It's Cyber Monday - fantastic 70% discount

Buy Now

Limited time offer:

03

Days

/

00

Hrs

/

04

Min

/

04

Sec

I think it's a virus

Posted 3/25/2013 5:50 AM
#95284
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
I have a Toshiba Satellite C655 with Windows 7 operating system <br/> <br/>While using firefox I received a message that a pluging was disabled for my safety (I don't remember the name of it) and that I <br/>should activate it now, silly me I did, that is when my problems started. <br/> <br/>2 days ago, the short cuts on my pc started started to change it allowed me to run some virus protection but I would get a <br/>false report after running for about a min. <br/> <br/>Then it stopped allowing me to run malwarebytes or any of the other virus malware protection that I have on it. <br/>Malwarebytes chamelon would hang up. It progressed to locking me out of programs or they hang up or will not open <br/>including access to my external drives which has full windows backup for the everything that was on the computer. <br/> <br/>I tried wipping the the computer and starting over, it has improve by allowing me to go online but when I open any virus <br/>or malware protection it stops running after a minuet or so. I can not install programs unless it is done in safe mode. <br/>It is not shutting down properly, it hangs up never finishing. <br/> <br/>Also, everything disappeared on my desktop and I had to use the task manager to log off. I logged back to safe mode and tried running malwarebye, it did run and the report said there was not any infections. I logged into windows 7 normally and everthing is back for now on the desktop screen. <br/> <br/>Right now the computer is a bit slower than normal and programs and files are temperamental in opening, running and closing. <br/> <br/>P.S. I am unable to remove the old sun java although I have updated before the forum request me to do so. <br/> <br/>While running hijack this a screen popped up saying: <br/>FOR SOME reason your system denied write access to the Hosts file. If any hijacked domain are in this file, HijackThis <br/>may not be able to fix this, along with instruction on manual corrections. <br/> <br/>I am unable to run Malwarebytes and Avast or the programs will not open or gets stuck, and give false reports. <br/> <br/>CC cleaner ran to 26% then hung up. I tried it a number of times and I also let it run for over a half hour. <br/> <br/>I was unable to get the logs from DDS. I allowed DDS to run for approximately 3 1/2 hours, it showed up as running on the tasked master but never produced the logs or stopped. <br/> <br/>For all of the processed I made sure that the virus protection and firewall was off while I ran them.. <br/> <br/>I could try to run them in safe mode since I can get better results there, please let me know if you require that. <br/> <br/> <br/>Thank you <br/> <br/>Beauty <br/> <br/>-----------------=============--------------- <br/>Logfile of Trend Micro HijackThis v2.0.4 <br/>Scan saved at 11:28:56 PM, on 3/24/2013 <br/>Platform: Windows 7 SP1 (WinNT 6.00.3505) <br/>MSIE: Internet Explorer v8.00 (8.00.7601.17514) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe <br/>C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe <br/>C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe <br/>C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Avant Browser\avant.exe <br/>C:\Program Files (x86)\Avant Browser\avantvw.exe <br/>C:\Program Files (x86)\Avant Browser\webkit\chrome.exe <br/>C:\Program Files (x86)\Avant Browser\webkit\chrome.exe <br/>C:\Program Files (x86)\Avant Browser\webkit\chrome.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe <br/>C:\windows\SysWOW64\ctfmon.exe <br/>C:\Users\Toni\Desktop\HijackThis.exe <br/> <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y <br/>R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/?cid=C001B2Y <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/? <br/> <br/>LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/? <br/> <br/>LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>F2 - REG:system.ini: UserInit=userinit.exe <br/>O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee <br/> <br/>Security Scan\3.0.318\McAfeeMSS_IE.dll <br/>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files <br/> <br/>(x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files <br/> <br/>(x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll <br/>O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files <br/> <br/>(x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files <br/> <br/>(x86)\Java\jre7\bin\ssv.dll <br/>O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program <br/> <br/>Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll <br/>O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST <br/> <br/>Software\Avast\aswWebRepIE.dll <br/>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files <br/> <br/>(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files <br/> <br/>(x86)\Google\Google Toolbar\GoogleToolbar_32.dll <br/>O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files <br/> <br/>(x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files <br/> <br/>(x86)\Java\jre7\bin\jp2ssv.dll <br/>O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program <br/> <br/>Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll <br/>O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton <br/> <br/>Internet Security\Engine\18.6.0.29\coIEPlg.dll <br/>O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google <br/> <br/>\Google Toolbar\GoogleToolbar_32.dll <br/>O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST <br/> <br/>Software\Avast\aswWebRepIE.dll <br/>O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files <br/> <br/>\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll <br/>O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station <br/> <br/>\ToshibaServiceStation.exe" /hide:60 <br/>O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" <br/>O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" <br/>O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User <br/> <br/>'Default user') <br/>O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan <br/> <br/>\3.0.318\SSScheduler.exe <br/>O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component <br/> <br/>\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html <br/>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - <br/> <br/>{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer <br/> <br/>\WriterBrowserExtension.dll <br/>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - <br/> <br/>{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer <br/> <br/>\WriterBrowserExtension.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll <br/>O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C: <br/> <br/>\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL <br/>O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live <br/> <br/>\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - <br/> <br/>C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe <br/> <br/>(file missing) <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe <br/> <br/>(file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows <br/> <br/>\system32\fxssvc.exe (file missing) <br/>O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update <br/> <br/>\GoogleUpdate.exe <br/>O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater <br/> <br/>\GoogleUpdaterService.exe <br/>O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files <br/> <br/>\CheckPoint\ZAForceField\IswSvc.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) <br/>O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/> <br/>\mbamscheduler.exe <br/>O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/> <br/>\mbamservice.exe <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files <br/> <br/>(x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows <br/> <br/>\system32\lsass.exe (file missing) <br/>O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet <br/> <br/>Security\Engine\18.6.0.29\ccSvcHst.exe <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows <br/> <br/>\system32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows <br/> <br/>\system32\locator.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe <br/> <br/>(file missing) <br/>O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater <br/> <br/>\Updater.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows <br/> <br/>\System32\snmptrap.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows <br/> <br/>\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows <br/> <br/>\system32\sppsvc.exe (file missing) <br/>O23 - Service: taisregispinger - Unknown owner - C:\Program Files (x86)\TOSHIBA\ToshibaRegistration <br/> <br/>\TaisRegistPinger.exe <br/>O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station <br/> <br/>\TMachInfo.exe <br/>O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows <br/> <br/>\system32\TODDSrv.exe (file missing) <br/>O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power <br/> <br/>Saver\TosCoSrv.exe <br/>O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA <br/> <br/>HDD SSD Alert\TosSmartSrv.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows <br/> <br/>\system32\UI0Detect.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows <br/> <br/>\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe <br/> <br/>(file missing) <br/>O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files <br/> <br/>(x86)\CheckPoint\ZoneAlarm\vsmon.exe <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe <br/> <br/>(file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows <br/> <br/>\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows <br/> <br/>\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - <br/> <br/>Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/> <br/>-- <br/>End of file - 11283 bytes
Posted 3/25/2013 1:48 PM
#95285
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello :smile: </div> <br/> <br/> <br/> <br/>Right now the computer is a bit slower than normal and programs and files are temperamental in opening, running and closing. <br/> <br/> <br/> <br/>It´s probably because you have 3 active antivirus running, as they will confict with each other <br/> <br/> <br/> <br/>I´ll therefore suggest you uninstall 2 of them - Avast - or - ZoneAlarm - or -Norton Internet Security. <br/> <br/> <br/>When done, see if you can run DDS now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/25/2013 5:00 PM
#95286
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hi Touch <br/> <br/>I uninstalled the Norton Antivirus and ZoneAlarm. ZoneAlarm is a fire wall, as far as I know that is how it is merchandized, never -the-less the two of are gone. <br/> <br/>Good news! :-) Just as you implied DDS produced the logs and Malwarebytes did a full run producing a report as well. <br/> <br/>Thank you <br/> <br/>Beauty <br/> <br/>------------------------------ <br/> <br/>Malwarebytes Anti-Malware (Trial) 1.70.0.1100 <br/>www.malwarebytes.org <br/> <br/>Database version: v2013.03.24.07 <br/> <br/>Windows 7 Service Pack 1 x64 NTFS <br/>Internet Explorer 8.0.7601.17514 <br/>Toni :: TONI-PC [administrator] <br/> <br/>Protection: Enabled <br/> <br/>3/25/2013 11:44:54 AM <br/>mbam-log-2013-03-25 (11-44-54).txt <br/> <br/>Scan type: Full scan (C:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 311382 <br/>Time elapsed: 23 minute(s), 28 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 0 <br/>(No malicious items detected) <br/> <br/>(end) <br/> <br/>---------------------------------- <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_AMD64 <br/>Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.17.2 <br/>Run by Toni at 11:38:01 on 2013-03-25 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3964.2563 [GMT -4:00] <br/>. <br/>AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} <br/>SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\windows\system32\lsm.exe <br/>C:\windows\system32\svchost.exe -k DcomLaunch <br/>C:\windows\system32\svchost.exe -k RPCSS <br/>C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\windows\system32\svchost.exe -k netsvcs <br/>C:\windows\system32\svchost.exe -k LocalService <br/>C:\windows\system32\svchost.exe -k NetworkService <br/>C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>C:\windows\System32\spoolsv.exe <br/>C:\windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe <br/>C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe <br/>C:\windows\system32\TODDSrv.exe <br/>C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\windows\system32\taskhost.exe <br/>C:\windows\system32\Dwm.exe <br/>C:\windows\Explorer.EXE <br/>C:\Windows\System32\igfxtray.exe <br/>C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe <br/>C:\Windows\System32\hkcmd.exe <br/>C:\Windows\System32\igfxpers.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPEnh.exe <br/>C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe <br/>C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe <br/>C:\windows\system32\taskeng.exe <br/>C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe <br/>C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe <br/>C:\windows\system32\SearchIndexer.exe <br/>C:\Program Files\Synaptics\SynTP\SynTPHelper.exe <br/>C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe <br/>C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <br/>C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe <br/>C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe <br/>C:\windows\system32\SearchProtocolHost.exe <br/>C:\windows\system32\igfxext.exe <br/>C:\windows\system32\igfxsrvc.exe <br/>C:\windows\System32\svchost.exe -k LocalServicePeerNet <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\windows\system32\wbem\wmiprvse.exe <br/>C:\windows\system32\msiexec.exe <br/>C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe <br/>C:\windows\system32\wbem\wmiprvse.exe <br/>C:\windows\system32\sppsvc.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe <br/>C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe <br/>C:\windows\servicing\TrustedInstaller.exe <br/>C:\windows\system32\vssvc.exe <br/>C:\windows\System32\svchost.exe -k swprv <br/>C:\windows\system32\wuauclt.exe <br/>C:\windows\system32\wuauclt.exe <br/>C:\windows\system32\SearchFilterHost.exe <br/>C:\windows\SysWOW64\ctfmon.exe <br/>\\?\C:\windows\system32\wbem\WMIADAP.EXE <br/>C:\windows\SoftwareDistribution\Download\Install\dotNetFx40_Client_x86_x64.exe <br/>C:\windows\System32\cscript.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = hxxp://start.toshiba.com/?cid=C001B2Y <br/>uDefault_Page_URL = hxxp://start.toshiba.com/?cid=C001B2Y <br/>uProxyOverride = <local> <br/>mWinlogon: Userinit = userinit.exe <br/>BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll <br/>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll <br/>BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll <br/>BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll <br/>BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll <br/>TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll <br/>TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll <br/>TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" <br/>mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 <br/>mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe <br/>mPolicies-Explorer: NoActiveDesktop = dword:1 <br/>mPolicies-Explorer: NoActiveDesktopChanges = dword:1 <br/>mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 <br/>mPolicies-System: ConsentPromptBehaviorUser = dword:3 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab <br/>TCP: NameServer = 192.168.1.1 <br/>TCP: Interfaces\{EA70FC8D-8405-4E4B-A797-B87E55696DFD} : DHCPNameServer = 192.168.1.1 <br/>TCP: Interfaces\{F4717DC1-883F-4D01-A515-D6E8CA5C76EF} : DHCPNameServer = 192.168.1.1 <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll <br/>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll <br/>AppInit_DLLs= c:\progra~2\browse~1\sprote~1.dll <br/>SSODL: WebCheck - <orphaned> <br/>x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll <br/>x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll <br/>x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll <br/>x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll <br/>x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll <br/>x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe <br/>x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe <br/>x64-Run: [Persistence] C:\windows\System32\igfxpers.exe <br/>x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t <br/>x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe <br/>x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe <br/>x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE <br/>x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe <br/>x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe <br/>x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe <br/>x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe <br/>x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe <br/>x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> <br/>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> <br/>x64-Notify: igfxcui - igfxdev.dll <br/>x64-SSODL: WebCheck - <orphaned> <br/>. <br/>================= FIREFOX =================== <br/>. <br/>FF - ProfilePath - C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\sh916i90.default\ <br/>FF - prefs.js: browser.search.defaulturl - <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ <br/>FF - prefs.js: browser.search.selectedEngine - Wikipedia (en) <br/>FF - prefs.js: keyword.URL - <br/>FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll <br/>FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll <br/>FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll <br/>FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll <br/>FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll <br/>FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll <br/>FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll <br/>FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll <br/>FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll <br/>FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll <br/>FF - plugin: C:\windows\SysWOW64\npmproxy.dll <br/>FF - ExtSQL: 2013-03-23 19:25; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn <br/>FF - ExtSQL: 2013-03-23 22:05; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn <br/>FF - ExtSQL: 2013-03-24 10:46; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF <br/>FF - ExtSQL: 2013-03-24 15:27; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-24 65336] <br/>R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-3-24 1025808] <br/>R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-3-24 377920] <br/>R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-3-24 33400] <br/>R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-3-24 80816] <br/>R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-3-24 45248] <br/>R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-3-24 398184] <br/>R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-3-24 682344] <br/>R2 taisregispinger;taisregispinger;C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [2011-3-23 297344] <br/>R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2013-3-23 9216] <br/>R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-9-27 76912] <br/>R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-3-24 24176] <br/>R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2013-3-23 38096] <br/>R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-3-23 51512] <br/>R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] <br/>S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] <br/>S3 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-24 178624] <br/>S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2013-3-23 243712] <br/>S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] <br/>S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] <br/>S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2013-03-25 15:38:20 -------- d-----w- C:\5cadb8e3629b21750c23413cdd <br/>2013-03-25 15:35:26 -------- d-----w- C:\Program Files (x86)\GUM99AF.tmp <br/>2013-03-25 00:18:22 171136 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll <br/>2013-03-24 21:52:17 -------- d-----w- C:\Program Files\CCleaner <br/>2013-03-24 19:29:11 -------- d-----w- C:\Program Files (x86)\BrowseToSave <br/>2013-03-24 19:27:58 -------- d-----w- C:\Users\Toni\AppData\Roaming\CheckPoint <br/>2013-03-24 17:35:14 -------- d-----w- C:\windows\System32\drivers\NISx64\1206000.01D <br/>2013-03-24 17:24:24 861088 ----a-w- C:\windows\SysWow64\npDeployJava1.dll <br/>2013-03-24 17:24:24 782240 ----a-w- C:\windows\SysWow64\deployJava1.dll <br/>2013-03-24 17:24:14 95648 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll <br/>2013-03-24 16:35:28 -------- d-----w- C:\Program Files (x86)\VS Revo Group <br/>2013-03-24 15:58:13 -------- d-----w- C:\Users\Toni\AppData\Local\Macromedia <br/>2013-03-24 15:34:35 -------- d-----w- C:\ProgramData\McAfee Security Scan <br/>2013-03-24 15:34:32 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan <br/>2013-03-24 15:34:30 73432 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-03-24 15:34:30 693976 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe <br/>2013-03-24 15:31:25 -------- d-----w- C:\Users\Toni\AppData\Local\Adobe <br/>2013-03-24 15:29:57 -------- d-----w- C:\Program Files\Tracker Software <br/>2013-03-24 15:06:29 -------- d-----w- C:\Program Files (x86)\Marshall Plan Novel Writing Software <br/>2013-03-24 15:03:35 -------- d-----w- C:\Users\Toni\AppData\Roaming\calibre <br/>2013-03-24 15:03:26 -------- d-----w- C:\Program Files (x86)\Calibre2 <br/>2013-03-24 15:01:16 -------- d-----w- C:\ProgramData\SoftSafe <br/>2013-03-24 14:57:05 -------- d-----r- C:\Program Files (x86)\Skype <br/>2013-03-24 14:55:55 -------- d-----w- C:\ProgramData\InstallMate <br/>2013-03-24 14:54:07 -------- d-----w- C:\ProgramData\CheckPoint <br/>2013-03-24 14:46:43 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys <br/>2013-03-24 14:46:43 70992 ----a-w- C:\windows\System32\drivers\aswRdr2.sys <br/>2013-03-24 14:46:43 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys <br/>2013-03-24 14:46:43 178624 ----a-w- C:\windows\System32\drivers\aswVmm.sys <br/>2013-03-24 14:46:43 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys <br/>2013-03-24 14:46:24 41664 ----a-w- C:\windows\avastSS.scr <br/>2013-03-24 14:46:10 -------- d-----w- C:\Program Files\AVAST Software <br/>2013-03-24 14:45:48 -------- d-----w- C:\ProgramData\AVAST Software <br/>2013-03-24 14:44:42 -------- d-----w- C:\Users\Toni\AppData\Roaming\Malwarebytes <br/>2013-03-24 14:44:31 24176 ----a-w- C:\windows\System32\drivers\mbam.sys <br/>2013-03-24 14:44:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>2013-03-24 14:43:44 -------- d-----w- C:\Users\Toni\AppData\Local\Programs <br/>2013-03-24 02:11:13 27784 ----a-w- C:\windows\System32\drivers\tdcmdpst.sys <br/>2013-03-24 02:10:22 -------- dc-h--w- C:\ProgramData\{373A11D3-0B96-4E16-9184-7D0FBE86932F} <br/>2013-03-24 02:09:28 140632 ----a-w- C:\windows\System32\TODDSrv.exe <br/>2013-03-24 02:06:25 -------- d--h--w- C:\windows\msdownld.tmp <br/>2013-03-24 02:06:10 -------- d-----w- C:\Program Files\Common Files\Symantec Shared <br/>2013-03-24 02:06:07 802864 ----a-r- C:\windows\System32\drivers\NISx64\1205000.07D\SymEFA64.sys <br/>2013-03-24 02:06:07 735864 ----a-r- C:\windows\System32\drivers\NISx64\1205000.07D\srtsp64.sys <br/>2013-03-24 02:06:07 450608 ----a-r- C:\windows\System32\drivers\NISx64\1205000.07D\SymDS64.sys <br/>2013-03-24 02:06:07 40568 ----a-r- C:\windows\System32\drivers\NISx64\1205000.07D\srtspx64.sys <br/>2013-03-24 02:06:07 382072 ----a-r- C:\windows\System32\drivers\NISx64\1205000.07D\symnets.sys <br/>2013-03-24 02:06:07 171128 ----a-r- C:\windows\System32\drivers\NISx64\1205000.07D\Ironx64.sys <br/>2013-03-24 02:05:54 -------- d-----w- C:\windows\System32\drivers\NISx64\1205000.07D <br/>2013-03-24 02:05:54 -------- d-----w- C:\windows\System32\drivers\NISx64 <br/>2013-03-24 02:05:52 -------- d-----w- C:\ProgramData\Norton <br/>2013-03-24 02:05:35 -------- d-----w- C:\ProgramData\NortonInstaller <br/>2013-03-24 02:03:58 -------- d-----w- C:\windows\SysWow64\Atheros_L1e <br/>2013-03-24 02:01:29 24576 ----a-w- C:\windows\SysWow64\TSCI.dll <br/>2013-03-24 02:01:29 24576 ----a-w- C:\windows\SysWow64\THCI.dll <br/>2013-03-24 02:00:09 38096 ----a-w- C:\windows\System32\drivers\PGEffect.sys <br/>2013-03-24 01:58:08 9728 ----a-w- C:\windows\SysWow64\TCMSVR.dll <br/>2013-03-24 01:58:08 9216 ----a-w- C:\windows\System32\drivers\FwLnk.sys <br/>2013-03-24 01:58:08 152848 ----a-w- C:\windows\SysWow64\Comdlg32.ocx <br/>2013-03-24 01:58:08 1351392 ----a-w- C:\windows\SysWow64\COMCTL32.OCX <br/>2013-03-24 01:58:08 1081616 ----a-w- C:\windows\SysWow64\mscomctl.ocx <br/>2013-03-24 01:58:07 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll <br/>2013-03-24 01:58:07 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll <br/>2013-03-24 01:58:07 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe <br/>2013-03-24 01:58:07 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll <br/>2013-03-24 01:58:07 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll <br/>2013-03-24 01:58:07 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll <br/>2013-03-24 01:58:07 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll <br/>2013-03-24 01:53:48 1550848 ----a-w- C:\windows\System32\drivers\athrx.sys <br/>2013-03-24 01:53:48 -------- d-----w- C:\Program Files (x86)\Atheros <br/>2013-03-24 01:53:44 -------- d-----w- C:\ProgramData\Atheros <br/>2013-03-24 01:50:29 -------- d-----w- C:\Program Files\Synaptics <br/>2013-03-24 01:48:51 -------- d-----w- C:\windows\SysWow64\sda <br/>2013-03-24 01:48:46 9112168 ----a-w- C:\windows\SysWow64\RtsUStoricon.dll <br/>2013-03-24 01:48:46 422504 ----a-w- C:\windows\System32\RtsUStor.dll <br/>2013-03-24 01:48:46 243712 ----a-w- C:\windows\System32\drivers\RtsUStor.sys <br/>2013-03-24 01:48:46 -------- d-----w- C:\Program Files (x86)\Realtek <br/>2013-03-24 01:48:00 -------- d-----w- C:\Program Files\CONEXANT <br/>2013-03-24 01:45:06 -------- d-----w- C:\Intel <br/>2013-03-24 01:43:24 408600 ----a-w- C:\windows\System32\drivers\iaStor.sys <br/>2013-03-24 01:41:49 53248 ----a-w- C:\windows\SysWow64\CSVer.dll <br/>2013-03-24 01:31:07 -------- d-----w- C:\Users\Toni\AppData\Roaming\Avant Profiles <br/>2013-03-24 01:31:07 -------- d-----w- C:\Users\Toni\AppData\Roaming\Avant Downloader <br/>2013-03-24 01:30:53 -------- d-----w- C:\Program Files (x86)\Avant Browser <br/>2013-03-24 01:17:53 -------- d-----w- C:\ProgramData\Malwarebytes <br/>2013-03-23 23:49:49 -------- d-----w- C:\Users\Toni\AppData\Local\Google <br/>2013-03-23 23:40:55 -------- d-----w- C:\Users\Toni\AppData\Local\Best Buy pc app <br/>2013-03-23 23:32:13 -------- d-----w- C:\Users\Toni\AppData\Local\TOSHIBA_Corporation <br/>2013-03-23 23:30:52 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll <br/>2013-03-23 23:30:52 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys <br/>2013-03-23 23:30:52 1031680 ----a-w- C:\windows\System32\rdpcore.dll <br/>2013-03-23 23:30:51 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys <br/>2013-03-23 23:27:57 -------- d-----w- C:\Users\Toni\AppData\Local\Apps <br/>2013-03-23 23:27:56 -------- d-----w- C:\Users\Toni\AppData\Local\Deployment <br/>2013-03-23 23:27:17 -------- d-----w- C:\Users\Toni\AppData\Local\VirtualStore <br/>2013-03-23 23:26:48 13 --sh--r- C:\windows\System32\drivers\fbd.sys <br/>2013-03-23 23:26:36 2622464 ----a-w- C:\windows\System32\wucltux.dll <br/>2013-03-23 23:26:20 36864 ----a-w- C:\windows\System32\wuapp.exe <br/>2013-03-23 23:26:20 186752 ----a-w- C:\windows\System32\wuwebv.dll <br/>. <br/>==================== Find3M ==================== <br/>. <br/>. <br/>============= FINISH: 11:41:15.01 =============== <br/> <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft Windows 7 Home Premium <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 3/23/2013 7:25:07 PM <br/>System Uptime: 3/25/2013 11:33:42 AM (0 hours ago) <br/>. <br/>Motherboard: TOSHIBA | | Portable PC <br/>Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz | CPU | 2300/800mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 297 GiB total, 269.394 GiB free. <br/>D: is CDROM () <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>==== System Restore Points =================== <br/>. <br/>RP3: 3/23/2013 7:25:32 PM - TOSHIBA Default System Restore Point <br/>RP4: 3/23/2013 7:25:35 PM - Windows Update <br/>RP5: 3/23/2013 7:26:12 PM - Installed TOSHIBA Quality Application <br/>RP6: 3/23/2013 7:30:53 PM - Windows Update <br/>RP7: 3/24/2013 1:23:40 PM - Installed Java 7 Update 17 <br/>RP8: 3/24/2013 3:33:03 PM - Revo Uninstaller's restore point - Best Buy pc app <br/>RP9: 3/25/2013 11:37:35 AM - Windows Update <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>Adobe AIR <br/>Adobe Flash Player 11 ActiveX <br/>Adobe Flash Player 11 Plugin <br/>Adobe Reader X MUI <br/>Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver <br/>Atheros Driver Installation Program <br/>Avant Browser (remove only) <br/>avast! Free Antivirus <br/>Best Buy pc app <br/>BrowseToSave 1.74 <br/>calibre <br/>CCleaner <br/>Conexant HD Audio <br/>D3DX10 <br/>Google Chrome <br/>Google Toolbar for Internet Explorer <br/>Google Update Helper <br/>Intel(R) Graphics Media Accelerator Driver <br/>Intel® Matrix Storage Manager <br/>Java 7 Update 17 <br/>Java Auto Updater <br/>Java(TM) 6 Update 17 <br/>Junk Mail filter update <br/>Label@Once 1.0 <br/>Malwarebytes Anti-Malware version 1.70.0.1100 <br/>Marshall Plan® Novel Writing Software <br/>Mesh Runtime <br/>Microsoft .NET Framework 4 Client Profile <br/>Microsoft Application Error Reporting <br/>Microsoft Office 2010 <br/>Microsoft Silverlight <br/>Microsoft SQL Server 2005 Compact Edition [ENU] <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 <br/>Mozilla Firefox 19.0.2 (x86 en-US) <br/>Mozilla Maintenance Service <br/>MSVCRT <br/>MSVCRT_amd64 <br/>PDF-Viewer <br/>PlayReady PC Runtime amd64 <br/>PlayReady PC Runtime x86 <br/>Realtek USB 2.0 Card Reader <br/>Revo Uninstaller 1.94 <br/>Skype™ 6.3 <br/>Synaptics Pointing Device Driver <br/>TOSHIBA Application Installer <br/>TOSHIBA Assist <br/>Toshiba Book Place <br/>TOSHIBA Bulletin Board <br/>TOSHIBA Disc Creator <br/>TOSHIBA Face Recognition <br/>TOSHIBA Hardware Setup <br/>TOSHIBA HDD/SSD Alert <br/>TOSHIBA Media Controller <br/>TOSHIBA Media Controller Plug-in <br/>TOSHIBA Quality Application <br/>TOSHIBA Recovery Media Creator <br/>TOSHIBA ReelTime <br/>TOSHIBA Service Station <br/>TOSHIBA Supervisor Password <br/>TOSHIBA Value Added Package <br/>TOSHIBA Web Camera Application <br/>ToshibaRegistration <br/>Windows Live Communications Platform <br/>Windows Live Essentials <br/>Windows Live ID Sign-in Assistant <br/>Windows Live Installer <br/>Windows Live Language Selector <br/>Windows Live Mail <br/>Windows Live Mesh <br/>Windows Live Mesh ActiveX Control for Remote Connections <br/>Windows Live Messenger <br/>Windows Live MIME IFilter <br/>Windows Live Movie Maker <br/>Windows Live Photo Common <br/>Windows Live Photo Gallery <br/>Windows Live PIMT Platform <br/>Windows Live Remote Client <br/>Windows Live Remote Client Resources <br/>Windows Live Remote Service <br/>Windows Live Remote Service Resources <br/>Windows Live SOXE <br/>Windows Live SOXE Definitions <br/>Windows Live UX Platform <br/>Windows Live UX Platform Language Pack <br/>Windows Live Writer <br/>Windows Live Writer Resources <br/>WinRAR 4.01 (64-bit) <br/>ZoneAlarm Firewall <br/>ZoneAlarm LTD Toolbar <br/>ZoneAlarm Security <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>3/25/2013 11:31:41 AM, Error: Service Control Manager [7022] - The Server service hung on starting. <br/>3/25/2013 11:31:41 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: After starting, the service hung in a start-pending state. <br/>3/25/2013 11:29:50 AM, Error: Service Control Manager [7001] - The HomeGroup Listener service depends on the Server service which failed to start because of the following error: After starting, the service hung in a start-pending state. <br/>3/25/2013 11:13:12 AM, Error: Service Control Manager [7031] - The Norton Internet Security service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. <br/>3/24/2013 4:27:41 PM, Error: Service Control Manager [7022] - The Windows Search service hung on starting. <br/>3/24/2013 4:12:13 PM, Error: Service Control Manager [7022] - The Diagnostic Service Host service hung on starting. <br/>3/24/2013 4:03:15 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. <br/>3/24/2013 4:03:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} <br/>3/24/2013 4:03:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} <br/>3/24/2013 4:03:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} <br/>3/24/2013 4:03:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} <br/>3/24/2013 4:03:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} <br/>3/24/2013 4:03:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi BHDrvx64 DfsC discache eeCtrl IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx Vsdatant vwififlt Wanarpv6 WfpLwf <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The TrueVector Internet Monitor service depends on the Zone Alarm Firewall Driver service which failed to start because of the following error: A device attached to the system is not functioning. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. <br/>3/24/2013 4:02:59 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. <br/>3/24/2013 3:59:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service. <br/>3/24/2013 3:59:43 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. <br/>3/24/2013 3:42:16 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. <br/>3/24/2013 3:41:46 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service. <br/>3/24/2013 3:40:15 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service. <br/>3/24/2013 3:39:45 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service. <br/>3/24/2013 3:39:06 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. <br/>3/24/2013 3:28:12 PM, Error: Service Control Manager [7030] - The TrueVector Internet Monitor service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. <br/>3/24/2013 2:43:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi BHDrvx64 DfsC discache IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf <br/>3/24/2013 2:26:04 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi BHDrvx64 DfsC discache IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON tdx vwififlt Wanarpv6 WfpLwf <br/>3/24/2013 12:20:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service. <br/>3/24/2013 11:35:40 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the seclogon service. <br/>3/24/2013 11:35:40 AM, Error: Service Control Manager [7000] - The Secondary Logon service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. <br/>3/24/2013 10:57:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service SkypeUpdate with arguments "/ComService" in order to run the server: {CC957078-B838-47C4-A7CF-626E7A82FC58} <br/>3/24/2013 10:54:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} <br/>3/24/2013 10:52:51 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} <br/>3/24/2013 10:39:29 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 DfsC discache IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss spldr SRTSPX SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf <br/>3/24/2013 1:02:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service. <br/>3/24/2013 1:02:33 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. <br/>3/24/2013 1:02:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service. <br/>3/23/2013 7:33:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service. <br/>3/23/2013 7:33:17 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service. <br/>. <br/>==== End Of File ===========================
Posted 3/25/2013 5:20 PM
#95287
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Glad to hear there are improvements.....</div> <br/> <br/>CC cleaner ran to 26% then hung up. I tried it a number of times and I also let it run for over a half hour. <br/> <br/></div> <br/></div>Maybe worth trying Again. <br/> <br/> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;">Please download Combofix from: http://download.bleepingcomputer.com/sUBs/ComboFix.exe <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><span style="mso-spacerun: yes;"> And save to the desktop.<o:p></o:p> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p> </o:p> <br/> <br/> <br/><span lang="EN-GB" style="font-family: Arial; font-size: 9pt; mso-ansi-language: EN-GB;">After the <br/>download is complete, perform the following tasks before using the ComboFix <br/>tool to scan your PC: <br/> <br/>Exit all windows that are currently open on your computer.<o:p></o:p> <br/> <br/> <br/><span lang="EN-GB" style="font-family: Arial; font-size: 9pt; mso-ansi-language: EN-GB;">To prevent interference, <br/>temporarily disable your antivirus, antispyware, firewall and other security <br/>tools that may be running on your computer.<o:p></o:p> <br/> <br/> <br/><o:p> </o:p> <br/> <br/> <br/> <o:p></o:p> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB;">Double-click on the combofix icon found on <br/>your desktop. <o:p></o:p> <br/> <br/> <br/> <o:p></o:p> <br/> <br/> <br/><b style="mso-bidi-font-weight: normal;"><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt;">Please note, that once you start combofix <br/>you should not click anywhere on the combofix window as it can cause the <br/>program to stall. In fact, when combofix is running, do not touch your computer <br/>at all and just take a break as it may take a while for it to complete.<o:p></o:p></b> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt;"> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><span style="mso-spacerun: yes;"> When finished, it will produce a logfile <br/>located at C:\combofix.txt.<span lang="EN-GB" style="font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p></o:p> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"> <span lang="EN-GB" style="font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p></o:p> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-size: 11.0pt;"> <br/> <br/><span class="postbody"><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;">Post <br/>the contents of that log in your next reply <o:p></o:p> <br/> <br/> <br/><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p> </o:p> <br/> <br/> <br/><span lang="EN" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN; mso-bidi-font-size: 12.0pt;">The logs will be <br/>reasonably large so you may have to divide them into sections and make several <br/>posts to post them. <br/> <br/><br style="mso-special-character: line-break;"> <br/><!--[if !supportLineBreakNewLine]--><br style="mso-special-character: line-break;"> <br/><!--[endif]--><span lang="EN-GB" style="color: black; font-family: Verdana; font-size: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma;"><o:p></o:p>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/26/2013 4:36 PM
#95291
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hi <br/> <br/>I combofix will not complete its run it gets to creating a restore point and never finishes. I tried running it 3 different times <br/>letting it run 2hr, 5hrs (while sleeping) 4 hrs morning my time to noon. I downloaded it and changed the name before saving. I followed your instructions to the tee. The only thing I have not did is run it in safe mode I do not know if I should do that without you saying so. <br/> <br/>Again CCleaner will not go beyond 23%. <br/> <br/>Than you <br/> <br/>Beauty
Posted 3/26/2013 4:55 PM
#95292
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Seems we have to dig deeper, then.</div> <br/> <br/> <br/> <br/> <br/>Download <span style="mso-bidi-font-weight: bold;">OTL by OldTimer, <br/>saving it to your desktop: <span lang="EN-GB" style="color: black; mso-ansi-language: EN-GB;">http://oldtimer.geekstogo.com/OTL.exe<o:p></o:p> <br/> <br/> <br/><o:p> </o:p> <br/> <br/> <br/><o:p> </o:p> <br/> <br/> <br/><ul type="disc"> <br/> <li class="MsoNormal" style="background: rgb(231, 234, 239); margin: 0cm 0cm 0pt; color: black; line-height: 16.8pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt;"><span lang="EN-GB" style="font-family: Tahoma; font-size: 10pt; mso-ansi-language: EN-GB;">Double click on the icon to run it. Make <br/> sure all other windows are closed and to let it run uninterrupted.<o:p></o:p></li> <br/> <li class="MsoNormal" style="background: rgb(231, 234, 239); margin: 0cm 0cm 0pt; color: black; line-height: 16.8pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt;"><span style="font-family: Tahoma; font-size: 10pt;">Select <br/> All Users<o:p></o:p></li> <br/> <li class="MsoNormal" style="background: rgb(231, 234, 239); margin: 0cm 0cm 0pt; color: black; line-height: 16.8pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt;">Under the Custom Scan box paste this in:<o:p></o:p></li> <br/></ul> <br/> <br/><pre style="background: rgb(219, 237, 247); padding: 0cm; border: currentColor; mso-border-alt: inset windowtext .75pt; mso-padding-alt: 5.0pt 5.0pt 5.0pt 5.0pt;">netsvcs<o:p></o:p></pre> <br/>activex<o:p></o:p> <br/> <br/>msconfig<o:p></o:p> <br/> <br/> <br/>%SYSTEMDRIVE%\*.<o:p></o:p> <br/> <br/> <br/>%PROGRAMFILES%\*.exe<o:p></o:p> <br/> <br/> <br/>%LOCALAPPDATA%\*.exe<o:p></o:p> <br/> <br/> <br/>%windir%\Installer\*.*<o:p></o:p> <br/> <br/> <br/>%windir%\system32\tasks\*.*<o:p></o:p> <br/> <br/> <br/>%systemroot%\Fonts\*.exe<o:p></o:p> <br/> <br/> <br/>%systemroot%\*. /mp /s<o:p></o:p> <br/> <br/> <br/>/md5start<o:p></o:p> <br/> <br/> <br/>consrv.dll<o:p></o:p> <br/> <br/> <br/>explorer.exe<o:p></o:p> <br/> <br/> <br/>winlogon.exe<o:p></o:p> <br/> <br/> <br/>regedit.exe<o:p></o:p> <br/> <br/> <br/>Userinit.exe<o:p></o:p> <br/> <br/> <br/>svchost.exe<o:p></o:p> <br/> <br/> <br/>MRESP50.SYS<o:p></o:p> <br/> <br/> <br/>CBPSp50.sys<o:p></o:p> <br/> <br/> <br/>/md5stop<o:p></o:p> <br/> <br/> <br/>C:\Windows\assembly\tmp\U\*.* /s<o:p></o:p> <br/> <br/> <br/>%Temp%\smtmp\1\*.*<o:p></o:p> <br/> <br/> <br/>%Temp%\smtmp\2\*.*<o:p></o:p> <br/> <br/> <br/>%Temp%\smtmp\3\*.*<o:p></o:p> <br/> <br/> <br/>%Temp%\smtmp\4\*.*<o:p></o:p> <br/> <br/> <br/>>C:\commands.txt echo list vol /raw /hide /c<o:p></o:p> <br/> <br/> <br/>/wait<o:p></o:p> <br/> <br/> <br/>>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c<o:p></o:p> <br/> <br/> <br/>/wait<o:p></o:p> <br/> <br/> <br/>type c:\diskreport.txt /c<o:p></o:p> <br/> <br/> <br/>/wait<o:p></o:p> <br/> <br/> <br/>erase c:\commands.txt /hide /c<o:p></o:p> <br/> <br/> <br/>/wait<o:p></o:p> <br/> <br/> <br/>erase c:\diskreport.txt /hide /c<o:p></o:p> <br/> <br/> <br/>CREATERESTOREPOINT<o:p></o:p> <br/> <br/> <br/></div> <br/> <br/><ul type="disc"> <br/> <li class="MsoNormal" style="background: white; margin: 0cm 15pt 0pt 0cm; line-height: 13.5pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo2; tab-stops: list 36.0pt;"><o:p> </o:p></li> <br/> <li class="MsoNormal" style="background: rgb(231, 234, 239); margin: 0cm 0cm 0pt; color: black; line-height: 16.8pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo2; tab-stops: list 36.0pt;">Click the <span class="bbcu1">Quick Scan <br/> button. Do not change any settings unless otherwise told to do so. The scan wont take long.<o:p></o:p></li> <br/></ul> <br/> <br/><ul type="disc"> <br/> <ul type="disc"> <br/> <li class="MsoNormal" style="background: rgb(231, 234, 239); margin: 0cm 0cm 0pt; color: black; line-height: 16.8pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level2 lfo3; tab-stops: list 72.0pt;"><span lang="EN-GB" style="font-family: Tahoma; font-size: 10pt; mso-ansi-language: EN-GB;">When the scan completes, it will open two <br/> notepad windows. OTL.Txt and Extras.Txt. <br/> These are saved in the same location as OTL.</li><li class="MsoNormal" style="background: rgb(231, 234, 239); margin: 0cm 0cm 0pt; color: black; line-height: 16.8pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level2 lfo3; tab-stops: list 72.0pt;"><o:p></o:p></li> <br/> <li class="MsoNormal" style="background: rgb(231, 234, 239); margin: 0cm 0cm 0pt; color: black; line-height: 16.8pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level2 lfo3; tab-stops: list 72.0pt;"><span style="font-family: Tahoma; font-size: 10pt;">Post <br/> both logs<o:p></o:p></li> <br/> </ul> <br/></ul>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/26/2013 5:37 PM
#95293
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Ok so I tried combofix again. I shut down long on in safe mode, exit safe mode and then logged on in normal windows. I remembered that windows 7 has a screen saver that changes, I did not change it when running combofix before. I reset it to change for one day and then rerun combofix. <br/> <br/>TA DAAAAH :-) it worked. <br/> <br/>Should I still run the other utility? <br/> <br/> <br/>Thank You <br/> <br/>Beauty <br/> <br/>=================== <br/> <br/>ComboFix 13-03-26.01 - Toni 03/26/2013 13:07:35.1.2 - x64 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3964.2822 [GMT -4:00] <br/>Running from: c:\users\Toni\Desktop\ComboFix.exe <br/>AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} <br/>SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2013-02-26 to 2013-03-26 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2013-03-26 17:14 . 2013-03-26 17:14 -------- d-----w- c:\users\Default\AppData\Local\temp <br/>2013-03-25 15:39 . 2013-03-25 15:39 -------- d-----w- c:\program files (x86)\Microsoft.NET <br/>2013-03-25 15:35 . 2013-03-25 15:35 -------- d-----w- c:\program files (x86)\GUM99AF.tmp <br/>2013-03-24 21:52 . 2013-03-24 21:52 -------- d-----w- c:\program files\CCleaner <br/>2013-03-24 19:29 . 2013-03-24 19:29 -------- d-----w- c:\program files (x86)\BrowseToSave <br/>2013-03-24 17:24 . 2013-03-24 17:24 -------- d-----w- c:\program files (x86)\Common Files\Java <br/>2013-03-24 17:24 . 2013-03-24 17:24 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll <br/>2013-03-24 17:24 . 2013-03-24 17:24 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll <br/>2013-03-24 17:24 . 2013-03-24 17:24 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll <br/>2013-03-24 16:35 . 2013-03-24 16:35 -------- d-----w- c:\program files (x86)\VS Revo Group <br/>2013-03-24 15:34 . 2013-03-24 15:34 -------- d-----w- c:\programdata\McAfee Security Scan <br/>2013-03-24 15:34 . 2013-03-24 15:34 -------- d-----w- c:\programdata\McAfee <br/>2013-03-24 15:34 . 2013-03-24 16:32 -------- d-----w- c:\program files (x86)\McAfee Security Scan <br/>2013-03-24 15:34 . 2013-03-24 15:37 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-03-24 15:34 . 2013-03-24 15:37 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe <br/>2013-03-24 15:34 . 2013-03-24 15:34 -------- d-----w- c:\windows\system32\Macromed <br/>2013-03-24 15:29 . 2013-03-24 15:30 -------- d-----w- c:\program files\Tracker Software <br/>2013-03-24 15:06 . 2013-03-24 15:06 -------- d-----w- c:\program files (x86)\Marshall Plan Novel Writing Software <br/>2013-03-24 15:03 . 2013-03-24 15:03 -------- d-----w- c:\program files (x86)\Calibre2 <br/>2013-03-24 15:01 . 2013-03-24 15:01 -------- d-----w- c:\programdata\SoftSafe <br/>2013-03-24 14:57 . 2013-03-24 15:00 -------- d-----r- c:\program files (x86)\Skype <br/>2013-03-24 14:57 . 2013-03-24 14:57 -------- d-----w- c:\program files (x86)\Common Files\Skype <br/>2013-03-24 14:57 . 2013-03-24 15:00 -------- d-----w- c:\programdata\Skype <br/>2013-03-24 14:55 . 2013-03-24 19:26 -------- d-----w- c:\programdata\InstallMate <br/>2013-03-24 14:54 . 2013-03-24 14:54 -------- d-----w- c:\programdata\CheckPoint <br/>2013-03-24 14:46 . 2013-03-06 22:33 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys <br/>2013-03-24 14:46 . 2013-03-06 22:33 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys <br/>2013-03-24 14:46 . 2013-03-06 22:33 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys <br/>2013-03-24 14:46 . 2013-03-06 22:33 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys <br/>2013-03-24 14:46 . 2013-03-06 22:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys <br/>2013-03-24 14:46 . 2013-03-06 22:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys <br/>2013-03-24 14:46 . 2013-03-06 22:33 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys <br/>2013-03-24 14:46 . 2013-03-06 22:33 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys <br/>2013-03-24 14:46 . 2013-03-06 22:32 287840 ----a-w- c:\windows\system32\aswBoot.exe <br/>2013-03-24 14:46 . 2013-03-06 22:32 41664 ----a-w- c:\windows\avastSS.scr <br/>2013-03-24 14:46 . 2013-03-24 14:46 -------- d-----w- c:\program files\AVAST Software <br/>2013-03-24 14:45 . 2013-03-24 14:46 -------- d-----w- c:\programdata\AVAST Software <br/>2013-03-24 14:44 . 2012-12-14 20:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2013-03-24 14:44 . 2013-03-24 14:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware <br/>2013-03-24 02:11 . 2009-07-31 03:22 27784 ----a-w- c:\windows\system32\drivers\tdcmdpst.sys <br/>2013-03-24 02:10 . 2013-03-24 02:10 -------- dc-h--w- c:\programdata\{373A11D3-0B96-4E16-9184-7D0FBE86932F} <br/>2013-03-24 02:09 . 2009-07-28 22:48 140632 ----a-w- c:\windows\system32\TODDSrv.exe <br/>2013-03-24 02:08 . 2013-03-24 02:08 -------- d-----w- c:\program files\Google <br/>2013-03-24 02:08 . 2013-03-24 02:09 -------- d-----w- c:\program files (x86)\Google <br/>2013-03-24 02:06 . 2013-03-24 02:06 -------- d--h--w- c:\windows\msdownld.tmp <br/>2013-03-24 02:06 . 2013-03-25 15:15 -------- d-----w- c:\program files\Common Files\Symantec Shared <br/>2013-03-24 02:05 . 2013-03-24 17:35 -------- d-----w- c:\windows\system32\drivers\NISx64 <br/>2013-03-24 02:05 . 2013-03-25 15:34 -------- d-----w- c:\programdata\Norton <br/>2013-03-24 02:03 . 2013-03-24 02:03 -------- d-----w- c:\windows\SysWow64\Atheros_L1e <br/>2013-03-24 02:01 . 1999-10-13 01:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll <br/>2013-03-24 02:01 . 1999-10-13 01:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll <br/>2013-03-24 02:00 . 2011-02-09 02:07 38096 ----a-w- c:\windows\system32\drivers\PGEffect.sys <br/>2013-03-24 01:58 . 2009-07-07 15:51 9216 ----a-w- c:\windows\system32\drivers\FwLnk.sys <br/>2013-03-24 01:58 . 2006-03-23 20:44 9728 ----a-w- c:\windows\SysWow64\TCMSVR.dll <br/>2013-03-24 01:58 . 2005-04-16 02:58 1351392 ----a-w- c:\windows\SysWow64\COMCTL32.OCX <br/>2013-03-24 01:58 . 2004-03-09 23:00 152848 ----a-w- c:\windows\SysWow64\Comdlg32.ocx <br/>2013-03-24 01:58 . 2004-03-09 23:00 1081616 ----a-w- c:\windows\SysWow64\mscomctl.ocx <br/>2013-03-24 01:58 . 2013-03-24 01:58 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll <br/>2013-03-24 01:58 . 2013-03-24 01:58 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll <br/>2013-03-24 01:58 . 2003-11-11 01:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll <br/>2013-03-24 01:58 . 2003-11-11 01:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll <br/>2013-03-24 01:58 . 2003-11-11 01:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll <br/>2013-03-24 01:58 . 2003-11-11 01:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll <br/>2013-03-24 01:58 . 2003-11-11 01:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe <br/>2013-03-24 01:53 . 2013-03-24 01:53 -------- d-----w- c:\program files (x86)\Atheros <br/>2013-03-24 01:53 . 2009-11-06 19:56 1550848 ----a-w- c:\windows\system32\drivers\athrx.sys <br/>2013-03-24 01:53 . 2013-03-24 01:53 -------- d-----w- c:\programdata\Atheros <br/>2013-03-24 01:50 . 2013-03-24 01:50 -------- d-----w- c:\program files\Synaptics <br/>2013-03-24 01:48 . 2013-03-24 01:48 -------- d-----w- c:\windows\SysWow64\sda <br/>2013-03-24 01:48 . 2013-03-24 01:48 -------- d-----w- c:\program files (x86)\Realtek <br/>2013-03-24 01:48 . 2010-10-08 18:49 9112168 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll <br/>2013-03-24 01:48 . 2010-10-08 18:49 422504 ----a-w- c:\windows\system32\RtsUStor.dll <br/>2013-03-24 01:48 . 2010-10-08 18:49 243712 ----a-w- c:\windows\system32\drivers\RtsUStor.sys <br/>2013-03-24 01:48 . 2013-03-24 01:48 -------- d-----w- c:\program files\CONEXANT <br/>2013-03-24 01:45 . 2013-03-24 01:45 -------- d-----w- C:\Intel <br/>2013-03-24 01:43 . 2009-08-07 12:24 408600 ----a-w- c:\windows\system32\drivers\iaStor.sys <br/>2013-03-24 01:41 . 2013-03-24 01:45 -------- d-----w- c:\program files (x86)\Intel <br/>2013-03-24 01:41 . 2009-11-18 23:03 53248 ----a-w- c:\windows\SysWow64\CSVer.dll <br/>2013-03-24 01:30 . 2013-03-24 01:31 -------- d-----w- c:\program files (x86)\Avant Browser <br/>2013-03-24 01:17 . 2013-03-24 01:17 -------- d-----w- c:\programdata\Malwarebytes <br/>2013-03-24 01:13 . 2013-03-24 01:14 -------- d-----w- c:\program files\WinRAR <br/>2013-03-24 00:01 . 2013-03-24 00:01 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service <br/>2013-03-23 23:30 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll <br/>2013-03-23 23:30 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll <br/>2013-03-23 23:30 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys <br/>2013-03-23 23:30 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys <br/>2013-03-23 23:26 . 2013-03-23 23:26 13 --sh--r- c:\windows\system32\drivers\fbd.sys <br/>2013-03-23 23:26 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll <br/>2013-03-23 23:26 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe <br/>2013-03-23 23:26 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll <br/>2013-03-23 23:26 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll <br/>2013-03-23 23:26 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll <br/>2013-03-23 23:26 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe <br/>2013-03-23 23:25 . 2013-03-23 23:27 -------- d-----w- c:\users\Toni <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2013-03-23 23:25 . 2010-06-24 18:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-03-24 39408] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] <br/>"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136] <br/>"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304] <br/>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] <br/>. <br/>c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248] <br/>. <br/>c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [N/A] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] <br/>"ConsentPromptBehaviorAdmin"= 5 (0x5) <br/>"ConsentPromptBehaviorUser"= 3 (0x3) <br/>"EnableUIADesktopToggle"= 0 (0x0) <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] <br/>"LoadAppInit_DLLs"=1 (0x1) <br/>. <br/>R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] <br/>R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384] <br/>R3 aswVmm;aswVmm; [x] <br/>R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-08 243712] <br/>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] <br/>R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] <br/>R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] <br/>S0 aswRvrt;aswRvrt; [x] <br/>S1 aswSnx;aswSnx; [x] <br/>S1 aswSP;aswSP; [x] <br/>S2 aswFsBlk;aswFsBlk; [x] <br/>S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816] <br/>S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] <br/>S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] <br/>S2 taisregispinger;taisregispinger;c:\program files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [2009-08-13 297344] <br/>S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216] <br/>S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912] <br/>S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] <br/>S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096] <br/>S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512] <br/>S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560] <br/>. <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2013-03-26 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-24 15:37] <br/>. <br/>2013-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-24 02:08] <br/>. <br/>2013-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-24 02:08] <br/>. <br/>. <br/>--------- X64 Entries ----------- <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] <br/>@="{472083B0-C522-11CF-8763-00608CC02F24}" <br/>[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] <br/>2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-18 166424] <br/>"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-18 391192] <br/>"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-18 410648] <br/>"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768] <br/>"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] <br/>"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976] <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uLocal Page = c:\windows\system32\blank.htm <br/>uStart Page = hxxp://start.toshiba.com/?cid=C001B2Y <br/>mLocal Page = c:\windows\SysWOW64\blank.htm <br/>uInternet Settings,ProxyOverride = <local> <br/>TCP: DhcpNameServer = 192.168.1.1 <br/>FF - ProfilePath - c:\users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\sh916i90.default\ <br/>FF - prefs.js: browser.search.defaulturl - <br/>FF - prefs.js: browser.search.selectedEngine - Google <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ <br/>FF - ExtSQL: 2013-03-24 10:46; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>Toolbar-Locked - (no file) <br/>Toolbar-Locked - (no file) <br/>HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe <br/>HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe <br/>HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE <br/>HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe <br/>HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe <br/>HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe <br/>HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe <br/>. <br/>. <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="FlashBroker" <br/>"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] <br/>"Enabled"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] <br/>@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="IFlashBroker5" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] <br/>@="{00020424-0000-0000-C000-000000000046}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>"Version"="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="FlashBroker" <br/>"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] <br/>"Enabled"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] <br/>@Denied: (A 2) (Everyone) <br/>@="Shockwave Flash Object" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" <br/>"ThreadingModel"="Apartment" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] <br/>@="0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] <br/>@="ShockwaveFlash.ShockwaveFlash.11" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] <br/>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] <br/>@="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] <br/>@="ShockwaveFlash.ShockwaveFlash" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] <br/>@Denied: (A 2) (Everyone) <br/>@="Macromedia Flash Factory Object" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" <br/>"ThreadingModel"="Apartment" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] <br/>@="FlashFactory.FlashFactory.1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] <br/>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] <br/>@="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] <br/>@="FlashFactory.FlashFactory" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="IFlashBroker5" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] <br/>@="{00020424-0000-0000-C000-000000000046}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>"Version"="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] <br/>@Denied: (Full) (Everyone) <br/>. <br/>Completion time: 2013-03-26 13:19:12 <br/>ComboFix-quarantined-files.txt 2013-03-26 17:19 <br/>. <br/>Pre-Run: 288,093,327,360 bytes free <br/>Post-Run: 287,868,932,096 bytes free <br/>. <br/>- - End Of File - - AA277E8276C778109E5F01A67276D6CA
Posted 3/27/2013 1:25 PM
#95294
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Should I still run the other utility? <br/> <br/></div><br /><br />Depends on Things are running ;-) <br/><br /><br />If you are still experiencing long response times, slow computer, etc. I´ll suggest you do. <br/> <br/> <br/>Combofix log looks clean to me, so I don't think we will find more infections.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/27/2013 5:22 PM
