Jump to content

dd678

Members
  • Content Count

    120
  • Joined

  • Last visited

About dd678

  • Rank
    Member

Previous Fields

  • TechExpress Link:
    http://www.pcpitstop.com/pcpitstop/Summary.asp?conid=8193010
  1. My modem is down and I am waiting for cable to come out there coming on Friday
  2. the computer is running any better its much slower Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-12-2013Ran by owner at 2013-12-15 18:10:53 Run:3Running from C:UsersownerDesktopBoot Mode: Normal============================================== Content of fixlist:*****************startURLSearchHook: HKLM-x32 - (No Name) - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - No FileSearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =BHO: No Name - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No FileBHO: No Name - {9D717F81-9148-4f12-8568-69135F087DB0} - No FileToolbar: HKLM-x32 - No Name - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No FileToolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No FileToolbar: HKCU - No Name - {07CBF788-1359-421B-A4E3-5A8D041B90A3} - No FileCHR DefaultSearchKeyword: search.snapdo.comCHR DefaultSearchURL: http://feed.snapdo.c...earchtype=ds&q={searchTerms}&installDate=26/11/2013CHR DefaultNewTabURL:CHR HKLM-x32...ChromeExtension: [jbkceikmmebhmgcjiemejoaeholbnnjl] - C:UsersownerAppDataLocalCREjbkceikmmebhmgcjiemejoaeholbnnjl.crxC:UsersownerAppDataLocalBest Buy pc appC:ProgramDataTrymediaC:Program FilesLevel Quality WatcherTask: {C7745FB5-FA34-4E82-863E-FD7D5565A5F2} - System32TasksRunAsStdUser Task => C:Program Files (x86)iWin GamesiWinGames.exeAlternateDataStreams: C:ProgramDataTemp:0AFF594DAlternateDataStreams: C:ProgramDataTemp:4220A65CAlternateDataStreams: C:ProgramDataTemp:815D61C4AlternateDataStreams: C:ProgramDataTemp:CFE0B346AlternateDataStreams: C:ProgramDataTemp:D4E0D1F1AlternateDataStreams: C:ProgramDataTemp:DB365884AlternateDataStreams: C:ProgramDataTemp:F1020F9BEnd ***************** HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerURLSearchHooks{07cbf788-1359-421b-a4e3-5a8d041b90a3} => Value not found.HKCUSOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.HKCRCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{31ad400d-1b06-4e33-a59a-90c2c140cba0} => Key not found.HKCRCLSID{31ad400d-1b06-4e33-a59a-90c2c140cba0} => Key not found.HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D717F81-9148-4f12-8568-69135F087DB0} => Key not found.HKCRCLSID{9D717F81-9148-4f12-8568-69135F087DB0} => Key not found.HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar{6c97a91e-4524-4019-86af-2aa2d567bf5c} => Value not found.HKCRWow6432NodeCLSID{6c97a91e-4524-4019-86af-2aa2d567bf5c} => Key not found.HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => Value not found.HKCRCLSID{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => Key not found.HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{07CBF788-1359-421B-A4E3-5A8D041B90A3} => Value not found.HKCRCLSID{07CBF788-1359-421B-A4E3-5A8D041B90A3} => Key not found.CHR DefaultSearchKeyword: search.snapdo.com ==> The Chrome "Settings" can be used to fix the entry.CHR DefaultSearchURL: http://feed.snapdo.c...earchtype=ds&q={searchTerms}&installDate=26/11/2013CHR DefaultNewTabURL: ==> The Chrome "Settings" can be used to fix the entry.HKLMSOFTWAREWow6432NodeGoogleChromeExtensionsjbkceikmmebhmgcjiemejoaeholbnnjl => Key not found."C:UsersownerAppDataLocalCREjbkceikmmebhmgcjiemejoaeholbnnjl.crx" => File/Directory not found."C:UsersownerAppDataLocalBest Buy pc app" => File/Directory not found."C:ProgramDataTrymedia" => File/Directory not found."C:Program FilesLevel Quality Watcher" => File/Directory not found.HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{C7745FB5-FA34-4E82-863E-FD7D5565A5F2} => Key not found.C:WindowsSystem32TasksRunAsStdUser Task not found.HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeRunAsStdUser Task => Key not found."C:ProgramDataTemp" => ":0AFF594D" ADS not found."C:ProgramDataTemp" => ":4220A65C" ADS not found."C:ProgramDataTemp" => ":815D61C4" ADS not found."C:ProgramDataTemp" => ":CFE0B346" ADS not found."C:ProgramDataTemp" => ":D4E0D1F1" ADS not found."C:ProgramDataTemp" => ":DB365884" ADS not found."C:ProgramDataTemp" => ":F1020F9B" ADS not found. ==== End of Fixlog ====
  3. Boot Mode: Normal============================================== Content of fixlist:*****************startURLSearchHook: HKLM-x32 - (No Name) - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - No FileSearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =BHO: No Name - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No FileBHO: No Name - {9D717F81-9148-4f12-8568-69135F087DB0} - No FileToolbar: HKLM-x32 - No Name - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No FileToolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No FileToolbar: HKCU - No Name - {07CBF788-1359-421B-A4E3-5A8D041B90A3} - No FileCHR DefaultSearchKeyword: search.snapdo.comCHR DefaultSearchURL: http://feed.snapdo.c...earchtype=ds&q={searchTerms}&installDate=26/11/2013CHR DefaultNewTabURL:CHR HKLM-x32...ChromeExtension: [jbkceikmmebhmgcjiemejoaeholbnnjl] - C:UsersownerAppDataLocalCREjbkceikmmebhmgcjiemejoaeholbnnjl.crxC:UsersownerAppDataLocalBest Buy pc appC:ProgramDataTrymediaC:Program FilesLevel Quality WatcherTask: {C7745FB5-FA34-4E82-863E-FD7D5565A5F2} - System32TasksRunAsStdUser Task => C:Program Files (x86)iWin GamesiWinGames.exeAlternateDataStreams: C:ProgramDataTemp:0AFF594DAlternateDataStreams: C:ProgramDataTemp:4220A65CAlternateDataStreams: C:ProgramDataTemp:815D61C4AlternateDataStreams: C:ProgramDataTemp:CFE0B346AlternateDataStreams: C:ProgramDataTemp:D4E0D1F1AlternateDataStreams: C:ProgramDataTemp:DB365884AlternateDataStreams: C:ProgramDataTemp:F1020F9BEnd ***************** HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerURLSearchHooks{07cbf788-1359-421b-a4e3-5a8d041b90a3} => Value not found.HKCUSOFTWAREMicrosoftInternet ExplorerSearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.HKCRCLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{31ad400d-1b06-4e33-a59a-90c2c140cba0} => Key not found.HKCRCLSID{31ad400d-1b06-4e33-a59a-90c2c140cba0} => Key not found.HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9D717F81-9148-4f12-8568-69135F087DB0} => Key not found.HKCRCLSID{9D717F81-9148-4f12-8568-69135F087DB0} => Key not found.HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar{6c97a91e-4524-4019-86af-2aa2d567bf5c} => Value not found.HKCRWow6432NodeCLSID{6c97a91e-4524-4019-86af-2aa2d567bf5c} => Key not found.HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => Value not found.HKCRCLSID{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => Key not found.HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{07CBF788-1359-421B-A4E3-5A8D041B90A3} => Value not found.HKCRCLSID{07CBF788-1359-421B-A4E3-5A8D041B90A3} => Key not found.CHR DefaultSearchKeyword: search.snapdo.com ==> The Chrome "Settings" can be used to fix the entry.CHR DefaultSearchURL: http://feed.snapdo.c...earchtype=ds&q={searchTerms}&installDate=26/11/2013CHR DefaultNewTabURL: ==> The Chrome "Settings" can be used to fix the entry.HKLMSOFTWAREWow6432NodeGoogleChromeExtensionsjbkceikmmebhmgcjiemejoaeholbnnjl => Key not found."C:UsersownerAppDataLocalCREjbkceikmmebhmgcjiemejoaeholbnnjl.crx" => File/Directory not found."C:UsersownerAppDataLocalBest Buy pc app" => File/Directory not found."C:ProgramDataTrymedia" => File/Directory not found."C:Program FilesLevel Quality Watcher" => File/Directory not found.HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{C7745FB5-FA34-4E82-863E-FD7D5565A5F2} => Key not found.C:WindowsSystem32TasksRunAsStdUser Task not found.HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeRunAsStdUser Task => Key not found."C:ProgramDataTemp" => ":0AFF594D" ADS not found."C:ProgramDataTemp" => ":4220A65C" ADS not found."C:ProgramDataTemp" => ":815D61C4" ADS not found."C:ProgramDataTemp" => ":CFE0B346" ADS not found."C:ProgramDataTemp" => ":D4E0D1F1" ADS not found."C:ProgramDataTemp" => ":DB365884" ADS not found."C:ProgramDataTemp" => ":F1020F9B" ADS not found. ==== End of Fixlog ====
  4. no when i went to the web stie you sent me to and i click on it the only option it gave me was run so i ran it
  5. how do I know where FRST/FRST64 is saved
  6. yes i deleted and re-installed google chrome it appears that scan do is gone Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-12-2013 Ran by owner (administrator) on OWNER-PC on 15-12-2013 15:22:09 Running from C:UsersownerDownloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Webroot) C:Program FilesWebrootWRSA.exe (Apple Inc.) C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (Webroot) C:Program FilesWebrootWRSA.exe (Apple Inc.) C:Program FilesBonjourmDNSResponder.exe (Acer Incorporated) C:Program Files (x86)GatewayRegistrationGREGsvc.exe (Acer Group) C:Program FilesGatewayGateway UpdaterUpdaterService.exe (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE (Intel Corporation) C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe (Intel Corporation) C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe (Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVCpl64.exe (Intel Corporation) C:WindowsSystem32hkcmd.exe (Intel Corporation) C:WindowsSystem32igfxpers.exe (Apple Inc.) C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe (Hewlett-Packard Co.) C:Program FilesHPHP Deskjet 3520 seriesBinScanToPCActivationApp.exe (IOI) C:Program Files (x86)Gateway Photo FrameButtonMonitor.exe (Microsoft Corporation) C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.EXE (Hewlett-Packard) C:Program Files (x86)HPHP Software Updatehpwuschd2.exe (Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (Apple Inc.) C:Program Files (x86)iTunesiTunesHelper.exe (Apple Inc.) C:Program FilesiPodbiniPodService.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google Inc.) