoing issues with runDLL errors and things that were removed by Malwarebytes reappearing and continuing to cause problems. My PC has always booted up super fast, with no issues, but over the last 2 days it boots up very slow, doesn't show the Windows startup screen and once the desktop loads, there is an error box that says RunDLL with a message about a Conduit Background container. There are also some strange things in my uninstall list in my control panel that I cannot uninstall/remove. I am at a loss for what to do and need some help getting everything back to "normal". Thanks, in advance.

Link to post
Share on other sites

DDS and Attach files, as follows:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Aliceann at 13:12:49 on 2013-12-01
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8109.5611 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\GnuPG\dirmngr.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamscheduler.exe
B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
B:\Steam\Steam.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = about:blank
mStart Page = about:blank
mDefault_Page_URL = about:blank
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe,
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
uRun: [steam] "B:\Steam\steam.exe" -silent
uRun: [Lavasoft AdBlock] B:\Setups & Installations\AdBlocker.exe
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{07F55940-B81A-46B6-A375-81BCB69BB9F6} : DHCPNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-mDefault_Page_URL = about:blank
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - LocalServer32 - <no file>
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-2-13 21104]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-12 46368]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 DirMngr;DirMngr;C:\GnuPG\dirmngr.exe [2013-5-28 218112]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-2-13 13592]
R2 MBAMScheduler;MBAMScheduler;B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-1 418376]
R2 MBAMService;MBAMService;B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-1 701512]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 134944]
R3 AE3000;Linksys AE3000 Driver;C:\Windows\System32\drivers\AE3000w764.sys [2012-3-2 1717824]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-7-28 56960]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-7-28 79104]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-2-13 317440]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-1 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-13 535656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-13 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-27 19456]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-27 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
.
=============== File Associations ===============
.
ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L"
.
=============== Created Last 30 ================
.
2013-12-01 17:36:53 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-01 05:24:58 -------- d-----w- C:\Windows\SysWow64\wbem\Logs
2013-12-01 05:08:45 -------- d-----w- C:\Program Files (x86)\Connect_DLC_5
2013-12-01 05:08:27 -------- d-----w- C:\Windows\pss
2013-12-01 05:08:01 -------- d-----w- C:\Program Files (x86)\Conduit
2013-12-01 05:07:42 -------- d-----w- C:\Users\Aliceann\AppData\Roaming\eCyber
2013-12-01 05:07:26 -------- d-----w- C:\Windows\System32\log
2013-12-01 05:07:19 -------- d-----w- C:\Users\Aliceann\AppData\Roaming\iSafe
2013-12-01 04:36:54 -------- d-----w- C:\Users\Aliceann\AppData\Roaming\AVG
2013-12-01 04:36:34 -------- d-----w- C:\ProgramData\AVG
2013-12-01 04:36:29 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-01 04:07:56 -------- d-----w- C:\Users\Aliceann\AppData\Local\Lavasoft
2013-12-01 04:07:52 450616 ----a-w- C:\Windows\System32\LavasoftProxy64.dll
2013-12-01 04:07:51 357432 ----a-w- C:\Windows\SysWow64\LavasoftProxy.dll
2013-11-30 22:30:11 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8D5FF45D-140E-4B6E-A5B2-65A4D0FF2B10}\mpengine.dll
2013-11-30 22:24:11 -------- d-----w- C:\ProgramData\Ralink
2013-11-30 22:23:33 327008 ----a-w- C:\Windows\System32\RaCoInstx.dll
2013-11-30 22:23:20 -------- d-----w- C:\ProgramData\Cisco Systems
2013-11-28 21:27:05 -------- d-----w- C:\ProgramData\Conduit
2013-11-28 21:26:48 -------- d-----w- C:\Users\Aliceann\AppData\Local\NativeMessaging
2013-11-28 19:10:51 -------- d-----w- C:\Windows\Migration
2013-11-28 19:09:24 10285968 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-19 17:48:46 -------- d-----w- C:\Program Files\iPod
2013-11-19 17:48:45 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-19 17:48:45 -------- d-----w- C:\Program Files\iTunes
2013-11-19 17:48:45 -------- d-----w- C:\Program Files (x86)\iTunes
2013-11-14 03:18:33 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-11-14 03:10:26 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2013-11-07 07:52:56 279000 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe
2013-11-07 04:57:59 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D983FEDC-08BE-4E6F-B9A3-60529F2DED09}\gapaengine.dll
.
==================== Find3M  ====================
.
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-10 16:13:38 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-08 12:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-10-02 02:22:20 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2013-10-02 02:11:13 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-10-02 02:08:53 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-10-02 01:48:59 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2013-10-02 01:48:08 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2013-10-02 01:29:05 62976 ----a-w- C:\Windows\System32\tsgqec.dll
2013-10-02 00:15:45 1057280 ----a-w- C:\Windows\System32\rdvidcrl.dll
2013-10-02 00:14:58 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2013-10-02 00:14:20 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2013-10-02 00:08:30 83968 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2013-10-02 00:01:16 420864 ----a-w- C:\Windows\System32\wksprt.exe
2013-10-01 23:58:48 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-10-01 23:31:09 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2013-10-01 23:08:10 855552 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll
2013-10-01 22:34:12 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2013-10-01 20:57:46 6578176 ----a-w- C:\Windows\System32\mstscax.dll
2013-10-01 20:55:10 5698048 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-27 15:53:06 248240 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-09-27 15:53:06 134944 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:41 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
2013-09-12 03:21:54 863344 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
2013-09-12 03:21:54 501872 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
2013-09-12 03:21:54 28776 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2013-09-12 03:21:54 18000 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2013-09-12 01:39:06 855664 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
2013-09-12 01:39:06 614000 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
2013-09-12 01:39:06 30312 ----a-w- C:\Windows\System32\aspnet_counters.dll
2013-09-12 01:39:06 18000 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
.
============= FINISH: 13:13:25.71 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 2/13/2012 4:49:11 AM
System Uptime: 12/1/2013 12:02:09 PM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. |  | Z68X-UD3H-B3
Processor: Intel® Core i5-2500K CPU @ 3.30GHz | Socket 1155 | 3601/100mhz
.
==== Disk Partitions =========================
.
B: is FIXED (NTFS) - 932 GiB total, 686.463 GiB free.
C: is FIXED (NTFS) - 112 GiB total, 55.951 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP220: 11/23/2013 1:31:17 PM - Windows Update
RP221: 11/27/2013 11:26:23 AM - Windows Update
RP222: 11/28/2013 1:09:19 PM - Windows Update
RP223: 11/30/2013 10:07:46 PM - Installed Ad-Aware AdBlocker (Alpha)
RP224: 11/30/2013 10:19:17 PM - Installed AVG 2014
RP225: 11/30/2013 10:19:27 PM - Installed AVG 2014
RP226: 11/30/2013 10:36:35 PM - Installed AVG PC TuneUp 2014
RP227: 11/30/2013 10:55:33 PM - Removed AVG PC TuneUp 2014
RP228: 11/30/2013 10:56:19 PM - Removed AVG PC TuneUp 2014 (en-US)
RP229: 11/30/2013 11:02:06 PM - Removed Visual Studio 2012 x86 Redistributables
RP230: 12/1/2013 11:43:10 AM - Removed Ad-Aware AdBlocker (Alpha)
RP231: 12/1/2013 11:46:28 AM - Removed AVG 2014
RP232: 12/1/2013 11:50:04 AM - Removed AVG 2014
RP233: 12/1/2013 11:54:00 AM - Removed Visual Studio 2012 x86 Redistributables
RP234: 12/1/2013 11:54:10 AM - Removed Visual Studio 2012 x64 Redistributables
RP235: 12/1/2013 11:55:25 AM - Removed NCLEX Tutorial
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Amazon MP3 Downloader 1.0.17
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASCOM Celestron Telescope Driver 5.0.23
ASCOM Gemini Telescope Driver (1.0.8.0)
ASCOM Intelliscope Telescope Driver 1.0.0.0
ASCOM Meade Telescope Driver 5.0.3
ASCOM Platform 5.0b
ASCOM Platform 5.5.1 Update  (5.5.23.18)
AVG Security Toolbar
BioShock Infinite
Bonjour
calibre 64bit
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG2100 series MP Drivers
Canon MG2100 series On-screen Manual
Canon MG2100 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
dBpoweramp DSP Effects
dBpoweramp Music Converter
Dolby Home Theater v4
Dropbox
Easy Exif Delete
EQMOD EQASCOM Telescope Driver V1.22j
Etron USB3.0 Host Controller
Fallout: New Vegas
Google Chrome
Gpg4win (2.1.1)
Half-Life 2
Hitman: Absolution
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
iTunes
Java 7 Update 45
Java Auto Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Mass Effect™ 3
MeadeLX200GPS 5.0.0
Microsoft .NET Framework 4.5.1
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 13.0.1 (x86 en-US)
NVIDIA PhysX
ON_OFF Charge B11.0110.1
OpenOffice.org 3.4.1
Portal
Portal 2
QuickTime
Realtek Ethernet Controller Driver
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
ResumeMaker
Silvestri Comp Review PN 4e
Speccy
Starry Night Orion Special Edition
Steam
Switch Sound File Converter
The Elder Scrolls V: Skyrim
TrueCrypt
uTorrentControl_v2 Toolbar
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.2
WinRAR 4.20 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
12/1/2013 12:02:34 PM, Error: Microsoft-Windows-WMPNSS-Service [14356]  - A media delivery engine with ID '0x80070057' was not initialized because RegisterDelegate() encountered error ''. Restart your computer, and then restart the WMPNetworkSvc service.
12/1/2013 12:02:34 PM, Error: Microsoft-Windows-WMPNSS-Service [14323]  - Service 'WMPNetworkSvc' did not start correctly because MFCreateWMPMDEOpCenter encountered error '0xc00d4268'. If possible, reinstall Windows Media Player.
12/1/2013 11:52:49 AM, Error: Microsoft-Windows-WMPNSS-Service [14348]  - A new media server was not initialized due to error '0x80070057'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, in Windows Media Player, turn off media sharing, and then turn it back on.
12/1/2013 11:42:23 AM, Error: Microsoft-Windows-HttpEvent [15005]  - Unable to bind to the underlying transport for [::]:49153. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine.  The data field contains the error number.
12/1/2013 1:13:19 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.
11/30/2013 10:39:15 PM, Error: Service Control Manager [7000]  - The AVG Theme Extension service failed to start due to the following error:  The executable program that this service is configured to run in does not implement the service.
11/30/2013 10:21:27 PM, Error: Service Control Manager [7024]  - The AVGIDSAgent service terminated with service-specific error %%-536753635.
11/29/2013 3:05:10 AM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
11/28/2013 3:27:46 PM, Error: Service Control Manager [7034]  - The vToolbarUpdater17.1.2 service terminated unexpectedly.  It has done this 1 time(s).
11/28/2013 3:26:59 PM, Error: Service Control Manager [7031]  - The Update SecretSauce service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================
 
Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

  • Double click on AdwCleaner.exe to run the tool.
  • Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted (if necessary):
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced logs in next reply....

 

Kevin

Link to post
Share on other sites

I uninstalled uTorrent but it still shows files on my logs; I hope that doesn't cause any issues. Here is the report from AdwCleaner:

 

# AdwCleaner v3.014 - Report created 01/12/2013 at 13:33:40
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Aliceann - ALICEANN-PC
# Running from : C:\Users\Aliceann\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : vToolbarUpdater17.1.2
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Aliceann\AppData\Roaming\Mozilla\Firefox\Profiles\hexpj191.default-1384883358407\searchplugins\MyStart Search.xml
File Found : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
Folder Found C:\Program Files (x86)\AVG Secure Search
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Connect_DLC_5
Folder Found C:\Program Files (x86)\NCH Software
Folder Found C:\Program Files (x86)\uTorrentControl_v2
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\ProgramData\Conduit
Folder Found C:\ProgramData\NCH Software
Folder Found C:\Users\Aliceann\AppData\Local\AVG Secure Search
Folder Found C:\Users\Aliceann\AppData\Local\Conduit
Folder Found C:\Users\Aliceann\AppData\Local\NativeMessaging
Folder Found C:\Users\Aliceann\AppData\LocalLow\AVG Secure Search
Folder Found C:\Users\Aliceann\AppData\LocalLow\Conduit
Folder Found C:\Users\Aliceann\AppData\LocalLow\Connect_DLC_5
Folder Found C:\Users\Aliceann\AppData\LocalLow\PriceGong
Folder Found C:\Users\Aliceann\AppData\LocalLow\uTorrentControl_v2
Folder Found C:\Users\Aliceann\AppData\Roaming\iSafe
Folder Found C:\Users\Aliceann\AppData\Roaming\NCH Software
Folder Found C:\Users\Aliceann\AppData\Roaming\Splashtop
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Connect_DLC_5
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Found : HKCU\Software\NCH Software
Key Found : HKCU\Software\uTorrentControl_v2
Key Found : [x64] HKCU\Software\anchorfree
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\NCH Software
Key Found : [x64] HKCU\Software\uTorrentControl_v2
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3316071
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Connect_DLC_5
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DAC38AC-7721-4ACC-9961-5403FB33137E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734436A3-1C0C-412A-81A9-7D82D3949E8C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91F936F6-DA73-4F37-98A0-9577563C1869}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{922AFEE3-9708-4753-B85B-13A76112EFF8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\NCH Software
Key Found : HKLM\Software\uTorrentControl_v2
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Aliceann\AppData\Roaming\Mozilla\Firefox\Profiles\hexpj191.default-1384883358407\prefs.js ]
 