#95295
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hi Touch <br/> <br/>I still am experiencing problems, my screen is blinking once and a while. I can not run the utilities that you suggest (they stop responding) unless I exit windows (also windows is not shutting down from normal exit in a normal manner, but shuts down normally for safe mode) and go into safe mode then exit from safe mode to normal windows then run the utility. <br/> <br/>When I attempted to run OTL I had the above problem and applied the above solution, it ran and produced a report but only one. I tried to run it again and a window came up saying it could not access cmd. So here is the one notepad report produced <br/> <br/>Thank you <br/>Beauty <br/> <br/>=========== <br/> <br/>OTL logfile created on: 3/27/2013 11:18:01 AM - Run 2 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Toni\Desktop <br/>64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation <br/>Internet Explorer (Version = 8.0.7601.17514) <br/>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy <br/> <br/>3.87 Gb Total Physical Memory | 2.79 Gb Available Physical Memory | 72.06% Memory free <br/>7.74 Gb Paging File | 6.56 Gb Available in Paging File | 84.77% Paging File free <br/>Paging file location(s): ?:\pagefile.sys [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) <br/>Drive C: | 296.62 Gb Total Space | 267.91 Gb Free Space | 90.32% Space Free | Partition Type: NTFS <br/> <br/>Computer Name: TONI-PC | User Name: Toni | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans <br/>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Processes (SafeList) ==========[/color] <br/> <br/>PRC - [2013/03/26 13:38:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Desktop\jkl.exe <br/>PRC - [2013/03/06 18:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>PRC - [2013/03/06 18:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>PRC - [2013/02/28 19:25:34 | 000,161,384 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe <br/>PRC - [2013/02/05 11:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe <br/>PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe <br/>PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe <br/>PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe <br/> <br/> <br/>[color=#E56717]========== Modules (No Company Name) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Services (SafeList) ==========[/color] <br/> <br/>SRV:64bit: - [2013/03/06 18:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) <br/>SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) <br/>SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) <br/>SRV:64bit: - [2009/11/06 01:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) <br/>SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) <br/>SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) <br/>SRV - [2013/03/24 11:37:24 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) <br/>SRV - [2013/03/07 10:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) <br/>SRV - [2013/02/28 19:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Running] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) <br/>SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) <br/>SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) <br/>SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) <br/>SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) <br/>SRV - [2009/08/13 14:09:08 | 000,297,344 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe -- (taisregispinger) <br/>SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) <br/> <br/> <br/>[color=#E56717]========== Driver Services (SafeList) ==========[/color] <br/> <br/>DRV:64bit: - [2013/03/06 18:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) <br/>DRV:64bit: - [2013/03/06 18:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) <br/>DRV:64bit: - [2013/03/06 18:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) <br/>DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) <br/>DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) <br/>DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) <br/>DRV:64bit: - [2010/11/20 23:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) <br/>DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) <br/>DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) <br/>DRV:64bit: - [2010/11/20 23:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) <br/>DRV:64bit: - [2010/10/08 14:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) <br/>DRV:64bit: - [2010/09/27 18:24:42 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) <br/>DRV:64bit: - [2010/08/16 14:13:00 | 000,733,824 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) <br/>DRV:64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) <br/>DRV:64bit: - [2010/02/20 12:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) <br/>DRV:64bit: - [2009/11/06 15:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) <br/>DRV:64bit: - [2009/08/07 08:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) <br/>DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) <br/>DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) <br/>DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) <br/>DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) <br/>DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) <br/>DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) <br/>DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) <br/>DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) <br/>DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) <br/>DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) <br/>DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) <br/>DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) <br/> <br/> <br/>[color=#E56717]========== Standard Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Internet Explorer ==========[/color] <br/> <br/>IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} <br/>IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ <br/>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} <br/>IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ <br/> <br/>IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 <br/>IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/?cid=C001B2Y <br/>IE - HKCU\..\SearchScopes,DefaultScope = {B4F3C64A-2D3B-4DC6-9A5D-1A91A64DAE6E} <br/>IE - HKCU\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ <br/>IE - HKCU\..\SearchScopes\{B4F3C64A-2D3B-4DC6-9A5D-1A91A64DAE6E}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ_enUS528 <br/>IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/>IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> <br/> <br/>[color=#E56717]========== FireFox ==========[/color] <br/> <br/>FF - prefs.js..browser.search.defaultenginename: "" <br/>FF - prefs.js..browser.search.defaultenginename,S: S", "" <br/>FF - prefs.js..browser.search.defaultthis.engineName: "" <br/>FF - prefs.js..browser.search.defaulturl: "" <br/>FF - prefs.js..browser.search.order.1: "" <br/>FF - prefs.js..browser.search.order.1,S: S", "" <br/>FF - prefs.js..browser.search.selectedEngine,S: S", "" <br/>FF - prefs.js..browser.startup.homepage: "http://www.google.com/" <br/>FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483 <br/>FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 <br/>FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "" <br/>FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" <br/>FF - prefs.js..browser.startup.homepage: "" <br/>FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" <br/>FF - user.js - File not found <br/> <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) <br/>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () <br/>FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found <br/>FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found <br/>FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) <br/>FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) <br/>FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) <br/> <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/24 10:46:37 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/23 20:01:04 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/24 20:18:22 | 000,000,000 | ---D | M] <br/> <br/>[2013/03/23 20:01:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toni\AppData\Roaming\Mozilla\Extensions <br/>[2013/03/24 11:00:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions <br/>[2013/03/24 10:46:37 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF <br/>[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll <br/>[2012/08/14 17:49:30 | 000,171,136 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll <br/>[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml <br/>[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml <br/> <br/>O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts <br/>O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) <br/>O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) <br/>O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.) <br/>O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) <br/>O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) <br/>O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) <br/>O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) <br/>O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) <br/>O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) <br/>O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) <br/>O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) <br/>O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) <br/>O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. <br/>O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) <br/>O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) <br/>O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) <br/>O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) <br/>O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () <br/>O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) <br/>O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) <br/>O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) <br/>O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 <br/>O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O13 - gopher Prefix: missing <br/>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Value error.) <br/>O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) <br/>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.17.2) <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA70FC8D-8405-4E4B-A797-B87E55696DFD}: DhcpNameServer = 192.168.1.1 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4717DC1-883F-4D01-A515-D6E8CA5C76EF}: DhcpNameServer = 192.168.1.1 <br/>O18:64bit: - Protocol\Handler\livecall - No CLSID value found <br/>O18:64bit: - Protocol\Handler\msnim - No CLSID value found <br/>O18:64bit: - Protocol\Handler\skype4com - No CLSID value found <br/>O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found <br/>O18:64bit: - Protocol\Handler\wlpg - No CLSID value found <br/>O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) <br/>O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) <br/>O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) <br/>O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) <br/>O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O32 - HKLM CDRom: AutoRun - 1 <br/>O34 - HKLM BootExecute: (autocheck autochk *) <br/>O35:64bit: - HKLM\..comfile [open] -- "%1" %* <br/>O35:64bit: - HKLM\..exefile [open] -- "%1" %* <br/>O35 - HKLM\..comfile [open] -- "%1" %* <br/>O35 - HKLM\..exefile [open] -- "%1" %* <br/>O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O37 - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37 - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) <br/>O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) <br/> <br/> <br/>ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 <br/>ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll <br/>ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack <br/>ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE <br/>ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx <br/>ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help <br/>ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 <br/>ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools <br/>ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements <br/>ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player <br/>ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access <br/>ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 <br/>ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll <br/>ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings <br/>ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install <br/>ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding <br/>ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts <br/>ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help <br/>ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface <br/>ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework <br/>ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework <br/>ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP <br/>ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig <br/>ActiveX:64bit: >{D38C90BD-8360-4405-8158-4FB592093488} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM <br/>ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) <br/>ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 <br/>ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll <br/>ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack <br/>ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE <br/>ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx <br/>ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help <br/>ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 <br/>ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools <br/>ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements <br/>ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player <br/>ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access <br/>ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 <br/>ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework <br/>ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll <br/>ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings <br/>ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install <br/>ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding <br/>ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts <br/>ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help <br/>ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface <br/>ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework <br/>ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP <br/>ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig <br/>ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP <br/> <br/> <br/>CREATERESTOREPOINT <br/>Restore point Set: OTL Restore Point <br/> <br/>[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] <br/> <br/>[2013/03/27 11:15:25 | 000,000,000 | ---D | C] -- C:\Users\Toni\Documents\Corel DVD MovieFactory <br/>[2013/03/27 11:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems <br/>[2013/03/27 11:07:42 | 000,000,000 | R--D | C] -- C:\Users\Toni\Documents\Scanned Documents <br/>[2013/03/27 11:07:41 | 000,000,000 | ---D | C] -- C:\Users\Toni\Documents\Fax <br/>[2013/03/27 11:06:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Toshiba Book Place <br/>[2013/03/27 11:06:36 | 000,000,000 | ---D | C] -- C:\Users\Toni\Documents\Book Place <br/>[2013/03/27 11:06:31 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Book Place <br/>[2013/03/27 01:19:38 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\New folder (2) <br/>[2013/03/27 01:16:15 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\BOOKS <br/>[2013/03/26 18:08:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Toni\Desktop\OTL.exe <br/>[2013/03/26 15:29:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN <br/>[2013/03/26 13:38:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Toni\Desktop\jkl.exe <br/>[2013/03/26 13:19:14 | 000,000,000 | ---D | C] -- C:\windows\temp <br/>[2013/03/26 07:58:45 | 005,044,718 | R--- | C] (Swearware) -- C:\Users\Toni\Desktop\ComboFix.exe <br/>[2013/03/26 02:10:28 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\CrashDumps <br/>[2013/03/26 00:01:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe <br/>[2013/03/26 00:01:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe <br/>[2013/03/26 00:01:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe <br/>[2013/03/26 00:01:44 | 000,000,000 | ---D | C] -- C:\Qoobox <br/>[2013/03/26 00:01:31 | 000,000,000 | ---D | C] -- C:\windows\erdnt <br/>[2013/03/25 23:29:32 | 005,044,493 | R--- | C] (Swearware) -- C:\Users\Toni\Desktop\great.exe <br/>[2013/03/25 11:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET <br/>[2013/03/24 21:55:59 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\Novel <br/>[2013/03/24 17:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner <br/>[2013/03/24 17:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner <br/>[2013/03/24 17:43:03 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Toni\Desktop\HijackThis.exe <br/>[2013/03/24 17:33:09 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Toni\Desktop\dds.scr <br/>[2013/03/24 17:32:21 | 004,190,272 | ---- | C] (Piriform Ltd) -- C:\Users\Toni\Desktop\ccsetup328.exe <br/>[2013/03/24 15:29:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseToSave <br/>[2013/03/24 15:27:58 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\CheckPoint <br/>[2013/03/24 13:35:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1206000.01D <br/>[2013/03/24 13:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun <br/>[2013/03/24 13:24:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java <br/>[2013/03/24 13:24:24 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll <br/>[2013/03/24 13:24:24 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll <br/>[2013/03/24 13:24:24 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe <br/>[2013/03/24 13:24:14 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll <br/>[2013/03/24 12:35:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group <br/>[2013/03/24 12:35:28 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller <br/>[2013/03/24 11:58:13 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Macromedia <br/>[2013/03/24 11:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan <br/>[2013/03/24 11:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee <br/>[2013/03/24 11:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan <br/>[2013/03/24 11:34:30 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe <br/>[2013/03/24 11:34:30 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>[2013/03/24 11:34:27 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed <br/>[2013/03/24 11:31:25 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Adobe <br/>[2013/03/24 11:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer <br/>[2013/03/24 11:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software <br/>[2013/03/24 11:27:18 | 000,000,000 | ---D | C] -- C:\Users\Toni\Documents\STNUOCCA <br/>[2013/03/24 11:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marshall Plan Novel Writing Software <br/>[2013/03/24 11:03:37 | 000,000,000 | ---D | C] -- C:\Users\Toni\Documents\Calibre Library <br/>[2013/03/24 11:03:35 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\calibre <br/>[2013/03/24 11:03:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2 <br/>[2013/03/24 11:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management <br/>[2013/03/24 11:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftSafe <br/>[2013/03/24 10:57:09 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Skype <br/>[2013/03/24 10:57:05 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype <br/>[2013/03/24 10:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype <br/>[2013/03/24 10:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype <br/>[2013/03/24 10:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype <br/>[2013/03/24 10:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate <br/>[2013/03/24 10:54:07 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint <br/>[2013/03/24 10:50:36 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\Novel Writing <br/>[2013/03/24 10:46:44 | 000,377,920 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys <br/>[2013/03/24 10:46:44 | 000,033,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys <br/>[2013/03/24 10:46:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus <br/>[2013/03/24 10:46:43 | 001,025,808 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys <br/>[2013/03/24 10:46:43 | 000,287,840 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe <br/>[2013/03/24 10:46:43 | 000,080,816 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys <br/>[2013/03/24 10:46:43 | 000,070,992 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys <br/>[2013/03/24 10:46:43 | 000,068,920 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys <br/>[2013/03/24 10:46:24 | 000,041,664 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr <br/>[2013/03/24 10:46:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software <br/>[2013/03/24 10:45:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software <br/>[2013/03/24 10:44:42 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Malwarebytes <br/>[2013/03/24 10:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware <br/>[2013/03/24 10:44:31 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys <br/>[2013/03/24 10:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>[2013/03/24 10:43:44 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Programs <br/>[2013/03/24 03:18:27 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe <br/>[2013/03/24 00:56:18 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\APPS <br/>[2013/03/24 00:53:18 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\FILES <br/>[2013/03/23 22:35:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information <br/>[2013/03/23 22:11:13 | 000,027,784 | ---- | C] (TOSHIBA Corporation.) -- C:\windows\SysNative\drivers\tdcmdpst.sys <br/>[2013/03/23 22:10:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\{373A11D3-0B96-4E16-9184-7D0FBE86932F} <br/>[2013/03/23 22:09:28 | 000,140,632 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\TODDSrv.exe <br/>[2013/03/23 22:09:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome <br/>[2013/03/23 22:08:58 | 000,000,000 | ---D | C] -- C:\Program Files\Google <br/>[2013/03/23 22:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Google <br/>[2013/03/23 22:08:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google <br/>[2013/03/23 22:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared <br/>[2013/03/23 22:06:07 | 000,802,864 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1205000.07D\SymEFA64.sys <br/>[2013/03/23 22:06:07 | 000,735,864 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1205000.07D\srtsp64.sys <br/>[2013/03/23 22:06:07 | 000,450,608 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1205000.07D\SymDS64.sys <br/>[2013/03/23 22:06:07 | 000,382,072 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1205000.07D\symnets.sys <br/>[2013/03/23 22:06:07 | 000,171,128 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1205000.07D\Ironx64.sys <br/>[2013/03/23 22:06:07 | 000,040,568 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\NISx64\1205000.07D\srtspx64.sys <br/>[2013/03/23 22:05:54 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64 <br/>[2013/03/23 22:05:54 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1205000.07D <br/>[2013/03/23 22:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton <br/>[2013/03/23 22:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller <br/>[2013/03/23 22:03:58 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Atheros_L1e <br/>[2013/03/23 22:01:29 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\TSCI.dll <br/>[2013/03/23 22:01:29 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\THCI.dll <br/>[2013/03/23 22:00:09 | 000,038,096 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\PGEffect.sys <br/>[2013/03/23 21:58:08 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\COMCTL32.OCX <br/>[2013/03/23 21:58:08 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscomctl.ocx <br/>[2013/03/23 21:58:08 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Comdlg32.ocx <br/>[2013/03/23 21:58:08 | 000,009,728 | ---- | C] (TOSHIBA Corp.) -- C:\windows\SysWow64\TCMSVR.dll <br/>[2013/03/23 21:58:08 | 000,009,216 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\FwLnk.sys <br/>[2013/03/23 21:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ulead Systems <br/>[2013/03/23 21:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once <br/>[2013/03/23 21:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel <br/>[2013/03/23 21:57:45 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll <br/>[2013/03/23 21:57:45 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll <br/>[2013/03/23 21:57:44 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll <br/>[2013/03/23 21:57:44 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll <br/>[2013/03/23 21:57:44 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll <br/>[2013/03/23 21:57:44 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll <br/>[2013/03/23 21:57:44 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll <br/>[2013/03/23 21:57:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll <br/>[2013/03/23 21:57:44 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll <br/>[2013/03/23 21:57:44 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll <br/>[2013/03/23 21:57:43 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll <br/>[2013/03/23 21:57:43 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll <br/>[2013/03/23 21:57:43 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll <br/>[2013/03/23 21:57:43 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll <br/>[2013/03/23 21:57:43 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll <br/>[2013/03/23 21:57:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll <br/>[2013/03/23 21:57:43 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll <br/>[2013/03/23 21:57:43 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll <br/>[2013/03/23 21:57:43 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll <br/>[2013/03/23 21:57:43 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll <br/>[2013/03/23 21:57:43 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll <br/>[2013/03/23 21:57:43 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll <br/>[2013/03/23 21:57:43 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll <br/>[2013/03/23 21:57:43 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll <br/>[2013/03/23 21:57:42 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll <br/>[2013/03/23 21:57:42 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll <br/>[2013/03/23 21:57:42 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll <br/>[2013/03/23 21:57:42 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll <br/>[2013/03/23 21:57:42 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll <br/>[2013/03/23 21:57:42 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll <br/>[2013/03/23 21:57:42 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll <br/>[2013/03/23 21:57:42 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll <br/>[2013/03/23 21:57:42 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll <br/>[2013/03/23 21:57:42 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll <br/>[2013/03/23 21:57:42 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll <br/>[2013/03/23 21:57:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll <br/>[2013/03/23 21:57:41 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll <br/>[2013/03/23 21:57:41 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll <br/>[2013/03/23 21:57:41 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll <br/>[2013/03/23 21:57:41 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll <br/>[2013/03/23 21:57:41 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll <br/>[2013/03/23 21:57:41 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll <br/>[2013/03/23 21:57:41 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll <br/>[2013/03/23 21:57:41 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll <br/>[2013/03/23 21:57:41 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll <br/>[2013/03/23 21:57:41 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll <br/>[2013/03/23 21:57:40 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll <br/>[2013/03/23 21:57:40 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll <br/>[2013/03/23 21:57:40 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll <br/>[2013/03/23 21:57:40 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll <br/>[2013/03/23 21:57:40 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll <br/>[2013/03/23 21:57:40 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll <br/>[2013/03/23 21:57:40 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll <br/>[2013/03/23 21:57:40 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll <br/>[2013/03/23 21:57:40 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll <br/>[2013/03/23 21:57:40 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll <br/>[2013/03/23 21:57:39 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll <br/>[2013/03/23 21:57:39 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll <br/>[2013/03/23 21:57:38 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll <br/>[2013/03/23 21:57:38 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll <br/>[2013/03/23 21:57:38 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll <br/>[2013/03/23 21:57:38 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll <br/>[2013/03/23 21:57:38 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll <br/>[2013/03/23 21:57:38 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll <br/>[2013/03/23 21:57:37 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll <br/>[2013/03/23 21:57:37 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll <br/>[2013/03/23 21:57:37 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll <br/>[2013/03/23 21:57:37 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll <br/>[2013/03/23 21:57:37 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll <br/>[2013/03/23 21:57:37 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll <br/>[2013/03/23 21:57:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll <br/>[2013/03/23 21:57:37 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll <br/>[2013/03/23 21:57:36 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll <br/>[2013/03/23 21:57:36 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll <br/>[2013/03/23 21:57:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll <br/>[2013/03/23 21:57:36 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll <br/>[2013/03/23 21:53:48 | 001,550,848 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athrx.sys <br/>[2013/03/23 21:53:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros <br/>[2013/03/23 21:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros <br/>[2013/03/23 21:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics <br/>[2013/03/23 21:48:51 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\sda <br/>[2013/03/23 21:48:46 | 009,112,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysWow64\RtsUStoricon.dll <br/>[2013/03/23 21:48:46 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtsUStor.dll <br/>[2013/03/23 21:48:46 | 000,243,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\drivers\RtsUStor.sys <br/>[2013/03/23 21:48:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek <br/>[2013/03/23 21:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT <br/>[2013/03/23 21:45:06 | 000,000,000 | ---D | C] -- C:\Intel <br/>[2013/03/23 21:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager <br/>[2013/03/23 21:43:24 | 000,408,600 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\iaStor.sys <br/>[2013/03/23 21:41:55 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution <br/>[2013/03/23 21:41:49 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\windows\SysWow64\CSVer.dll <br/>[2013/03/23 21:41:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel <br/>[2013/03/23 21:31:07 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Avant Profiles <br/>[2013/03/23 21:31:07 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Avant Downloader <br/>[2013/03/23 21:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avant Browser <br/>[2013/03/23 21:30:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avant Browser <br/>[2013/03/23 21:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes <br/>[2013/03/23 21:17:32 | 000,000,000 | ---D | C] -- C:\Users\Toni\Desktop\mbar-1.01.0.1021 <br/>[2013/03/23 21:14:39 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\WinRAR <br/>[2013/03/23 21:14:39 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR <br/>[2013/03/23 21:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR <br/>[2013/03/23 21:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR <br/>[2013/03/23 20:54:13 | 000,347,424 | ---- | C] (Microsoft Corporation) -- C:\Users\Toni\Desktop\MicrosoftFixit.IEPerformance.LB.25287516687648365.8.1.Run.exe <br/>[2013/03/23 20:01:18 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Mozilla <br/>[2013/03/23 20:01:18 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Mozilla <br/>[2013/03/23 20:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service <br/>[2013/03/23 20:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla <br/>[2013/03/23 20:01:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox <br/>[2013/03/23 19:50:00 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Adobe <br/>[2013/03/23 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Google <br/>[2013/03/23 19:49:49 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Google <br/>[2013/03/23 19:40:55 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Best Buy pc app <br/>[2013/03/23 19:32:14 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Toshiba <br/>[2013/03/23 19:32:13 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\TOSHIBA_Corporation <br/>[2013/03/23 19:30:52 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll <br/>[2013/03/23 19:30:52 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll <br/>[2013/03/23 19:27:57 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Apps <br/>[2013/03/23 19:27:56 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Deployment <br/>[2013/03/23 19:27:18 | 000,000,000 | R--D | C] -- C:\Users\Toni\Contacts <br/>[2013/03/23 19:27:17 | 000,000,000 | R--D | C] -- C:\Users\Toni\Searches <br/>[2013/03/23 19:27:17 | 000,000,000 | R--D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools <br/>[2013/03/23 19:27:17 | 000,000,000 | -H-D | C] -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned <br/>[2013/03/23 19:27:17 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\VirtualStore <br/>[2013/03/23 19:27:05 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Identities <br/>[2013/03/23 19:26:41 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll <br/>[2013/03/23 19:26:40 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe <br/>[2013/03/23 19:26:36 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll <br/>[2013/03/23 19:26:20 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll <br/>[2013/03/23 19:26:20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe <br/>[2013/03/23 19:25:58 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\WinBatch <br/>[2013/03/23 19:25:22 | 000,000,000 | --SD | C] -- C:\Users\Toni\AppData\Roaming\Microsoft <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Videos <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Saved Games <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Pictures <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Music <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Links <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Favorites <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Downloads <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Documents <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\Desktop <br/>[2013/03/23 19:25:22 | 000,000,000 | R--D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\Temporary Internet Files <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Templates <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Start Menu <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\SendTo <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Recent <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\PrintHood <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\NetHood <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Videos <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Pictures <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Music <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\My Documents <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Local Settings <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\History <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Cookies <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Application Data <br/>[2013/03/23 19:25:22 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\Application Data <br/>[2013/03/23 19:25:22 | 000,000,000 | -H-D | C] -- C:\Users\Toni\AppData <br/>[2013/03/23 19:25:22 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Temp <br/>[2013/03/23 19:25:22 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Microsoft <br/>[2013/03/23 19:25:22 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Media Center Programs <br/>[2013/03/23 19:25:22 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Macromedia <br/>[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] <br/>[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files - Modified Within 30 Days ==========[/color] <br/> <br/>[2013/03/27 11:23:45 | 000,024,400 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 <br/>[2013/03/27 11:23:45 | 000,024,400 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 <br/>[2013/03/27 11:23:27 | 000,743,352 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI <br/>[2013/03/27 11:23:27 | 000,636,630 | ---- | M] () -- C:\windows\SysNative\perfh009.dat <br/>[2013/03/27 11:23:27 | 000,110,746 | ---- | M] () -- C:\windows\SysNative\perfc009.dat <br/>[2013/03/27 11:17:03 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job <br/>[2013/03/27 11:16:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat <br/>[2013/03/27 11:16:20 | 3117,391,872 | -HS- | M] () -- C:\hiberfil.sys <br/>[2013/03/27 10:46:59 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job <br/>[2013/03/27 10:36:22 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job <br/>[2013/03/27 01:22:57 | 000,227,818 | ---- | M] () -- C:\Users\Toni\Desktop\her_perfect_gift_.epub <br/>[2013/03/27 01:17:25 | 002,410,925 | ---- | M] () -- C:\Users\Toni\Desktop\406.rar <br/>[2013/03/26 18:08:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Desktop\OTL.exe <br/>[2013/03/26 13:38:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Desktop\jkl.exe <br/>[2013/03/26 13:04:02 | 005,044,718 | R--- | M] (Swearware) -- C:\Users\Toni\Desktop\ComboFix.exe <br/>[2013/03/25 23:59:41 | 005,044,493 | R--- | M] (Swearware) -- C:\Users\Toni\Desktop\great.exe <br/>[2013/03/25 11:11:15 | 000,866,592 | ---- | M] () -- C:\Users\Toni\Desktop\Norton_Removal_Tool.exe <br/>[2013/03/24 20:18:05 | 000,001,182 | ---- | M] () -- C:\Users\Toni\Desktop\PDF-Viewer.lnk <br/>[2013/03/24 17:52:20 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk <br/>[2013/03/24 17:43:03 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Toni\Desktop\HijackThis.exe <br/>[2013/03/24 17:33:10 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Toni\Desktop\dds.scr <br/>[2013/03/24 17:32:29 | 004,190,272 | ---- | M] (Piriform Ltd) -- C:\Users\Toni\Desktop\ccsetup328.exe <br/>[2013/03/24 15:28:07 | 001,476,856 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB <br/>[2013/03/24 15:27:31 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk <br/>[2013/03/24 13:24:06 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll <br/>[2013/03/24 13:24:04 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe <br/>[2013/03/24 13:24:04 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe <br/>[2013/03/24 13:24:03 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\java.exe <br/>[2013/03/24 13:24:02 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\npDeployJava1.dll <br/>[2013/03/24 13:24:02 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\windows\SysWow64\deployJava1.dll <br/>[2013/03/24 12:35:28 | 000,001,275 | ---- | M] () -- C:\Users\Toni\Desktop\Revo Uninstaller.lnk <br/>[2013/03/24 12:32:49 | 000,002,105 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk <br/>[2013/03/24 11:39:39 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt <br/>[2013/03/24 11:37:23 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe <br/>[2013/03/24 11:37:23 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>[2013/03/24 11:06:29 | 000,003,299 | ---- | M] () -- C:\Users\Toni\Desktop\Marshall Plan® Novel Writing Software.lnk <br/>[2013/03/24 11:03:29 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk <br/>[2013/03/24 10:57:05 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk <br/>[2013/03/24 10:46:44 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk <br/>[2013/03/24 10:44:32 | 000,001,144 | ---- | M] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk <br/>[2013/03/24 10:44:32 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>[2013/03/24 03:14:10 | 001,476,612 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\Cat.DB <br/>[2013/03/23 22:22:57 | 000,108,227 | ---- | M] () -- C:\windows\SysWow64\license.rtf <br/>[2013/03/23 22:22:57 | 000,108,227 | ---- | M] () -- C:\windows\SysNative\license.rtf <br/>[2013/03/23 21:50:32 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf <br/>[2013/03/23 21:46:54 | 000,015,178 | ---- | M] () -- C:\windows\SysNative\results.xml <br/>[2013/03/23 21:31:03 | 000,001,952 | ---- | M] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Avant Browser.lnk <br/>[2013/03/23 21:31:03 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\Avant Browser.lnk <br/>[2013/03/23 21:14:39 | 000,000,986 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk <br/>[2013/03/23 20:54:13 | 000,347,424 | ---- | M] (Microsoft Corporation) -- C:\Users\Toni\Desktop\MicrosoftFixit.IEPerformance.LB.25287516687648365.8.1.Run.exe <br/>[2013/03/23 20:36:57 | 001,569,316 | ---- | M] () -- C:\Users\Toni\Desktop\good.exe <br/>[2013/03/23 20:32:16 | 013,786,977 | ---- | M] () -- C:\Users\Toni\Desktop\mbar-1.01.0.1021.zip <br/>[2013/03/23 20:01:06 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk <br/>[2013/03/23 19:49:44 | 000,001,448 | ---- | M] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk <br/>[2013/03/23 19:26:48 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys <br/>[2013/03/06 18:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys <br/>[2013/03/06 18:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys <br/>[2013/03/06 18:33:21 | 000,178,624 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys <br/>[2013/03/06 18:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys <br/>[2013/03/06 18:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys <br/>[2013/03/06 18:33:21 | 000,065,336 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys <br/>[2013/03/06 18:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys <br/>[2013/03/06 18:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys <br/>[2013/03/06 18:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr <br/>[2013/03/06 18:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe <br/>[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] <br/>[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files Created - No Company Name ==========[/color] <br/> <br/>[2013/03/27 01:22:52 | 000,227,818 | ---- | C] () -- C:\Users\Toni\Desktop\her_perfect_gift_.epub <br/>[2013/03/27 01:16:31 | 002,410,925 | ---- | C] () -- C:\Users\Toni\Desktop\406.rar <br/>[2013/03/26 00:01:52 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe <br/>[2013/03/26 00:01:52 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe <br/>[2013/03/26 00:01:52 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe <br/>[2013/03/26 00:01:52 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe <br/>[2013/03/26 00:01:52 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe <br/>[2013/03/25 11:11:09 | 000,866,592 | ---- | C] () -- C:\Users\Toni\Desktop\Norton_Removal_Tool.exe <br/>[2013/03/24 17:52:20 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk <br/>[2013/03/24 15:27:31 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk <br/>[2013/03/24 14:29:06 | 001,476,856 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB <br/>[2013/03/24 12:35:28 | 000,001,275 | ---- | C] () -- C:\Users\Toni\Desktop\Revo Uninstaller.lnk <br/>[2013/03/24 11:34:33 | 000,002,105 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk <br/>[2013/03/24 11:34:31 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job <br/>[2013/03/24 11:30:10 | 000,001,182 | ---- | C] () -- C:\Users\Toni\Desktop\PDF-Viewer.lnk <br/>[2013/03/24 11:06:29 | 000,003,299 | ---- | C] () -- C:\Users\Toni\Desktop\Marshall Plan® Novel Writing Software.lnk <br/>[2013/03/24 11:06:29 | 000,003,259 | ---- | C] () -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marshall Plan® Novel Writing Software.lnk <br/>[2013/03/24 11:03:29 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk <br/>[2013/03/24 10:57:05 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk <br/>[2013/03/24 10:50:36 | 001,347,583 | ---- | C] () -- C:\Users\Toni\Desktop\FictionMakeover.pdf <br/>[2013/03/24 10:50:36 | 000,268,216 | ---- | C] () -- C:\Users\Toni\Desktop\writerslittleblackbook.pdf <br/>[2013/03/24 10:46:44 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk <br/>[2013/03/24 10:46:43 | 000,178,624 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys <br/>[2013/03/24 10:46:43 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys <br/>[2013/03/24 10:46:43 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt <br/>[2013/03/24 10:44:32 | 000,001,144 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk <br/>[2013/03/24 10:44:32 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>[2013/03/23 22:08:56 | 000,000,912 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job <br/>[2013/03/23 22:08:56 | 000,000,908 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job <br/>[2013/03/23 22:06:01 | 000,003,374 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\SymEFA.inf <br/>[2013/03/23 22:06:01 | 000,002,792 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\SymDS.inf <br/>[2013/03/23 22:06:01 | 000,001,446 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\SymNet.inf <br/>[2013/03/23 22:06:01 | 000,001,438 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\srtsp64.inf <br/>[2013/03/23 22:06:01 | 000,001,422 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\srtspx64.inf <br/>[2013/03/23 22:06:01 | 000,000,772 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\Iron.inf <br/>[2013/03/23 22:05:54 | 000,007,492 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\iron.cat <br/>[2013/03/23 22:05:54 | 000,007,462 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\srtspx64.cat <br/>[2013/03/23 22:05:54 | 000,007,460 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\SymEFA64.cat <br/>[2013/03/23 22:05:54 | 000,007,458 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\symnet64.cat <br/>[2013/03/23 22:05:54 | 000,007,458 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\srtsp64.cat <br/>[2013/03/23 22:05:54 | 000,007,454 | R--- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\SymDS64.cat <br/>[2013/03/23 22:05:54 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\isolate.ini <br/>[2013/03/23 21:50:32 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf <br/>[2013/03/23 21:46:54 | 000,015,178 | ---- | C] () -- C:\windows\SysNative\results.xml <br/>[2013/03/23 21:36:24 | 3117,391,872 | -HS- | C] () -- C:\hiberfil.sys <br/>[2013/03/23 21:31:03 | 000,001,952 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Avant Browser.lnk <br/>[2013/03/23 21:31:03 | 000,001,928 | ---- | C] () -- C:\Users\Public\Desktop\Avant Browser.lnk <br/>[2013/03/23 21:14:39 | 000,000,986 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk <br/>[2013/03/23 20:36:56 | 001,569,316 | ---- | C] () -- C:\Users\Toni\Desktop\good.exe <br/>[2013/03/23 20:31:26 | 013,786,977 | ---- | C] () -- C:\Users\Toni\Desktop\mbar-1.01.0.1021.zip <br/>[2013/03/23 20:01:06 | 000,001,170 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk <br/>[2013/03/23 20:01:06 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk <br/>[2013/03/23 19:49:44 | 000,001,448 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk <br/>[2013/03/23 19:27:27 | 000,001,454 | ---- | C] () -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk <br/>[2013/03/23 19:26:48 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys <br/>[2013/03/23 19:25:22 | 000,000,290 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk <br/>[2013/03/23 19:25:22 | 000,000,272 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk <br/>[2013/03/23 19:25:08 | 001,476,612 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\Cat.DB <br/> <br/>[color=#E56717]========== ZeroAccess Check ==========[/color] <br/> <br/>[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 23:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/>"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 23:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] <br/>"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Both <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] <br/> <br/>[color=#E56717]========== Custom Scans ==========[/color] <br/> <br/>[color=#A23BEC]< >[/color] <br/> <br/>[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color] <br/>[2013/03/26 15:29:23 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN <br/>[2011/03/24 13:35:16 | 000,000,000 | ---D | M] -- C:\Boot <br/>[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings <br/>[2013/03/23 21:45:06 | 000,000,000 | ---D | M] -- C:\Intel <br/>[2013/03/25 11:34:09 | 000,000,000 | R--D | M] -- C:\Program Files <br/>[2013/03/26 22:42:21 | 000,000,000 | R--D | M] -- C:\Program Files (x86) <br/>[2013/03/27 11:15:24 | 000,000,000 | ---D | M] -- C:\ProgramData <br/>[2013/03/26 13:19:15 | 000,000,000 | ---D | M] -- C:\Qoobox <br/>[2013/03/27 11:21:10 | 000,000,000 | -HSD | M] -- C:\System Volume Information <br/>[2013/03/23 19:25:17 | 000,000,000 | R--D | M] -- C:\Users <br/>[2013/03/26 13:19:14 | 000,000,000 | ---D | M] -- C:\Windows <br/> <br/>[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color] <br/> <br/>[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color] <br/> <br/>[color=#A23BEC]< %windir%\Installer\*.* >[/color] <br/>[2013/03/26 22:40:50 | 000,026,112 | ---- | M] () -- C:\windows\Installer\10f61.msi <br/>[2011/03/23 21:10:57 | 003,679,232 | ---- | M] () -- C:\windows\Installer\110a5.msi <br/>[2011/03/23 21:10:55 | 035,035,136 | ---- | M] () -- C:\windows\Installer\110ab.msi <br/>[2010/11/16 03:03:30 | 002,523,136 | ---- | M] () -- C:\windows\Installer\110b0.msi <br/>[2010/04/01 02:41:58 | 000,041,984 | ---- | M] () -- C:\windows\Installer\110ba.msi <br/>[2011/03/23 21:13:04 | 020,240,896 | R--- | M] () -- C:\windows\Installer\110c0.msp <br/>[2011/03/23 21:12:59 | 008,810,496 | ---- | M] () -- C:\windows\Installer\110c4.msi <br/>[2011/03/23 21:13:00 | 004,227,072 | ---- | M] () -- C:\windows\Installer\110c8.msi <br/>[2011/03/23 21:13:01 | 002,081,792 | ---- | M] () -- C:\windows\Installer\110cc.msi <br/>[2011/03/23 21:13:01 | 000,026,112 | ---- | M] () -- C:\windows\Installer\110d0.msi <br/>[2011/03/23 21:13:01 | 000,074,240 | ---- | M] () -- C:\windows\Installer\110d4.msi <br/>[2011/03/23 21:13:02 | 000,039,936 | R--- | M] () -- C:\windows\Installer\110d9.msp <br/>[2011/03/23 21:13:03 | 002,856,448 | ---- | M] () -- C:\windows\Installer\110dd.msi <br/>[2011/03/23 21:13:03 | 000,053,248 | ---- | M] () -- C:\windows\Installer\110e1.msi <br/>[2011/03/23 21:13:03 | 000,037,888 | ---- | M] () -- C:\windows\Installer\110e5.msi <br/>[2011/03/23 21:13:04 | 009,433,088 | ---- | M] () -- C:\windows\Installer\110e9.msi <br/>[2011/03/23 21:13:05 | 004,427,776 | R--- | M] () -- C:\windows\Installer\110f8.msp <br/>[2011/03/23 21:13:05 | 007,710,720 | ---- | M] () -- C:\windows\Installer\110fc.msi <br/>[2011/03/23 21:13:07 | 002,932,736 | R--- | M] () -- C:\windows\Installer\11110.msp <br/>[2011/03/23 21:13:06 | 004,680,704 | ---- | M] () -- C:\windows\Installer\11114.msi <br/>[2011/03/23 21:13:07 | 002,343,936 | ---- | M] () -- C:\windows\Installer\11118.msi <br/>[2011/03/23 21:13:07 | 000,147,968 | ---- | M] () -- C:\windows\Installer\1111c.msi <br/>[2011/03/23 21:13:07 | 000,429,056 | ---- | M] () -- C:\windows\Installer\11120.msi <br/>[2011/03/23 21:13:08 | 000,136,704 | R--- | M] () -- C:\windows\Installer\11125.msp <br/>[2011/03/23 21:13:09 | 004,004,864 | ---- | M] () -- C:\windows\Installer\11129.msi <br/>[2011/03/23 21:13:09 | 001,139,712 | R--- | M] () -- C:\windows\Installer\11135.msp <br/>[2011/03/23 21:13:09 | 002,310,656 | ---- | M] () -- C:\windows\Installer\11139.msi <br/>[2011/03/23 21:13:10 | 008,332,288 | ---- | M] () -- C:\windows\Installer\1113d.msi <br/>[2011/03/23 21:13:10 | 003,314,688 | R--- | M] () -- C:\windows\Installer\11159.msp <br/>[2011/03/23 21:13:11 | 021,302,784 | ---- | M] () -- C:\windows\Installer\1115e.msi <br/>[2011/03/23 21:13:13 | 005,514,240 | R--- | M] () -- C:\windows\Installer\11171.msp <br/>[2011/03/23 21:13:12 | 003,664,384 | ---- | M] () -- C:\windows\Installer\11176.msi <br/>[2011/03/23 21:13:13 | 003,734,016 | ---- | M] () -- C:\windows\Installer\1117a.msi <br/>[2011/03/23 21:13:14 | 013,850,624 | ---- | M] () -- C:\windows\Installer\1117e.msi <br/>[2011/03/23 21:13:15 | 005,870,080 | R--- | M] () -- C:\windows\Installer\11195.msp <br/>[2011/03/23 21:13:15 | 008,313,856 | ---- | M] () -- C:\windows\Installer\11199.msi <br/>[2011/03/23 21:13:16 | 002,958,336 | R--- | M] () -- C:\windows\Installer\111b3.msp <br/>[2011/03/23 21:13:16 | 001,819,136 | ---- | M] () -- C:\windows\Installer\111b7.msi <br/>[2011/03/23 21:13:18 | 034,193,408 | ---- | M] () -- C:\windows\Installer\111bb.msi <br/>[2011/03/23 21:13:20 | 014,617,088 | R--- | M] () -- C:\windows\Installer\111e7.msp <br/>[2011/03/23 21:13:21 | 011,846,656 | ---- | M] () -- C:\windows\Installer\111ec.msi <br/>[2011/03/23 21:13:21 | 003,733,504 | R--- | M] () -- C:\windows\Installer\111f5.msp <br/>[2011/03/23 21:13:22 | 000,775,168 | ---- | M] () -- C:\windows\Installer\111fa.msi <br/>[2011/03/23 21:13:22 | 000,205,312 | R--- | M] () -- C:\windows\Installer\11203.msp <br/>[2011/03/23 21:13:23 | 006,363,136 | ---- | M] () -- C:\windows\Installer\11207.msi <br/>[2011/03/23 21:13:23 | 000,113,664 | R--- | M] () -- C:\windows\Installer\11244.msp <br/>[2011/03/23 21:13:24 | 006,195,200 | ---- | M] () -- C:\windows\Installer\11248.msi <br/>[2011/03/23 21:13:24 | 000,067,072 | ---- | M] () -- C:\windows\Installer\1124c.msi <br/>[2011/03/23 21:13:25 | 001,492,992 | ---- | M] () -- C:\windows\Installer\11250.msi <br/>[2011/03/23 21:13:25 | 000,624,640 | R--- | M] () -- C:\windows\Installer\11259.msp <br/>[2011/03/23 21:13:25 | 001,070,592 | ---- | M] () -- C:\windows\Installer\1125d.msi <br/>[2011/03/23 21:13:25 | 000,468,480 | R--- | M] () -- C:\windows\Installer\11267.msp <br/>[2011/03/23 21:13:26 | 006,660,608 | ---- | M] () -- C:\windows\Installer\1126c.msi <br/>[2011/03/23 21:13:27 | 005,124,608 | R--- | M] () -- C:\windows\Installer\11276.msp <br/>[2011/03/23 21:13:27 | 003,410,944 | ---- | M] () -- C:\windows\Installer\1127b.msi <br/>[2011/03/23 21:13:28 | 000,636,928 | R--- | M] () -- C:\windows\Installer\11281.msp <br/>[2011/03/23 21:13:29 | 004,175,360 | ---- | M] () -- C:\windows\Installer\11285.msi <br/>[2011/03/23 21:13:29 | 000,510,976 | R--- | M] () -- C:\windows\Installer\1128a.msp <br/>[2011/03/23 21:13:30 | 004,250,112 | ---- | M] () -- C:\windows\Installer\1128f.msi <br/>[2011/03/23 21:13:31 | 002,144,256 | R--- | M] () -- C:\windows\Installer\1129a.msp <br/>[2011/03/23 21:13:31 | 000,153,600 | ---- | M] () -- C:\windows\Installer\1129f.msi <br/>[2011/03/23 21:13:31 | 000,060,416 | R--- | M] () -- C:\windows\Installer\112a4.msp <br/>[2011/03/23 21:13:32 | 000,029,696 | ---- | M] () -- C:\windows\Installer\112a9.msi <br/>[2011/03/23 21:13:32 | 000,023,552 | R--- | M] () -- C:\windows\Installer\112ae.msp <br/>[2011/03/23 21:13:33 | 002,631,168 | ---- | M] () -- C:\windows\Installer\112b2.msi <br/>[2011/03/23 21:13:33 | 000,074,240 | ---- | M] () -- C:\windows\Installer\112b6.msi <br/>[2010/03/31 01:07:14 | 002,376,704 | ---- | M] () -- C:\windows\Installer\112bb.msi <br/>[2011/03/23 21:05:11 | 001,757,696 | ---- | M] () -- C:\windows\Installer\11a38.msi <br/>[2011/03/23 21:05:37 | 029,130,752 | ---- | M] () -- C:\windows\Installer\11a3d.msi <br/>[2011/03/23 21:06:06 | 031,928,832 | ---- | M] () -- C:\windows\Installer\11a42.msi <br/>[2008/08/08 17:46:10 | 000,242,176 | ---- | M] () -- C:\windows\Installer\11a47.msi <br/>[2011/03/23 21:07:00 | 025,549,312 | ---- | M] () -- C:\windows\Installer\11a4c.msi <br/>[2013/03/26 22:40:50 | 000,026,112 | ---- | M] () -- C:\windows\Installer\11af608.msi <br/>[2009/06/01 08:00:00 | 004,505,600 | ---- | M] () -- C:\windows\Installer\11d81.msi <br/>[2011/03/23 21:09:09 | 002,354,176 | ---- | M] () -- C:\windows\Installer\123ca.msi <br/>[2010/03/18 17:41:24 | 001,901,056 | ---- | M] () -- C:\windows\Installer\1c694.msi <br/>[2009/07/12 15:16:26 | 000,223,232 | ---- | M] () -- C:\windows\Installer\29c04.msi <br/>[2009/07/12 10:43:18 | 000,231,936 | ---- | M] () -- C:\windows\Installer\29c0a.msi <br/>[2013/03/23 22:08:57 | 000,028,160 | ---- | M] () -- C:\windows\Installer\29c14.msi <br/>[2013/03/23 22:09:26 | 007,767,040 | ---- | M] () -- C:\windows\Installer\29c1a.msi <br/>[2013/03/23 22:10:23 | 000,298,496 | ---- | M] () -- C:\windows\Installer\29c25.msi <br/>[2013/03/24 10:57:01 | 020,586,496 | ---- | M] () -- C:\windows\Installer\4aa65.msi <br/>[2013/03/24 00:53:16 | 051,373,568 | ---- | M] () -- C:\windows\Installer\4aa6d.msi <br/>[2011/06/14 09:45:52 | 001,357,824 | ---- | M] () -- C:\windows\Installer\4aa71.msi <br/>[2009/10/27 17:11:26 | 002,641,920 | ---- | M] () -- C:\windows\Installer\7acb6.msi <br/>[2009/10/27 17:11:28 | 000,998,912 | ---- | M] () -- C:\windows\Installer\7acbb.msi <br/>[2013/03/23 21:59:36 | 089,470,532 | ---- | M] () -- C:\windows\Installer\7acc0.msi <br/>[2010/03/19 12:19:04 | 000,155,136 | ---- | M] () -- C:\windows\Installer\7acc5.msi <br/>[2013/03/23 22:00:28 | 048,625,664 | ---- | M] () -- C:\windows\Installer\7acca.msi <br/>[2010/03/17 14:40:18 | 002,728,960 | ---- | M] () -- C:\windows\Installer\7accf.msi <br/>[2013/01/31 00:17:14 | 008,921,088 | ---- | M] () -- C:\windows\Installer\bd2ec.msi <br/>[2013/01/31 00:16:06 | 005,188,096 | ---- | M] () -- C:\windows\Installer\bd2f1.msi <br/>[2013/03/24 13:18:13 | 000,033,792 | ---- | M] () -- C:\windows\Installer\cf10a.msi <br/>[2013/03/24 13:23:07 | 027,872,256 | ---- | M] () -- C:\windows\Installer\cf11f.msi <br/>[2013/03/24 13:24:29 | 000,179,200 | ---- | M] () -- C:\windows\Installer\cf124.msi <br/>[2011/03/23 21:13:44 | 000,000,000 | ---- | M] () -- C:\windows\Installer\wix{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}.SchedServiceConfig.rmi <br/> <br/>[color=#A23BEC]< %windir%\system32\tasks\*.* >[/color] <br/> <br/>[color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color] <br/> <br/>[color=#A23BEC]< %systemroot%\*. /mp /s >[/color] <br/> <br/>[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] <br/>[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe <br/>[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe <br/>[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe <br/>[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe <br/>[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe <br/>[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe <br/>[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\erdnt\cache86\explorer.exe <br/>[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe <br/>[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe <br/> <br/>[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color] <br/>[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\erdnt\cache86\regedit.exe <br/>[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe <br/>[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe <br/>[2009/07/13 21:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe <br/>[2009/07/13 21:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe <br/> <br/>[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] <br/>[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe <br/> <br/>[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] <br/>[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe <br/>[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe <br/>[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe <br/>[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe <br/>[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe <br/>[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe <br/> <br/>[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] <br/>[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe <br/>[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe <br/>[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe <br/>[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe <br/> <br/>[color=#A23BEC]< C:\Windows\assembly\tmp\U\*.* /s >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\1\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\2\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\3\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\4\*.* >[/color] <br/> <br/>[color=#A23BEC]< type c:\diskreport.txt /c >[/color] <br/>Microsoft DiskPart version 6.1.7601 <br/>Copyright (C) 1999-2008 Microsoft Corporation. <br/>On computer: TONI-PC <br/> Volume ### Ltr Label Fs Type Size Status Info <br/> ---------- --- ----------- ----- ---------- ------- --------- -------- <br/> Volume 0 D DVD-ROM 0 B No Media <br/> Volume 1 C TI106140W0C NTFS Partition 296 GB Healthy Boot <br/> Volume 2 System NTFS Partition 1500 MB Healthy Hidden <br/> <br/>< End of report >