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Farbar) C:UsersownerDownloadsFRST64 (1).exe ==================== Registry (Whitelisted) ================== HKLM...Run: [iAAnotif] - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe [186904 2009-06-04] (Intel Corporation) HKLM...Run: [RtHDVCpl] - C:Program FilesRealtekAudioHDARAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor) HKLM...Run: [HotKeysCmds] - "C:Windowssystem32hkcmd.exe" WinlogonNotifyigfxcui: C:Windowssystem32igfxdev.dll (Intel Corporation) HKLM...PoliciesExplorer: [NoDevMgrUpdate] 0 HKLM...PoliciesExplorer: [NoSetTaskbar] 0 HKLM...PoliciesExplorer: [NoDeletePrinter] 0 HKLM...PoliciesExplorer: [NoDFSTab] 0 HKLM...PoliciesExplorer: [NoChangeStartMenu] 0 HKLM...PoliciesExplorer: [NoEncryptOnMove] 0 HKLM...PoliciesExplorer: [NoRunasInstallPrompt] 0 HKLM...PoliciesExplorer: [NoResolveSearch] 0 HKLM...PoliciesExplorer: [NoHardwareTab] 0 HKLM...PoliciesExplorer: [NoStartMenuSubFolders] 0 HKCU...Run: [iCloudServices] - C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe [59720 2013-09-14] (Apple Inc.) HKCU...Run: [ApplePhotoStreams] - C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.) HKCU...Run: [HP Deskjet 3520 series (NET)] - C:Program FilesHPHP Deskjet 3520 seriesBinScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKCU...PoliciesExplorer: [NoDesktopCleanupWizard] 1 HKCU...PoliciesExplorer: [NoDevMgrUpdate] 0 HKCU...PoliciesExplorer: [NoSetTaskbar] 0 HKCU...PoliciesExplorer: [NoDeletePrinter] 0 HKCU...PoliciesExplorer: [NoDFSTab] 0 HKCU...PoliciesExplorer: [NoChangeStartMenu] 0 HKCU...PoliciesExplorer: [NoEncryptOnMove] 0 HKCU...PoliciesExplorer: [NoRunasInstallPrompt] 0 HKCU...PoliciesExplorer: [NoResolveSearch] 0 HKCU...PoliciesExplorer: [NoHardwareTab] 0 HKCU...PoliciesExplorer: [NoStartMenuSubFolders] 0 HKLM-x32...Run: [Gateway Photo Frame] - C:Program Files (x86)Gateway Photo FrameButtonMonitor.exe [124416 2009-07-20] (IOI) HKLM-x32...Run: [AppleSyncNotifier] - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.) HKLM-x32...Run: [APSDaemon] - C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32...Run: [Adobe ARM] - C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32...Run: [WRSVC] - C:Program FilesWebrootWRSA.exe [761408 2013-12-05] (Webroot) HKLM-x32...Run: [HP Software Update] - C:Program Files (x86)HPHP Software Updatehpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32...Run: [] - [x] HKLM-x32...Run: [QuickTime Task] - C:Program Files (x86)QuickTimeQTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32...Run: [sunJavaUpdateSched] - C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32...Run: [iTunesHelper] - C:Program Files (x86)iTunesiTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKUDefault...RunOnce: [scrSav] - C:Program Files (x86)GatewayScreensaverrun_Gateway.exe [154144 2010-07-29] () HKUDefault User...RunOnce: [scrSav] - C:Program Files (x86)GatewayScreensaverrun_Gateway.exe [154144 2010-07-29] () Startup: C:UsersownerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupOneNote 2010 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = about:blank URLSearchHook: HKLM-x32 - (No Name) - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - No File StartMenuInternet: IEXPLORE.EXE - C:Program Files (x86)Internet Exploreriexplore.exe SearchScopes: HKCU - DefaultScope {38856F97-5939-43F7-BDE9-3ED2D8FA897E} URL = https://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {38856F97-5939-43F7-BDE9-3ED2D8FA897E} URL = https://www.google.com/search?q={searchTerms} BHO: No Name - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - No File BHO: No Name - {9D717F81-9148-4f12-8568-69135F087DB0} - No File BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:Program FilesWebrootWRDataPKGVistax64wrflt.dll (Webroot) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL (Microsoft Corporation) BHO-x32: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:Program FilesWebrootWRDataPKGVistax86wrflt.dll (Webroot) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:WindowsSystem32mscoree.dll (Microsoft Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - No Name - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No File Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File Toolbar: HKCU - No Name - {07CBF788-1359-421B-A4E3-5A8D041B90A3} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB DPF: HKLM-x32 {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} TcpipParameters: [DhcpNameServer] 192.168.1.1 Chrome: ======= CHR DefaultSearchKeyword: search.snapdo.com CHR DefaultSearchProvider: Web CHR DefaultSearchURL: http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=GOB1&co=US&userid=010be0c1-df7a-e912-bdee-353e80c5571c&searchtype=ds&q={searchTerms}&installDate=26/11/2013 CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:UsersownerAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake0.5_0 CHR Extension: (Google Drive) - C:UsersownerAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf6.3_0 CHR Extension: (YouTube) - C:UsersownerAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo4.2.6_0 CHR Extension: (Google Search) - C:UsersownerAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf0.0.0.20_0 CHR Extension: (Webroot Filtering Extension) - C:UsersownerAppDataLocalGoogleChromeUser DataDefaultExtensionsdblebgkanaecgapcfefmedflbdhmblog1.0.0.21_1 CHR Extension: (Google Wallet) - C:UsersownerAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda0.0.5.0_1 CHR Extension: (Gmail) - C:UsersownerAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia7_1 CHR HKLM-x32...ChromeExtension: [dblebgkanaecgapcfefmedflbdhmblog] - C:ProgramDataWRDataPKGCHROMECHROME_1.0.0.21.crx CHR HKLM-x32...ChromeExtension: [jbkceikmmebhmgcjiemejoaeholbnnjl] - C:UsersownerAppDataLocalCREjbkceikmmebhmgcjiemejoaeholbnnjl.crx CHR HKLM-x32...ChromeExtension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:Program Files (x86)LavasoftAdAware SecureSearch Toolbarchrome-newtab-search.crx ==================== Services (Whitelisted) ================= S3 GamesAppIntegrationService; C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe [240736 2013-09-05] (WildTangent) S4 PCPitstop Scheduling; C:Program Files (x86)PCPitstopPCPitstopScheduleService.exe [77312 2008-10-21] () R2 WRSVC; C:Program FilesWebrootWRSA.exe [761408 2013-12-05] (Webroot) ==================== Drivers (Whitelisted) ==================== R0 WRkrn; C:WindowsSystem32driversWRkrn.sys [115168 2013-12-05] (Webroot) U5 AppMgmt; C:Windowssystem32svchost.exe [27136 2009-07-13] (Microsoft Corporation) S3 catchme; ??C:ComboFixcatchme.sys [x] U0 SR; U2 srservice; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-15 15:22 - 2013-12-15 15:23 - 00011574 _____ C:UsersownerDownloadsFRST.txt 2013-12-15 15:21 - 2013-12-15 15:21 - 00000000 ____D C:FRST 2013-12-15 15:20 - 2013-12-15 15:21 - 01927796 _____ (Farbar) C:UsersownerDownloadsFRST64 (1).exe 2013-12-15 15:19 - 2013-12-15 15:19 - 01060903 _____ (Farbar) C:UsersownerDownloadsFRST (1).exe 2013-12-15 15:18 - 2013-12-15 15:18 - 01060903 _____ (Farbar) C:UsersownerDownloadsFRST.exe 2013-12-15 15:14 - 2013-12-15 15:15 - 01927796 _____ (Farbar) C:UsersownerDownloadsFRST64.exe 2013-12-15 15:04 - 2013-12-15 15:04 - 00002262 _____ C:UsersPublicDesktopGoogle Chrome.lnk 2013-12-15 11:12 - 2013-12-15 11:12 - 00001268 _____ C:WindowsPFRO.log 2013-12-15 09:57 - 2013-12-15 11:06 - 00000000 ____D C:UsersownerDesktopscan 2013-12-15 09:53 - 2013-12-15 09:53 - 00021363 _____ C:UsersownerDesktopcombofix12 15 13.txt 2013-12-15 09:46 - 2013-12-15 09:46 - 00021363 _____ C:ComboFix.txt 2013-12-15 09:25 - 2013-12-15 09:25 - 00001115 _____ C:UsersownerDesktopComboFix - Shortcut.lnk 2013-12-15 09:23 - 2013-12-15 09:23 - 05154339 ____R (Swearware) C:UsersownerDownloadsComboFix.exe 2013-12-15 09:22 - 2013-12-15 09:22 - 00000000 _____ C:UsersownerDownloads7zip.exe.be186q8.partial 2013-12-14 20:59 - 2013-12-14 20:59 - 01204160 _____ (ArcadeFrontier) C:UsersownerDownloadsArcadeFrontierGames (19).exe 2013-12-14 20:59 - 2013-12-14 20:59 - 01204160 _____ (ArcadeFrontier) C:UsersownerDownloadsArcadeFrontierGames (18).exe 2013-12-14 20:59 - 2013-12-14 20:59 - 01204160 _____ (ArcadeFrontier) C:UsersownerDownloadsArcadeFrontierGames (17).exe 2013-12-13 22:20 - 2013-12-15 14:58 - 00000336 _____ C:Windowssetupact.log 2013-12-13 22:20 - 2013-12-13 22:20 - 00000000 _____ C:Windowssetuperr.log 2013-12-13 12:51 - 2013-12-13 12:51 - 00000993 _____ C:UsersownerDesktopcheckup.txt 2013-12-13 12:43 - 2013-12-13 12:43 - 00891200 _____ C:UsersownerDesktopSecurityCheck.exe 2013-12-13 12:34 - 2013-12-13 12:40 - 00043501 _____ C:UsersownerDownloadsSecurityCheck.exe.5go824x.partial 2013-12-11 23:07 - 2013-05-09 23:56 - 14631424 _____ (Microsoft Corporation) C:Windowssystem32wmp.dll 2013-12-11 23:07 - 2013-05-09 23:56 - 12625920 _____ (Microsoft Corporation) C:Windowssystem32wmploc.DLL 2013-12-11 23:07 - 2013-05-09 22:56 - 12625408 _____ (Microsoft Corporation) C:WindowsSysWOW64wmploc.DLL 2013-12-11 23:07 - 2013-05-09 22:56 - 11410432 _____ (Microsoft Corporation) C:WindowsSysWOW64wmp.dll 2013-12-11 23:05 - 2013-11-26 05:54 - 23183360 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll 2013-12-11 23:05 - 2013-11-26 04:19 - 02724864 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb 2013-12-11 23:05 - 2013-11-26 04:18 - 00004096 _____ (Microsoft Corporation) C:Windowssystem32ieetwcollectorres.dll 2013-12-11 23:05 - 2013-11-26 04:11 - 17112576 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll 2013-12-11 23:05 - 2013-11-26 03:48 - 00066048 _____ (Microsoft Corporation) C:Windowssystem32iesetup.dll 2013-12-11 23:05 - 2013-11-26 03:46 - 00048640 _____ (Microsoft Corporation) C:Windowssystem32ieetwproxystub.dll 2013-12-11 23:05 - 2013-11-26 03:41 - 02764288 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll 2013-12-11 23:05 - 2013-11-26 03:29 - 00053760 _____ (Microsoft Corporation) C:Windowssystem32jsproxy.dll 2013-12-11 23:05 - 2013-11-26 03:27 - 00033792 _____ (Microsoft Corporation) C:Windowssystem32iernonce.dll 2013-12-11 23:05 - 2013-11-26 03:23 - 02724864 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb 2013-12-11 23:05 - 2013-11-26 03:21 - 00574976 _____ (Microsoft