Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Access is denied and disabled: Windows Defender & Microsoft Security Essentials


  • This topic is locked This topic is locked
10 replies to this topic

#1 asoft

asoft

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 28 May 2013 - 10:04 PM

Hi,

 

I would be honoured to have some assistance regarding a possible infection on my computer.

 

Unfortunately, I believe my computer has been infected with a possible Rootkit\Backdoor Trojan Virus, which has disabled both Windows Defender and Microsoft Security Essentials. When attempting to launch Windows Defender & MSE, I receive an error regarding: "Specified location path not found". I decided to look into the directory of both WD (%WINDIR%Program Files\Windows Defender) and MSE (%WINDIR%Program Files\Microsoft Security Client) and some of the icons have changed to shortcuts that point directly to "C:\Windows\system32\config." Even as an Administrator,  I'm unable to make even add write permissions to the folder as my access is denied.

 

I was able to uninstall Microsoft Security Essentials but my Windows Defender will not launch. My issue is practically identical to the following topic in this forum:

 

http://www.bleepingcomputer.com/forums/t/494835/lost-access-to-microsoft-security-essentials-directory-and-application/page-10?hl=%2Blost+%2Baccess#entry3059425

 

Would anyone be able to assist me in this issue? Your help will be greatly appreciated.

Attached Files


Edited by asoft, 28 May 2013 - 10:10 PM.


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 29 May 2013 - 01:46 AM

Hi asoft,

 

Welcome to the forum.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

 



#3 asoft

asoft
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 29 May 2013 - 10:28 AM

Hi Farbar,

 

Thank you for your assistance in my issue.

 

Here are the results of both FRST and Addition logs >>>>

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-05-2013
Ran by Eric (administrator) on 29-05-2013 08:02:33
Running from C:\Users\Eric\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Akamai Technologies, Inc.) C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Akamai Technologies, Inc.) C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Remote Mouse\server\server.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Dropbox, Inc.) C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Minitab Inc.) C:\Program Files (x86)\Minitab\Minitab 16\Mtb.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Farbar) C:\Users\Eric\Desktop\FRST64.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe
(Microsoft Corporation) C:\Windows\system32\wermgr.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-21] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8095776 2009-08-31] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [16334368 2009-07-18] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] "C:\Program Files\Microsoft Device Center\itype.exe" [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft Device Center\ipoint.exe" [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2012-11-29] (LogMeIn, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [AdobeBridge]  [x]
HKCU\...\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [x]
HKCU\...\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [911160 2012-01-18] (Microsoft Corporation)
HKCU\...\Run: [Remote Mouse] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [872448 2011-05-10] ()
HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [Google Update] "C:\Users\Eric\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-05-17] (Google Inc.)
HKCU\...\Run: [pronto] "C:\Program Files (x86)\Blackboard\Blackboard IM\blackboardim.exe" [x]
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKCU\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" [765200 2012-12-16] (SANDBOXIE L.T.D)
MountPoints2: {26965b3b-da41-11e0-89e2-00261856a4c7} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://ca.search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
PDF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
PDF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
PDF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [20992] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\rrrbv3ff.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://ca.yahoo.com/?fr=mkg031
FF Keyword.URL: hxxp://ca.search.yahoo.com/search?fr=mkg030&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=1.1.10 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\rrrbv3ff.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (James White) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0
CHR Extension: (YouTube) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Play) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0
CHR Extension: (Google Play Books) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0
CHR Extension: (Gmail) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll [4561152 2013-03-21] (Akamai Technologies, Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 hasplms; C:\Windows\system32\hasplms.exe [4466120 2013-01-11] (SafeNet Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376320 2012-12-18] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [148480 2012-12-18] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-11-29] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8918 2012-10-12] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)