Posted 3/29/2013 3:15 PM
#95300
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hello <br/> <br/>Since there was not a response to the last log I will take that as everything is finish. <br/> <br/> <br/>I would like to thank you Touch for your help. :-) <br/> <br/> <br/>Sincerely <br/> <br/>Beauty
Posted 3/30/2013 3:02 AM
#95301
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Arh - sorry for late response. I was in the Easter mood, and had a couple of family birthdays :smile: </div> <br/> <br/> <br/> <br/> <br/><o:p> </o:p> <br/> <br/> <br/> <br/>We need to run an OTL Fix. <br/> <br/> <br/>• Please reopen OTL on your desktop. <br/>• Copy and Paste the following in bold into the Custom Scan textbox. <br/> <br/> <br/> <br/>:OTL <br/>O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. <br/>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Value error.) <br/>O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] <br/>[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] <br/>:Files <br/>C:\Users\Toni\AppData\Local\CrashDumps <br/>ipconfig /flushdns /c <br/>:Commands <br/>[purity] <br/>[resethosts] <br/>[CreateRestorePoint] <br/>[emptytemp] <br/>[EMPTYFLASH] <br/> <br/> <br/> <br/>• Push Run Fix Button <br/>• OTL may ask to reboot the machine. Please do so if asked. <br/>• Click OK. <br/>• A report will open. Copy and Paste that report in your next reply, and tell how your computer are behaving ? <br/> <br/> <br/> <br/>• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/30/2013 4:38 PM
#95309
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hello Touch <br/> <br/>I should have waited longer, but I was impatience. Time with friend and family is always necessary. It is Easter and during holidays things are different. <br/> <br/>Since my last post things have changed on the computer. I wiped it again, it did not correct the problems and I do not have the same software on it etc., windows did 97 updates, so I ran the Combofix again and the OTL report again. <br/> <br/>I did not perform your last instruction with the OTL because of what I did. I felt that you may want to look at the newest Combofix and OTL reports before I followed up as you said with the last post then with your ok I will do what you said. Oh, I did get two report from OTL this time <br/> <br/> <br/>I will be more patience this time while waiting for a response from you. :smile: <br/> <br/>Thank you <br/> <br/>Beauty <br/> <br/> --------- <br/> <br/>ComboFix 13-03-30.01 - Toni 03/30/2013 11:08:40.2.2 - x64 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3964.2522 [GMT -4:00] <br/>Running from: c:\users\Toni\Desktop\ComboFix.exe <br/>AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} <br/>SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-30 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2013-03-30 15:19 . 2013-03-30 15:19 -------- d-----w- c:\users\Default\AppData\Local\temp <br/>2013-03-30 15:01 . 2013-03-30 15:01 -------- d-----w- c:\windows\SysWow64\Wat <br/>2013-03-30 15:01 . 2013-03-30 15:01 -------- d-----w- c:\windows\system32\Wat <br/>2013-03-30 14:35 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui <br/>2013-03-30 14:35 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys <br/>2013-03-30 14:35 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys <br/>2013-03-30 14:35 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll <br/>2013-03-30 14:23 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll <br/>2013-03-30 14:23 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll <br/>2013-03-30 14:23 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll <br/>2013-03-30 14:23 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll <br/>2013-03-30 14:22 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys <br/>2013-03-30 14:22 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys <br/>2013-03-30 14:22 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll <br/>2013-03-30 14:22 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll <br/>2013-03-30 14:22 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe <br/>2013-03-30 14:22 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll <br/>2013-03-30 14:22 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll <br/>2013-03-30 14:21 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys <br/>2013-03-30 14:21 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll <br/>2013-03-30 14:21 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll <br/>2013-03-30 14:21 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll <br/>2013-03-30 14:21 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll <br/>2013-03-30 03:36 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys <br/>2013-03-30 03:36 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe <br/>2013-03-30 03:36 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe <br/>2013-03-30 03:36 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe <br/>2013-03-30 03:36 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll <br/>2013-03-30 03:33 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll <br/>2013-03-30 03:32 . 2011-02-23 04:55 90624 ----a-w- c:\windows\system32\drivers\bowser.sys <br/>2013-03-30 03:31 . 2012-05-01 05:40 209920 ----a-w- c:\windows\system32\profsvc.dll <br/>2013-03-30 03:30 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll <br/>2013-03-30 03:29 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll <br/>2013-03-30 03:28 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll <br/>2013-03-30 03:19 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll <br/>2013-03-30 03:19 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll <br/>2013-03-30 00:50 . 2013-03-30 00:50 -------- d-----w- c:\programdata\CheckPoint <br/>2013-03-29 22:21 . 2013-03-06 22:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys <br/>2013-03-29 22:21 . 2013-03-06 22:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys <br/>2013-03-29 21:44 . 2013-03-29 21:44 -------- d-----w- c:\program files\Microsoft Silverlight <br/>2013-03-29 21:44 . 2013-03-29 21:44 -------- d-----w- c:\program files (x86)\Microsoft Silverlight <br/>2013-03-29 21:38 . 2013-03-06 22:33 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys <br/>2013-03-29 21:38 . 2013-03-06 22:33 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys <br/>2013-03-29 21:38 . 2013-03-06 22:33 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys <br/>2013-03-29 21:38 . 2013-03-06 22:33 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys <br/>2013-03-29 21:38 . 2013-03-06 22:33 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys <br/>2013-03-29 21:38 . 2013-03-06 22:33 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys <br/>2013-03-29 21:38 . 2013-03-06 22:32 287840 ----a-w- c:\windows\system32\aswBoot.exe <br/>2013-03-29 21:38 . 2013-03-06 22:32 41664 ----a-w- c:\windows\avastSS.scr <br/>2013-03-29 21:38 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe <br/>2013-03-29 21:37 . 2013-03-29 21:37 -------- d-----w- c:\programdata\AVAST Software <br/>2013-03-29 21:37 . 2013-03-29 21:37 -------- d-----w- c:\program files\AVAST Software <br/>2013-03-29 21:28 . 2013-03-29 21:28 -------- d-----w- c:\programdata\Malwarebytes <br/>2013-03-29 21:28 . 2013-03-29 21:32 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware <br/>2013-03-29 21:28 . 2012-12-14 20:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2013-03-29 20:51 . 2009-07-31 03:22 27784 ----a-w- c:\windows\system32\drivers\tdcmdpst.sys <br/>2013-03-29 20:50 . 2013-03-29 20:50 -------- d-----w- c:\programdata\Best Buy pc app <br/>2013-03-29 20:50 . 2013-03-29 20:50 -------- dc-h--w- c:\programdata\{373A11D3-0B96-4E16-9184-7D0FBE86932F} <br/>2013-03-29 20:50 . 2009-07-28 22:48 140632 ----a-w- c:\windows\system32\TODDSrv.exe <br/>2013-03-29 20:49 . 2013-03-29 20:49 -------- d-----w- c:\program files\Google <br/>2013-03-29 20:49 . 2013-03-29 20:49 -------- d-----w- c:\program files (x86)\Google <br/>2013-03-29 20:46 . 2013-03-29 20:46 -------- d--h--w- c:\windows\msdownld.tmp <br/>2013-03-29 20:46 . 2013-03-29 20:46 -------- d-----w- c:\windows\system32\drivers\NISx64 <br/>2013-03-29 20:46 . 2013-03-29 20:53 -------- d-----w- c:\programdata\Norton <br/>2013-03-29 20:44 . 2013-03-29 20:44 -------- d-----w- c:\windows\SysWow64\Atheros_L1e <br/>2013-03-29 20:41 . 1999-10-13 01:47 24576 ----a-w- c:\windows\SysWow64\TSCI.dll <br/>2013-03-29 20:41 . 1999-10-13 01:45 24576 ----a-w- c:\windows\SysWow64\THCI.dll <br/>2013-03-29 20:40 . 2011-02-09 02:07 38096 ----a-w- c:\windows\system32\drivers\PGEffect.sys <br/>2013-03-29 20:37 . 2007-10-22 10:40 411656 ----a-w- c:\windows\system32\xactengine2_10.dll <br/>2013-03-29 20:34 . 2013-03-29 20:34 -------- d-----w- c:\program files (x86)\Atheros <br/>2013-03-29 20:34 . 2009-11-06 19:56 1550848 ----a-w- c:\windows\system32\drivers\athrx.sys <br/>2013-03-29 20:33 . 2013-03-29 20:34 -------- d-----w- c:\programdata\Atheros <br/>2013-03-29 20:30 . 2013-03-29 20:30 -------- d-----w- c:\program files\Synaptics <br/>2013-03-29 20:29 . 2013-03-29 20:29 -------- d-----w- c:\windows\SysWow64\sda <br/>2013-03-29 20:29 . 2013-03-29 20:29 -------- d-----w- c:\program files (x86)\Realtek <br/>2013-03-29 20:29 . 2010-10-08 18:49 9112168 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll <br/>2013-03-29 20:29 . 2010-10-08 18:49 422504 ----a-w- c:\windows\system32\RtsUStor.dll <br/>2013-03-29 20:29 . 2010-10-08 18:49 243712 ----a-w- c:\windows\system32\drivers\RtsUStor.sys <br/>2013-03-29 20:28 . 2013-03-29 20:28 -------- d-----w- c:\program files\CONEXANT <br/>2013-03-29 20:25 . 2013-03-29 20:25 -------- d-----w- C:\Intel <br/>2013-03-29 20:23 . 2009-08-07 12:24 408600 ----a-w- c:\windows\system32\drivers\iaStor.sys <br/>2013-03-29 20:22 . 2013-03-29 20:25 -------- d-----w- c:\program files (x86)\Intel <br/>2013-03-29 20:22 . 2009-11-18 23:03 53248 ----a-w- c:\windows\SysWow64\CSVer.dll <br/>2013-03-29 19:50 . 2013-03-29 20:16 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2013-03-29 19:50 . 2013-03-29 20:16 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe <br/>2013-03-29 19:50 . 2013-03-29 19:50 -------- d-----w- c:\windows\system32\Macromed <br/>2013-03-29 19:42 . 2013-03-29 19:42 -------- d-----w- c:\program files (x86)\Avant Browser <br/>2013-03-29 18:12 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll <br/>2013-03-29 18:12 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll <br/>2013-03-29 18:12 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys <br/>2013-03-29 18:07 . 2013-03-29 18:07 13 --sh--r- c:\windows\system32\drivers\fbd.sys <br/>2013-03-29 18:07 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll <br/>2013-03-29 18:07 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe <br/>2013-03-29 18:07 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll <br/>2013-03-29 18:07 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll <br/>2013-03-29 18:07 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll <br/>2013-03-29 18:07 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll <br/>2013-03-29 18:07 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll <br/>2013-03-29 18:07 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll <br/>2013-03-29 18:07 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe <br/>2013-03-29 18:06 . 2013-03-29 18:08 -------- d-----w- c:\users\Toni <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2013-03-29 18:06 . 2010-06-24 18:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll <br/>2013-02-12 05:45 . 2013-03-30 03:30 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll <br/>2013-02-12 05:45 . 2013-03-30 03:30 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll <br/>2013-02-12 05:45 . 2013-03-30 03:30 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll <br/>2013-02-12 05:45 . 2013-03-30 03:30 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll <br/>2013-02-12 04:48 . 2013-03-30 03:30 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll <br/>2013-02-12 04:48 . 2013-03-30 03:30 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll <br/>2013-01-04 04:43 . 2013-03-30 03:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] <br/>"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136] <br/>"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304] <br/>. <br/>c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2011-2-25 15776] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] <br/>"ConsentPromptBehaviorAdmin"= 5 (0x5) <br/>"ConsentPromptBehaviorUser"= 3 (0x3) <br/>"EnableUIADesktopToggle"= 0 (0x0) <br/>. <br/>R3 aswVmm;aswVmm; [x] <br/>R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-08 243712] <br/>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] <br/>R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] <br/>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-03-30 1255736] <br/>R4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560] <br/>R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] <br/>S0 aswRvrt;aswRvrt; [x] <br/>S1 aswSnx;aswSnx; [x] <br/>S1 aswSP;aswSP; [x] <br/>S2 aswFsBlk;aswFsBlk; [x] <br/>S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816] <br/>S2 taisregispinger;taisregispinger;c:\program files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [2009-08-13 297344] <br/>S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216] <br/>S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912] <br/>S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096] <br/>S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512] <br/>. <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2013-03-30 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-29 20:16] <br/>. <br/>2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 20:49] <br/>. <br/>2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-29 20:49] <br/>. <br/>. <br/>--------- X64 Entries ----------- <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] <br/>@="{472083B0-C522-11CF-8763-00608CC02F24}" <br/>[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] <br/>2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-18 391192] <br/>"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768] <br/>"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU] <br/>"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU] <br/>"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU] <br/>"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU] <br/>"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU] <br/>"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] <br/>"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU] <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uLocal Page = c:\windows\system32\blank.htm <br/>uStart Page = hxxp://start.toshiba.com/g/ <br/>mLocal Page = c:\windows\SysWOW64\blank.htm <br/>uInternet Settings,ProxyOverride = <local> <br/>IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html <br/>TCP: DhcpNameServer = 192.168.1.1 <br/>FF - ProfilePath - c:\users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\q3ak3z5f.default\ <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ <br/>FF - ExtSQL: 2013-03-29 17:47; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>Toolbar-Locked - (no file) <br/>. <br/>. <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="FlashBroker" <br/>"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] <br/>"Enabled"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] <br/>@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="IFlashBroker5" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] <br/>@="{00020424-0000-0000-C000-000000000046}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>"Version"="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="FlashBroker" <br/>"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] <br/>"Enabled"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] <br/>@Denied: (A 2) (Everyone) <br/>@="Shockwave Flash Object" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" <br/>"ThreadingModel"="Apartment" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] <br/>@="0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] <br/>@="ShockwaveFlash.ShockwaveFlash.11" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] <br/>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] <br/>@="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] <br/>@="ShockwaveFlash.ShockwaveFlash" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] <br/>@Denied: (A 2) (Everyone) <br/>@="Macromedia Flash Factory Object" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" <br/>"ThreadingModel"="Apartment" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] <br/>@="FlashFactory.FlashFactory.1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] <br/>@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] <br/>@="{D27CDB6B-AE6D-11cf-96B8-444553540000}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] <br/>@="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] <br/>@="FlashFactory.FlashFactory" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] <br/>@Denied: (A 2) (Everyone) <br/>@="IFlashBroker5" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] <br/>@="{00020424-0000-0000-C000-000000000046}" <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] <br/>@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" <br/>"Version"="1.0" <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] <br/>@Denied: (Full) (Everyone) <br/>. <br/>Completion time: 2013-03-30 11:41:45 <br/>ComboFix-quarantined-files.txt 2013-03-30 15:41 <br/>ComboFix2.txt 2013-03-29 21:01 <br/>. <br/>Pre-Run: 279,236,239,360 bytes free <br/>Post-Run: 279,021,240,320 bytes free <br/>. <br/>- - End Of File - - C19BC3144BC99E6B7B5B0E3AE37EED66 <br/>-------------- <br/> <br/> <br/>OTL logfile created on: 3/30/2013 11:52:07 AM - Run 1 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Toni\Desktop <br/>64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation <br/>Internet Explorer (Version = 9.0.8112.16421) <br/>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy <br/> <br/>3.87 Gb Total Physical Memory | 2.66 Gb Available Physical Memory | 68.78% Memory free <br/>7.74 Gb Paging File | 6.51 Gb Available in Paging File | 84.08% Paging File free <br/>Paging file location(s): ?:\pagefile.sys [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) <br/>Drive C: | 285.45 Gb Total Space | 259.93 Gb Free Space | 91.06% Space Free | Partition Type: NTFS <br/>Drive E: | 488.28 Gb Total Space | 163.08 Gb Free Space | 33.40% Space Free | Partition Type: NTFS <br/> <br/>Computer Name: TONI-PC | User Name: Toni | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans <br/>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Processes (SafeList) ==========[/color] <br/> <br/>PRC - [2013/03/30 11:51:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Desktop\OTL.exe <br/>PRC - [2013/03/06 18:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>PRC - [2013/03/06 18:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>PRC - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe <br/> <br/> <br/>[color=#E56717]========== Modules (No Company Name) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Services (SafeList) ==========[/color] <br/> <br/>SRV:64bit: - [2013/03/06 18:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) <br/>SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) <br/>SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [Disabled | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) <br/>SRV:64bit: - [2009/11/06 01:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) <br/>SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) <br/>SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) <br/>SRV - [2013/03/29 16:16:24 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) <br/>SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) <br/>SRV - [2009/08/13 14:09:08 | 000,297,344 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe -- (taisregispinger) <br/>SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) <br/> <br/> <br/>[color=#E56717]========== Driver Services (SafeList) ==========[/color] <br/> <br/>DRV:64bit: - [2013/03/06 18:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi) <br/>DRV:64bit: - [2013/03/06 18:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) <br/>DRV:64bit: - [2013/03/06 18:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) <br/>DRV:64bit: - [2013/03/06 18:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) <br/>DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) <br/>DRV:64bit: - [2011/02/08 22:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) <br/>DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) <br/>DRV:64bit: - [2010/11/20 23:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) <br/>DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) <br/>DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) <br/>DRV:64bit: - [2010/11/20 23:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) <br/>DRV:64bit: - [2010/10/08 14:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) <br/>DRV:64bit: - [2010/09/27 18:24:42 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) <br/>DRV:64bit: - [2010/08/16 14:13:00 | 000,733,824 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) <br/>DRV:64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) <br/>DRV:64bit: - [2010/02/20 12:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) <br/>DRV:64bit: - [2009/11/06 15:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) <br/>DRV:64bit: - [2009/08/07 08:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) <br/>DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) <br/>DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) <br/>DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) <br/>DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) <br/>DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) <br/>DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) <br/>DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) <br/>DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) <br/>DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) <br/>DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) <br/>DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) <br/> <br/> <br/>[color=#E56717]========== Standard Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Internet Explorer ==========[/color] <br/> <br/>IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} <br/>IE:64bit: - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ <br/>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>IE - HKLM\..\SearchScopes,DefaultScope = {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} <br/>IE - HKLM\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ <br/> <br/> <br/>IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/>IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/> <br/> <br/>IE - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 <br/>IE - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/g/ <br/>IE - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\..\SearchScopes,DefaultScope = {D093216A-CCDF-4FE4-A9F7-B8B0CFDF0C9D} <br/>IE - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\..\SearchScopes\{{67A2568C-7A0A-4EED-AECC-B5405DE63B64}}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ_enUS529 <br/>IE - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\..\SearchScopes\{D093216A-CCDF-4FE4-A9F7-B8B0CFDF0C9D}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNJ <br/>IE - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/>IE - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> <br/> <br/>[color=#E56717]========== FireFox ==========[/color] <br/> <br/>FF - prefs.js..browser.startup.homepage: "http://www.google.com/" <br/>FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483 <br/>FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 <br/>FF - user.js - File not found <br/> <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy) <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () <br/>FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy) <br/>FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found <br/>FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.) <br/> <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/03/29 18:21:23 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/29 15:34:22 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins <br/> <br/>[2013/03/29 15:34:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toni\AppData\Roaming\Mozilla\Extensions <br/>[2013/03/29 15:34:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions <br/>[2013/03/29 18:21:23 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF <br/>[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll <br/>[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml <br/>[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml <br/> <br/>O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts <br/>O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) <br/>O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) <br/>O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) <br/>O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) <br/>O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) <br/>O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) <br/>O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) <br/>O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) <br/>O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) <br/>O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. <br/>O3:64bit: - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) <br/>O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) <br/>O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () <br/>O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation) <br/>O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) <br/>O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) <br/>O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) <br/>O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) <br/>O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) <br/>O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 <br/>O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-21-1354588641-1740646661-3474411197-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) <br/>O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) <br/>O13 - gopher Prefix: missing <br/>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) <br/>O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) <br/>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04D47C4C-E24D-4E0E-BF88-C73D0EA3F096}: DhcpNameServer = 192.168.1.1 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{44BC72E1-6C5B-45BB-B54D-5A38787C9EB5}: DhcpNameServer = 192.168.1.1 <br/>O18:64bit: - Protocol\Handler\livecall - No CLSID value found <br/>O18:64bit: - Protocol\Handler\msnim - No CLSID value found <br/>O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found <br/>O18:64bit: - Protocol\Handler\wlpg - No CLSID value found <br/>O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) <br/>O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) <br/>O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) <br/>O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. <br/>O32 - HKLM CDRom: AutoRun - 1 <br/>O34 - HKLM BootExecute: (autocheck autochk *) <br/>O35:64bit: - HKLM\..comfile [open] -- "%1" %* <br/>O35:64bit: - HKLM\..exefile [open] -- "%1" %* <br/>O35 - HKLM\..comfile [open] -- "%1" %* <br/>O35 - HKLM\..exefile [open] -- "%1" %* <br/>O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O37 - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37 - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) <br/>O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) <br/> <br/> <br/>ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 <br/>ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll <br/>ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack <br/>ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE <br/>ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx <br/>ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help <br/>ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 <br/>ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools <br/>ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements <br/>ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player <br/>ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access <br/>ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 <br/>ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll <br/>ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings <br/>ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install <br/>ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding <br/>ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts <br/>ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help <br/>ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface <br/>ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework <br/>ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP <br/>ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig <br/>ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - <br/>ActiveX:64bit: >{D38C90BD-8360-4405-8158-4FB592093488} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM <br/>ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) <br/>ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 <br/>ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll <br/>ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack <br/>ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE <br/>ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx <br/>ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help <br/>ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 <br/>ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools <br/>ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements <br/>ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player <br/>ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access <br/>ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 <br/>ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework <br/>ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll <br/>ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings <br/>ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install <br/>ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding <br/>ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts <br/>ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help <br/>ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface <br/>ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP <br/>ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig <br/>ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP <br/> <br/>MsConfig:64bit - StartUpReg: IgfxTray - hkey= - key= - C:\Windows\SysNative\igfxtray.exe (Intel Corporation) <br/>MsConfig:64bit - StartUpReg: Persistence - hkey= - key= - C:\Windows\SysNative\igfxpers.exe (Intel Corporation) <br/>MsConfig:64bit - StartUpReg: TosNC - hkey= - key= - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) <br/>MsConfig:64bit - StartUpReg: TosSENotify - hkey= - key= - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) <br/> <br/>CREATERESTOREPOINT <br/>Restore point Set: OTL Restore Point <br/> <br/>[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] <br/> <br/>[2013/03/30 11:51:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Toni\Desktop\OTL.exe <br/>[2013/03/30 11:42:05 | 000,000,000 | ---D | C] -- C:\windows\temp <br/>[2013/03/30 11:01:19 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat <br/>[2013/03/30 11:01:19 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat <br/>[2013/03/30 10:35:56 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys <br/>[2013/03/30 10:35:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll <br/>[2013/03/30 10:30:38 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat <br/>[2013/03/30 10:30:38 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat <br/>[2013/03/30 10:30:38 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll <br/>[2013/03/30 10:30:38 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl <br/>[2013/03/30 10:30:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl <br/>[2013/03/30 10:30:38 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll <br/>[2013/03/30 10:30:38 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll <br/>[2013/03/30 10:30:38 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll <br/>[2013/03/30 10:30:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll <br/>[2013/03/30 10:30:38 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll <br/>[2013/03/30 10:30:38 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll <br/>[2013/03/30 10:30:38 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec <br/>[2013/03/30 10:30:38 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll <br/>[2013/03/30 10:30:38 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec <br/>[2013/03/30 10:30:38 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll <br/>[2013/03/30 10:30:38 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll <br/>[2013/03/30 10:30:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll <br/>[2013/03/30 10:30:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll <br/>[2013/03/30 10:30:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll <br/>[2013/03/30 10:30:38 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll <br/>[2013/03/30 10:30:38 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll <br/>[2013/03/30 10:30:38 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll <br/>[2013/03/30 10:30:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll <br/>[2013/03/30 10:30:38 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe <br/>[2013/03/30 10:30:38 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe <br/>[2013/03/30 10:30:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll <br/>[2013/03/30 10:30:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll <br/>[2013/03/30 10:30:38 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll <br/>[2013/03/30 10:30:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe <br/>[2013/03/30 10:30:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll <br/>[2013/03/30 10:30:38 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe <br/>[2013/03/30 10:30:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe <br/>[2013/03/30 10:30:38 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll <br/>[2013/03/30 10:30:38 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll <br/>[2013/03/30 10:30:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe <br/>[2013/03/30 10:30:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll <br/>[2013/03/30 10:30:38 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll <br/>[2013/03/30 10:30:38 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll <br/>[2013/03/30 10:30:38 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll <br/>[2013/03/30 10:30:38 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll <br/>[2013/03/30 10:30:38 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll <br/>[2013/03/30 10:30:38 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll <br/>[2013/03/30 10:30:38 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll <br/>[2013/03/30 10:30:38 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll <br/>[2013/03/30 10:30:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll <br/>[2013/03/30 10:30:38 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe <br/>[2013/03/30 10:30:38 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe <br/>[2013/03/30 10:30:38 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe <br/>[2013/03/30 10:30:38 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll <br/>[2013/03/30 10:30:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll <br/>[2013/03/30 10:30:38 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll <br/>[2013/03/30 10:30:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll <br/>[2013/03/30 10:30:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx <br/>[2013/03/30 10:30:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe <br/>[2013/03/30 10:30:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe <br/>[2013/03/30 10:30:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll <br/>[2013/03/30 10:30:38 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe <br/>[2013/03/30 10:30:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll <br/>[2013/03/30 10:30:38 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll <br/>[2013/03/30 10:30:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll <br/>[2013/03/30 10:30:38 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx <br/>[2013/03/30 10:30:38 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll <br/>[2013/03/30 10:30:38 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll <br/>[2013/03/30 10:30:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll <br/>[2013/03/30 10:30:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll <br/>[2013/03/30 10:30:38 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll <br/>[2013/03/30 10:30:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll <br/>[2013/03/30 10:30:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll <br/>[2013/03/30 10:30:38 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll <br/>[2013/03/30 10:30:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe <br/>[2013/03/30 10:30:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe <br/>[2013/03/30 10:30:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe <br/>[2013/03/30 10:23:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll <br/>[2013/03/30 10:23:25 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll <br/>[2013/03/30 10:23:25 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll <br/>[2013/03/30 10:23:25 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll <br/>[2013/03/30 10:22:45 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll <br/>[2013/03/30 10:22:43 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll <br/>[2013/03/30 10:22:43 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe <br/>[2013/03/30 10:22:43 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll <br/>[2013/03/30 10:21:21 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll <br/>[2013/03/30 10:21:21 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys <br/>[2013/03/30 10:17:39 | 000,000,000 | ---D | C] -- C:\Config.Msi <br/>[2013/03/29 23:40:42 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Adobe <br/>[2013/03/29 23:36:23 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe <br/>[2013/03/29 23:36:22 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe <br/>[2013/03/29 23:36:21 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe <br/>[2013/03/29 23:36:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xmllite.dll <br/>[2013/03/29 23:34:44 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll <br/>[2013/03/29 23:34:44 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll <br/>[2013/03/29 23:34:43 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll <br/>[2013/03/29 23:34:43 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll <br/>[2013/03/29 23:34:43 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll <br/>[2013/03/29 23:34:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccu32.dll <br/>[2013/03/29 23:34:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccr32.dll <br/>[2013/03/29 23:34:43 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll <br/>[2013/03/29 23:34:42 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll <br/>[2013/03/29 23:34:42 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll <br/>[2013/03/29 23:34:42 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll <br/>[2013/03/29 23:34:26 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll <br/>[2013/03/29 23:34:19 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe <br/>[2013/03/29 23:34:19 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe <br/>[2013/03/29 23:34:17 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll <br/>[2013/03/29 23:34:17 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll <br/>[2013/03/29 23:34:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll <br/>[2013/03/29 23:34:09 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe <br/>[2013/03/29 23:34:09 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe <br/>[2013/03/29 23:33:50 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll <br/>[2013/03/29 23:33:50 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll <br/>[2013/03/29 23:33:49 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll <br/>[2013/03/29 23:33:49 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll <br/>[2013/03/29 23:33:44 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll <br/>[2013/03/29 23:33:41 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll <br/>[2013/03/29 23:33:41 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll <br/>[2013/03/29 23:33:40 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll <br/>[2013/03/29 23:33:40 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll <br/>[2013/03/29 23:33:40 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe <br/>[2013/03/29 23:33:39 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll <br/>[2013/03/29 23:33:39 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll <br/>[2013/03/29 23:33:39 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll <br/>[2013/03/29 23:33:39 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll <br/>[2013/03/29 23:33:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll <br/>[2013/03/29 23:33:39 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe <br/>[2013/03/29 23:33:39 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll <br/>[2013/03/29 23:33:39 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll <br/>[2013/03/29 23:33:35 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll <br/>[2013/03/29 23:33:35 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll <br/>[2013/03/29 23:33:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll <br/>[2013/03/29 23:33:30 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl <br/>[2013/03/29 23:33:30 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl <br/>[2013/03/29 23:33:29 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42.dll <br/>[2013/03/29 23:33:29 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfc42u.dll <br/>[2013/03/29 23:33:28 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42u.dll <br/>[2013/03/29 23:33:28 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc42.dll <br/>[2013/03/29 23:33:17 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll <br/>[2013/03/29 23:33:17 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll <br/>[2013/03/29 23:32:40 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll <br/>[2013/03/29 23:32:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnscacheugc.exe <br/>[2013/03/29 23:32:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dnscacheugc.exe <br/>[2013/03/29 23:32:39 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys <br/>[2013/03/29 23:32:37 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll <br/>[2013/03/29 23:32:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll <br/>[2013/03/29 23:32:37 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys <br/>[2013/03/29 23:32:37 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe <br/>[2013/03/29 23:32:34 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll <br/>[2013/03/29 23:32:34 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll <br/>[2013/03/29 23:32:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll <br/>[2013/03/29 23:32:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll <br/>[2013/03/29 23:32:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll <br/>[2013/03/29 23:32:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll <br/>[2013/03/29 23:32:04 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll <br/>[2013/03/29 23:32:04 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll <br/>[2013/03/29 23:32:03 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll <br/>[2013/03/29 23:32:03 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll <br/>[2013/03/29 23:32:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll <br/>[2013/03/29 23:32:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll <br/>[2013/03/29 23:31:59 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys <br/>[2013/03/29 23:31:37 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll <br/>[2013/03/29 23:31:37 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll <br/>[2013/03/29 23:31:37 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll <br/>[2013/03/29 23:31:36 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll <br/>[2013/03/29 23:31:34 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll <br/>[2013/03/29 23:31:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe <br/>[2013/03/29 23:31:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll <br/>[2013/03/29 23:31:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe <br/>[2013/03/29 23:31:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll <br/>[2013/03/29 23:31:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe <br/>[2013/03/29 23:31:29 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OxpsConverter.exe <br/>[2013/03/29 23:30:41 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll <br/>[2013/03/29 23:30:39 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys <br/>[2013/03/29 23:30:39 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS <br/>[2013/03/29 23:30:35 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs <br/>[2013/03/29 23:30:35 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs <br/>[2013/03/29 23:30:35 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs <br/>[2013/03/29 23:30:35 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs <br/>[2013/03/29 23:30:35 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs <br/>[2013/03/29 23:30:35 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs <br/>[2013/03/29 23:30:35 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs <br/>[2013/03/29 23:30:34 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll <br/>[2013/03/29 23:30:34 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll <br/>[2013/03/29 23:30:34 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll <br/>[2013/03/29 23:30:34 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs <br/>[2013/03/29 23:30:34 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs <br/>[2013/03/29 23:30:34 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs <br/>[2013/03/29 23:30:34 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs <br/>[2013/03/29 23:30:34 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs <br/>[2013/03/29 23:30:34 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs <br/>[2013/03/29 23:30:34 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs <br/>[2013/03/29 23:30:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs <br/>[2013/03/29 23:30:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs <br/>[2013/03/29 23:30:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs <br/>[2013/03/29 23:30:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs <br/>[2013/03/29 23:30:34 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs <br/>[2013/03/29 23:30:34 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs <br/>[2013/03/29 23:30:33 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll <br/>[2013/03/29 23:30:33 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs <br/>[2013/03/29 23:30:33 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs <br/>[2013/03/29 23:30:33 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs <br/>[2013/03/29 23:30:33 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs <br/>[2013/03/29 23:30:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs <br/>[2013/03/29 23:30:33 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs <br/>[2013/03/29 23:30:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs <br/>[2013/03/29 23:30:33 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs <br/>[2013/03/29 23:30:24 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll <br/>[2013/03/29 23:30:24 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll <br/>[2013/03/29 23:30:24 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax <br/>[2013/03/29 23:30:24 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax <br/>[2013/03/29 23:30:01 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll <br/>[2013/03/29 23:29:52 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll <br/>[2013/03/29 23:29:52 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll <br/>[2013/03/29 23:29:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll <br/>[2013/03/29 23:29:52 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe <br/>[2013/03/29 23:29:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll <br/>[2013/03/29 23:29:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll <br/>[2013/03/29 23:29:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll <br/>[2013/03/29 23:29:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll <br/>[2013/03/29 23:29:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll <br/>[2013/03/29 23:29:48 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll <br/>[2013/03/29 23:29:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll <br/>[2013/03/29 23:29:48 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll <br/>[2013/03/29 23:29:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll <br/>[2013/03/29 23:29:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll <br/>[2013/03/29 23:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll <br/>[2013/03/29 23:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll <br/>[2013/03/29 23:29:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll <br/>[2013/03/29 23:29:33 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll <br/>[2013/03/29 23:29:16 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll <br/>[2013/03/29 23:29:16 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll <br/>[2013/03/29 23:29:15 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi <br/>[2013/03/29 23:29:15 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe <br/>[2013/03/29 23:29:15 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi <br/>[2013/03/29 23:29:15 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe <br/>[2013/03/29 23:29:15 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdusb.dll <br/>[2013/03/29 23:29:15 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd1394.dll <br/>[2013/03/29 23:29:15 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdcom.dll <br/>[2013/03/29 23:29:12 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe <br/>[2013/03/29 23:28:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe <br/>[2013/03/29 23:28:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll <br/>[2013/03/29 23:28:53 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll <br/>[2013/03/29 23:28:53 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll <br/>[2013/03/29 23:28:53 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll <br/>[2013/03/29 23:28:52 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe <br/>[2013/03/29 23:28:52 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe <br/>[2013/03/29 23:28:51 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll <br/>[2013/03/29 23:28:33 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSCOVER.exe <br/>[2013/03/29 23:28:32 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll <br/>[2013/03/29 23:28:30 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll <br/>[2013/03/29 23:25:39 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\CheckPoint <br/>[2013/03/29 23:19:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll <br/>[2013/03/29 23:19:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll <br/>[2013/03/29 23:13:52 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll <br/>[2013/03/29 23:13:51 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll <br/>[2013/03/29 23:13:46 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll <br/>[2013/03/29 23:13:46 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll <br/>[2013/03/29 23:13:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe <br/>[2013/03/29 20:58:50 | 002,398,248 | ---- | C] (Check Point Software Technologies LTD) -- C:\Users\Toni\Desktop\zafwSetupWeb_110_000_057.exe <br/>[2013/03/29 20:50:57 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint <br/>[2013/03/29 18:48:26 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\uTorrent <br/>[2013/03/29 18:13:29 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\ElevatedDiagnostics <br/>[2013/03/29 17:44:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight <br/>[2013/03/29 17:44:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight <br/>[2013/03/29 17:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight <br/>[2013/03/29 17:38:31 | 000,377,920 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys <br/>[2013/03/29 17:38:31 | 000,033,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys <br/>[2013/03/29 17:38:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus <br/>[2013/03/29 17:38:30 | 000,070,992 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys <br/>[2013/03/29 17:38:30 | 000,068,920 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys <br/>[2013/03/29 17:38:29 | 001,025,808 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys <br/>[2013/03/29 17:38:23 | 000,080,816 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys <br/>[2013/03/29 17:38:22 | 000,287,840 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe <br/>[2013/03/29 17:38:07 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe <br/>[2013/03/29 17:38:07 | 000,041,664 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr <br/>[2013/03/29 17:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software <br/>[2013/03/29 17:37:54 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software <br/>[2013/03/29 17:30:17 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Programs <br/>[2013/03/29 17:28:30 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Malwarebytes <br/>[2013/03/29 17:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware <br/>[2013/03/29 17:28:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes <br/>[2013/03/29 17:28:23 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys <br/>[2013/03/29 17:28:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware <br/>[2013/03/29 17:15:44 | 000,000,000 | -HSD | C] -- C:\System Volume Information <br/>[2013/03/29 16:51:51 | 000,027,784 | ---- | C] (TOSHIBA Corporation.) -- C:\windows\SysNative\drivers\tdcmdpst.sys <br/>[2013/03/29 16:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Best Buy pc app <br/>[2013/03/29 16:50:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{373A11D3-0B96-4E16-9184-7D0FBE86932F} <br/>[2013/03/29 16:50:02 | 000,140,632 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\TODDSrv.exe <br/>[2013/03/29 16:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome <br/>[2013/03/29 16:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\Google <br/>[2013/03/29 16:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Google <br/>[2013/03/29 16:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google <br/>[2013/03/29 16:46:08 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64 <br/>[2013/03/29 16:46:08 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NISx64\1205000.07D <br/>[2013/03/29 16:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton <br/>[2013/03/29 16:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller <br/>[2013/03/29 16:44:07 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Atheros_L1e <br/>[2013/03/29 16:41:40 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\TSCI.dll <br/>[2013/03/29 16:41:40 | 000,024,576 | ---- | C] (Toshiba) -- C:\windows\SysWow64\THCI.dll <br/>[2013/03/29 16:40:22 | 000,038,096 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\PGEffect.sys <br/>[2013/03/29 16:39:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe <br/>[2013/03/29 16:39:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe <br/>[2013/03/29 16:39:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe <br/>[2013/03/29 16:38:21 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\COMCTL32.OCX <br/>[2013/03/29 16:38:21 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscomctl.ocx <br/>[2013/03/29 16:38:21 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Comdlg32.ocx <br/>[2013/03/29 16:38:21 | 000,009,728 | ---- | C] (TOSHIBA Corp.) -- C:\windows\SysWow64\TCMSVR.dll <br/>[2013/03/29 16:38:21 | 000,009,216 | ---- | C] (TOSHIBA Corporation) -- C:\windows\SysNative\drivers\FwLnk.sys <br/>[2013/03/29 16:38:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ulead Systems <br/>[2013/03/29 16:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once <br/>[2013/03/29 16:38:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel <br/>[2013/03/29 16:37:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll <br/>[2013/03/29 16:37:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll <br/>[2013/03/29 16:37:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll <br/>[2013/03/29 16:37:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll <br/>[2013/03/29 16:37:57 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll <br/>[2013/03/29 16:37:57 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll <br/>[2013/03/29 16:37:56 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll <br/>[2013/03/29 16:37:56 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll <br/>[2013/03/29 16:37:56 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll <br/>[2013/03/29 16:37:56 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll <br/>[2013/03/29 16:37:56 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll <br/>[2013/03/29 16:37:56 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll <br/>[2013/03/29 16:37:56 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll <br/>[2013/03/29 16:37:56 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll <br/>[2013/03/29 16:37:56 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll <br/>[2013/03/29 16:37:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll <br/>[2013/03/29 16:37:55 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll <br/>[2013/03/29 16:37:55 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll <br/>[2013/03/29 16:37:55 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll <br/>[2013/03/29 16:37:55 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll <br/>[2013/03/29 16:37:55 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll <br/>[2013/03/29 16:37:55 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll <br/>[2013/03/29 16:37:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll <br/>[2013/03/29 16:37:55 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll <br/>[2013/03/29 16:37:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll <br/>[2013/03/29 16:37:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll <br/>[2013/03/29 16:37:55 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll <br/>[2013/03/29 16:37:55 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll <br/>[2013/03/29 16:37:55 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll <br/>[2013/03/29 16:37:55 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll <br/>[2013/03/29 16:37:55 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll <br/>[2013/03/29 16:37:55 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll <br/>[2013/03/29 16:37:55 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll <br/>[2013/03/29 16:37:55 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll <br/>[2013/03/29 16:37:54 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll <br/>[2013/03/29 16:37:54 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll <br/>[2013/03/29 16:37:54 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll <br/>[2013/03/29 16:37:54 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll <br/>[2013/03/29 16:37:54 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll <br/>[2013/03/29 16:37:54 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll <br/>[2013/03/29 16:37:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll <br/>[2013/03/29 16:37:54 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll <br/>[2013/03/29 16:37:53 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll <br/>[2013/03/29 16:37:53 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll <br/>[2013/03/29 16:37:53 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll <br/>[2013/03/29 16:37:53 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll <br/>[2013/03/29 16:37:53 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll <br/>[2013/03/29 16:37:53 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll <br/>[2013/03/29 16:37:53 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll <br/>[2013/03/29 16:37:53 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll <br/>[2013/03/29 16:37:53 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll <br/>[2013/03/29 16:37:53 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll <br/>[2013/03/29 16:37:52 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll <br/>[2013/03/29 16:37:52 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll <br/>[2013/03/29 16:37:52 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll <br/>[2013/03/29 16:37:52 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll <br/>[2013/03/29 16:37:52 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll <br/>[2013/03/29 16:37:52 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll <br/>[2013/03/29 16:37:51 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll <br/>[2013/03/29 16:37:51 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll <br/>[2013/03/29 16:37:51 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll <br/>[2013/03/29 16:37:51 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll <br/>[2013/03/29 16:37:51 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll <br/>[2013/03/29 16:37:51 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll <br/>[2013/03/29 16:37:50 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll <br/>[2013/03/29 16:37:50 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll <br/>[2013/03/29 16:37:50 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll <br/>[2013/03/29 16:37:50 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll <br/>[2013/03/29 16:37:50 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll <br/>[2013/03/29 16:37:50 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll <br/>[2013/03/29 16:37:50 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll <br/>[2013/03/29 16:37:50 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll <br/>[2013/03/29 16:37:49 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll <br/>[2013/03/29 16:37:49 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll <br/>[2013/03/29 16:37:49 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll <br/>[2013/03/29 16:37:49 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll <br/>[2013/03/29 16:36:56 | 000,000,000 | ---D | C] -- C:\Qoobox <br/>[2013/03/29 16:36:43 | 000,000,000 | ---D | C] -- C:\windows\erdnt <br/>[2013/03/29 16:34:03 | 001,550,848 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athrx.sys <br/>[2013/03/29 16:34:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros <br/>[2013/03/29 16:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros <br/>[2013/03/29 16:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics <br/>[2013/03/29 16:29:06 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\sda <br/>[2013/03/29 16:29:01 | 009,112,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysWow64\RtsUStoricon.dll <br/>[2013/03/29 16:29:01 | 000,422,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\RtsUStor.dll <br/>[2013/03/29 16:29:01 | 000,243,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\windows\SysNative\drivers\RtsUStor.sys <br/>[2013/03/29 16:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek <br/>[2013/03/29 16:28:26 | 000,347,424 | ---- | C] (Microsoft Corporation) -- C:\Users\Toni\Desktop\MicrosoftFixit.Performance.RNP.25288019394528901.2.1.Run.exe <br/>[2013/03/29 16:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT <br/>[2013/03/29 16:25:21 | 000,000,000 | ---D | C] -- C:\Intel <br/>[2013/03/29 16:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager <br/>[2013/03/29 16:23:38 | 000,408,600 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\iaStor.sys <br/>[2013/03/29 16:22:09 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution <br/>[2013/03/29 16:22:03 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\windows\SysWow64\CSVer.dll <br/>[2013/03/29 16:22:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel <br/>[2013/03/29 16:19:47 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Macromedia <br/>[2013/03/29 15:50:44 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe <br/>[2013/03/29 15:50:44 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>[2013/03/29 15:50:42 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed <br/>[2013/03/29 15:43:02 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Avant Downloader <br/>[2013/03/29 15:43:01 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Avant Profiles <br/>[2013/03/29 15:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avant Browser <br/>[2013/03/29 15:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avant Browser <br/>[2013/03/29 15:36:35 | 005,045,456 | R--- | C] (Swearware) -- C:\Users\Toni\Desktop\ComboFix.exe <br/>[2013/03/29 15:34:28 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Mozilla <br/>[2013/03/29 15:34:28 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Mozilla <br/>[2013/03/29 15:34:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox <br/>[2013/03/29 14:54:01 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Tific <br/>[2013/03/29 14:54:00 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Symantec <br/>[2013/03/29 14:25:04 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Adobe <br/>[2013/03/29 14:24:55 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Google <br/>[2013/03/29 14:24:52 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Google <br/>[2013/03/29 14:16:49 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Best Buy pc app <br/>[2013/03/29 14:12:40 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Toshiba <br/>[2013/03/29 14:12:39 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\TOSHIBA_Corporation <br/>[2013/03/29 14:12:05 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll <br/>[2013/03/29 14:12:05 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll <br/>[2013/03/29 14:09:53 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy <br/>[2013/03/29 14:09:40 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Deployment <br/>[2013/03/29 14:09:40 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Apps <br/>[2013/03/29 14:08:35 | 000,000,000 | R--D | C] -- C:\Users\Toni\Searches <br/>[2013/03/29 14:08:35 | 000,000,000 | R--D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools <br/>[2013/03/29 14:08:35 | 000,000,000 | -H-D | C] -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned <br/>[2013/03/29 14:08:24 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Identities <br/>[2013/03/29 14:08:20 | 000,000,000 | R--D | C] -- C:\Users\Toni\Contacts <br/>[2013/03/29 14:08:18 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\VirtualStore <br/>[2013/03/29 14:07:44 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll <br/>[2013/03/29 14:07:44 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe <br/>[2013/03/29 14:07:44 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll <br/>[2013/03/29 14:07:30 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll <br/>[2013/03/29 14:07:30 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll <br/>[2013/03/29 14:07:30 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll <br/>[2013/03/29 14:07:23 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll <br/>[2013/03/29 14:07:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe <br/>[2013/03/29 14:07:00 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\WinBatch <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\Temporary Internet Files <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Templates <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Start Menu <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\SendTo <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Recent <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\PrintHood <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\NetHood <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Videos <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Pictures <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Documents\My Music <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\My Documents <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Local Settings <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\History <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Cookies <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\Application Data <br/>[2013/03/29 14:06:25 | 000,000,000 | -HSD | C] -- C:\Users\Toni\AppData\Local\Application Data <br/>[2013/03/29 14:06:24 | 000,000,000 | --SD | C] -- C:\Users\Toni\AppData\Roaming\Microsoft <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Videos <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Saved Games <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Pictures <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Music <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Links <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Favorites <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Downloads <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Documents <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\Desktop <br/>[2013/03/29 14:06:24 | 000,000,000 | R--D | C] -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories <br/>[2013/03/29 14:06:24 | 000,000,000 | -H-D | C] -- C:\Users\Toni\AppData <br/>[2013/03/29 14:06:24 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Temp <br/>[2013/03/29 14:06:24 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Local\Microsoft <br/>[2013/03/29 14:06:24 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Media Center Programs <br/>[2013/03/29 14:06:24 | 000,000,000 | ---D | C] -- C:\Users\Toni\AppData\Roaming\Macromedia <br/>[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files - Modified Within 30 Days ==========[/color] <br/> <br/>[2013/03/30 11:54:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job <br/>[2013/03/30 11:51:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Toni\Desktop\OTL.exe <br/>[2013/03/30 11:46:19 | 000,713,888 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI <br/>[2013/03/30 11:46:19 | 000,615,360 | ---- | M] () -- C:\windows\SysNative\perfh009.dat <br/>[2013/03/30 11:46:19 | 000,103,702 | ---- | M] () -- C:\windows\SysNative\perfc009.dat <br/>[2013/03/30 11:29:57 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat <br/>[2013/03/30 11:15:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job <br/>[2013/03/30 11:09:25 | 000,024,400 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 <br/>[2013/03/30 11:09:25 | 000,024,400 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 <br/>[2013/03/30 11:06:21 | 005,045,456 | R--- | M] (Swearware) -- C:\Users\Toni\Desktop\ComboFix.exe <br/>[2013/03/30 11:05:13 | 000,001,452 | ---- | M] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk <br/>[2013/03/30 11:05:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job <br/>[2013/03/30 11:03:14 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT <br/>[2013/03/30 11:02:57 | 3117,391,872 | -HS- | M] () -- C:\hiberfil.sys <br/>[2013/03/30 10:30:38 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat <br/>[2013/03/30 10:30:38 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat <br/>[2013/03/30 10:30:38 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll <br/>[2013/03/30 10:30:38 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl <br/>[2013/03/30 10:30:38 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl <br/>[2013/03/30 10:30:38 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll <br/>[2013/03/30 10:30:38 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll <br/>[2013/03/30 10:30:38 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll <br/>[2013/03/30 10:30:38 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll <br/>[2013/03/30 10:30:38 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll <br/>[2013/03/30 10:30:38 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll <br/>[2013/03/30 10:30:38 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec <br/>[2013/03/30 10:30:38 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll <br/>[2013/03/30 10:30:38 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec <br/>[2013/03/30 10:30:38 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll <br/>[2013/03/30 10:30:38 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieaksie.dll <br/>[2013/03/30 10:30:38 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll <br/>[2013/03/30 10:30:38 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll <br/>[2013/03/30 10:30:38 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll <br/>[2013/03/30 10:30:38 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieaksie.dll <br/>[2013/03/30 10:30:38 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll <br/>[2013/03/30 10:30:38 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll <br/>[2013/03/30 10:30:38 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll <br/>[2013/03/30 10:30:38 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe <br/>[2013/03/30 10:30:38 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe <br/>[2013/03/30 10:30:38 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakui.dll <br/>[2013/03/30 10:30:38 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakui.dll <br/>[2013/03/30 10:30:38 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll <br/>[2013/03/30 10:30:38 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe <br/>[2013/03/30 10:30:38 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieakeng.dll <br/>[2013/03/30 10:30:38 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe <br/>[2013/03/30 10:30:38 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe <br/>[2013/03/30 10:30:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll <br/>[2013/03/30 10:30:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll <br/>[2013/03/30 10:30:38 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe <br/>[2013/03/30 10:30:38 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll <br/>[2013/03/30 10:30:38 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieakeng.dll <br/>[2013/03/30 10:30:38 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll <br/>[2013/03/30 10:30:38 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll <br/>[2013/03/30 10:30:38 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\admparse.dll <br/>[2013/03/30 10:30:38 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll <br/>[2013/03/30 10:30:38 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll <br/>[2013/03/30 10:30:38 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll <br/>[2013/03/30 10:30:38 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\admparse.dll <br/>[2013/03/30 10:30:38 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll <br/>[2013/03/30 10:30:38 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe <br/>[2013/03/30 10:30:38 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe <br/>[2013/03/30 10:30:38 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe <br/>[2013/03/30 10:30:38 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll <br/>[2013/03/30 10:30:38 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll <br/>[2013/03/30 10:30:38 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll <br/>[2013/03/30 10:30:38 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll <br/>[2013/03/30 10:30:38 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx <br/>[2013/03/30 10:30:38 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe <br/>[2013/03/30 10:30:38 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe <br/>[2013/03/30 10:30:38 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll <br/>[2013/03/30 10:30:38 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ie4uinit.exe <br/>[2013/03/30 10:30:38 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll <br/>[2013/03/30 10:30:38 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf <br/>[2013/03/30 10:30:38 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf <br/>[2013/03/30 10:30:38 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll <br/>[2013/03/30 10:30:38 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll <br/>[2013/03/30 10:30:38 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx <br/>[2013/03/30 10:30:38 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll <br/>[2013/03/30 10:30:38 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll <br/>[2013/03/30 10:30:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll <br/>[2013/03/30 10:30:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll <br/>[2013/03/30 10:30:38 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll <br/>[2013/03/30 10:30:38 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll <br/>[2013/03/30 10:30:38 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll <br/>[2013/03/30 10:30:38 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll <br/>[2013/03/30 10:30:38 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe <br/>[2013/03/30 10:30:38 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe <br/>[2013/03/30 10:30:38 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe <br/>[2013/03/29 20:58:55 | 002,398,248 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\Toni\Desktop\zafwSetupWeb_110_000_057.exe <br/>[2013/03/29 18:21:24 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt <br/>[2013/03/29 17:38:31 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk <br/>[2013/03/29 17:31:12 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>[2013/03/29 17:04:13 | 000,108,227 | ---- | M] () -- C:\windows\SysWow64\license.rtf <br/>[2013/03/29 17:04:13 | 000,108,227 | ---- | M] () -- C:\windows\SysNative\license.rtf <br/>[2013/03/29 16:30:47 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf <br/>[2013/03/29 16:28:32 | 000,347,424 | ---- | M] (Microsoft Corporation) -- C:\Users\Toni\Desktop\MicrosoftFixit.Performance.RNP.25288019394528901.2.1.Run.exe <br/>[2013/03/29 16:27:09 | 000,015,182 | ---- | M] () -- C:\windows\SysNative\results.xml <br/>[2013/03/29 16:16:23 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe <br/>[2013/03/29 16:16:23 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>[2013/03/29 15:42:57 | 000,001,956 | ---- | M] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Avant Browser.lnk <br/>[2013/03/29 15:42:57 | 000,001,932 | ---- | M] () -- C:\Users\Public\Desktop\Avant Browser.lnk <br/>[2013/03/29 15:34:24 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk <br/>[2013/03/29 14:11:22 | 001,246,352 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\Cat.DB <br/>[2013/03/29 14:09:53 | 000,000,398 | ---- | M] () -- C:\Users\Toni\Desktop\pc app.appref-ms <br/>[2013/03/29 14:07:52 | 000,000,013 | RHS- | M] () -- C:\windows\SysNative\drivers\fbd.sys <br/>[2013/03/06 18:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys <br/>[2013/03/06 18:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys <br/>[2013/03/06 18:33:21 | 000,178,624 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys <br/>[2013/03/06 18:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys <br/>[2013/03/06 18:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys <br/>[2013/03/06 18:33:21 | 000,065,336 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys <br/>[2013/03/06 18:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys <br/>[2013/03/06 18:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys <br/>[2013/03/06 18:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr <br/>[2013/03/06 18:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe <br/>[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] <br/> <br/>[color=#E56717]========== Files Created - No Company Name ==========[/color] <br/> <br/>[2013/03/30 11:05:13 | 000,001,424 | ---- | C] () -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk <br/>[2013/03/30 10:35:59 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf <br/>[2013/03/30 10:30:38 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf <br/>[2013/03/30 10:30:38 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf <br/>[2013/03/30 10:22:43 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf <br/>[2013/03/29 18:21:24 | 000,178,624 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys <br/>[2013/03/29 18:21:24 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys <br/>[2013/03/29 17:38:31 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk <br/>[2013/03/29 17:38:22 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt <br/>[2013/03/29 17:30:37 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>[2013/03/29 16:49:13 | 000,000,912 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job <br/>[2013/03/29 16:49:12 | 000,000,908 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job <br/>[2013/03/29 16:39:20 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe <br/>[2013/03/29 16:39:20 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe <br/>[2013/03/29 16:39:20 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe <br/>[2013/03/29 16:39:20 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe <br/>[2013/03/29 16:39:20 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe <br/>[2013/03/29 16:30:47 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf <br/>[2013/03/29 16:27:09 | 000,015,182 | ---- | C] () -- C:\windows\SysNative\results.xml <br/>[2013/03/29 16:16:19 | 3117,391,872 | -HS- | C] () -- C:\hiberfil.sys <br/>[2013/03/29 15:50:44 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job <br/>[2013/03/29 15:42:57 | 000,001,956 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Avant Browser.lnk <br/>[2013/03/29 15:42:57 | 000,001,932 | ---- | C] () -- C:\Users\Public\Desktop\Avant Browser.lnk <br/>[2013/03/29 15:34:23 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk <br/>[2013/03/29 15:34:22 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk <br/>[2013/03/29 14:24:48 | 000,001,452 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk <br/>[2013/03/29 14:09:55 | 000,000,398 | ---- | C] () -- C:\Users\Toni\Desktop\pc app.appref-ms <br/>[2013/03/29 14:09:07 | 000,001,458 | ---- | C] () -- C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk <br/>[2013/03/29 14:07:52 | 000,000,013 | RHS- | C] () -- C:\windows\SysNative\drivers\fbd.sys <br/>[2013/03/29 14:06:24 | 000,000,290 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk <br/>[2013/03/29 14:06:24 | 000,000,272 | ---- | C] () -- C:\Users\Toni\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk <br/>[2013/03/29 14:06:11 | 001,246,352 | ---- | C] () -- C:\windows\SysNative\drivers\NISx64\1205000.07D\Cat.DB <br/> <br/>[color=#E56717]========== ZeroAccess Check ==========[/color] <br/> <br/>[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 <br/> <br/>[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] <br/>"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Apartment <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] <br/>"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Free <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 <br/>"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) <br/>"ThreadingModel" = Both <br/> <br/>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] <br/> <br/>[color=#E56717]========== Custom Scans ==========[/color] <br/> <br/>[color=#A23BEC]< >[/color] <br/> <br/>[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color] <br/>[2011/03/24 13:35:16 | 000,000,000 | ---D | M] -- C:\Boot <br/>[2013/03/30 11:02:54 | 000,000,000 | ---D | M] -- C:\Config.Msi <br/>[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings <br/>[2013/03/29 16:25:21 | 000,000,000 | ---D | M] -- C:\Intel <br/>[2013/03/30 11:02:56 | 000,000,000 | R--D | M] -- C:\Program Files <br/>[2013/03/30 11:02:56 | 000,000,000 | R--D | M] -- C:\Program Files (x86) <br/>[2013/03/29 20:50:57 | 000,000,000 | ---D | M] -- C:\ProgramData <br/>[2013/03/30 11:42:13 | 000,000,000 | ---D | M] -- C:\Qoobox <br/>[2013/03/30 11:53:56 | 000,000,000 | -HSD | M] -- C:\System Volume Information <br/>[2013/03/29 14:06:19 | 000,000,000 | R--D | M] -- C:\Users <br/>[2013/03/30 11:42:05 | 000,000,000 | ---D | M] -- C:\Windows <br/> <br/>[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color] <br/> <br/>[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color] <br/> <br/>[color=#A23BEC]< %windir%\Installer\*.