Corporation) C:Windowssystem32ieui.dll 2013-12-11 23:05 - 2013-11-26 03:18 - 00139264 _____ (Microsoft Corporation) C:Windowssystem32ieUnatt.exe 2013-12-11 23:05 - 2013-11-26 03:18 - 00111616 _____ (Microsoft Corporation) C:Windowssystem32ieetwcollector.exe 2013-12-11 23:05 - 2013-11-26 03:16 - 00708608 _____ (Microsoft Corporation) C:Windowssystem32jscript9diag.dll 2013-12-11 23:05 - 2013-11-26 02:57 - 00218624 _____ (Microsoft Corporation) C:Windowssystem32ie4uinit.exe 2013-12-11 23:05 - 2013-11-26 02:38 - 02166784 _____ (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll 2013-12-11 23:05 - 2013-11-26 02:38 - 00043008 _____ (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll 2013-12-11 23:05 - 2013-11-26 02:35 - 05769216 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll 2013-12-11 23:05 - 2013-11-26 02:32 - 00440832 _____ (Microsoft Corporation) C:WindowsSysWOW64ieui.dll 2013-12-11 23:05 - 2013-11-26 02:28 - 00553472 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9diag.dll 2013-12-11 23:05 - 2013-11-26 02:16 - 04243968 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll 2013-12-11 23:05 - 2013-11-26 02:02 - 01995264 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl 2013-12-11 23:05 - 2013-11-26 01:48 - 12996608 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll 2013-12-11 23:05 - 2013-11-26 01:32 - 01928192 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl 2013-12-11 23:05 - 2013-11-26 01:26 - 11221504 _____ (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll 2013-12-11 23:05 - 2013-11-26 01:07 - 02334208 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll 2013-12-11 23:05 - 2013-11-26 00:40 - 01395200 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll 2013-12-11 23:05 - 2013-11-26 00:34 - 00817664 _____ (Microsoft Corporation) C:Windowssystem32ieapfltr.dll 2013-12-11 23:05 - 2013-11-26 00:34 - 00703488 _____ (Microsoft Corporation) C:WindowsSysWOW64ieapfltr.dll 2013-12-11 23:05 - 2013-11-26 00:33 - 01820160 _____ (Microsoft Corporation) C:WindowsSysWOW64wininet.dll 2013-12-11 23:05 - 2013-11-26 00:27 - 01157632 _____ (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll 2013-12-11 09:34 - 2013-11-23 12:26 - 00417792 _____ (Microsoft Corporation) C:WindowsSysWOW64WMPhoto.dll 2013-12-11 09:34 - 2013-11-23 11:47 - 00465920 _____ (Microsoft Corporation) C:Windowssystem32WMPhoto.dll 2013-12-11 09:34 - 2013-11-11 20:23 - 00002048 _____ (Microsoft Corporation) C:Windowssystem32tzres.dll 2013-12-11 09:34 - 2013-11-11 20:07 - 00002048 _____ (Microsoft Corporation) C:WindowsSysWOW64tzres.dll 2013-12-11 09:34 - 2013-10-29 20:32 - 00335360 _____ (Microsoft Corporation) C:Windowssystem32msieftp.dll 2013-12-11 09:34 - 2013-10-29 20:19 - 00301568 _____ (Microsoft Corporation) C:WindowsSysWOW64msieftp.dll 2013-12-11 09:34 - 2013-10-29 19:24 - 03155968 _____ (Microsoft Corporation) C:Windowssystem32win32k.sys 2013-12-11 09:34 - 2013-10-18 20:18 - 00081408 _____ (Microsoft Corporation) C:Windowssystem32imagehlp.dll 2013-12-11 09:34 - 2013-10-18 19:36 - 00159232 _____ (Microsoft Corporation) C:WindowsSysWOW64imagehlp.dll 2013-12-11 09:34 - 2013-10-11 20:32 - 00150016 _____ (Microsoft Corporation) C:Windowssystem32wshom.ocx 2013-12-11 09:34 - 2013-10-11 20:31 - 00202752 _____ (Microsoft Corporation) C:Windowssystem32scrrun.dll 2013-12-11 09:34 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:WindowsSysWOW64wshom.ocx 2013-12-11 09:34 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:WindowsSysWOW64scrrun.dll 2013-12-11 09:34 - 2013-10-11 19:33 - 00168960 _____ (Microsoft Corporation) C:Windowssystem32wscript.exe 2013-12-11 09:34 - 2013-10-11 19:33 - 00156160 _____ (Microsoft Corporation) C:Windowssystem32cscript.exe 2013-12-11 09:34 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:WindowsSysWOW64wscript.exe 2013-12-11 09:34 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:WindowsSysWOW64cscript.exe 2013-12-11 09:34 - 2013-10-03 20:16 - 00116736 _____ (Microsoft Corporation) C:Windowssystem32Driversdrmk.sys 2013-12-11 09:34 - 2013-10-03 19:36 - 00230400 _____ (Microsoft Corporation) C:Windowssystem32Driversportcls.sys 2013-12-11 01:49 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:Windowssystem32IEUDINIT.EXE 2013-12-11 01:47 - 2013-12-11 01:47 - 01228800 _____ (Microsoft Corporation) C:Windowssystem32mshtmlmedia.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 01051136 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtmlmedia.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00942592 _____ (Microsoft Corporation) C:Windowssystem32jsIntl.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00940032 _____ (Microsoft Corporation) C:Windowssystem32MsSpellCheckingFacility.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00645120 _____ (Microsoft Corporation) C:WindowsSysWOW64jsIntl.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00616104 _____ (Microsoft Corporation) C:WindowsSysWOW64ieapfltr.dat 2013-12-11 01:47 - 2013-12-11 01:47 - 00616104 _____ (Microsoft Corporation) C:Windowssystem32ieapfltr.dat 2013-12-11 01:47 - 2013-12-11 01:47 - 00610304 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00523776 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00454656 _____ (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00453120 _____ (Microsoft Corporation) C:Windowssystem32dxtmsft.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00413696 _____ (Microsoft Corporation) C:Windowssystem32html.iec 2013-12-11 01:47 - 2013-12-11 01:47 - 00367104 _____ (Microsoft Corporation) C:WindowsSysWOW64dxtmsft.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00337408 _____ (Microsoft Corporation) C:WindowsSysWOW64html.iec 2013-12-11 01:47 - 2013-12-11 01:47 - 00296960 _____ (Microsoft Corporation) C:Windowssystem32dxtrans.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00263376 _____ (Microsoft Corporation) C:Windowssystem32iedkcs32.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00247808 _____ (Microsoft Corporation) C:Windowssystem32msls31.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00244736 _____ (Microsoft Corporation) C:WindowsSysWOW64dxtrans.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00243200 _____ (Microsoft Corporation) C:Windowssystem32webcheck.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00238288 _____ (Microsoft Corporation) C:WindowsSysWOW64iedkcs32.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00235520 _____ (Microsoft Corporation) C:Windowssystem32url.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00235008 _____ (Microsoft Corporation) C:Windowssystem32elshyph.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00233472 _____ (Microsoft Corporation) C:WindowsSysWOW64url.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00208384 _____ (Microsoft Corporation) C:WindowsSysWOW64webcheck.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00195584 _____ (Microsoft Corporation) C:Windowssystem32msrating.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00194048 _____ (Microsoft Corporation) C:WindowsSysWOW64elshyph.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00182272 _____ (Microsoft Corporation) C:WindowsSysWOW64msls31.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00164864 _____ (Microsoft Corporation) C:WindowsSysWOW64msrating.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00151552 _____ (Microsoft Corporation) C:WindowsSysWOW64iexpress.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00139264 _____ (Microsoft Corporation) C:WindowsSysWOW64wextract.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00131072 _____ (Microsoft Corporation) C:Windowssystem32IEAdvpack.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00127488 _____ (Microsoft Corporation) C:WindowsSysWOW64occache.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00116736 _____ (Microsoft Corporation) C:WindowsSysWOW64iepeers.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00112128 _____ (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00111616 _____ (Microsoft Corporation) C:WindowsSysWOW64IEAdvpack.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00105984 _____ (Microsoft Corporation) C:Windowssystem32iesysprep.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00101376 _____ (Microsoft Corporation) C:Windowssystem32inseng.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00090112 _____ (Microsoft Corporation) C:Windowssystem32SetIEInstalledDate.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00086016 _____ (Microsoft Corporation) C:WindowsSysWOW64iesysprep.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00086016 _____ (Microsoft Corporation) C:Windowssystem32RegisterIEPKEYs.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00083456 _____ (Microsoft Corporation) C:WindowsSysWOW64inseng.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00081408 _____ (Microsoft Corporation) C:Windowssystem32icardie.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00077312 _____ (Microsoft Corporation) C:Windowssystem32tdc.ocx 2013-12-11 01:47 - 2013-12-11 01:47 - 00074240 _____ (Microsoft Corporation) C:WindowsSysWOW64SetIEInstalledDate.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00071680 _____ (Microsoft Corporation) C:WindowsSysWOW64RegisterIEPKEYs.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00069632 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtmled.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00069120 _____ (Microsoft Corporation) C:WindowsSysWOW64icardie.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00062464 _____ (Microsoft Corporation) C:WindowsSysWOW64tdc.ocx 2013-12-11 01:47 - 2013-12-11 01:47 - 00061952 _____ (Microsoft Corporation) C:WindowsSysWOW64MshtmlDac.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00061952 _____ (Microsoft Corporation) C:WindowsSysWOW64iesetup.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00056832 _____ (Microsoft Corporation) C:WindowsSysWOW64pngfilt.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00052224 _____ (Microsoft Corporation) C:Windowssystem32msfeedsbs.