==================== Drivers (Whitelisted) ====================

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331144 2013-03-11] (SafeNet Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [16896 2007-03-20] (http://libusb-win32.sourceforge.net)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2012-11-29] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2010-08-26] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-07] (Duplex Secure Ltd.)
R3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [259248 2010-01-13] (Jungo)
U3 asm4fmfk; C:\Windows\System32\Drivers\asm4fmfk.sys [0 ] (Advanced Micro Devices)
R3 ALSysIO; \??\C:\Users\Eric\AppData\Local\Temp\ALSysIO64.sys [x]
S3 GIVEIO; \??\C:\Windows\SYSTEM32\DRIVERS\GIVEIO.SYS [x]
S4 LMIRfsClientNP; No ImagePath
S3 npf; system32\drivers\npf.sys [x]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [x]
S3 Ser2pl64; system32\DRIVERS\ser2pl64.sys [x]
S2 VICHW11; \??\C:\Windows\SYSTEM32\DRIVERS\VICHW11.SYS [x]
S3 X6va005; \??\C:\Users\Eric\AppData\Local\Temp\00567A3.tmp [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-29 08:01 - 2013-05-29 08:01 - 01915774 ____A (Farbar) C:\Users\Eric\Desktop\FRST64.exe
2013-05-29 08:01 - 2013-05-29 08:01 - 00000000 ____D C:\FRST
2013-05-29 00:47 - 2013-05-29 00:47 - 00004608 ____A C:\Users\Eric\Downloads\lab1data.MTW
2013-05-29 00:44 - 2013-05-29 00:44 - 00000000 ____D C:\ProgramData\Minitab
2013-05-29 00:39 - 2013-05-29 00:39 - 00001888 ____A C:\Users\Public\Desktop\Minitab 16.lnk
2013-05-29 00:39 - 2013-05-29 00:39 - 00000000 ____D C:\ProgramData\FLEXnet
2013-05-29 00:38 - 2013-05-29 00:38 - 00021793 ____A C:\Windows\aksdrvsetup.log
2013-05-29 00:38 - 2013-05-29 00:38 - 00000000 ____D C:\Users\Eric\AppData\Local\SafeNet Sentinel
2013-05-29 00:38 - 2013-05-29 00:38 - 00000000 ____D C:\ProgramData\SafeNet Sentinel
2013-05-29 00:38 - 2013-03-11 12:03 - 00331144 ____A (SafeNet Inc.) C:\Windows\System32\Drivers\hardlock.sys
2013-05-29 00:38 - 2013-02-19 15:04 - 00141064 ____A (SafeNet Inc.) C:\Windows\System32\Drivers\aksfridge.sys
2013-05-29 00:38 - 2013-01-14 12:32 - 00198088 ____A (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll
2013-05-29 00:38 - 2013-01-14 12:32 - 00090056 ____A (SafeNet Inc.) C:\Windows\System32\Drivers\aksdf.sys
2013-05-29 00:38 - 2013-01-11 16:36 - 04466120 ____A (SafeNet Inc.) C:\Windows\System32\hasplms.exe
2013-05-29 00:38 - 2013-01-11 16:36 - 04466120 ____A (SafeNet Inc.) C:\Windows\System32\aksllmtp.exe
2013-05-29 00:37 - 2013-05-29 00:37 - 00000000 ____D C:\Windows\Downloaded Installations
2013-05-29 00:30 - 2013-05-29 00:30 - 00000183 ____A C:\Users\Eric\Downloads\100193753519 (1).sdx
2013-05-29 00:04 - 2013-05-29 00:04 - 00773120 ____A C:\Users\Eric\Downloads\SDM_EN (2).msi
2013-05-29 00:04 - 2013-05-29 00:04 - 00000183 ____A C:\Users\Eric\Downloads\100193753519.sdx
2013-05-28 22:49 - 2013-05-28 22:49 - 00024937 ____A C:\Users\Eric\Desktop\dds.txt
2013-05-28 22:49 - 2013-05-28 22:49 - 00012432 ____A C:\Users\Eric\Desktop\attach.txt
2013-05-28 22:47 - 2013-05-28 22:47 - 00688992 ____R (Swearware) C:\Users\Eric\Downloads\dds.com
2013-05-28 21:27 - 2013-05-28 21:27 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Eric\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-28 21:27 - 2013-05-28 21:27 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-28 21:27 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-28 21:02 - 2013-05-28 21:02 - 05073758 ____A (Swearware) C:\Users\Eric\Downloads\ComboFix.exe
2013-05-28 20:55 - 2013-05-28 20:55 - 00000000 ___RD C:\Sandbox
2013-05-28 20:53 - 2013-05-28 21:03 - 00001606 ____A C:\Windows\Sandboxie.ini
2013-05-28 20:53 - 2013-05-28 20:53 - 00000896 ____A C:\Users\Eric\Desktop\Sandboxed Web Browser.lnk
2013-05-28 20:53 - 2013-05-28 20:53 - 00000000 ____D C:\Program Files\Sandboxie
2013-05-28 20:52 - 2013-05-28 20:52 - 02565392 ____A (SANDBOXIE L.T.D) C:\Users\Eric\Downloads\SandboxieInstall.exe