Line Found : user_pref("CT3306061.FF19Solved", "true");
Line Found : user_pref("CT3306061.UserID", "UN20591146021764790");
Line Found : user_pref("CT3306061.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3306061.fullUserID", "UN20591146021764790.IN.20131130230704");
Line Found : user_pref("CT3306061.installDate", "30/11/2013 23:07:06");
Line Found : user_pref("CT3306061.installSessionId", "{CD16F0BA-F9EB-422D-9D35-0F26CDAE4800}");
Line Found : user_pref("CT3306061.installSp", "TRUE");
Line Found : user_pref("CT3306061.installerVersion", "1.8.1.4");
Line Found : user_pref("CT3306061.keyword", "true");
Line Found : user_pref("CT3306061.originalHomepage", "about:home");
Line Found : user_pref("CT3306061.originalSearchAddressUrl", "");
Line Found : user_pref("CT3306061.originalSearchEngine", "");
Line Found : user_pref("CT3306061.originalSearchEngineName", "SweetPacks A11 Customized Web Search");
Line Found : user_pref("CT3306061.searchRevert", "true");
Line Found : user_pref("CT3306061.searchUninstallUserMode", "2");
Line Found : user_pref("CT3306061.searchUserMode", "2");
Line Found : user_pref("CT3306061.smartbar.homepage", "true");
Line Found : user_pref("CT3306061.toolbarInstallDate", "30-11-2013 23:07:04");
Line Found : user_pref("CT3306061.versionFromInstaller", "10.22.5.10");
Line Found : user_pref("CT3306061.xpeMode", "0");
Line Found : user_pref("CT3316071.FF19Solved", "true");
Line Found : user_pref("CT3316071.UserID", "UN25973259189297773");
Line Found : user_pref("CT3316071.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3316071.fullUserID", "UN25973259189297773.IN.20131128152609");
Line Found : user_pref("CT3316071.installDate", "28/11/2013 15:26:11");
Line Found : user_pref("CT3316071.installSessionId", "{1514022F-FD97-437F-A038-CB0548875FFC}");
Line Found : user_pref("CT3316071.installSp", "true");
Line Found : user_pref("CT3316071.installerVersion", "1.8.1.4");
Line Found : user_pref("CT3316071.keyword", "true");
Line Found : user_pref("CT3316071.originalHomepage", "about:home");
Line Found : user_pref("CT3316071.originalSearchAddressUrl", "");
Line Found : user_pref("CT3316071.originalSearchEngine", "");
Line Found : user_pref("CT3316071.originalSearchEngineName", "");
Line Found : user_pref("CT3316071.searchRevert", "false");
Line Found : user_pref("CT3316071.searchUninstallUserMode", "2");
Line Found : user_pref("CT3316071.searchUserMode", "2");
Line Found : user_pref("CT3316071.smartbar.homepage", "true");
Line Found : user_pref("CT3316071.toolbarInstallDate", "28-11-2013 15:26:09");
Line Found : user_pref("CT3316071.versionFromInstaller", "10.22.5.10");
Line Found : user_pref("CT3316071.xpeMode", "0");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1");
Line Found : user_pref("browser.search.defaultthis.engineName", "Connect DLC 5 Customized Web Search");
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3306061");
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306061");
Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3306061");
Line Found : user_pref("smartbar.machineId", "J78964ISXKDAHY4YKXSH3ZPSJMJTOLW/AJRSTWBZKS7IFUXHD8I/84RML4ACBGCQJ5VTPPY+YNSQ7Y2TBDAUBA");
 
-\\ Google Chrome v
 
[ File : C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [16333 octets] - [01/12/2013 13:33:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [16394 octets] ##########
Link to post
Share on other sites

Ok, here is the log that pops up after rebooting (post adwcleaner cleanup):

 

# AdwCleaner v3.014 - Report created 01/12/2013 at 13:41:23
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Aliceann - ALICEANN-PC
# Running from : C:\Users\Aliceann\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : vToolbarUpdater17.1.2
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\Connect_DLC_5
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Aliceann\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Aliceann\AppData\Local\Conduit
Folder Deleted : C:\Users\Aliceann\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Aliceann\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Aliceann\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Aliceann\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Aliceann\AppData\LocalLow\Connect_DLC_5
Folder Deleted : C:\Users\Aliceann\AppData\LocalLow\uTorrentControl_v2
Folder Deleted : C:\Users\Aliceann\AppData\Roaming\iSafe
Folder Deleted : C:\Users\Aliceann\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Aliceann\AppData\Roaming\Splashtop
File Deleted : C:\Users\Aliceann\AppData\Roaming\Mozilla\Firefox\Profiles\hexpj191.default-1384883358407\searchplugins\MyStart Search.xml
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3316071
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{922AFEE3-9708-4753-B85B-13A76112EFF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734436A3-1C0C-412A-81A9-7D82D3949E8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91F936F6-DA73-4F37-98A0-9577563C1869}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DAC38AC-7721-4ACC-9961-5403FB33137E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Connect_DLC_5
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\Connect_DLC_5
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Aliceann\AppData\Roaming\Mozilla\Firefox\Profiles\hexpj191.default-1384883358407\prefs.js ]
 
Line Deleted : user_pref("CT3306061.FF19Solved", "true");
Line Deleted : user_pref("CT3306061.UserID", "UN20591146021764790");
Line Deleted : user_pref("CT3306061.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3306061.fullUserID", "UN20591146021764790.IN.20131130230704");
Line Deleted : user_pref("CT3306061.installDate", "30/11/2013 23:07:06");
Line Deleted : user_pref("CT3306061.installSessionId", "{CD16F0BA-F9EB-422D-9D35-0F26CDAE4800}");
Line Deleted : user_pref("CT3306061.installSp", "TRUE");
Line Deleted : user_pref("CT3306061.installerVersion", "1.8.1.4");
Line Deleted : user_pref("CT3306061.keyword", "true");
Line Deleted : user_pref("CT3306061.originalHomepage", "about:home");
Line Deleted : user_pref("CT3306061.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3306061.originalSearchEngine", "");
Line Deleted : user_pref("CT3306061.originalSearchEngineName", "SweetPacks A11 Customized Web Search");
Line Deleted : user_pref("CT3306061.searchRevert", "true");
Line Deleted : user_pref("CT3306061.searchUninstallUserMode", "2");
Line Deleted : user_pref("CT3306061.searchUserMode", "2");
Line Deleted : user_pref("CT3306061.smartbar.homepage", "true");
Line Deleted : user_pref("CT3306061.toolbarInstallDate", "30-11-2013 23:07:04");
Line Deleted : user_pref("CT3306061.versionFromInstaller", "10.22.5.10");
Line Deleted : user_pref("CT3306061.xpeMode", "0");
Line Deleted : user_pref("CT3316071.FF19Solved", "true");
Line Deleted : user_pref("CT3316071.UserID", "UN25973259189297773");
Line Deleted : user_pref("CT3316071.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3316071.fullUserID", "UN25973259189297773.IN.20131128152609");
Line Deleted : user_pref("CT3316071.installDate", "28/11/2013 15:26:11");
Line Deleted : user_pref("CT3316071.installSessionId", "{1514022F-FD97-437F-A038-CB0548875FFC}");
Line Deleted : user_pref("CT3316071.installSp", "true");
Line Deleted : user_pref("CT3316071.installerVersion", "1.8.1.4");
Line Deleted : user_pref("CT3316071.keyword", "true");
Line Deleted : user_pref("CT3316071.originalHomepage", "about:home");
Line Deleted : user_pref("CT3316071.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3316071.originalSearchEngine", "");
Line Deleted : user_pref("CT3316071.originalSearchEngineName", "");
Line Deleted : user_pref("CT3316071.searchRevert", "false");
Line Deleted : user_pref("CT3316071.searchUninstallUserMode", "2");
Line Deleted : user_pref("CT3316071.searchUserMode", "2");
Line Deleted : user_pref("CT3316071.smartbar.homepage", "true");
Line Deleted : user_pref("CT3316071.toolbarInstallDate", "28-11-2013 15:26:09");
Line Deleted : user_pref("CT3316071.versionFromInstaller", "10.22.5.10");
Line Deleted : user_pref("CT3316071.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "Connect DLC 5 Customized Web Search");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.machineId", "J78964ISXKDAHY4YKXSH3ZPSJMJTOLW/AJRSTWBZKS7IFUXHD8I/84RML4ACBGCQJ5VTPPY+YNSQ7Y2TBDAUBA");
 
-\\ Google Chrome v
 
[ File : C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [16535 octets] - [01/12/2013 13:33:40]
AdwCleaner[s0].txt - [15514 octets] - [01/12/2013 13:41:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [15575 octets] ##########
Link to post
Share on other sites

Malwarebytes scan results:

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.01.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Aliceann :: ALICEANN-PC [administrator]
 
Protection: Enabled
 
12/1/2013 1:46:12 PM
mbam-log-2013-12-01 (13-46-12).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 205586
Time elapsed: 1 minute(s), 17 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
Link to post
Share on other sites

Rebooted with no RunDLL errors, this time. Windows startup screen still doesn't show, but I'm not sure if that is something I should be concerned about. I have an LED television as a monitor and when it's rebooting it shows the HDMI 2 "No signal" screen before loading my desktop. It used to show the Windows screen then load the desktop. 

 

I apologize for all of the questions, especially if there is nothing to be worried about. It's just that this is my gaming PC and I'm trying to keep it running smoothly for as long as possible.