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00051200 _____ (Microsoft Corporation) C:WindowsSysWOW64ieetwproxystub.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00048640 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtmler.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00048640 _____ (Microsoft Corporation) C:Windowssystem32mshtmler.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00043008 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeedsbs.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00040448 _____ (Microsoft Corporation) C:Windowssystem32JavaScriptCollectionAgent.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00036352 _____ (Microsoft Corporation) C:WindowsSysWOW64imgutil.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00034816 _____ (Microsoft Corporation) C:WindowsSysWOW64JavaScriptCollectionAgent.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00032768 _____ (Microsoft Corporation) C:WindowsSysWOW64iernonce.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00030208 _____ (Microsoft Corporation) C:Windowssystem32licmgr10.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00024576 _____ (Microsoft Corporation) C:WindowsSysWOW64licmgr10.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00013312 _____ (Microsoft Corporation) C:WindowsSysWOW64mshta.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00013312 _____ (Microsoft Corporation) C:Windowssystem32msfeedssync.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00012800 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeedssync.exe 2013-12-11 01:46 - 2013-12-11 01:46 - 00774144 _____ (Microsoft Corporation) C:Windowssystem32jscript.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00626176 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00548352 _____ (Microsoft Corporation) C:Windowssystem32vbscript.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00167424 _____ (Microsoft Corporation) C:Windowssystem32iexpress.exe 2013-12-11 01:46 - 2013-12-11 01:46 - 00147968 _____ (Microsoft Corporation) C:Windowssystem32occache.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00143872 _____ (Microsoft Corporation) C:Windowssystem32wextract.exe 2013-12-11 01:46 - 2013-12-11 01:46 - 00135680 _____ (Microsoft Corporation) C:Windowssystem32iepeers.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00084992 _____ (Microsoft Corporation) C:Windowssystem32mshtmled.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00083968 _____ (Microsoft Corporation) C:Windowssystem32MshtmlDac.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00062464 _____ (Microsoft Corporation) C:Windowssystem32pngfilt.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00048128 _____ (Microsoft Corporation) C:Windowssystem32imgutil.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00013824 _____ (Microsoft Corporation) C:Windowssystem32mshta.exe 2013-12-10 19:53 - 2013-12-10 20:53 - 00692616 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe 2013-12-06 16:39 - 2013-12-13 13:09 - 00000000 ____D C:UsersownerAppDataLocalCrashDumps 2013-12-05 12:01 - 2013-12-05 12:18 - 00000000 ____D C:UsersownerAppDataRoamingGoogle 2013-12-05 12:01 - 2013-12-05 12:01 - 00002772 _____ C:WindowsSystem32TasksCCleanerSkipUAC 2013-12-05 12:01 - 2013-12-05 12:01 - 00000829 _____ C:UsersPublicDesktopCCleaner.lnk 2013-12-05 12:01 - 2013-12-05 12:01 - 00000000 ____D C:ProgramDataGoogle 2013-12-05 12:01 - 2013-12-05 12:01 - 00000000 ____D C:Program FilesGoogle 2013-12-05 12:01 - 2013-12-05 12:01 - 00000000 ____D C:Program FilesCCleaner 2013-12-01 17:17 - 2011-06-26 00:45 - 00256000 _____ C:WindowsPEV.exe 2013-12-01 17:17 - 2010-11-07 11:20 - 00208896 _____ C:WindowsMBR.exe 2013-12-01 17:17 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:WindowsNIRCMD.exe 2013-12-01 17:17 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:WindowsSWREG.exe 2013-12-01 17:17 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:WindowsSWSC.exe 2013-12-01 17:17 - 2000-08-30 18:00 - 00098816 _____ C:Windowssed.exe 2013-12-01 17:17 - 2000-08-30 18:00 - 00080412 _____ C:Windowsgrep.exe 2013-12-01 17:17 - 2000-08-30 18:00 - 00068096 _____ C:Windowszip.exe 2013-12-01 16:51 - 2013-12-15 09:46 - 00000000 ____D C:Qoobox 2013-12-01 16:51 - 2013-12-01 17:27 - 00000000 ____D C:Windowserdnt 2013-12-01 16:42 - 2013-12-01 16:42 - 00448512 _____ (OldTimer Tools) C:UsersownerDesktopTFC.exe 2013-12-01 16:40 - 2013-12-01 16:40 - 00001576 _____ C:UsersownerDesktopRKreport[0]_D_12012013_164041.txt 2013-12-01 16:31 - 2013-12-01 16:31 - 00001540 _____ C:UsersownerDesktopRKreport[0]_S_12012013_163100.txt 2013-12-01 16:19 - 2013-12-01 16:19 - 04172288 _____ C:UsersownerDownloadsRogueKillerX64 (1).exe 2013-12-01 10:36 - 2013-12-01 10:36 - 00000000 ____D C:UsersownerAppDataLocalBest Buy pc app 2013-12-01 10:20 - 2013-12-01 10:20 - 00000000 ____D C:ProgramDataTrymedia 2013-12-01 09:22 - 2013-12-01 09:22 - 00001507 _____ C:UsersownerDesktopRKreport[0]_S_12012013_092224.txt 2013-12-01 09:20 - 2013-12-01 09:20 - 00002650 _____ C:UsersownerDesktopRKreport[0]_D_12012013_092010.txt 2013-12-01 09:19 - 2013-12-01 09:19 - 00002447 _____ C:UsersownerDesktopRKreport[0]_S_12012013_091951.txt 2013-12-01 03:17 - 2013-12-01 03:17 - 00002414 _____ C:UsersownerDesktopRKreport[0]_S_12012013_031746.txt 2013-12-01 03:16 - 2013-12-01 09:20 - 00000000 ____D C:UsersownerDesktopRK_Quarantine 2013-12-01 03:14 - 2013-12-01 03:14 - 04172288 _____ C:UsersownerDownloadsRogueKillerX64.exe 2013-12-01 03:09 - 2013-12-01 03:09 - 00220027 _____ C:UsersownerDesktopJRT.txt 2013-12-01 03:01 - 2013-12-01 03:01 - 00000000 ____D C:WindowsERUNT 2013-11-30 15:02 - 2013-11-30 15:02 - 00251392 _____ C:UsersownerDownloadshijackthis_sfx (2).exe 2013-11-30 14:31 - 2013-12-15 14:58 - 00000894 _____ C:WindowsTasksGoogleUpdateTaskMachineCore1ceee0b1d5046d2.job 2013-11-30 14:31 - 2013-12-15 14:36 - 00000898 _____ C:WindowsTasksGoogleUpdateTaskMachineUA1ceee0b1fe5051e.job 2013-11-30 14:31 - 2013-11-30 14:31 - 00003894 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineUA1ceee0b1fe5051e 2013-11-30 14:31 - 2013-11-30 14:31 - 00003642 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineCore1ceee0b1d5046d2 2013-11-30 12:05 - 2013-11-30 12:05 - 00027136 _____ C:Windowssystem32bddel.exe 2013-11-30 12:05 - 2013-11-30 12:05 - 00016856 _____ C:Windowssystem32bddel.dat 2013-11-26 11:39 - 2013-11-26 11:39 - 00002595 _____ C:UsersownerAppDataRoamingMicrosoftWindowsStart MenuProgramsSearch.lnk 2013-11-26 11:34 - 2013-11-26 11:34 - 00000000 ____D C:Program FilesLevel Quality Watcher 2013-11-26 10:46 - 2013-11-26 10:46 - 00000000 ____D C:UsersownerAppDataRoamingMicrosoftWindowsStart MenuPrograms7-Zip 2013-11-26 10:46 - 2013-11-26 10:46 - 00000000 ____D C:Program Files (x86)7-Zip 2013-11-24 08:08 - 2013-11-24 08:18 - 00000000 ____D C:hijackthis 2013-11-24 08:02 - 2013-11-24 08:02 - 00028695 _____ C:UsersownerDesktopdds.txt 2013-11-24 08:02 - 2013-11-24 08:02 - 00014712 _____ C:UsersownerDesktopattach.txt 2013-11-24 07:41 - 2013-11-24 07:41 - 00000000 ____D C:UsersownerAppDataRoamingSUPERAntiSpyware.com 2013-11-23 19:02 - 2013-11-23 19:02 - 00002132 _____ C:UsersownerDesktopPC Pitstop Exterminate2.lnk 2013-11-23 16:17 - 2013-12-01 17:37 - 00000000 ____D C:Program Files (x86)Spybot - Search & Destroy 2 2013-11-23 16:17 - 2013-12-01 17:17 - 00000000 ____D C:ProgramDataSpybot - Search & Destroy 2013-11-23 16:17 - 2013-11-23 16:17 - 00000000 ____D C:WindowsSystem32TasksSafer-Networking 2013-11-23 16:13 - 2013-11-23 16:13 - 01723528 _____ C:UsersownerDownloadsAdaware_Installer.exe 2013-11-23 15:52 - 2013-11-23 15:52 - 00000000 ____D C:UsersownerAppDataRoamingLavasoftStatistics 2013-11-23 15:33 - 2013-12-12 12:18 - 00000000 ____D C:Program Files (x86)Lavasoft 2013-11-23 15:33 - 2013-11-23 15:33 - 00000000 ____D C:UsersownerAppDataRoamingSecureSearch 2013-11-23 15:31 - 2013-11-23 15:31 - 00000000 ____D C:ProgramDataLavasoft ==================== One Month Modified Files and Folders ======= 2013-12-15 15:23 - 2013-12-15 15:22 - 00011574 _____ C:UsersownerDownloadsFRST.txt 2013-12-15 15:22 - 2011-12-14 21:23 - 00000000 ____D C:ProgramDataWRData 2013-12-15 15:21 - 2013-12-15 15:21 - 00000000 ____D C:FRST 2013-12-15 15:21 - 2013-12-15 15:20 - 01927796 _____ (Farbar) C:UsersownerDownloadsFRST64 (1).exe 2013-12-15 15:19 - 2013-12-15 15:19 - 01060903 _____ (Farbar) C:UsersownerDownloadsFRST (1).exe 2013-12-15 15:18 - 2013-12-15 15:18 - 01060903 _____ (Farbar) C:UsersownerDownloadsFRST.exe 2013-12-15 15:15 - 2013-12-15 15:14 - 01927796 _____ (Farbar) C:UsersownerDownloadsFRST64.exe 2013-12-15 15:05 - 2009-07-13 22:45 - 00009920 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-15 15:05 - 2009-07-13 22:45 - 00009920 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-15 15:04 - 2013-12-15 15:04 - 00002262 _____ C:UsersPublicDesktopGoogle Chrome.lnk 2013-12-15 15:04 - 2013-10-19 11:31 - 00000000 ____D C:Program Files (x86)Google 2013-12-15 15:02 - 2007-10-10 19:39 - 01557742 _____ C:WindowsWindowsUpdate.log 2013-12-15 14:58 - 2013-12-13 22:20 - 00000336 _____ C:Windowssetupact.log 2013-12-15 14:58 - 2013-11-30 14:31 - 00000894 _____ C:WindowsTasksGoogleUpdateTaskMachineCore1ceee0b1d5046d2.job 2013-12-15 14:58 - 2013-10-19 11:31 - 00000892 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job 2013-12-15 14:58 - 2009-07-13 23:08 - 00000006 ____H C:WindowsTasksSA.DAT 2013-12-15 14:53 - 2012-04-16 06:02 - 00000830 _____ C:WindowsTasksAdobe Flash Player Updater.job 2013-12-15 14:53 - 2011-01-09 13:24 - 00000000 ____D C:UsersownerDesktopdiane 2013-12-15 14:36 - 2013-11-30 14:31 - 00000898 _____ C:WindowsTasksGoogleUpdateTaskMachineUA1ceee0b1fe5051e.job 2013-12-15 14:36 - 2013-10-19 11:31 - 00000896 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job 2013-12-15 11:16 - 2010-12-25 14:51 - 00003926 _____ C:WindowsSystem32TasksUser_Feed_Synchronization-{90967D8D-DDA1-4DB7-868D-CA97994BBF89} 2013-12-15 11:12 - 2013-12-15 11:12 - 00001268 _____ C:WindowsPFRO.log 2013-12-15 11:06 - 2013-12-15 09:57 - 00000000 ____D C:UsersownerDesktopscan 