2013-05-28 00:10 - 2013-05-28 20:42 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-28 00:10 - 2013-05-28 00:10 - 00001922 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-05-28 00:10 - 2013-05-09 04:59 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-28 00:10 - 2013-05-09 04:58 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-28 00:10 - 2013-05-09 04:58 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-28 00:09 - 2013-05-28 00:09 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-28 00:09 - 2013-05-28 00:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-28 00:08 - 2013-05-28 00:08 - 117478104 ____A C:\Users\Eric\Downloads\avast_free_antivirus_setup.exe
2013-05-28 00:03 - 2013-05-28 00:03 - 13475464 ____A (Microsoft Corporation) C:\Users\Eric\Downloads\mseinstall.exe
2013-05-27 02:08 - 2013-05-27 02:08 - 00000000 __SHD C:\found.000
2013-05-27 01:20 - 2013-05-28 21:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-27 01:20 - 2013-05-27 01:20 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Malwarebytes
2013-05-27 01:20 - 2013-05-27 01:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-25 01:07 - 2013-05-25 05:04 - 00001209 ____A C:\Users\Eric\Desktop\Table of Contents.html
2013-05-25 01:04 - 2013-05-25 01:04 - 00223590 ____A C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5252013 104 AM.zip
2013-05-24 01:33 - 2013-05-24 01:34 - 19088847 ____A C:\Users\Eric\Downloads\COMPTECH 3DS3 DATA STRUCTURES & ALGORITHMS content download 5242013 133 AM.zip
2013-05-24 01:31 - 2013-05-24 01:31 - 00000000 ____D C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5242013 130 AM
2013-05-24 01:30 - 2013-05-24 01:31 - 25046763 ____A C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5242013 130 AM.zip
2013-05-24 01:14 - 2013-05-24 01:14 - 00062712 ____A C:\Users\Eric\Downloads\ch03.zip
2013-05-24 01:14 - 2013-05-24 01:14 - 00047048 ____A C:\Users\Eric\Downloads\ch01.zip
2013-05-24 01:13 - 2013-05-24 01:13 - 07917405 ____A C:\Users\Eric\Downloads\handouts.zip
2013-05-20 22:20 - 2013-05-27 06:05 - 00000000 ____D C:\Users\Eric\Downloads\koda_1.7.3.0
2013-05-20 22:20 - 2013-05-20 22:20 - 01062299 ____A C:\Users\Eric\Downloads\koda_1.7.3.0.zip
2013-05-17 22:59 - 2013-05-17 22:59 - 00000000 ____D C:\Program Files (x86)\Minitab
2013-05-17 21:57 - 2013-05-17 22:55 - 00000000 ____D C:\Users\Eric\Downloads\Minitab v16.2.3 [Multi][WwW.LoKoTorrents.CoM]
2013-05-17 21:55 - 2013-05-17 21:55 - 00017130 ____A C:\Users\Eric\Downloads\[kat.ph]minitab.v16.2.3.multi.torrent
2013-05-17 00:05 - 2013-05-17 00:05 - 00000000 ____D C:\Users\Eric\Documents\My Games
2013-05-17 00:02 - 2013-05-17 00:02 - 00002106 ____A C:\Users\Public\Desktop\Path of Exile.lnk
2013-05-17 00:02 - 2013-05-17 00:02 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2013-05-17 00:01 - 2013-05-17 00:01 - 07032832 ____A C:\Users\Eric\Downloads\PathOfExileInstaller.msi
2013-05-16 22:28 - 2013-05-05 17:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 22:28 - 2013-05-05 17:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-16 22:28 - 2013-05-05 15:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-16 22:28 - 2013-05-05 15:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-16 22:27 - 2013-04-04 21:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-16 22:27 - 2013-04-04 21:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 22:27 - 2013-04-04 21:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-16 22:27 - 2013-04-04 21:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 22:27 - 2013-04-04 20:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-16 22:27 - 2013-04-04 20:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-16 22:27 - 2013-04-04 20:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 22:27 - 2013-04-04 20:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-16 22:27 - 2013-04-04 20:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 22:27 - 2013-04-04 20:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-16 22:27 - 2013-04-04 20:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-16 22:27 - 2013-04-04 20:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 22:27 - 2013-04-04 20:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-16 22:27 - 2013-04-04 20:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-16 22:27 - 2013-04-04 18:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 22:27 - 2013-04-04 18:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-16 22:27 - 2013-04-04 18:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-16 22:27 - 2013-04-04 18:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 22:27 - 2013-04-04 18:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-16 22:27 - 2013-04-04 18:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-16 22:27 - 2013-04-04 17:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 22:27 - 2013-04-04 17:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 22:27 - 2013-04-04 17:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-16 22:27 - 2013-04-04 17:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-16 22:27 - 2013-04-04 17:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 22:27 - 2013-04-04 17:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-16 22:27 - 2013-04-04 17:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-16 22:27 - 2013-04-04 17:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 22:28 - 2013-04-10 02:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 22:28 - 2013-04-10 02:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 22:28 - 2013-02-27 02:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 22:28 - 2013-02-27 01:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 22:28 - 2013-02-27 01:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 22:28 - 2013-02-27 01:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 22:28 - 2013-02-27 01:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 22:28 - 2013-02-27 00:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 22:28 - 2013-02-27 00:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 22:28 - 2013-02-27 00:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-15 22:28 - 2011-02-03 07:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 22:27 - 2013-04-09 23:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 22:27 - 2013-03-19 01:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 22:27 - 2013-03-19 01:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-11 15:04 - 2013-05-11 15:04 - 00000000 ____D C:\Users\Public\Games
2013-05-11 13:00 - 2013-05-11 13:00 - 01812872 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6 (1).exe
2013-05-10 23:17 - 2013-05-10 23:17 - 00027687 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6 (1).torrent
2013-05-10 23:16 - 2013-05-10 23:16 - 00027687 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6.torrent
2013-05-10 22:38 - 2013-05-10 22:38 - 01812872 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6.exe
2013-05-08 19:50 - 2013-05-08 19:50 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-05-08 19:50 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2013-05-08 19:49 - 2013-05-08 19:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-08 19:49 - 2013-05-08 19:50 - 00000000 ____D C:\Program Files\iTunes
2013-05-08 19:49 - 2013-05-08 19:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-08 19:49 - 2013-05-08 19:49 - 00000000 ____D C:\Program Files\iPod
2013-05-08 19:47 - 2013-05-08 19:47 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-05-08 19:47 - 2013-05-08 19:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-04-30 23:17 - 2013-05-06 20:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-04-30 22:31 - 2013-04-30 22:31 - 00000000 ____D C:\Users\Eric\Documents\Workspace
2013-04-29 20:34 - 2013-04-18 00:35 - 00000000 ____D C:\Users\Eric\Downloads\500+ Hacking Tutorials[Team Nanban][TPB]
2013-04-29 20:23 - 2013-05-28 07:25 - 06849509 ____A C:\Users\Eric\Downloads\500+ Hacking Tutorials[Team Nanban][TPB].rar