 

Is there anything else you recommend to keep it safe and free of malware? Thank you so much, for your help.

Link to post
Share on other sites

Run the following and we have a look again at your system...

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Link to post
Share on other sites

Scan logs, as follows:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by Aliceann (administrator) on ALICEANN-PC on 01-12-2013 14:37:38
Running from C:\Users\Aliceann\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\GnuPG\dirmngr.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamservice.exe
(Valve Corporation) B:\Steam\Steam.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Malwarebytes Corporation) B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-13] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"
HKLM-x32\...\Winlogon: [userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [steam] - "B:\Steam\steam.exe" -silent
HKCU\...\Run: [Lavasoft AdBlock] - B:\Setups & Installations\AdBlocker.exe
MountPoints2: {3004797c-b98d-11e1-8cfd-50e549c6b5a0} - E:\LaunchU3.exe -a
MountPoints2: {e6f6c488-56a2-11e1-8aed-806e6f6e6963} - D:\Setup.exe
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
AppInit_DLLs:   [ ] ()
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4CA5499E48FECD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {00E118DD-F080-4661-A7AD-3E3F985C6A2D} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Aliceann\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Aliceann\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - B:\Amazon Downloader\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.)
 
Chrome: 
=======
CHR HomePage: about:blank
CHR RestoreOnStartup: "about:blank"
CHR DefaultSearchURL: (Google) - http://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: (Google) -       "suggest_url": "",
CHR Extension: (WOT) - C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.3.1_0
CHR Extension: (AdBlock) - C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Credit Card Nanny) - C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmmjpapolbaaddobpnlcjkgchmhhoog\0.2.11_0
CHR Extension: (Ghostery) - C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Google Wallet) - C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (Hover Zoom) - C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.26_0
CHR Extension: (PasswordFail Extension) - C:\Users\Aliceann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ockgeenjbijlgilppfieaklfopnbdpge\0.4_0
CHR HKLM-x32\...\Chrome\Extension: [opfedmikikmahmpaimpfelmikhaigobp] - C:\Users\Aliceann\AppData\Local\CRE\opfedmikikmahmpaimpfelmikhaigobp.crx
CHR StartMenuInternet: Google Chrome - c:\users\aliceann\appdata\local\google\chrome\application\chrome.exe
 
==================== Services (Whitelisted) =================
 
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 DirMngr; C:\GnuPG\dirmngr.exe [218112 2013-05-28] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 MBAMScheduler; B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; B:\Setups & Installations\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 AE3000; C:\Windows\System32\DRIVERS\AE3000w764.sys [1717824 2012-03-02] (Ralink Technology Corp.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-10] (AVG Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 cpuz135; \??\C:\Users\Aliceann\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-01 14:37 - 2013-12-01 14:37 - 00011498 _____ C:\Users\Aliceann\Desktop\FRST.txt
2013-12-01 14:37 - 2013-12-01 14:37 - 00000000 ____D C:\FRST
2013-12-01 14:36 - 2013-12-01 14:36 - 01959184 _____ (Farbar) C:\Users\Aliceann\Desktop\FRST64.exe
2013-12-01 14:03 - 2013-12-01 14:03 - 00000022 _____ C:\Windows\S.dirmngr
2013-12-01 13:32 - 2013-12-01 14:03 - 00000000 ____D C:\AdwCleaner
2013-12-01 13:32 - 2013-12-01 13:32 - 01110034 _____ C:\Users\Aliceann\Desktop\AdwCleaner.exe
2013-12-01 12:06 - 2013-12-01 12:06 - 00688992 ____R (Swearware) C:\Users\Aliceann\Downloads\dds (1).scr
2013-12-01 11:36 - 2013-12-01 11:36 - 00000810 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-01 11:36 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-01 11:31 - 2013-12-01 11:34 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Aliceann\Downloads\mbam-consumer.exe
2013-11-30 23:24 - 2013-12-01 14:03 - 00000560 _____ C:\Windows\setupact.log
2013-11-30 23:24 - 2013-12-01 12:02 - 00014470 _____ C:\Windows\PFRO.log
2013-11-30 23:24 - 2013-11-30 23:24 - 00000000 _____ C:\Windows\setuperr.log
2013-11-30 23:08 - 2013-11-30 23:08 - 00000000 ____D C:\Windows\pss
2013-11-30 23:07 - 2013-11-30 23:07 - 00000000 ____D C:\Windows\system32\log
2013-11-30 23:07 - 2013-11-30 23:07 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\eCyber
2013-11-30 22:45 - 2013-11-30 22:45 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2013-11-30 22:45 - 2013-11-30 22:45 - 00003694 _____ C:\Windows\System32\Tasks\Adobe online update program
2013-11-30 22:36 - 2013-11-30 22:45 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-30 22:36 - 2013-11-30 22:43 - 00000000 ____D C:\ProgramData\AVG
2013-11-30 22:36 - 2013-11-30 22:36 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\AVG
2013-11-30 22:07 - 2013-11-30 22:07 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\Lavasoft
2013-11-30 22:07 - 2013-11-30 22:07 - 00000000 ____D C:\Users\Aliceann\AppData\Local\Lavasoft
2013-11-30 22:07 - 2013-10-24 06:10 - 00357432 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftProxy.dll
2013-11-30 22:07 - 2013-10-24 06:04 - 00450616 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftProxy64.dll
2013-11-30 16:24 - 2013-11-30 16:24 - 00000000 ____D C:\ProgramData\Ralink
2013-11-30 16:23 - 2013-11-30 16:23 - 00000000 ____D C:\ProgramData\Cisco Systems
2013-11-30 16:23 - 2011-12-25 21:01 - 00327008 _____ (Ralink Technology, Inc.) C:\Windows\system32\RaCoInstx.dll
2013-11-30 16:23 - 2011-12-25 21:01 - 00014119 _____ C:\Windows\system32\RaCoInst.dat
2013-11-19 11:49 - 2013-11-19 11:49 - 00001786 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-19 11:48 - 2013-11-30 23:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-19 11:48 - 2013-11-19 11:49 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-19 11:48 - 2013-11-19 11:49 - 00000000 ____D C:\Program Files\iTunes
2013-11-19 11:48 - 2013-11-19 11:49 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-19 11:48 - 2013-11-19 11:48 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-19 11:48 - 2013-11-19 11:48 - 00000000 ____D C:\Program Files\iPod
2013-11-13 21:20 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-13 21:19 - 2013-11-13 21:19 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 21:19 - 2013-11-13 21:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 21:19 - 2013-11-13 21:19 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 21:19 - 2013-11-13 21:19 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 21:19 - 2013-11-13 21:19 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 21:19 - 2013-11-13 21:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 21:19 - 2013-11-13 21:19 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 21:19 - 2013-11-13 21:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 21:19 - 2013-11-13 21:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 21:19 - 2013-11-13 21:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 21:19 - 2013-11-13 21:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 21:18 - 2013-10-01 20:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-11-13 21:18 - 2013-10-01 20:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-11-13 21:18 - 2013-10-01 20:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-11-13 21:18 - 2013-10-01 19:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-11-13 21:18 - 2013-10-01 19:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-11-13 21:18 - 2013-10-01 19:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-11-13 21:18 - 2013-10-01 19:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-11-13 21:18 - 2013-10-01 18:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2013-11-13 21:18 - 2013-10-01 18:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-11-13 21:18 - 2013-10-01 18:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-11-13 21:18 - 2013-10-01 18:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-11-13 21:18 - 2013-10-01 18:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-11-13 21:18 - 2013-10-01 17:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-11-13 21:18 - 2013-10-01 17:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-11-13 21:18 - 2013-10-01 17:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2013-11-13 21:18 - 2013-10-01 16:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-11-13 21:18 - 2013-10-01 14:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-13 21:18 - 2013-10-01 14:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-11-13 21:10 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 21:10 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 21:10 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 21:10 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 21:10 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 21:10 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 21:10 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 21:10 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 21:10 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 21:10 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 21:10 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 21:10 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 21:10 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 21:10 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 21:10 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 21:10 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 21:10 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 21:10 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 21:10 - 2013-09-24 20:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-11-13 21:10 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 21:10 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 21:10 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 21:10 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 21:10 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 21:10 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 21:10 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 21:10 - 2013-09-24 19:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2013-11-13 21:10 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 21:10 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 21:10 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 21:10 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 21:10 - 2013-09-04 06:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-13 21:10 - 2013-09-04 06:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-13 21:10 - 2013-09-04 06:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-13 21:10 - 2013-09-04 06:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-13 21:10 - 2013-09-04 06:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-13 21:10 - 2013-09-04 06:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-11-13 21:10 - 2013-09-04 06:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-13 21:10 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-07 01:52 - 2013-11-07 01:52 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 11049472 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 05904856 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-11-07 01:52 - 2013-11-07 01:52 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00515544 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00442328 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00399832 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00254936 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00185816 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00171992 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-11-07 01:52 - 2013-11-07 01:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00098304 _____ C:\Windows\system32\igdde64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00077312 _____ C:\Windows\SysWOW64\igdde32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00017058 _____ C:\Windows\system32\iglhxs64.vp
2013-11-07 01:52 - 2013-11-07 01:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-11-01 23:22 - 2013-09-07 20:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-01 23:22 - 2013-09-07 20:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-01 23:22 - 2013-09-07 20:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-01 23:22 - 2013-08-28 20:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-01 23:22 - 2013-08-28 20:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-01 23:22 - 2013-08-28 20:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-01 23:22 - 2013-08-28 20:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-01 23:22 - 2013-08-28 20:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-01 23:22 - 2013-08-28 19:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-01 23:22 - 2013-08-28 19:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-01 23:22 - 2013-08-28 19:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-01 23:22 - 2013-08-28 19:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-01 23:22 - 2013-08-28 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-01 23:22 - 2013-08-28 19:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-01 23:22 - 2013-08-28 18:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-01 23:22 - 2013-08-28 18:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-01 23:22 - 2013-08-28 18:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-01 23:22 - 2013-08-28 18:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-01 23:22 - 2013-08-27 19:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-11-01 23:22 - 2013-08-27 19:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-11-01 23:22 - 2013-08-04 20:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-11-01 23:22 - 2013-08-01 20:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-11-01 23:22 - 2013-08-01 20:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-11-01 23:22 - 2013-08-01 20:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 20:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-11-01 23:22 - 2013-08-01 19:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 19:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-11-01 23:22 - 2013-08-01 18:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-11-01 23:22 - 2013-08-01 18:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 18:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 18:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 18:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-11-01 23:22 - 2013-08-01 06:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-11-01 23:22 - 2013-07-25 20:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-11-01 23:22 - 2013-07-25 20:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-11-01 23:22 - 2013-07-25 19:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-11-01 23:22 - 2013-07-25 19:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-11-01 23:22 - 2013-07-20 04:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-01 23:22 - 2013-07-20 04:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-11-01 23:22 - 2013-07-12 04:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-11-01 23:22 - 2013-07-04 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-11-01 23:22 - 2013-07-04 06:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-11-01 23:22 - 2013-07-04 06:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-11-01 23:22 - 2013-07-04 05:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-11-01 23:22 - 2013-07-04 05:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-11-01 23:22 - 2013-07-04 05:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-11-01 23:22 - 2013-07-04 04:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-11-01 23:22 - 2013-07-02 22:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-11-01 23:22 - 2013-07-02 22:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-11-01 23:22 - 2013-07-02 22:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-11-01 23:22 - 2013-06-25 16:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-11-01 23:22 - 2013-06-05 23:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-11-01 23:22 - 2013-06-05 23:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-11-01 23:22 - 2013-06-05 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-11-01 23:22 - 2013-06-05 23:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-11-01 23:22 - 2013-06-05 22:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-11-01 23:22 - 2013-06-05 22:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-11-01 23:22 - 2013-06-05 22:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-11-01 23:22 - 2013-06-05 21:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-11-01 23:22 - 2013-06-05 21:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-11-01 23:22 - 2013-06-05 21:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
 