2013-12-15 09:53 - 2013-12-15 09:53 - 00021363 _____ C:UsersownerDesktopcombofix12 15 13.txt 2013-12-15 09:46 - 2013-12-15 09:46 - 00021363 _____ C:ComboFix.txt 2013-12-15 09:46 - 2013-12-01 16:51 - 00000000 ____D C:Qoobox 2013-12-15 09:39 - 2009-07-13 20:34 - 00000215 _____ C:Windowssystem.ini 2013-12-15 09:25 - 2013-12-15 09:25 - 00001115 _____ C:UsersownerDesktopComboFix - Shortcut.lnk 2013-12-15 09:23 - 2013-12-15 09:23 - 05154339 ____R (Swearware) C:UsersownerDownloadsComboFix.exe 2013-12-15 09:22 - 2013-12-15 09:22 - 00000000 _____ C:UsersownerDownloads7zip.exe.be186q8.partial 2013-12-15 09:15 - 2011-05-29 13:27 - 00000000 ____D C:UsersownerAppDataLocalGoogle 2013-12-14 23:17 - 2009-07-13 21:20 - 00000000 ____D C:Windowsrescache 2013-12-14 20:59 - 2013-12-14 20:59 - 01204160 _____ (ArcadeFrontier) C:UsersownerDownloadsArcadeFrontierGames (19).exe 2013-12-14 20:59 - 2013-12-14 20:59 - 01204160 _____ (ArcadeFrontier) C:UsersownerDownloadsArcadeFrontierGames (18).exe 2013-12-14 20:59 - 2013-12-14 20:59 - 01204160 _____ (ArcadeFrontier) C:UsersownerDownloadsArcadeFrontierGames (17).exe 2013-12-14 10:32 - 2013-08-14 21:20 - 00000000 ____D C:Windowssystem32MRT 2013-12-14 10:30 - 2010-12-15 16:58 - 90708896 _____ (Microsoft Corporation) C:Windowssystem32MRT.exe 2013-12-14 07:48 - 2012-08-04 14:31 - 00000000 ____D C:Program FilesWebroot 2013-12-13 22:20 - 2013-12-13 22:20 - 00000000 _____ C:Windowssetuperr.log 2013-12-13 13:09 - 2013-12-06 16:39 - 00000000 ____D C:UsersownerAppDataLocalCrashDumps 2013-12-13 13:09 - 2007-07-11 19:49 - 00000000 ____D C:WindowsPanther 2013-12-13 12:51 - 2013-12-13 12:51 - 00000993 _____ C:UsersownerDesktopcheckup.txt 2013-12-13 12:43 - 2013-12-13 12:43 - 00891200 _____ C:UsersownerDesktopSecurityCheck.exe 2013-12-13 12:40 - 2013-12-13 12:34 - 00043501 _____ C:UsersownerDownloadsSecurityCheck.exe.5go824x.partial 2013-12-12 12:18 - 2013-11-23 15:33 - 00000000 ____D C:Program Files (x86)Lavasoft 2013-12-12 12:14 - 2010-12-15 13:11 - 00000000 ____D C:UsersownerAppDataLocalApps2.0 2013-12-12 01:40 - 2009-07-13 23:13 - 00779306 _____ C:Windowssystem32PerfStringBackup.INI 2013-12-12 01:36 - 2009-07-13 23:09 - 00000000 ____D C:WindowsSystem32TasksWPD 2013-12-12 01:35 - 2009-07-13 22:45 - 00416688 _____ C:Windowssystem32FNTCACHE.DAT 2013-12-11 23:06 - 2010-12-15 17:34 - 00000000 ____D C:ProgramDataMicrosoft Help 2013-12-11 09:26 - 2010-12-15 13:11 - 00001420 _____ C:UsersownerAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk 2013-12-11 09:25 - 2009-07-13 21:20 - 00000000 ____D C:WindowsPolicyDefinitions 2013-12-11 01:47 - 2013-12-11 01:47 - 01228800 _____ (Microsoft Corporation) C:Windowssystem32mshtmlmedia.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 01051136 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtmlmedia.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00942592 _____ (Microsoft Corporation) C:Windowssystem32jsIntl.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00940032 _____ (Microsoft Corporation) C:Windowssystem32MsSpellCheckingFacility.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00645120 _____ (Microsoft Corporation) C:WindowsSysWOW64jsIntl.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00616104 _____ (Microsoft Corporation) C:WindowsSysWOW64ieapfltr.dat 2013-12-11 01:47 - 2013-12-11 01:47 - 00616104 _____ (Microsoft Corporation) C:Windowssystem32ieapfltr.dat 2013-12-11 01:47 - 2013-12-11 01:47 - 00610304 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00523776 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeeds.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00454656 _____ (Microsoft Corporation) C:WindowsSysWOW64vbscript.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00453120 _____ (Microsoft Corporation) C:Windowssystem32dxtmsft.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00413696 _____ (Microsoft Corporation) C:Windowssystem32html.iec 2013-12-11 01:47 - 2013-12-11 01:47 - 00367104 _____ (Microsoft Corporation) C:WindowsSysWOW64dxtmsft.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00337408 _____ (Microsoft Corporation) C:WindowsSysWOW64html.iec 2013-12-11 01:47 - 2013-12-11 01:47 - 00296960 _____ (Microsoft Corporation) C:Windowssystem32dxtrans.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00263376 _____ (Microsoft Corporation) C:Windowssystem32iedkcs32.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00247808 _____ (Microsoft Corporation) C:Windowssystem32msls31.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00244736 _____ (Microsoft Corporation) C:WindowsSysWOW64dxtrans.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00243200 _____ (Microsoft Corporation) C:Windowssystem32webcheck.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00238288 _____ (Microsoft Corporation) C:WindowsSysWOW64iedkcs32.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00235520 _____ (Microsoft Corporation) C:Windowssystem32url.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00235008 _____ (Microsoft Corporation) C:Windowssystem32elshyph.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00233472 _____ (Microsoft Corporation) C:WindowsSysWOW64url.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00208384 _____ (Microsoft Corporation) C:WindowsSysWOW64webcheck.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00195584 _____ (Microsoft Corporation) C:Windowssystem32msrating.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00194048 _____ (Microsoft Corporation) C:WindowsSysWOW64elshyph.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00182272 _____ (Microsoft Corporation) C:WindowsSysWOW64msls31.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00164864 _____ (Microsoft Corporation) C:WindowsSysWOW64msrating.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00151552 _____ (Microsoft Corporation) C:WindowsSysWOW64iexpress.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00139264 _____ (Microsoft Corporation) C:WindowsSysWOW64wextract.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00131072 _____ (Microsoft Corporation) C:Windowssystem32IEAdvpack.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00127488 _____ (Microsoft Corporation) C:WindowsSysWOW64occache.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00116736 _____ (Microsoft Corporation) C:WindowsSysWOW64iepeers.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00112128 _____ (Microsoft Corporation) C:WindowsSysWOW64ieUnatt.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00111616 _____ (Microsoft Corporation) C:WindowsSysWOW64IEAdvpack.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00105984 _____ (Microsoft Corporation) C:Windowssystem32iesysprep.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00101376 _____ (Microsoft Corporation) C:Windowssystem32inseng.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00090112 _____ (Microsoft Corporation) C:Windowssystem32SetIEInstalledDate.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00086016 _____ (Microsoft Corporation) C:WindowsSysWOW64iesysprep.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00086016 _____ (Microsoft Corporation) C:Windowssystem32RegisterIEPKEYs.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00083456 _____ (Microsoft Corporation) C:WindowsSysWOW64inseng.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00081408 _____ (Microsoft Corporation) C:Windowssystem32icardie.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00077312 _____ (Microsoft Corporation) C:Windowssystem32tdc.ocx 2013-12-11 01:47 - 2013-12-11 01:47 - 00074240 _____ (Microsoft Corporation) C:WindowsSysWOW64SetIEInstalledDate.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00071680 _____ (Microsoft Corporation) C:WindowsSysWOW64RegisterIEPKEYs.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00069632 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtmled.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00069120 _____ (Microsoft Corporation) C:WindowsSysWOW64icardie.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00062464 _____ (Microsoft Corporation) C:WindowsSysWOW64tdc.ocx 2013-12-11 01:47 - 2013-12-11 01:47 - 00061952 _____ (Microsoft Corporation) C:WindowsSysWOW64MshtmlDac.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00061952 _____ (Microsoft Corporation) C:WindowsSysWOW64iesetup.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00056832 _____ (Microsoft Corporation) C:WindowsSysWOW64pngfilt.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00052224 _____ (Microsoft Corporation) C:Windowssystem32msfeedsbs.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00051200 _____ (Microsoft Corporation) C:WindowsSysWOW64ieetwproxystub.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00048640 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtmler.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00048640 _____ (Microsoft Corporation) C:Windowssystem32mshtmler.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00043008 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeedsbs.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00040448 _____ (Microsoft Corporation) C:Windowssystem32JavaScriptCollectionAgent.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00036352 _____ (Microsoft Corporation) C:WindowsSysWOW64imgutil.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00034816 _____ (Microsoft Corporation) C:WindowsSysWOW64JavaScriptCollectionAgent.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00032768 _____ (Microsoft Corporation) C:WindowsSysWOW64iernonce.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00030208 _____ (Microsoft Corporation) C:Windowssystem32licmgr10.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00024576 _____ (Microsoft Corporation) C:WindowsSysWOW64licmgr10.dll 2013-12-11 01:47 - 2013-12-11 01:47 - 00013312 _____ (Microsoft Corporation) C:WindowsSysWOW64mshta.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00013312 _____ (Microsoft Corporation) C:Windowssystem32msfeedssync.exe 2013-12-11 01:47 - 2013-12-11 01:47 - 00012800 _____ (Microsoft Corporation) C:WindowsSysWOW64msfeedssync.exe 2013-12-11 01:46 - 2013-12-11 01:46 - 00774144 _____ (Microsoft Corporation) C:Windowssystem32jscript.