==================== One Month Modified Files and Folders =======

2013-05-29 08:01 - 2013-05-29 08:01 - 01915774 ____A (Farbar) C:\Users\Eric\Desktop\FRST64.exe
2013-05-29 08:01 - 2013-05-29 08:01 - 00000000 ____D C:\FRST
2013-05-29 08:00 - 2011-08-01 15:22 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Skype
2013-05-29 07:59 - 2012-05-29 22:23 - 00000434 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-05-29 07:59 - 2012-04-10 00:31 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-29 07:53 - 2011-06-10 18:23 - 01750672 ____A C:\Windows\WindowsUpdate.log
2013-05-29 07:50 - 2013-01-25 20:22 - 00000000 ____D C:\ProgramData\LogMeIn
2013-05-29 07:50 - 2012-05-17 20:49 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2891775198-2259670834-2021801430-1000UA.job
2013-05-29 01:46 - 2011-09-28 09:30 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Dropbox
2013-05-29 00:47 - 2013-05-29 00:47 - 00004608 ____A C:\Users\Eric\Downloads\lab1data.MTW
2013-05-29 00:44 - 2013-05-29 00:44 - 00000000 ____D C:\ProgramData\Minitab
2013-05-29 00:39 - 2013-05-29 00:39 - 00001888 ____A C:\Users\Public\Desktop\Minitab 16.lnk
2013-05-29 00:39 - 2013-05-29 00:39 - 00000000 ____D C:\ProgramData\FLEXnet
2013-05-29 00:38 - 2013-05-29 00:38 - 00021793 ____A C:\Windows\aksdrvsetup.log
2013-05-29 00:38 - 2013-05-29 00:38 - 00000000 ____D C:\Users\Eric\AppData\Local\SafeNet Sentinel
2013-05-29 00:38 - 2013-05-29 00:38 - 00000000 ____D C:\ProgramData\SafeNet Sentinel
2013-05-29 00:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\Setup
2013-05-29 00:37 - 2013-05-29 00:37 - 00000000 ____D C:\Windows\Downloaded Installations
2013-05-29 00:30 - 2013-05-29 00:30 - 00000183 ____A C:\Users\Eric\Downloads\100193753519 (1).sdx
2013-05-29 00:30 - 2013-01-01 22:35 - 00000000 ____A C:\Users\Eric\Downloads\SecureDownloadManager.log
2013-05-29 00:04 - 2013-05-29 00:04 - 00773120 ____A C:\Users\Eric\Downloads\SDM_EN (2).msi
2013-05-29 00:04 - 2013-05-29 00:04 - 00000183 ____A C:\Users\Eric\Downloads\100193753519.sdx
2013-05-28 22:49 - 2013-05-28 22:49 - 00024937 ____A C:\Users\Eric\Desktop\dds.txt
2013-05-28 22:49 - 2013-05-28 22:49 - 00012432 ____A C:\Users\Eric\Desktop\attach.txt
2013-05-28 22:47 - 2013-05-28 22:47 - 00688992 ____R (Swearware) C:\Users\Eric\Downloads\dds.com
2013-05-28 22:37 - 2012-05-17 20:49 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2891775198-2259670834-2021801430-1000Core.job
2013-05-28 22:16 - 2009-07-14 01:13 - 00730596 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-28 22:16 - 2009-07-14 00:45 - 00017712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-28 22:16 - 2009-07-14 00:45 - 00017712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-28 22:09 - 2011-09-28 09:31 - 00000000 ___RD C:\Users\Eric\Dropbox
2013-05-28 22:09 - 2011-06-12 05:04 - 00045056 ____A C:\Windows\System32\acovcnt.exe
2013-05-28 22:08 - 2011-06-10 18:27 - 00029624 ____A C:\Windows\PFRO.log
2013-05-28 22:08 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-28 22:08 - 2009-07-14 00:51 - 00066504 ____A C:\Windows\setupact.log
2013-05-28 21:27 - 2013-05-28 21:27 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Eric\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-28 21:27 - 2013-05-28 21:27 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-28 21:27 - 2013-05-27 01:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-28 21:03 - 2013-05-28 20:53 - 00001606 ____A C:\Windows\Sandboxie.ini