==================== One Month Modified Files and Folders =======
 
2013-12-01 14:37 - 2013-12-01 14:37 - 00011498 _____ C:\Users\Aliceann\Desktop\FRST.txt
2013-12-01 14:37 - 2013-12-01 14:37 - 00000000 ____D C:\FRST
2013-12-01 14:37 - 2012-06-15 21:52 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3713480774-3987587711-3991604181-1000UA.job
2013-12-01 14:37 - 2012-06-15 21:52 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3713480774-3987587711-3991604181-1000Core.job
2013-12-01 14:36 - 2013-12-01 14:36 - 01959184 _____ (Farbar) C:\Users\Aliceann\Desktop\FRST64.exe
2013-12-01 14:10 - 2009-07-13 22:45 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 14:10 - 2009-07-13 22:45 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 14:08 - 2012-02-13 04:49 - 01296107 _____ C:\Windows\WindowsUpdate.log
2013-12-01 14:08 - 2009-07-13 23:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-01 14:03 - 2013-12-01 14:03 - 00000022 _____ C:\Windows\S.dirmngr
2013-12-01 14:03 - 2013-12-01 13:32 - 00000000 ____D C:\AdwCleaner
2013-12-01 14:03 - 2013-11-30 23:24 - 00000560 _____ C:\Windows\setupact.log
2013-12-01 14:03 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-01 13:32 - 2013-12-01 13:32 - 01110034 _____ C:\Users\Aliceann\Desktop\AdwCleaner.exe
2013-12-01 12:06 - 2013-12-01 12:06 - 00688992 ____R (Swearware) C:\Users\Aliceann\Downloads\dds (1).scr
2013-12-01 12:02 - 2013-11-30 23:24 - 00014470 _____ C:\Windows\PFRO.log
2013-12-01 11:52 - 2012-11-12 21:34 - 00000000 ____D C:\ProgramData\MFAData
2013-12-01 11:37 - 2012-11-11 23:23 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\uTorrent
2013-12-01 11:36 - 2013-12-01 11:36 - 00000810 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-01 11:34 - 2013-12-01 11:31 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Aliceann\Downloads\mbam-consumer.exe
2013-12-01 00:45 - 2013-06-05 21:08 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-11-30 23:24 - 2013-11-30 23:24 - 00000000 _____ C:\Windows\setuperr.log
2013-11-30 23:24 - 2013-11-19 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-30 23:23 - 2012-02-13 20:24 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\Mozilla
2013-11-30 23:08 - 2013-11-30 23:08 - 00000000 ____D C:\Windows\pss
2013-11-30 23:08 - 2012-11-11 23:26 - 00000000 ____D C:\Users\Aliceann\AppData\Local\CRE
2013-11-30 23:08 - 2012-02-13 04:50 - 00000000 ___RD C:\Users\Aliceann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-30 23:07 - 2013-11-30 23:07 - 00000000 ____D C:\Windows\system32\log
2013-11-30 23:07 - 2013-11-30 23:07 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\eCyber
2013-11-30 22:45 - 2013-11-30 22:45 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2013-11-30 22:45 - 2013-11-30 22:45 - 00003694 _____ C:\Windows\System32\Tasks\Adobe online update program
2013-11-30 22:45 - 2013-11-30 22:36 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-30 22:45 - 2012-11-11 14:20 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-11-30 22:45 - 2012-06-18 18:30 - 00000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2013-11-30 22:45 - 2012-02-13 18:19 - 00000000 ___HD C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2013-11-30 22:43 - 2013-11-30 22:36 - 00000000 ____D C:\ProgramData\AVG
2013-11-30 22:36 - 2013-11-30 22:36 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\AVG
2013-11-30 22:07 - 2013-11-30 22:07 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\Lavasoft
2013-11-30 22:07 - 2013-11-30 22:07 - 00000000 ____D C:\Users\Aliceann\AppData\Local\Lavasoft
2013-11-30 16:24 - 2013-11-30 16:24 - 00000000 ____D C:\ProgramData\Ralink
2013-11-30 16:23 - 2013-11-30 16:23 - 00000000 ____D C:\ProgramData\Cisco Systems
2013-11-28 13:11 - 2012-02-13 20:16 - 00771088 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-28 01:44 - 2012-07-15 23:21 - 00000000 ____D C:\Users\Aliceann\AppData\Roaming\vlc
2013-11-19 11:49 - 2013-11-19 11:49 - 00001786 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-19 11:49 - 2013-11-19 11:48 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-19 11:49 - 2013-11-19 11:48 - 00000000 ____D C:\Program Files\iTunes
2013-11-19 11:49 - 2013-11-19 11:48 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-19 11:48 - 2013-11-19 11:48 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-19 11:48 - 2013-11-19 11:48 - 00000000 ____D C:\Program Files\iPod
2013-11-19 04:21 - 2010-11-20 21:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 02:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2013-11-19 00:57 - 2012-02-13 04:49 - 00000000 ____D C:\Users\Aliceann
2013-11-13 22:10 - 2012-02-13 04:50 - 00001420 _____ C:\Users\Aliceann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 22:08 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-13 21:19 - 2013-11-13 21:19 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 21:19 - 2013-11-13 21:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 21:19 - 2013-11-13 21:19 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 21:19 - 2013-11-13 21:19 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 21:19 - 2013-11-13 21:19 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 21:19 - 2013-11-13 21:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 21:19 - 2013-11-13 21:19 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 21:19 - 2013-11-13 21:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 21:19 - 2013-11-13 21:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 21:19 - 2013-11-13 21:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 21:19 - 2013-11-13 21:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 21:19 - 2013-11-13 21:19 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 21:19 - 2013-11-13 21:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 21:18 - 2012-05-04 14:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-13 21:18 - 2012-02-13 20:17 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-13 21:18 - 2012-02-13 20:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-13 21:17 - 2013-08-31 15:39 - 00000000 ____D C:\Windows\system32\MRT
2013-11-10 10:13 - 2012-11-12 21:38 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2013-11-07 16:00 - 2012-02-13 19:20 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 13031424 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 12859392 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 12617216 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 11176448 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 11049472 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 10812928 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 09007616 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 05904856 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 05363200 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2013-11-07 01:52 - 2013-11-07 01:52 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 01040384 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00931840 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00515544 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00442880 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00442328 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00410624 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00399832 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2013-11-07 01:52 - 2013-11-07 01:52 - 00279000 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00254936 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00185816 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00171992 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2013-11-07 01:52 - 2013-11-07 01:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2013-11-07 01:52 - 2013-11-07 01:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2013-11-07 01:52 - 2013-11-07 01:52 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3347.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00098304 _____ C:\Windows\system32\igdde64.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00077312 _____ C:\Windows\SysWOW64\igdde32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2013-11-07 01:52 - 2013-11-07 01:52 - 00017058 _____ C:\Windows\system32\iglhxs64.vp
2013-11-07 01:52 - 2013-11-07 01:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2013-11-07 01:52 - 2012-02-13 18:20 - 00110592 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2013-11-07 01:52 - 2012-02-13 18:20 - 00064000 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2013-11-01 23:34 - 2012-02-13 04:50 - 00000000 ___RD C:\Users\Aliceann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-01 23:34 - 2009-07-13 22:45 - 00303824 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-01 23:33 - 2013-03-27 01:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-01 23:33 - 2013-03-27 01:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-01 10:35 - 2009-07-13 23:08 - 00032652 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
Some content of TEMP:
====================
C:\Users\Aliceann\AppData\Local\Temp\Quarantine.exe
C:\Users\Aliceann\AppData\Local\Temp\tbSwee.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-11-30 19:05
 
==================== End Of Log ============================
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2013

Ran by Aliceann at 2013-12-01 14:38:03

Running from C:\Users\Aliceann\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

 

==================== Installed Programs ======================

 

Adobe Flash Player 11 Plugin (x32 Version: 11.3.300.257)

Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)

Amazon MP3 Downloader 1.0.17 (x32 Version: 1.0.17)

AMD Accelerated Video Transcoding (Version: 12.5.100.21219)

AMD APP SDK Runtime (Version: 10.0.1084.4)

AMD Catalyst Install Manager (Version: 8.0.903.0)

AMD Drag and Drop Transcoding (Version: 2.00.0000)

AMD Media Foundation Decoders (Version: 1.0.71219.1540)

Apple Application Support (x32 Version: 2.3.6)

Apple Mobile Device Support (Version: 7.0.0.117)

Apple Software Update (x32 Version: 2.1.3.127)

ASCOM Celestron Telescope Driver 5.0.23 (x32 Version: 5.0.23)

ASCOM Gemini Telescope Driver (1.0.8.0) (Version: 1.0.8.0)

ASCOM Intelliscope Telescope Driver 1.0.0.0 (x32 Version: 1.0.0.0)

ASCOM Meade Telescope Driver 5.0.3 (x32 Version: 5.0.3)

ASCOM Platform 5.0b (x32 Version: 5.0.22)

ASCOM Platform 5.5.1 Update  (5.5.23.18) (Version: 5.5.23.18)

BioShock Infinite (x32)

Bonjour (Version: 3.0.0.10)

calibre 64bit (Version: 0.9.10)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)

Canon MG2100 series MP Drivers

Canon MG2100 series On-screen Manual (x32)

Canon MG2100 series User Registration (x32)

Canon MP Navigator EX 5.0 (x32)

Canon My Printer (x32)

Canon Solution Menu EX (x32)

Catalyst Control Center - Branding (x32 Version: 1.00.0000)

Catalyst Control Center (x32 Version: 2012.1219.1521.27485)

Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)

Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)

Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)

CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)

CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)

CCC Help Czech (x32 Version: 2012.1219.1520.27485)

CCC Help Danish (x32 Version: 2012.1219.1520.27485)

CCC Help Dutch (x32 Version: 2012.1219.1520.27485)

CCC Help English (x32 Version: 2012.1219.1520.27485)

CCC Help Finnish (x32 Version: 2012.1219.1520.27485)

CCC Help French (x32 Version: 2012.1219.1520.27485)

CCC Help German (x32 Version: 2012.1219.1520.27485)

CCC Help Greek (x32 Version: 2012.1219.1520.27485)

CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)

CCC Help Italian (x32 Version: 2012.1219.1520.27485)

CCC Help Japanese (x32 Version: 2012.1219.1520.27485)

CCC Help Korean (x32 Version: 2012.1219.1520.27485)

CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)

CCC Help Polish (x32 Version: 2012.1219.1520.27485)

CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)

CCC Help Russian (x32 Version: 2012.1219.1520.27485)

CCC Help Spanish (x32 Version: 2012.1219.1520.27485)

CCC Help Swedish (x32 Version: 2012.1219.1520.27485)

CCC Help Thai (x32 Version: 2012.1219.1520.27485)

CCC Help Turkish (x32 Version: 2012.1219.1520.27485)

ccc-utility64 (Version: 2012.1219.1521.27485)

dBpoweramp DSP Effects (x32 Version: Release 9)

dBpoweramp Music Converter (x32 Version: Release 14.4)