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00626176 _____ (Microsoft Corporation) C:Windowssystem32msfeeds.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00548352 _____ (Microsoft Corporation) C:Windowssystem32vbscript.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00167424 _____ (Microsoft Corporation) C:Windowssystem32iexpress.exe 2013-12-11 01:46 - 2013-12-11 01:46 - 00147968 _____ (Microsoft Corporation) C:Windowssystem32occache.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00143872 _____ (Microsoft Corporation) C:Windowssystem32wextract.exe 2013-12-11 01:46 - 2013-12-11 01:46 - 00135680 _____ (Microsoft Corporation) C:Windowssystem32iepeers.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00084992 _____ (Microsoft Corporation) C:Windowssystem32mshtmled.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00083968 _____ (Microsoft Corporation) C:Windowssystem32MshtmlDac.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00062464 _____ (Microsoft Corporation) C:Windowssystem32pngfilt.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00048128 _____ (Microsoft Corporation) C:Windowssystem32imgutil.dll 2013-12-11 01:46 - 2013-12-11 01:46 - 00013824 _____ (Microsoft Corporation) C:Windowssystem32mshta.exe 2013-12-10 20:53 - 2013-12-10 19:53 - 00692616 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerApp.exe 2013-12-10 20:53 - 2012-04-16 06:02 - 00003768 _____ C:WindowsSystem32TasksAdobe Flash Player Updater 2013-12-10 20:53 - 2011-05-23 05:48 - 00071048 _____ (Adobe Systems Incorporated) C:WindowsSysWOW64FlashPlayerCPLApp.cpl 2013-12-05 12:18 - 2013-12-05 12:01 - 00000000 ____D C:UsersownerAppDataRoamingGoogle 2013-12-05 12:13 - 2012-08-04 14:31 - 00154248 _____ (Webroot) C:WindowsSysWOW64WRusr.dll 2013-12-05 12:13 - 2012-08-04 14:31 - 00115168 _____ (Webroot) C:Windowssystem32DriversWRkrn.sys 2013-12-05 12:13 - 2012-08-04 14:31 - 00104808 _____ (Webroot) C:Windowssystem32WRusr.dll 2013-12-05 12:03 - 2010-12-24 19:22 - 00000000 ____D C:UsersownerTracing 2013-12-05 12:02 - 2011-07-20 17:15 - 00000000 ____D C:WindowsMinidump 2013-12-05 12:01 - 2013-12-05 12:01 - 00002772 _____ C:WindowsSystem32TasksCCleanerSkipUAC 2013-12-05 12:01 - 2013-12-05 12:01 - 00000829 _____ C:UsersPublicDesktopCCleaner.lnk 2013-12-05 12:01 - 2013-12-05 12:01 - 00000000 ____D C:ProgramDataGoogle 2013-12-05 12:01 - 2013-12-05 12:01 - 00000000 ____D C:Program FilesGoogle 2013-12-05 12:01 - 2013-12-05 12:01 - 00000000 ____D C:Program FilesCCleaner 2013-12-03 11:23 - 2010-12-15 13:11 - 00000000 ____D C:UsersownerAppDataLocalDeployment 2013-12-01 17:37 - 2013-11-23 16:17 - 00000000 ____D C:Program Files (x86)Spybot - Search & Destroy 2 2013-12-01 17:27 - 2013-12-01 16:51 - 00000000 ____D C:Windowserdnt 2013-12-01 17:17 - 2013-11-23 16:17 - 00000000 ____D C:ProgramDataSpybot - Search & Destroy 2013-12-01 16:42 - 2013-12-01 16:42 - 00448512 _____ (OldTimer Tools) C:UsersownerDesktopTFC.exe 2013-12-01 16:40 - 2013-12-01 16:40 - 00001576 _____ C:UsersownerDesktopRKreport[0]_D_12012013_164041.txt 2013-12-01 16:31 - 2013-12-01 16:31 - 00001540 _____ C:UsersownerDesktopRKreport[0]_S_12012013_163100.txt 2013-12-01 16:19 - 2013-12-01 16:19 - 04172288 _____ C:UsersownerDownloadsRogueKillerX64 (1).exe 2013-12-01 10:36 - 2013-12-01 10:36 - 00000000 ____D C:UsersownerAppDataLocalBest Buy pc app 2013-12-01 10:20 - 2013-12-01 10:20 - 00000000 ____D C:ProgramDataTrymedia 2013-12-01 09:22 - 2013-12-01 09:22 - 00001507 _____ C:UsersownerDesktopRKreport[0]_S_12012013_092224.txt 2013-12-01 09:20 - 2013-12-01 09:20 - 00002650 _____ C:UsersownerDesktopRKreport[0]_D_12012013_092010.txt 2013-12-01 09:20 - 2013-12-01 03:16 - 00000000 ____D C:UsersownerDesktopRK_Quarantine 2013-12-01 09:19 - 2013-12-01 09:19 - 00002447 _____ C:UsersownerDesktopRKreport[0]_S_12012013_091951.txt 2013-12-01 03:17 - 2013-12-01 03:17 - 00002414 _____ C:UsersownerDesktopRKreport[0]_S_12012013_031746.txt 2013-12-01 03:14 - 2013-12-01 03:14 - 04172288 _____ C:UsersownerDownloadsRogueKillerX64.exe 2013-12-01 03:09 - 2013-12-01 03:09 - 00220027 _____ C:UsersownerDesktopJRT.txt 2013-12-01 03:03 - 2007-10-10 19:49 - 00000000 ____D C:UsersDefaultAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup 2013-12-01 03:03 - 2007-10-10 19:49 - 00000000 ____D C:UsersDefault UserAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup 2013-12-01 03:01 - 2013-12-01 03:01 - 00000000 ____D C:WindowsERUNT 2013-11-30 15:02 - 2013-11-30 15:02 - 00251392 _____ C:UsersownerDownloadshijackthis_sfx (2).exe 2013-11-30 14:31 - 2013-11-30 14:31 - 00003894 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineUA1ceee0b1fe5051e 2013-11-30 14:31 - 2013-11-30 14:31 - 00003642 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineCore1ceee0b1d5046d2 2013-11-30 12:05 - 2013-11-30 12:05 - 00027136 _____ C:Windowssystem32bddel.exe 2013-11-30 12:05 - 2013-11-30 12:05 - 00016856 _____ C:Windowssystem32bddel.dat 2013-11-26 11:39 - 2013-11-26 11:39 - 00002595 _____ C:UsersownerAppDataRoamingMicrosoftWindowsStart MenuProgramsSearch.lnk 2013-11-26 11:34 - 2013-11-26 11:34 - 00000000 ____D C:Program FilesLevel Quality Watcher 2013-11-26 10:46 - 2013-11-26 10:46 - 00000000 ____D C:UsersownerAppDataRoamingMicrosoftWindowsStart MenuPrograms7-Zip 2013-11-26 10:46 - 2013-11-26 10:46 - 00000000 ____D C:Program Files (x86)7-Zip 2013-11-26 05:54 - 2013-12-11 23:05 - 23183360 _____ (Microsoft Corporation) C:Windowssystem32mshtml.dll 2013-11-26 04:19 - 2013-12-11 23:05 - 02724864 _____ (Microsoft Corporation) C:Windowssystem32mshtml.tlb 2013-11-26 04:18 - 2013-12-11 23:05 - 00004096 _____ (Microsoft Corporation) C:Windowssystem32ieetwcollectorres.dll 2013-11-26 04:11 - 2013-12-11 23:05 - 17112576 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.dll 2013-11-26 03:48 - 2013-12-11 23:05 - 00066048 _____ (Microsoft Corporation) C:Windowssystem32iesetup.dll 2013-11-26 03:46 - 2013-12-11 23:05 - 00048640 _____ (Microsoft Corporation) C:Windowssystem32ieetwproxystub.dll 2013-11-26 03:41 - 2013-12-11 23:05 - 02764288 _____ (Microsoft Corporation) C:Windowssystem32iertutil.dll 2013-11-26 03:29 - 2013-12-11 23:05 - 00053760 _____ (Microsoft Corporation) C:Windowssystem32jsproxy.dll 2013-11-26 03:27 - 2013-12-11 23:05 - 00033792 _____ (Microsoft Corporation) C:Windowssystem32iernonce.dll 2013-11-26 03:23 - 2013-12-11 23:05 - 02724864 _____ (Microsoft Corporation) C:WindowsSysWOW64mshtml.tlb 2013-11-26 03:21 - 2013-12-11 23:05 - 00574976 _____ (Microsoft Corporation) C:Windowssystem32ieui.dll 2013-11-26 03:18 - 2013-12-11 23:05 - 00139264 _____ (Microsoft Corporation) C:Windowssystem32ieUnatt.exe 2013-11-26 03:18 - 2013-12-11 23:05 - 00111616 _____ (Microsoft Corporation) C:Windowssystem32ieetwcollector.exe 2013-11-26 03:16 - 2013-12-11 23:05 - 00708608 _____ (Microsoft Corporation) C:Windowssystem32jscript9diag.dll 2013-11-26 02:57 - 2013-12-11 23:05 - 00218624 _____ (Microsoft Corporation) C:Windowssystem32ie4uinit.exe 2013-11-26 02:38 - 2013-12-11 23:05 - 02166784 _____ (Microsoft Corporation) C:WindowsSysWOW64iertutil.dll 2013-11-26 02:38 - 2013-12-11 23:05 - 00043008 _____ (Microsoft Corporation) C:WindowsSysWOW64jsproxy.dll 2013-11-26 02:35 - 2013-12-11 23:05 - 05769216 _____ (Microsoft Corporation) C:Windowssystem32jscript9.dll 2013-11-26 02:32 - 2013-12-11 23:05 - 00440832 _____ (Microsoft Corporation) C:WindowsSysWOW64ieui.dll 2013-11-26 02:28 - 2013-12-11 23:05 - 00553472 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9diag.dll 2013-11-26 02:16 - 2013-12-11 23:05 - 04243968 _____ (Microsoft Corporation) C:WindowsSysWOW64jscript9.dll 2013-11-26 02:02 - 2013-12-11 23:05 - 01995264 _____ (Microsoft Corporation) C:Windowssystem32inetcpl.cpl 2013-11-26 01:48 - 2013-12-11 23:05 - 12996608 _____ (Microsoft Corporation) C:Windowssystem32ieframe.dll 2013-11-26 01:32 - 2013-12-11 23:05 - 01928192 _____ (Microsoft Corporation) C:WindowsSysWOW64inetcpl.cpl 2013-11-26 01:26 - 2013-12-11 23:05 - 11221504 _____ (Microsoft Corporation) C:WindowsSysWOW64ieframe.dll 2013-11-26 01:07 - 2013-12-11 23:05 - 02334208 _____ (Microsoft Corporation) C:Windowssystem32wininet.dll 2013-11-26 00:40 - 2013-12-11 23:05 - 01395200 _____ (Microsoft Corporation) C:Windowssystem32urlmon.dll 2013-11-26 00:34 - 2013-12-11 23:05 - 00817664 _____ (Microsoft Corporation) C:Windowssystem32ieapfltr.dll 2013-11-26 00:34 - 2013-12-11 23:05 - 00703488 _____ (Microsoft Corporation) C:WindowsSysWOW64ieapfltr.dll 2013-11-26 00:33 - 2013-12-11 23:05 - 01820160 _____ (Microsoft Corporation) C:WindowsSysWOW64wininet.dll 2013-11-26 00:27 - 2013-12-11 23:05 - 01157632 _____ (Microsoft Corporation) C:WindowsSysWOW64urlmon.dll 2013-11-24 08:18 - 2013-11-24 08:08 - 00000000 ____D C:hijackthis 2013-11-24 08:02 - 2013-11-24 08:02 - 00028695 _____ C:UsersownerDesktopdds.txt 2013-11-24 08:02 - 2013-11-24 08:02 - 00014712 _____ C:UsersownerDesktopattach.txt 2013-11-24 07:41 - 2013-11-24 07:41 - 00000000 ____D C:UsersownerAppDataRoamingSUPERAntiSpyware.com 2013-11-24 06:50 - 2013-08-24 09:50 - 00000000 ____D C:ProgramDataPCPitstop 2013-11-24 04:10 - 2009-07-13 21:20 - 00000000 ____D C:Windowssystem32NDF 2013-11-23 19:02 - 2013-11-23 19:02 - 00002132 _____ C:UsersownerDesktopPC Pitstop Exterminate2.lnk 2013-11-23 19:02 - 2013-08-24 09:47 - 00000000 ____D C:Program Files (x86)PCPitstop 2013-11-23 18:10 - 2010-12-15 13:09 - 00000000 ___RD C:UsersownerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup 2013-11-23 16:17 - 2013-11-23 16:17 - 00000000 ____D C:WindowsSystem32TasksSafer-Networking 2013-11-23 16:13 - 2013-11-23 16:13 - 01723528 _____ C:UsersownerDownloadsAdaware_Installer.exe 2013-11-23 15:52 - 2013-11-23 15:52 - 00000000 ____D C:UsersownerAppDataRoamingLavasoftStatistics 2013-11-23 15:33 - 2013-11-23 15:33 - 00000000 ____D C:UsersownerAppDataRoamingSecureSearch 2013-11-23 15:31 - 2013-11-23 15:31 - 00000000 ____D C:ProgramDataLavasoft 2013-11-23 12:26 - 2013-12-11 09:34 - 