* >[/color] <br/>[2011/03/23 21:10:57 | 003,679,232 | ---- | M] () -- C:\windows\Installer\110a5.msi <br/>[2011/03/23 21:10:55 | 035,035,136 | ---- | M] () -- C:\windows\Installer\110ab.msi <br/>[2010/11/16 03:03:30 | 002,523,136 | ---- | M] () -- C:\windows\Installer\110b0.msi <br/>[2011/03/23 21:12:59 | 008,810,496 | ---- | M] () -- C:\windows\Installer\110c4.msi <br/>[2011/03/23 21:13:00 | 004,227,072 | ---- | M] () -- C:\windows\Installer\110c8.msi <br/>[2011/03/23 21:13:01 | 002,081,792 | ---- | M] () -- C:\windows\Installer\110cc.msi <br/>[2011/03/23 21:13:01 | 000,026,112 | ---- | M] () -- C:\windows\Installer\110d0.msi <br/>[2011/03/23 21:13:01 | 000,074,240 | ---- | M] () -- C:\windows\Installer\110d4.msi <br/>[2011/03/23 21:13:02 | 000,039,936 | R--- | M] () -- C:\windows\Installer\110d9.msp <br/>[2011/03/23 21:13:03 | 002,856,448 | ---- | M] () -- C:\windows\Installer\110dd.msi <br/>[2011/03/23 21:13:03 | 000,053,248 | ---- | M] () -- C:\windows\Installer\110e1.msi <br/>[2011/03/23 21:13:03 | 000,037,888 | ---- | M] () -- C:\windows\Installer\110e5.msi <br/>[2011/03/23 21:13:04 | 009,433,088 | ---- | M] () -- C:\windows\Installer\110e9.msi <br/>[2011/03/23 21:13:05 | 004,427,776 | R--- | M] () -- C:\windows\Installer\110f8.msp <br/>[2011/03/23 21:13:05 | 007,710,720 | ---- | M] () -- C:\windows\Installer\110fc.msi <br/>[2011/03/23 21:13:07 | 002,932,736 | R--- | M] () -- C:\windows\Installer\11110.msp <br/>[2011/03/23 21:13:06 | 004,680,704 | ---- | M] () -- C:\windows\Installer\11114.msi <br/>[2011/03/23 21:13:07 | 002,343,936 | ---- | M] () -- C:\windows\Installer\11118.msi <br/>[2011/03/23 21:13:07 | 000,147,968 | ---- | M] () -- C:\windows\Installer\1111c.msi <br/>[2011/03/23 21:13:07 | 000,429,056 | ---- | M] () -- C:\windows\Installer\11120.msi <br/>[2011/03/23 21:13:08 | 000,136,704 | R--- | M] () -- C:\windows\Installer\11125.msp <br/>[2011/03/23 21:13:09 | 004,004,864 | ---- | M] () -- C:\windows\Installer\11129.msi <br/>[2011/03/23 21:13:09 | 001,139,712 | R--- | M] () -- C:\windows\Installer\11135.msp <br/>[2011/03/23 21:13:09 | 002,310,656 | ---- | M] () -- C:\windows\Installer\11139.msi <br/>[2011/03/23 21:13:10 | 008,332,288 | ---- | M] () -- C:\windows\Installer\1113d.msi <br/>[2011/03/23 21:13:10 | 003,314,688 | R--- | M] () -- C:\windows\Installer\11159.msp <br/>[2011/03/23 21:13:11 | 021,302,784 | ---- | M] () -- C:\windows\Installer\1115e.msi <br/>[2011/03/23 21:13:13 | 005,514,240 | R--- | M] () -- C:\windows\Installer\11171.msp <br/>[2011/03/23 21:13:12 | 003,664,384 | ---- | M] () -- C:\windows\Installer\11176.msi <br/>[2011/03/23 21:13:13 | 003,734,016 | ---- | M] () -- C:\windows\Installer\1117a.msi <br/>[2011/03/23 21:13:14 | 013,850,624 | ---- | M] () -- C:\windows\Installer\1117e.msi <br/>[2011/03/23 21:13:15 | 005,870,080 | R--- | M] () -- C:\windows\Installer\11195.msp <br/>[2011/03/23 21:13:15 | 008,313,856 | ---- | M] () -- C:\windows\Installer\11199.msi <br/>[2011/03/23 21:13:16 | 002,958,336 | R--- | M] () -- C:\windows\Installer\111b3.msp <br/>[2011/03/23 21:13:16 | 001,819,136 | ---- | M] () -- C:\windows\Installer\111b7.msi <br/>[2011/03/23 21:13:18 | 034,193,408 | ---- | M] () -- C:\windows\Installer\111bb.msi <br/>[2011/03/23 21:13:20 | 014,617,088 | R--- | M] () -- C:\windows\Installer\111e7.msp <br/>[2011/03/23 21:13:21 | 011,846,656 | ---- | M] () -- C:\windows\Installer\111ec.msi <br/>[2011/03/23 21:13:21 | 003,733,504 | R--- | M] () -- C:\windows\Installer\111f5.msp <br/>[2011/03/23 21:13:22 | 000,775,168 | ---- | M] () -- C:\windows\Installer\111fa.msi <br/>[2011/03/23 21:13:22 | 000,205,312 | R--- | M] () -- C:\windows\Installer\11203.msp <br/>[2011/03/23 21:13:23 | 006,363,136 | ---- | M] () -- C:\windows\Installer\11207.msi <br/>[2011/03/23 21:13:23 | 000,113,664 | R--- | M] () -- C:\windows\Installer\11244.msp <br/>[2011/03/23 21:13:24 | 006,195,200 | ---- | M] () -- C:\windows\Installer\11248.msi <br/>[2011/03/23 21:13:24 | 000,067,072 | ---- | M] () -- C:\windows\Installer\1124c.msi <br/>[2011/03/23 21:13:25 | 001,492,992 | ---- | M] () -- C:\windows\Installer\11250.msi <br/>[2011/03/23 21:13:25 | 000,624,640 | R--- | M] () -- C:\windows\Installer\11259.msp <br/>[2011/03/23 21:13:25 | 001,070,592 | ---- | M] () -- C:\windows\Installer\1125d.msi <br/>[2011/03/23 21:13:25 | 000,468,480 | R--- | M] () -- C:\windows\Installer\11267.msp <br/>[2011/03/23 21:13:26 | 006,660,608 | ---- | M] () -- C:\windows\Installer\1126c.msi <br/>[2011/03/23 21:13:27 | 005,124,608 | R--- | M] () -- C:\windows\Installer\11276.msp <br/>[2011/03/23 21:13:27 | 003,410,944 | ---- | M] () -- C:\windows\Installer\1127b.msi <br/>[2011/03/23 21:13:28 | 000,636,928 | R--- | M] () -- C:\windows\Installer\11281.msp <br/>[2011/03/23 21:13:29 | 004,175,360 | ---- | M] () -- C:\windows\Installer\11285.msi <br/>[2011/03/23 21:13:29 | 000,510,976 | R--- | M] () -- C:\windows\Installer\1128a.msp <br/>[2011/03/23 21:13:30 | 004,250,112 | ---- | M] () -- C:\windows\Installer\1128f.msi <br/>[2011/03/23 21:13:31 | 002,144,256 | R--- | M] () -- C:\windows\Installer\1129a.msp <br/>[2011/03/23 21:13:31 | 000,153,600 | ---- | M] () -- C:\windows\Installer\1129f.msi <br/>[2011/03/23 21:13:31 | 000,060,416 | R--- | M] () -- C:\windows\Installer\112a4.msp <br/>[2011/03/23 21:13:32 | 000,029,696 | ---- | M] () -- C:\windows\Installer\112a9.msi <br/>[2011/03/23 21:13:32 | 000,023,552 | R--- | M] () -- C:\windows\Installer\112ae.msp <br/>[2011/03/23 21:13:33 | 002,631,168 | ---- | M] () -- C:\windows\Installer\112b2.msi <br/>[2011/03/23 21:13:33 | 000,074,240 | ---- | M] () -- C:\windows\Installer\112b6.msi <br/>[2010/03/31 01:07:14 | 002,376,704 | ---- | M] () -- C:\windows\Installer\112bb.msi <br/>[2011/03/23 21:05:11 | 001,757,696 | ---- | M] () -- C:\windows\Installer\11a38.msi <br/>[2011/03/23 21:05:37 | 029,130,752 | ---- | M] () -- C:\windows\Installer\11a3d.msi <br/>[2011/03/23 21:06:06 | 031,928,832 | ---- | M] () -- C:\windows\Installer\11a42.msi <br/>[2008/08/08 17:46:10 | 000,242,176 | ---- | M] () -- C:\windows\Installer\11a47.msi <br/>[2011/03/23 21:07:00 | 025,549,312 | ---- | M] () -- C:\windows\Installer\11a4c.msi <br/>[2009/06/01 08:00:00 | 004,505,600 | ---- | M] () -- C:\windows\Installer\11d81.msi <br/>[2011/03/23 21:09:09 | 002,354,176 | ---- | M] () -- C:\windows\Installer\123ca.msi <br/>[2013/03/29 23:40:27 | 000,033,792 | ---- | M] () -- C:\windows\Installer\1d0d9e.msi <br/>[2013/01/24 22:46:08 | 000,037,888 | ---- | M] () -- C:\windows\Installer\26423.msi <br/>[2013/03/29 17:44:28 | 053,209,600 | R--- | M] () -- C:\windows\Installer\2642a.msp <br/>[2009/07/12 15:16:26 | 000,223,232 | ---- | M] () -- C:\windows\Installer\2960b.msi <br/>[2009/07/12 10:43:18 | 000,231,936 | ---- | M] () -- C:\windows\Installer\29611.msi <br/>[2013/03/29 16:49:07 | 000,025,088 | ---- | M] () -- C:\windows\Installer\29616.msi <br/>[2013/03/29 16:49:28 | 000,028,160 | ---- | M] () -- C:\windows\Installer\2961b.msi <br/>[2013/03/29 16:50:01 | 007,767,040 | ---- | M] () -- C:\windows\Installer\29621.msi <br/>[2013/03/29 16:50:57 | 000,298,496 | ---- | M] () -- C:\windows\Installer\2962c.msi <br/>[2011/04/16 08:44:26 | 002,770,944 | ---- | M] () -- C:\windows\Installer\2eb61.msi <br/>[2009/10/27 17:11:28 | 000,998,912 | ---- | M] () -- C:\windows\Installer\7a359.msi <br/>[2013/03/29 16:39:49 | 089,470,532 | ---- | M] () -- C:\windows\Installer\7a35e.msi <br/>[2010/03/19 12:19:04 | 000,155,136 | ---- | M] () -- C:\windows\Installer\7a363.msi <br/>[2013/03/29 16:40:42 | 048,625,664 | ---- | M] () -- C:\windows\Installer\7a368.msi <br/>[2010/03/17 14:40:18 | 002,728,960 | ---- | M] () -- C:\windows\Installer\7a36d.msi <br/>[2011/03/23 21:13:44 | 000,000,000 | ---- | M] () -- C:\windows\Installer\wix{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}.SchedServiceConfig.rmi <br/> <br/>[color=#A23BEC]< %windir%\system32\tasks\*.* >[/color] <br/> <br/>[color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color] <br/> <br/>[color=#A23BEC]< %systemroot%\*. /mp /s >[/color] <br/> <br/>[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] <br/>[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe <br/>[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe <br/>[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe <br/>[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe <br/>[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe <br/>[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe <br/>[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe <br/>[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe <br/>[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe <br/> <br/>[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color] <br/>[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\erdnt\cache86\regedit.exe <br/>[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe <br/>[2009/07/13 21:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe <br/>[2009/07/13 21:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe <br/>[2009/07/13 21:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe <br/> <br/>[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] <br/>[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe <br/> <br/>[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] <br/>[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe <br/>[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe <br/>[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe <br/>[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe <br/>[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe <br/>[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe <br/> <br/>[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] <br/>[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe <br/>[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\windows\SysNative\winlogon.exe <br/>[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe <br/>[2012/12/14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe <br/> <br/>[color=#A23BEC]< C:\Windows\assembly\tmp\U\*.* /s >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\1\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\2\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\3\*.* >[/color] <br/> <br/>[color=#A23BEC]< %Temp%\smtmp\4\*.* >[/color] <br/> <br/>[color=#A23BEC]< type c:\diskreport.txt /c >[/color] <br/>Microsoft DiskPart version 6.1.7601 <br/>Copyright (C) 1999-2008 Microsoft Corporation. <br/>On computer: TONI-PC <br/> Volume ### Ltr Label Fs Type Size Status Info <br/> ---------- --- ----------- ----- ---------- ------- --------- -------- <br/> Volume 0 D DVD-ROM 0 B No Media <br/> Volume 1 C TI106140W0C NTFS Partition 285 GB Healthy Boot <br/> Volume 2 System NTFS Partition 1500 MB Healthy Hidden <br/> <br/>< End of report > <br/> <br/>===== <br/> <br/>OTL Extras logfile created on: 3/30/2013 11:52:59 AM - Run 1 <br/>OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Toni\Desktop <br/>64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation <br/>Internet Explorer (Version = 9.0.8112.16421) <br/>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy <br/> <br/>3.87 Gb Total Physical Memory | 2.66 Gb Available Physical Memory | 68.78% Memory free <br/>7.74 Gb Paging File | 6.51 Gb Available in Paging File | 84.08% Paging File free <br/>Paging file location(s): ?:\pagefile.sys [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) <br/>Drive C: | 285.45 Gb Total Space | 259.93 Gb Free Space | 91.06% Space Free | Partition Type: NTFS <br/>Drive E: | 488.28 Gb Total Space | 163.08 Gb Free Space | 33.40% Space Free | Partition Type: NTFS <br/> <br/>Computer Name: TONI-PC | User Name: Toni | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans <br/>Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Extra Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== File Associations ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] <br/>.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <br/>.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] <br/>.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation) <br/>.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <br/> <br/>[HKEY_USERS\S-1-5-21-1354588641-1740646661-3474411197-1001\SOFTWARE\Classes\<extension>] <br/>.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <br/> <br/>[color=#E56717]========== Shell Spawning ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] <br/>batfile [open] -- "%1" %* <br/>cmdfile [open] -- "%1" %* <br/>comfile [open] -- "%1" %* <br/>exefile [open] -- "%1" %* <br/>helpfile [open] -- Reg Error: Key error. <br/>htmlfile [edit] -- Reg Error: Key error. <br/>htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) <br/>http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) <br/>InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) <br/>InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) <br/>piffile [open] -- "%1" %* <br/>regfile [merge] -- Reg Error: Key error. <br/>scrfile [config] -- "%1" <br/>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l <br/>scrfile [open] -- "%1" /S <br/>txtfile [edit] -- Reg Error: Key error. <br/>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 <br/>Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) <br/>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Folder [explore] -- Reg Error: Value error. <br/>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] <br/>batfile [open] -- "%1" %* <br/>cmdfile [open] -- "%1" %* <br/>comfile [open] -- "%1" %* <br/>cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) <br/>exefile [open] -- "%1" %* <br/>helpfile [open] -- Reg Error: Key error. <br/>htmlfile [edit] -- Reg Error: Key error. <br/>htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) <br/>inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) <br/>piffile [open] -- "%1" %* <br/>regfile [merge] -- Reg Error: Key error. <br/>scrfile [config] -- "%1" <br/>scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l <br/>scrfile [open] -- "%1" /S <br/>txtfile [edit] -- Reg Error: Key error. <br/>Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 <br/>Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) <br/>Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/>Folder [explore] -- Reg Error: Value error. <br/>Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) <br/> <br/>[color=#E56717]========== Security Center Settings ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] <br/>"cval" = 1 <br/>"FirewallDisableNotify" = 0 <br/>"AntiVirusDisableNotify" = 0 <br/>"UpdatesDisableNotify" = 0 <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] <br/>"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] <br/>"AntiVirusOverride" = 0 <br/>"AntiSpywareOverride" = 0 <br/>"FirewallOverride" = 0 <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] <br/> <br/>[color=#E56717]========== System Restore Settings ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] <br/>"DisableSR" = 0 <br/> <br/>[color=#E56717]========== Firewall Settings ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] <br/>"EnableFirewall" = 1 <br/>"DisableNotifications" = 0 <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] <br/>"EnableFirewall" = 1 <br/>"DisableNotifications" = 0 <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] <br/>"EnableFirewall" = 1 <br/>"DisableNotifications" = 0 <br/> <br/>[color=#E56717]========== Authorized Applications List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] <br/> <br/> <br/>[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] <br/>"{0642B5DA-0435-40FD-8D63-483A49FE7220}" = rport=137 | protocol=17 | dir=out | app=system | <br/>"{06D0CA36-0010-48FF-8593-D4A9614E4EDE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | <br/>"{07354DC2-A9F1-456F-89DB-551E4DDCC1BB}" = lport=139 | protocol=6 | dir=in | app=system | <br/>"{10DF1C2E-A46A-41D7-9500-7C02B0E8C3AC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | <br/>"{2946E241-9BA1-42FE-8263-1CB1CBFDE702}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | <br/>"{2E9D1B61-22EC-41C6-B6EE-EC70537A7A1D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | <br/>"{38BDBFB6-C8AF-4957-AC9B-87F9C80B2A59}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | <br/>"{39FDD967-3DC7-4378-938D-CBFE8A67C412}" = rport=445 | protocol=6 | dir=out | app=system | <br/>"{4A7F609D-8265-42FA-8905-AFDFD690B7AA}" = lport=445 | protocol=6 | dir=in | app=system | <br/>"{526B9AE1-798D-4AB2-939D-07745EAB0D29}" = lport=10243 | protocol=6 | dir=in | app=system | <br/>"{5928480E-4557-4AB5-A80F-F6BB82AE8B15}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | <br/>"{5E1C2AF9-EB83-417B-B05F-A77B66C2BA1A}" = lport=138 | protocol=17 | dir=in | app=system | <br/>"{6ACAD163-F837-4026-AD3A-0B7AD936D809}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | <br/>"{7F4E5223-79E8-44F7-B63D-FC24E01B24D3}" = rport=138 | protocol=17 | dir=out | app=system | <br/>"{820548A7-B6E3-4D0D-9EB6-078E29C1783D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | <br/>"{BA2B0C11-1A14-4B34-8F44-C56D542D4F4F}" = rport=139 | protocol=6 | dir=out | app=system | <br/>"{C3DB3ED7-2738-4180-98F8-89E72099F45A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | <br/>"{CAD51FB8-F752-4067-97A1-45C3DF059C63}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | <br/>"{D91634C8-A9A2-4788-A7DD-82FFF8AC069F}" = rport=10243 | protocol=6 | dir=out | app=system | <br/>"{EAC3A71C-4406-4864-8057-557DB1D8742C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | <br/>"{F100ED1B-31FB-4BF2-BD04-0E9313C5A22C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | <br/>"{F746946B-FC3D-4D58-BBF5-55563A67A1FC}" = lport=137 | protocol=17 | dir=in | app=system | <br/>"{FB064620-68AE-4501-BA9E-61E05DAFCB4D}" = lport=2869 | protocol=6 | dir=in | app=system | <br/> <br/>[color=#E56717]========== Vista Active Application Exception List ==========[/color] <br/> <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] <br/>"{012FBFD3-251C-427F-BFB9-85F4DDCFBF6D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | <br/>"{0696F166-7924-4FFB-9D36-EACBEBC897BA}" = protocol=6 | dir=out | app=system | <br/>"{10BC266B-CCEC-436D-A14D-E090B9A27D1F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | <br/>"{26880D6F-1955-41AD-8E24-9DC13E342B22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{2B65371A-4848-413D-9C59-819A77D950E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{2B7F663E-6756-4D09-859E-6E8F6C8196C8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | <br/>"{2EBFABF9-FE8B-4A60-BCF9-DCF2CF50CCC4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | <br/>"{386849EB-F615-485B-B02F-5C65B307CDF1}" = protocol=17 | dir=in | app=c:\users\toni\appdata\local\temp\7zsbc6b.tmp\symnrt.exe | <br/>"{3E96A5A4-B94B-4BB8-8350-129279268D3A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | <br/>"{448D8959-E83A-4A58-85A3-F9EF1A7E91E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{498EFF14-4FE4-46A2-B4FF-80FF67AB4677}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{51802B97-2435-4ABF-B996-DCB8B91252E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{5A6D09B6-C46C-472E-90BE-EF38DCFA66CC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | <br/>"{5B9B69B2-DBD2-4D0D-A1AA-0BF95C39113F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | <br/>"{5E94B5F8-A20A-4B90-8633-F7C32F7F11BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | <br/>"{655B6604-CD80-427E-843B-925B12AF5A45}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | <br/>"{86ACFD25-9D0F-41A6-B652-4B5279150EB9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | <br/>"{889D5EBC-8D55-422C-876C-5704ECE727F8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | <br/>"{8E4619F3-4898-43F6-958C-60D3369CEF9B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | <br/>"{981D54E2-865A-44A3-9005-F5D89D7EB7C8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | <br/>"{A9FA6B7A-D853-41A7-8B64-1757389C5F79}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | <br/>"{DC4A626F-570D-41BE-94CA-1F011B2870CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | <br/>"{E1A0EB50-26E4-4678-A4DD-B89424397462}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | <br/>"{EF008E3F-3E2E-4B5F-B645-40B084B6D2EE}" = protocol=6 | dir=in | app=c:\users\toni\appdata\local\temp\7zsbc6b.tmp\symnrt.exe | <br/> <br/>[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] <br/> <br/>64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/>"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package <br/>"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant <br/>"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 <br/>"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator <br/>"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources <br/>"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 <br/>"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources <br/>"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight <br/>"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager <br/>"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting <br/>"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime <br/>"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 <br/>"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board <br/>"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector <br/>"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert <br/>"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter <br/>"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client <br/>"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service <br/>"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition <br/>"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app <br/>"CNXT_AUDIO_HDA" = Conexant HD Audio <br/>"SynTPDeinstKey" = Synaptics Pointing Device Driver <br/>"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar <br/> <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/>"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package <br/>"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password <br/>"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer <br/>"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0 <br/>"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer <br/>"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 <br/>"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker <br/>"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update <br/>"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions <br/>"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer <br/>"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17 <br/>"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections <br/>"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver <br/>"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery <br/>"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery <br/>"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack <br/>"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR <br/>"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration <br/>"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE <br/>"{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application <br/>"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable <br/>"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger <br/>"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform <br/>"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime <br/>"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT <br/>"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup <br/>"{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}" = Toshiba Book Place <br/>"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker <br/>"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 <br/>"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader <br/>"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer <br/>"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller <br/>"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail <br/>"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh <br/>"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer <br/>"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper <br/>"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common <br/>"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer <br/>"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer <br/>"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station <br/>"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI <br/>"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator <br/>"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist <br/>"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program <br/>"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail <br/>"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86 <br/>"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform <br/>"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 <br/>"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert <br/>"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common <br/>"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform <br/>"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources <br/>"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh <br/>"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 <br/>"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application <br/>"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger <br/>"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] <br/>"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver <br/>"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in <br/>"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app <br/>"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials <br/>"Adobe AIR" = Adobe AIR <br/>"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX <br/>"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin <br/>"AvantBrowser" = Avant Browser (remove only) <br/>"avast" = avast! Free Antivirus <br/>"Google Chrome" = Google Chrome <br/>"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package <br/>"InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}" = TOSHIBA Web Camera Application <br/>"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime <br/>"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board <br/>"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert <br/>"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition <br/>"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100 <br/>"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US) <br/>"WinLiveSuite" = Windows Live Essentials <br/> <br/>[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] <br/> <br/>[HKEY_USERS\S-1-5-21-1354588641-1740646661-3474411197-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] <br/>"48e4cff94f039634" = Best Buy pc app <br/> <br/>[color=#E56717]========== Last 20 Event Log Errors ==========[/color] <br/> <br/>[ Application Events ] <br/>Error - 3/29/2013 2:17:03 PM | Computer Name = Toni-PC | Source = Best Buy pc app | ID = 0 <br/>Description = <br/> <br/>Error - 3/29/2013 2:17:04 PM | Computer Name = Toni-PC | Source = Best Buy pc app | ID = 0 <br/>Description = <br/> <br/>Error - 3/29/2013 2:19:44 PM | Computer Name = Toni-PC | Source = Best Buy pc app | ID = 0 <br/>Description = <br/> <br/>Error - 3/29/2013 2:19:46 PM | Computer Name = Toni-PC | Source = Best Buy pc app | ID = 0 <br/>Description = <br/> <br/>Error - 3/29/2013 2:19:47 PM | Computer Name = Toni-PC | Source = Best Buy pc app | ID = 0 <br/>Description = <br/> <br/>Error - 3/29/2013 2:19:48 PM | Computer Name = Toni-PC | Source = Best Buy pc app | ID = 0 <br/>Description = <br/> <br/>Error - 3/29/2013 2:19:50 PM | Computer Name = Toni-PC | Source = Best Buy pc app | ID = 0 <br/>Description = <br/> <br/>Error - 3/29/2013 2:20:13 PM | Computer Name = Toni-PC | Source = Best Buy pc app | ID = 0 <br/>Description = Timestamp: 3/29/2013 6:20:13 PM Message: Unhandled Exception. Exception: <br/> Retrieving the COM class factory for component with CLSID {4991D34B-80A1-4291-83B6-3328366B9097} <br/> failed due to the following error: 8001010d. Exception Source: SharpBITS.Base Target <br/> Method: Void .ctor() Stack Trace: at SharpBits.Base.BitsManager..ctor() at <br/>PCImage.Modules.Home.Views.BaseWindow.BaseWindowView_Closing(Object sender, CancelEventArgs <br/> e) at System.Windows.Window.OnClosing(CancelEventArgs e) at System.Windows.Window.WmClose() <br/> <br/> at System.Windows.Window.WindowFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, <br/> IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr <br/> hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr <br/> hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object <br/> o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, <br/> Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object <br/> source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) <br/>Category: <br/> General Priority: -1 EventId: 0 Severity: Critical Title: Machine: TONI-PC Application <br/> Domain: DefaultDomain Process Id: 2872 Process Name: C:\Users\Toni\AppData\Local\Apps\2.0\TVLZZTKB.44J\HHGDPHOY.QDL\best..capp_ec8bce34fe4caa9f_0003.0002_6d8902cc3c7d213e\Best <br/> Buy pc app.exe Win32 Thread Id: 900 Thread Name: Extended Properties: <br/> <br/>Error - 3/29/2013 2:20:34 PM | Computer Name = Toni-PC | Source = Application Hang | ID = 1002 <br/>Description = The program Best Buy pc app.exe version 3.2.0.0 stopped interacting <br/> with Windows and was closed. To see if more information about the problem is available, <br/> check the problem history in the Action Center control panel. Process ID: b38 Start <br/> Time: 01ce2ca98550b5a6 Termination Time: 78 Application Path: C:\Users\Toni\AppData\Local\Apps\2.0\TVLZZTKB.44J\HHGDPHOY.QDL\best..capp_ec8bce34fe4caa9f_0003.0002_6d8902cc3c7d213e\Best <br/> Buy pc app.exe Report Id: <br/> <br/>Error - 3/29/2013 2:38:04 PM | Computer Name = Toni-PC | Source = Application Hang | ID = 1002 <br/>Description = The program explorer.exe version 6.1.7601.17514 stopped interacting <br/> with Windows and was closed. To see if more information about the problem is available, <br/> check the problem history in the Action Center control panel. Process ID: 11f0 Start <br/> Time: 01ce2cac30c9c771 Termination Time: 0 Application Path: C:\windows\explorer.exe <br/> <br/>Report <br/> Id: 9dc5abc5-989f-11e2-814e-00266cc566cb <br/> <br/>[ System Events ] <br/>Error - 3/29/2013 4:46:19 PM | Computer Name = Toni-PC | Source = Service Control Manager | ID = 7001 <br/>Description = The Network List Service service depends on the Network Location Awareness <br/> service which failed to start because of the following error: %%1068 <br/> <br/>Error - 3/29/2013 4:46:19 PM | Computer Name = Toni-PC | Source = DCOM | ID = 10005 <br/>Description = <br/> <br/>Error - 3/29/2013 4:46:20 PM | Computer Name = Toni-PC | Source = DCOM | ID = 10005 <br/>Description = <br/> <br/>Error - 3/29/2013 4:46:20 PM | Computer Name = Toni-PC | Source = Service Control Manager | ID = 7001 <br/>Description = The Network List Service service depends on the Network Location Awareness <br/> service which failed to start because of the following error: %%1068 <br/> <br/>Error - 3/29/2013 4:46:20 PM | Computer Name = Toni-PC | Source = Service Control Manager | ID = 7001 <br/>Description = The Network List Service service depends on the Network Location Awareness <br/> service which failed to start because of the following error: %%1068 <br/> <br/>Error - 3/29/2013 4:46:20 PM | Computer Name = Toni-PC | Source = Service Control Manager | ID = 7001 <br/>Description = The Network List Service service depends on the Network Location Awareness <br/> service which failed to start because of the following error: %%1068 <br/> <br/>Error - 3/29/2013 4:46:20 PM | Computer Name = Toni-PC | Source = Service Control Manager | ID = 7001 <br/>Description = The Network List Service service depends on the Network Location Awareness <br/> service which failed to start because of the following error: %%1068 <br/> <br/>Error - 3/29/2013 4:46:20 PM | Computer Name = Toni-PC | Source = Service Control Manager | ID = 7001 <br/>Description = The Network List Service service depends on the Network Location Awareness <br/> service which failed to start because of the following error: %%1068 <br/> <br/>Error - 3/29/2013 4:46:20 PM | Computer Name = Toni-PC | Source = Service Control Manager | ID = 7001 <br/>Description = The Network List Service service depends on the Network Location Awareness <br/> service which failed to start because of the following error: %%1068 <br/> <br/>Error - 3/29/2013 4:51:56 PM | Computer Name = Toni-PC | Source = Service Control Manager | ID = 7031 <br/>Description = The Norton Internet Security service terminated unexpectedly. It <br/>has done this 1 time(s). The following corrective action will be taken in 120000 <br/> milliseconds: Restart the service. <br/> <br/> <br/>< End of report >
Posted 3/31/2013 7:11 AM
#95311
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
"I felt that you may want to look at the newest Combofix and OTL reports "</div> <br/> <br/> <br/> <br/>I've checked them and they looks clean to me, I also suppose your computer is running fine now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/31/2013 2:17 PM
#95319
User avatar

Beauty Valued member

Date Joined Nov 2016
Total Posts: 28
Hello Touch <br/> <br/>That's great it's virus free. Yes my computer is running better. <br/> <br/>Your help has been very much appreciated.by me. :-) <br/> <br/> <br/>Thank you <br/> <br/>Beauty
Posted 4/1/2013 7:11 AM
#95322
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Always a pleasure :smile: </div> <br/> <br/> <br/> <br/> <br/>I´ll Lock this topic, if you need it reopened, please PM me.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Friday, December 2, 2016, 9:05 PM (GMT +1)
There are a total of 61,157 posts in 13,447 threads.
In the last 3 days there were 1 new threads and 1 reply posts.

Who's online

This forum has 37,966 registered members. Please welcome our newest member, Don Tee.
There are currently no users on-line.