Dolby Home Theater v4 (x32 Version: 7.2.7000.7)

Dropbox (HKCU Version: 2.0.22)

Easy Exif Delete (x32 Version: 1.0)

EQMOD EQASCOM Telescope Driver V1.22j (x32 Version: 122j)

Etron USB3.0 Host Controller (x32 Version: 0.104)

Fallout: New Vegas (x32)

Google Chrome (HKCU Version: 31.0.1650.57)

Gpg4win (2.1.1) (x32 Version: 2.1.1)

Half-Life 2 (x32)

Hitman: Absolution (x32)

Intel® Control Center (x32 Version: 1.2.1.1007)

Intel® Management Engine Components (x32 Version: 7.0.0.1118)

Intel® Processor Graphics (x32 Version: 9.17.10.3347)

Intel® Rapid Storage Technology (x32 Version: 10.6.0.1002)

iTunes (Version: 11.1.3.8)

Java 7 Update 45 (x32 Version: 7.0.450)

Java Auto Updater (x32 Version: 2.1.9.8)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

Mass Effect™ 3 (x32 Version: 1.0.0.0)

MeadeLX200GPS 5.0.0 (x32 Version: 5.0.0)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)

Microsoft Security Client (Version: 4.4.0304.0)

Microsoft Security Essentials (Version: 4.4.304.0)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Mozilla Firefox 13.0.1 (x86 en-US) (HKCU Version: 13.0.1)

NVIDIA PhysX (x32 Version: 9.11.1107)

ON_OFF Charge B11.0110.1 (x32 Version: 1.00.0001)

OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)

Portal (x32)

Portal 2 (x32)

QuickTime (x32 Version: 7.74.80.86)

Realtek Ethernet Controller Driver (x32 Version: 7.46.531.2011)

Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6409)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6423)

ResumeMaker (x32)

Silvestri Comp Review PN 4e (x32)

Speccy (Version: 1.22)

Starry Night Orion Special Edition (x32 Version: 6.4.3)

Steam (x32 Version: 1.0.0.0)

Switch Sound File Converter (x32)

The Elder Scrolls V: Skyrim (x32)

TrueCrypt (x32 Version: 7.1a)

Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)

VLC media player 2.0.2 (x32 Version: 2.0.2)

WinRAR 4.20 (64-bit) (Version: 4.20.0)

 

==================== Restore Points  =========================

 

23-11-2013 19:31:17 Windows Update

27-11-2013 17:26:23 Windows Update

28-11-2013 19:09:19 Windows Update

01-12-2013 04:07:46 Installed Ad-Aware AdBlocker (Alpha)

01-12-2013 04:19:17 Installed AVG 2014

01-12-2013 04:19:27 Installed AVG 2014

01-12-2013 04:36:35 Installed AVG PC TuneUp 2014

01-12-2013 04:55:33 Removed AVG PC TuneUp 2014

01-12-2013 04:56:19 Removed AVG PC TuneUp 2014 (en-US)

01-12-2013 05:02:06 Removed Visual Studio 2012 x86 Redistributables

01-12-2013 17:43:10 Removed Ad-Aware AdBlocker (Alpha)

01-12-2013 17:46:28 Removed AVG 2014

01-12-2013 17:50:04 Removed AVG 2014

01-12-2013 17:54:00 Removed Visual Studio 2012 x86 Redistributables

01-12-2013 17:54:10 Removed Visual Studio 2012 x64 Redistributables

01-12-2013 17:55:25 Removed NCLEX Tutorial

 

==================== Hosts content: ==========================

 

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {2769A2DA-DBF8-40C3-A3E1-B939FA6517D1} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: {5CEC5948-426C-47CD-8574-C3D0D6A279A2} - \BackgroundContainer Startup Task No Task File

Task: {84326AEE-FA5B-4ACF-8F86-9EA62F8B0D35} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {B650281A-892D-41CA-A9E7-234F7C80A184} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)

Task: {D2B332B1-867D-4D76-97EB-63672CBECB7F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3713480774-3987587711-3991604181-1000UA => C:\Users\Aliceann\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)

Task: {DE65B93B-88B3-4134-B125-1D5CCCB4E9B8} - System32\Tasks\Google Updater and Installer => C:\Users\Aliceann\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)

Task: {EDD80B97-A56E-4847-A4DF-FB6F670ACC8B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3713480774-3987587711-3991604181-1000Core => C:\Users\Aliceann\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3713480774-3987587711-3991604181-1000Core.job => C:\Users\Aliceann\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3713480774-3987587711-3991604181-1000UA.job => C:\Users\Aliceann\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-05-28 10:44 - 2013-05-28 10:44 - 00221184 _____ () C:\GnuPG\libksba-8.dll

2013-05-28 10:42 - 2013-05-28 10:42 - 00037888 _____ () C:\GnuPG\libgpg-error-0.dll

2013-05-28 10:41 - 2013-05-28 10:41 - 00050176 _____ () C:\GnuPG\libw32pth-0.dll

2013-05-28 10:44 - 2013-05-28 10:44 - 00069632 _____ () C:\GnuPG\libassuan-0.dll

2013-05-28 10:45 - 2013-05-28 10:45 - 00627712 _____ () C:\GnuPG\libgcrypt-11.dll

2013-03-12 16:10 - 2013-10-24 11:45 - 00691200 _____ () B:\Steam\SDL2.dll

2012-03-17 20:40 - 2013-10-30 13:25 - 01123240 _____ () B:\Steam\bin\chromehtml.DLL

2012-03-17 20:40 - 2013-10-23 14:07 - 20625832 _____ () B:\Steam\bin\libcef.dll

2012-03-17 20:40 - 2013-06-14 17:49 - 01100800 _____ () B:\Steam\bin\avcodec-53.dll

2012-03-17 20:40 - 2013-06-14 17:49 - 00124416 _____ () B:\Steam\bin\avutil-51.dll

2012-03-17 20:40 - 2013-06-14 17:49 - 00192000 _____ () B:\Steam\bin\avformat-53.dll

2013-08-31 15:53 - 2013-08-31 15:53 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1beb84c27c2edeb38839916524b9df4d\IsdiInterop.ni.dll

2012-02-13 18:22 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2013-11-18 23:40 - 2013-11-14 05:28 - 00702416 _____ () C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\31.0.1650.57\libglesv2.dll

2013-11-18 23:40 - 2013-11-14 05:28 - 00099792 _____ () C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\31.0.1650.57\libegl.dll

2013-11-18 23:40 - 2013-11-14 05:29 - 04055504 _____ () C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll

2013-11-18 23:40 - 2013-11-14 05:29 - 00399312 _____ () C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll

2013-11-18 23:40 - 2013-11-14 05:28 - 01619408 _____ () C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll

2013-11-18 23:40 - 2013-11-14 05:29 - 13582800 _____ () C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (12/01/2013 02:05:41 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 01:58:21 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 01:44:18 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 00:04:08 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 11:57:23 AM) (Source: Application Hang) (User: )

Description: The program UNWISE.EXE version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 1550

 

Start Time: 01ceeebe945b09d3

 

Termination Time: 1

 

Application Path: B:\Programs\Resume\RESUME~1\UNWISE.EXE

 

Report Id: 060a4eb2-5ab2-11e3-98ee-50e549c6b5a0

 

Error: (12/01/2013 11:55:26 AM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.

 

System Error:

The system cannot find the file specified.

.

 

Error: (12/01/2013 11:54:27 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 11:47:22 AM) (Source: Application Hang) (User: )

Description: The program chrome.exe version 31.0.1650.57 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 1c08

 

Start Time: 01ceeebcbd2c8403

 

Termination Time: 7

 

Application Path: C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe

 

Report Id: 9fab9c40-5ab0-11e3-98c9-50e549c6b5a0

 

Error: (12/01/2013 11:43:53 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 11:23:09 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (12/01/2013 01:13:19 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.