00417792 _____ (Microsoft Corporation) C:WindowsSysWOW64WMPhoto.dll 2013-11-23 11:47 - 2013-12-11 09:34 - 00465920 _____ (Microsoft Corporation) C:Windowssystem32WMPhoto.dll ==================== Bamital & volsnap Check ================= C:WindowsSystem32winlogon.exe => MD5 is legit C:WindowsSystem32wininit.exe => MD5 is legit C:WindowsSysWOW64wininit.exe => MD5 is legit C:Windowsexplorer.exe => MD5 is legit C:WindowsSysWOW64explorer.exe => MD5 is legit C:WindowsSystem32svchost.exe => MD5 is legit C:WindowsSysWOW64svchost.exe => MD5 is legit C:WindowsSystem32services.exe => MD5 is legit C:WindowsSystem32User32.dll => MD5 is legit C:WindowsSysWOW64User32.dll => MD5 is legit C:WindowsSystem32userinit.exe => MD5 is legit C:WindowsSysWOW64userinit.exe => MD5 is legit C:WindowsSystem32Driversvolsnap.sys => MD5 is legit LastRegBack: 2013-12-14 23:09 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-12-2013 Ran by owner at 2013-12-15 15:23:41 Running from C:UsersownerDownloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Webroot SecureAnywhere (Enabled - Up to date) {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Webroot SecureAnywhere (Enabled - Up to date) {27678718-4A47-3119-06F0-3719487B3EBC} ==================== Installed Programs ====================== 7-Zip 9.20 (x32) ABBYY FineReader 6.0 Sprint (x32 Version: 6.00.2146.41621) Acrobat.com (x32 Version: 1.6.65) Adobe AIR (x32 Version: 1.5.0.7220) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170) Adobe Reader X (10.1.8) (x32 Version: 10.1.8) Advertising Center (x32 Version: 0.0.0.2) Apple Application Support (x32 Version: 2.3.6) Apple Mobile Device Support (Version: 7.0.0.117) Apple Software Update (x32 Version: 2.1.3.127) Best Buy pc app (Version: 3.0.0.0) Bonjour (Version: 3.0.0.10) CCleaner (Version: 4.04) CleanUp! (x32) CyberLink PowerDVD 9 (x32 Version: 9.0.2931.50) D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Diner Dash (remove only) (x32) DJ3525FWUpdateAlert (x32 Version: 1.00.0000) DMUninstaller (x32) Free Opener (Version: 1.4) Garmin City Navigator North America NT 2012.30 Update (x32 Version: 15.30.0.0) Garmin Communicator Plugin (x32 Version: 3.0.1) Garmin Lifetime Updater (x32 Version: 2.0.12) Garmin USB Drivers (x32 Version: 2.3.0.0) Gateway InfoCentre (x32 Version: 3.02.3000) Gateway Photo Frame 4.2.3.10 (x32 Version: 4.2.3.10) Gateway Recovery Management (x32 Version: 4.05.3015) Gateway Registration (x32 Version: 1.03.3003) Gateway ScreenSaver (x32 Version: 1.1.0825.2010) Gateway Updater (x32 Version: 1.02.3001) Google Chrome (x32 Version: 31.0.1650.63) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320) Google Update Helper (x32 Version: 1.3.22.3) Hoyle Mahjongg (remove only) (x32) HP Deskjet 3520 series Basic Device Software (Version: 28.0.1315.0) HP Deskjet 3520 series Help (x32 Version: 27.0.0) HP Deskjet 3520 series Product Improvement Study (Version: 28.0.1315.0) HP Deskjet 3520 series Setup Guide (x32 Version: 27.0.0) HP FWUpdateEDO2 (x32 Version: 1.2.0.0) HP Photo Creations (x32 Version: 1.0.0.7702) HP Update (x32 Version: 5.005.000.002) HPDiagnosticAlert (x32 Version: 1.00.0000) I.R.I.S. OCR (x32 Version: 12.3.4.0) iCloud (Version: 3.0.2.163) Identity Card (x32 Version: 1.00.3003) ImagXpress (x32 Version: 7.0.74.0) Intel® Graphics Media Accelerator Driver Intel® Matrix Storage Manager iTunes (Version: 11.1.3.8)
  7. I go to c I go to windows I go to system32 I go to drivers and the only thing that's there is this en-us umdf 1025_acer_gateway_sx2801.mrc gm.dls mode01seto500z6007i.enc wimmount.sys
  8. once I go to drivers my options are en-us umdf 1025_acer_gateway_sx2801.mrc gm.dls mode01seto500z6007i.enc wimmount.sys
  9. ok I go to the site you recommend and I click on choose file I go to the c drive and window and there is nothing there called sysnative the only things that I have that start with sys are system system32 and syswow64
  10. i have two browsers on my computer i have been using explorer because google has that snapdo thing on it so I went to google browser and was able to paste from there. here are the logs ComboFix 13-12-13.01 - owner 12/15/2013 9:31.3.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6109.4744 [GMT -6:00] Running from: c:usersownerDownloadsComboFix.exe AV: Webroot SecureAnywhere *Disabled/Updated* {9C0666FC-6C7D-3E97-3C40-0C6B33FC7401} SP: Webroot SecureAnywhere *Disabled/Updated* {27678718-4A47-3119-06F0-3719487B3EBC} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2013-11-15 to 2013-12-15 ))))))))))))))))))))))))))))))) . . 2013-12-15 15:39 . 2013-12-15 15:39 -------- d-----w- c:usersDefaultAppDataLocaltemp 2013-12-15 15:39 . 2013-12-15 15:39 -------- d-----w- c:usersAdministratorAppDataLocaltemp 2013-12-15 15:22 . 2013-12-15 15:22 115168 ----a-w- c:windowssystem32driverszTCpAlmQ.sys 2013-12-13 15:43 . 2013-11-08 03:12 10285968 ----a-w- c:programdataMicrosoftWindows DefenderDefinition Updates{9384992F-DA20-47BF-A8FD-9350E6782D08}mpengine.dll 2013-12-12 05:07 . 2013-05-10 05:56 12625920 ----a-w- c:windowssystem32wmploc.DLL 2013-12-12 05:07 . 2013-05-10 04:30 167424 ----a-w- c:program filesWindows Media Playerwmplayer.exe 2013-12-12 05:07 . 2013-05-10 03:48 164864 ----a-w- c:program files (x86)Windows Media Playerwmplayer.exe 2013-12-12 05:07 . 2013-05-10 04:56 12625408 ----a-w- c:windowsSysWow64wmploc.DLL 2013-12-12 05:07 . 2013-05-10 05:56 14631424 ----a-w- c:windowssystem32wmp.dll 2013-12-11 15:34 . 2013-10-30 02:32 335360 ----a-w- c:windowssystem32msieftp.dll 2013-12-11 07:49 . 2013-10-15 00:00 28368 ----a-w- c:windowssystem32IEUDINIT.EXE 2013-12-11 07:46 . 2013-12-11 07:46 871936 ----a-w- c:program filesInternet Exploreriedvtool.dll 2013-12-11 01:53 . 2013-12-11 02:53 692616 ----a-w- c:windowsSysWow64FlashPlayerApp.exe 2013-12-06 22:39 . 2013-12-13 19:09 -------- d-----w- c:usersownerAppDataLocalCrashDumps 2013-12-05 18:01 . 2013-12-05 18:01 -------- d-----w- c:program filesCCleaner 2013-12-05 18:01 . 2013-12-05 18:01 -------- d-----w- c:program filesGoogle 2013-11-23 22:17 . 2013-12-01 23:37 -------- d-----w- c:program files (x86)Spybot - Search & Destroy 2 2013-11-23 21:52 . 2013-11-23 21:52 -------- d-----w- c:usersownerAppDataRoamingLavasoftStatistics 2013-11-23 21:33 . 2013-11-23 21:33 -------- d-----w- c:usersownerAppDataRoamingSecureSearch 2013-11-23 21:33 . 2013-12-12 18:18 -------- d-----w- c:program files (x86)Lavasoft 2013-11-23 21:31 . 2013-11-23 21:31 -------- d-----w- c:programdataLavasoft . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-12-14 16:30 . 2010-12-15 22:58 90708896 ----a-w- c:windowssystem32MRT.exe 2013-12-11 02:53 . 2011-05-23 11:48 71048 ----a-w- c:windowsSysWow64FlashPlayerCPLApp.cpl 2013-12-05 18:13 . 2012-08-04 20:31 154248 ----a-w- c:windowsSysWow64WRusr.dll 2013-12-05 18:13 . 2012-08-04 20:31 115168 ----a-w- c:windowssystem32driversWRkrn.sys 2013-12-05 18:13 . 2012-08-04 20:31 104808 ----a-w- c:windowssystem32WRusr.dll 2013-11-11 11:50 . 2010-12-15 19:31 267936 ------w- c:windowssystem32MpSigStub.exe 2013-10-12 02:30 . 2013-11-13 13:47 830464 ----a-w- c:windowssystem32nshwfp.dll 2013-10-12 02:29 . 2013-11-13 13:47 859648 ----a-w- c:windowssystem32IKEEXT.DLL 2013-10-12 02:29 . 2013-11-13 13:47 324096 ----a-w- c:windowssystem32FWPUCLNT.DLL 2013-10-12 02:03 . 2013-11-13 13:47 656896 ----a-w- c:windowsSysWow64nshwfp.dll 2013-10-12 02:01 . 2013-11-13 13:47 216576 ----a-w- c:windowsSysWow64FWPUCLNT.DLL 2013-10-08 12:50 . 2013-10-19 14:54 96168 ----a-w- c:windowsSysWow64WindowsAccessBridge-32.dll 2013-10-05 20:25 . 2013-11-13 13:47 1474048 ----a-w- c:windowssystem32crypt32.dll 2013-10-05 19:57 . 2013-11-13 13:47 1168384 ----a-w- c:windowsSysWow64crypt32.dll 2013-10-04 02:28 . 2013-11-13 13:47 190464 ----a-w- c:windowssystem32SmartcardCredentialProvider.dll 2013-10-04 02:25 . 2013-11-13 13:47 197120 ----a-w- c:windowssystem32credui.dll 2013-10-04 02:24 . 2013-11-13 13:47 1930752 ----a-w- c:windowssystem32authui.dll 2013-10-04 01:58 . 2013-11-13 13:47 152576 ----a-w- c:windowsSysWow64SmartcardCredentialProvider.dll 2013-10-04 01:56 . 2013-11-13 13:47 168960 ----a-w- c:windowsSysWow64credui.dll 2013-10-04 01:56 . 2013-11-13 13:47 1796096 ----a-w- c:windowsSysWow64authui.dll 2013-10-03 02:23 . 2013-11-13 13:47 404480 ----a-w- c:windowssystem32gdi32.dll 2013-10-03 02:00 . 2013-11-13 13:47 311808 ----a-w- c:windowsSysWow64gdi32.dll 2013-09-28 01:09 . 2013-11-13 13:47 497152 ----a-w- c:windowssystem32driversafd.sys 2013-09-25 02:26 . 2013-11-13 13:47 95680 ----a-w- c:windowssystem32driversksecdd.sys 2013-09-25 02:26 . 2013-11-13 13:47 154560 ----a-w- c:windowssystem32driversksecpkg.sys 2013-09-25 02:23 . 2013-11-13 13:47 135680 ----a-w- c:windowssystem32sspicli.dll 2013-09-25 02:23 . 2013-11-13 13:47 28672 ----a-w- c:windowssystem32sspisrv.dll 2013-09-25 02:23 . 2013-11-13 13:47 28160 ----a-w- c:windowssystem32secur32.dll 2013-09-25 02:22 . 2013-11-13 13:47 340992 ----a-w- c:windowssystem32schannel.dll 2013-09-25 02:21 . 2013-11-13 13:47 307200 ----a-w- c:windowssystem32ncrypt.dll 2013-09-25 02:21 . 2013-11-13 13:47 1447936 ----a-w- c:windowssystem32lsasrv.dll 2013-09-25 01:58 . 2013-11-13 13:47 96768 ----a-w- c:windowsSysWow64sspicli.dll 2013-09-25 01:57 . 2013-11-13 13:47 22016 ----a-w- c:windowsSysWow64secur32.dll 2013-09-25 01:57 . 2013-11-13 13:47 247808 ----a-w- c:windowsSysWow64schannel.dll 2013-09-25 01:56 . 2013-11-13 13:47 220160 ----a-w- c:windowsSysWow64ncrypt.dll 2013-09-25 01:03 . 2013-11-13 13:47 30720 ----a-w- c:windowssystem32lsass.exe 2011-03-22 00:44 . 2011-03-22 00:44 484 ----a-w- c:program files (x86)0321201119445945.bat 2011-02-10 00:43 . 2011-02-10 00:43 484 ----a-w- c:program files (x86)0209201118434244.bat 2010-12-27 03:39 . 2010-12-27 03:39 478 ----a-w- c:program files (x86)1226201019392797.bat . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "iCloudServices"="c:program files (x86)Common FilesAppleInternet ServicesiCloudServices.exe" [2013-09-14 59720] "ApplePhotoStreams"="c:program files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe" [2013-09-15 59720] "HP Deskjet 3520 series (NET)"="c:program filesHPHP Deskjet 3520 seriesBinScanToPCActivationApp.exe" [2012-10-17 2573416] "GoogleChromeAutoLaunch_BFB1AAC9AD5759BCC5B883652DF33E69"="c:program files (x86)GoogleChromeApplicationchrome.exe" [2013-12-04 863184] . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun] "Gateway Photo Frame"="c:program files (x86)Gateway Photo FrameButtonMonitor.exe" [2009-07-20 124416] "AppleSyncNotifier"="c:program files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe" [2011-09-27 59240] "APSDaemon"="c:program files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe" [2013-09-14 59720] "Adobe ARM"="c:program files (x86)Common FilesAdobeARM1.0AdobeARM.exe" [2013-04-04 958576] "WRSVC"="c:program filesWebrootWRSA.exe" [2013-12-05 761408] "HP Software Update"="c:program files (x86)HpHP Software UpdateHPWuSchd2.exe" [2011-10-28 49208] "QuickTime Task"="c:program files (x86)QuickTimeQTTask.exe" [2013-05-01 421888] "SunJavaUpdateSched"="c:program files (x86)Common FilesJavaJava Updatejusched.exe" [2013-07-02 254336] "iTunesHelper"="c:program files (x86)iTunesiTunesHelper.exe" [2013-11-02 152392] . c:usersownerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup OneNote 2010 Screen Clipper and Launcher.lnk - c:program files (x86)Microsoft OfficeOffice14ONENOTEM.EXE /tsr [2013-6-25 228552] . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "NoDevMgrUpdate"= 0 (0x0) "NoDFSTab"= 0 (0x0) "NoEncryptOnMove"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "NoDevMgrUpdate"= 0 (0x0) "NoDFSTab"= 0 (0x0) "NoEncryptOnMove"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) . [HKEY_USERS.defaultsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "DisableLocalMachineRun"= 0 (0x0) "DisableLocalMachineRunOnce"= 0 (0x0) "DisableCurrentUserRun"= 0 (0x0) "DisableCurrentUserRunOnce"= 0 (0x0) "NoFile"= 0 (0x0) "HideClock"= 0 (0x0) "NoDevMgrUpdate"= 0 (0x0) "NoDFSTab"= 0 (0x0) "NoEncryptOnMove"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoStartMenuSubFolders"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversionwindows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows ntcurrentversiondrivers32] "aux1"=wdmaud.drv . R0 zTCpAlmQ;zTCpAlmQ;c:windowsSystem32driverszTCpAlmQ.sys;c:windowsSYSNATIVEdriverszTCpAlmQ.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe;c:windowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [x] R2 WRSVC;WRSVC;c:program filesWebrootWRSA.exe;c:program filesWebrootWRSA.exe [x] R3 GamesAppIntegrationService;GamesAppIntegrationService;c:program files (x86)WildTangent GamesAppGamesAppIntegrationService.exe;c:program files (x86)WildTangent GamesAppGamesAppIntegrationService.exe [x] R3 GamesAppService;GamesAppService;c:program files (x86)WildTangent GamesAppGamesAppService.exe;c:program files (x86)WildTangent GamesAppGamesAppService.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:windowssystem32IEEtwCollector.exe;c:windowsSYSNATIVEIEEtwCollector.exe [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:windowssystem32DRIVERSnetaapl64.sys;c:windowsSYSNATIVEDRIVERSnetaapl64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:windowssystem32driverstsusbflt.sys;c:windowsSYSNATIVEdriverstsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:windowssystem32Driversusbaapl64.sys;c:windowsSYSNATIVEDriversusbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:windowssystem32WatWatAdminSvc.exe;c:windowsSYSNATIVEWatWatAdminSvc.exe [x] R3 WSDScan;WSD Scan Support via UMB;c:windowssystem32DRIVERSWSDScan.sys;c:windowsSYSNATIVEDRIVERSWSDScan.sys [x] R4 PCPitstop Scheduling;PCPitstop Scheduling;c:program files (x86)PCPitstopPCPitstopScheduleService.exe;c:program files (x86)PCPitstopPCPitstopScheduleService.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:program filesWindows LiveMeshwlcrasvc.exe;c:program filesWindows LiveMeshwlcrasvc.exe [x] S0 WRkrn;WRkrn;c:windowsSystem32driversWRkrn.sys;c:windowsSYSNATIVEdriversWRkrn.sys [x] S2 GREGService;GREGService;c:program files (x86)GatewayRegistrationGREGsvc.exe;c:program files (x86)GatewayRegistrationGREGsvc.exe [x] S2 Updater Service;Updater Service;c:program filesGatewayGateway UpdaterUpdaterService.exe;c:program filesGatewayGateway UpdaterUpdaterService.exe [x] S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:windowssystem32DRIVERSe1y60x64.sys;c:windowsSYSNATIVEDRIVERSe1y60x64.sys [x] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:windowssystem32driversIntcHdmi.sys;c:windowsSYSNATIVEdriversIntcHdmi.sys [x] S4 eamonm;eamonm;c:windowssystem32DRIVERSeamonm.sys;c:windowsSYSNATIVEDRIVERSeamonm.sys [x] S4 ehdrv;ehdrv;c:windowssystem32DRIVERSehdrv.sys;c:windowsSYSNATIVEDRIVERSehdrv.sys [x] . . --- Other Services/Drivers In Memory --- . *Deregistered* - epfwwfpr [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftactive setupinstalled components{2D46B6DC-2207-486B-B523-A557E6D54B47}] start [bU] . [HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-12-05 08:01 1210320 ----a-w- c:program files (x86)GoogleChromeApplication31.0.1650.63Installerchrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-12-15 c:windowsTasksAdobe Flash Player Updater.job - c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-04-16 02:53] . 2013-12-15 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2013-10-19 17:31] . 2013-12-15 c:windowsTasksGoogleUpdateTaskMachineCore1ceee0b1d5046d2.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2013-10-19 17:31] . 2013-12-15 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2013-10-19 17:31] . 2013-12-15 c:windowsTasksGoogleUpdateTaskMachineUA1ceee0b1fe5051e.job - c:program files (x86)GoogleUpdateGoogleUpdate.exe [2013-10-19 17:31] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "IAAnotif"="c:program files (x86)IntelIntel Matrix Storage Manageriaanotif.exe" [2009-06-05 186904] "RtHDVCpl"="c:program filesRealtekAudioHDARAVCpl64.exe" [2009-07-20 7981088] "IgfxTray"="c:windowssystem32igfxtray.exe" [2010-08-26 161304] "HotKeysCmds"="c:windowssystem32hkcmd.exe" [2010-08-26 386584] "Persistence"="c:windowssystem32igfxpers.exe" [2010-08-26 415256] . ------- Supplementary Scan ------- . uLocal Page = c:windowssystem32blank.htm mStart Page = about:blank mLocal Page = c:windowsSysWOW64blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 192.168.1.1 . . ------- File Associations ------- . inifile=%SystemRoot%SysWow64NOTEPAD.EXE %1 JSEFile="%SystemRoot%System32WScript.exe" "%1" %* txtfile=%SystemRoot%SysWow64NOTEPAD.EXE %1 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) Toolbar-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) BHO-{31ad400d-1b06-4e33-a59a-90c2c140cba0} - (no file) BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - (no file) WebBrowser-{07CBF788-1359-421B-A4E3-5A8D041B90A3} - (no file) AddRemove-DMUninstaller - c:program filesUninstallerUninstall.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS.DefaultSoftwareMicrosoftInternet ExplorerApproved Extensions] @Denied: (2) (LocalSystem) "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce, 9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0, b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb "{D2C5E510-BE6D-42CC-9F61-E4F939078474}"=hex:51,66,7a,6c,4c,1d,38,12,7e,e6,d6, d6,5f,f0,a2,07,e0,77,a7,b9,3c,59,c0,60 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:Windowssystem32MacromedFlashFlashUtil64_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_9_900_170_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_9_900_170_ActiveX.exe" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_170.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}MiscStatus] @="0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_170.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}InprocServer32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_170.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}ToolboxBitmap32] @="c:WindowsSysWOW64MacromedFlashFlash32_11_9_900_170.ocx, 1" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}Version] @="1.0" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-444553540000}VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftOfficeCommonSmart TagActions{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftSchema LibraryActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftSchema LibraryActionsPane30] "Key"="ActionsPane3" "Location"="c:Program Files (x86)Common FilesMicrosoft SharedVSTOActionsPane3.xsd" . [HKEY_LOCAL_MACHINESYSTEMControlSet003ControlPCWSecurity] @Denied: (Full) (Everyone) . Completion time: 2013-12-15 09:46:26 ComboFix-quarantined-files.txt 2013-12-15 15:46 ComboFix2.txt 2013-12-05 17:14 ComboFix3.txt 2013-12-01 23:30 . Pre-Run: 889,081,683,968 bytes free Post-Run: 888,414,556,160 bytes free . - - End Of File - - 7CF48A62F62931C55949C1793C3FA457 Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.12.13.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 owner :: OWNER-PC [administrator] 12/15/2013 9:59:49 AM mbam-log-2013-12-15 (09-59-49).txt Scan type: Full scan (C:|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 428575 Time elapsed: 50 minute(s), 57 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  11. there are two buttons post and more reply options I press more reply options and nothing happens
  12. where is the browse button ???
  13. ok I ran the security check and I am trying to post the log but it wont let me and for the life of me I can not figure out why. I select all and copy and click on the little clip board and it asks me if I want to allow and I say yes but nothing happens so I opened another notepad just to see if I could paste and it lets me. I tried shutting down the computer waited a few minutes and I tried again and still nothing I don't know why.
  14. ok I ran the malwarebytes I don't know where the log is it did not put a copy on my desk top and I don't see it on the cdrive computer is now running worse then before very very slow I will download security check now and post the log when its done
  15. snapdo tool bar is back on google and the eset program does not have any tick boxes to tick or untick
×
×
  • Create New...