 

Error: (12/01/2013 01:11:43 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.

 

Error: (12/01/2013 00:06:46 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.

 

Error: (12/01/2013 00:02:34 PM) (Source: WMPNetworkSvc) (User: )

Description: 0x80070057

 

Error: (12/01/2013 00:02:34 PM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0xc00d4268

 

Error: (12/01/2013 00:02:33 PM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0xc00d4268

 

Error: (12/01/2013 11:52:49 AM) (Source: WMPNetworkSvc) (User: )

Description: 0x80070057

 

Error: (12/01/2013 11:52:49 AM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0xc00d4268

 

Error: (12/01/2013 11:52:49 AM) (Source: WMPNetworkSvc) (User: )

Description: 0x80070057

 

Error: (12/01/2013 11:52:49 AM) (Source: WMPNetworkSvc) (User: )

Description: WMPNetworkSvc0xc00d4268

 

 

Microsoft Office Sessions:

=========================

Error: (12/01/2013 02:05:41 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 01:58:21 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 01:44:18 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 00:04:08 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 11:57:23 AM) (Source: Application Hang)(User: )

Description: UNWISE.EXE0.0.0.0155001ceeebe945b09d31B:\Programs\Resume\RESUME~1\UNWISE.EXE060a4eb2-5ab2-11e3-98ee-50e549c6b5a0

 

Error: (12/01/2013 11:55:26 AM) (Source: Microsoft-Windows-CAPI2)(User: )

Description: 

Details:

AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.

 

System Error:

The system cannot find the file specified.

 

Error: (12/01/2013 11:54:27 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 11:47:22 AM) (Source: Application Hang)(User: )

Description: chrome.exe31.0.1650.571c0801ceeebcbd2c84037C:\Users\Aliceann\AppData\Local\Google\Chrome\Application\chrome.exe9fab9c40-5ab0-11e3-98c9-50e549c6b5a0

 

Error: (12/01/2013 11:43:53 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (12/01/2013 11:23:09 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 29%

Total physical RAM: 8109.11 MB

Available physical RAM: 5706.14 MB

Total Pagefile: 16216.4 MB

Available Pagefile: 13489.88 MB

Total Virtual: 8192 MB

Available Virtual: 8191.79 MB

 

==================== Drives ================================

 

Drive b: (Save Here) (Fixed) (Total:931.51 GB) (Free:686.46 GB) NTFS

Drive c: (SSD) (Fixed) (Total:111.69 GB) (Free:55.7 GB) NTFS

Drive d: (Setup) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: BC4B59AD)

Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 93BC981D)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

It was downloaded in an attempt to make everything more secure. It was uninstalled, as far as I know. If it is still on my system, how do I get every last bit of it off of here?

 

Do you see anything else that needs to be removed? Also, are Microsoft Security Essentials and Malwarebytes enough to keep me protected? I would like to clean up my PC and have as little software installed, as possible, but still have adequate software coverage to prevent future issues with malware, etc.

Link to post
Share on other sites

Lavasoft adblock is still showing as installed, run the following and see if it will uninstall:

 

Please download and install Revo Uninstaller Free

 

 

  •  

     

  • Double click Revo Uninstaller to run it.

     

     

  • From the list of programs double click on The Program to remove

     

     

  • When prompted if you want to uninstall click Yes.

     

     

  • Be sure the Moderate option is selected then click Next.

     

     

  • The program will run, If prompted again click Yes

     

     

  • When the built-in uninstaller is finished click on Next.

     

     

  • Once the program has searched for leftovers click Next.

     

     

  • Check/tick the bolded items only on the list then click Delete

     

     

  • When prompted click on Yes and then on next.

     

     

  • Put a check on any folders that are found and select delete

     

     

  • When prompted select yes then on next

     

     

  • Once done click Finish.

     

     

 

 

Next,

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Post the produced log...

 

Let me know how your system responds, also if any remaining issues or concerns....

 

This is my own security set up, maybe you find useful information....

 

Windows own Firewall, Microsoft Security Essentials and Malwarebytes Pro. Windows FW and MSE are free, MB does also have a free version, however I prefer the pro version as it provides auto updates and realtime protection. Cost is about £20 for a lifetime license.

 

As an extra layer I also use WinPatrol, the free version is adeqaute for general home use. Available here: http://www.winpatrol.com/download.html

 

For my browser I use Firefox with these addons: Web of Trust, Adblock Plus, Flash Block, NoScipt, Ghostery. When Firefox is open select these keys together :- Ctrl - Shift - A that will access Addons manger, this gives access to find addons, use, start, stop or disable those features etc....

Before using NoScript read from this link http://noscript.net/ makes it easy to understand....

 

Understanding Windows 7 Firewall - http://windows.microsoft.com/en-GB/windows7/Understanding-Windows-Firewall-settings

 

Understanding Microsoft Security Essentials - http://www.microsoft.com/en-gb/security/pc-security/mse.aspx

 

Understanding Malwarebytes, how to create an exclusion in MSE - http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=162100entry162100

 

Understanding WinPatrol - http://www.winpatrol.com/features.html

 

I also use the Professional version of Sandboxie, I believe there is also free version available. Visit this link http://www.sandboxie.com/ for access to d/l, also make sure to use the "Help and FAQ" option to understand its uses, specifically how to run your browser sandboxed!.

 

 

 

 

fixlist.txt

Link to post
Share on other sites

Here is the fixlog. I am currently running a full Malwarebytes scan and will post the results when it is complete. As for finding the Lavasoft Adblock, Revo Uninstaller didn't find it, either.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2013
Ran by Aliceann at 2013-12-01 15:35:01 Run:1
Running from C:\Users\Aliceann\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
MountPoints2: {3004797c-b98d-11e1-8cfd-50e549c6b5a0} - E:\LaunchU3.exe -a
MountPoints2: {e6f6c488-56a2-11e1-8aed-806e6f6e6963} - D:\Setup.exe
C:\Users\Aliceann\AppData\Local\Temp\Quarantine.exe
C:\Users\Aliceann\AppData\Local\Temp\tbSwee.dll
Task: {5CEC5948-426C-47CD-8574-C3D0D6A279A2} - \BackgroundContainer Startup Task No Task File
End
 
 
 
*****************
 
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3004797c-b98d-11e1-8cfd-50e549c6b5a0} => Key deleted successfully.
HKCR\CLSID\{3004797c-b98d-11e1-8cfd-50e549c6b5a0} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6f6c488-56a2-11e1-8aed-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{e6f6c488-56a2-11e1-8aed-806e6f6e6963} => Key not found.
C:\Users\Aliceann\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Aliceann\AppData\Local\Temp\tbSwee.dll => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5CEC5948-426C-47CD-8574-C3D0D6A279A2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CEC5948-426C-47CD-8574-C3D0D6A279A2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task => Key deleted successfully.
 
==== End of Fixlog ====
Link to post
Share on other sites

Here is the Malwarebytes log:

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.01.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Aliceann :: ALICEANN-PC [administrator]
 
Protection: Enabled
 
12/1/2013 3:36:12 PM
mbam-log-2013-12-01 (15-36-12).txt
 
Scan type: Full scan (B:\|C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364812
Time elapsed: 23 minute(s), 3 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 2
B:\firstrow_download.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Connect_DLC_5\Connect_DLC_5ToolbarHelper.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
(end)
Link to post
Share on other sites

We need to run an online AV scan to ensure there are no remnants of any infection left on your system, this scan can take several hours to complete, it is very thorough and well worth running, please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report in next reply Also let me know if there are any remaining issues or concerns...

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.