2013-05-28 21:02 - 2013-05-28 21:02 - 05073758 ____A (Swearware) C:\Users\Eric\Downloads\ComboFix.exe
2013-05-28 20:55 - 2013-05-28 20:55 - 00000000 ___RD C:\Sandbox
2013-05-28 20:53 - 2013-05-28 20:53 - 00000896 ____A C:\Users\Eric\Desktop\Sandboxed Web Browser.lnk
2013-05-28 20:53 - 2013-05-28 20:53 - 00000000 ____D C:\Program Files\Sandboxie
2013-05-28 20:52 - 2013-05-28 20:52 - 02565392 ____A (SANDBOXIE L.T.D) C:\Users\Eric\Downloads\SandboxieInstall.exe
2013-05-28 20:42 - 2013-05-28 00:10 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-28 07:25 - 2013-04-29 20:23 - 06849509 ____A C:\Users\Eric\Downloads\500+ Hacking Tutorials[Team Nanban][TPB].rar
2013-05-28 00:10 - 2013-05-28 00:10 - 00001922 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-05-28 00:09 - 2013-05-28 00:09 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-28 00:09 - 2013-05-28 00:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-28 00:09 - 2011-06-10 19:32 - 00002115 ____A C:\Windows\epplauncher.mif
2013-05-28 00:08 - 2013-05-28 00:08 - 117478104 ____A C:\Users\Eric\Downloads\avast_free_antivirus_setup.exe
2013-05-28 00:03 - 2013-05-28 00:03 - 13475464 ____A (Microsoft Corporation) C:\Users\Eric\Downloads\mseinstall.exe
2013-05-27 06:05 - 2013-05-20 22:20 - 00000000 ____D C:\Users\Eric\Downloads\koda_1.7.3.0
2013-05-27 06:05 - 2013-01-25 20:22 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2013-05-27 06:05 - 2012-10-12 22:37 - 00000000 ____D C:\ProgramData\MySQL
2013-05-27 06:05 - 2012-05-17 21:05 - 00000000 ____D C:\Users\Eric\AppData\Roaming\uTorrent
2013-05-27 06:05 - 2011-11-02 23:56 - 00000000 ____D C:\Users\Eric\AppData\Local\Akamai
2013-05-27 06:05 - 2011-06-25 13:04 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-27 06:05 - 2011-06-12 20:01 - 00000000 __RHD C:\MSOCache
2013-05-27 06:05 - 2009-07-14 03:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-05-27 06:05 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-27 06:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\Msdtc
2013-05-27 06:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-05-27 06:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2013-05-27 02:10 - 2011-06-10 18:23 - 00000000 ____D C:\users\Eric
2013-05-27 02:08 - 2013-05-27 02:08 - 00000000 __SHD C:\found.000
2013-05-27 01:20 - 2013-05-27 01:20 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Malwarebytes
2013-05-27 01:20 - 2013-05-27 01:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-25 05:04 - 2013-05-25 01:07 - 00001209 ____A C:\Users\Eric\Desktop\Table of Contents.html
2013-05-25 01:04 - 2013-05-25 01:04 - 00223590 ____A C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5252013 104 AM.zip
2013-05-24 01:34 - 2013-05-24 01:33 - 19088847 ____A C:\Users\Eric\Downloads\COMPTECH 3DS3 DATA STRUCTURES & ALGORITHMS content download 5242013 133 AM.zip
2013-05-24 01:31 - 2013-05-24 01:31 - 00000000 ____D C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5242013 130 AM
2013-05-24 01:31 - 2013-05-24 01:30 - 25046763 ____A C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5242013 130 AM.zip
2013-05-24 01:14 - 2013-05-24 01:14 - 00062712 ____A C:\Users\Eric\Downloads\ch03.zip
2013-05-24 01:14 - 2013-05-24 01:14 - 00047048 ____A C:\Users\Eric\Downloads\ch01.zip
2013-05-24 01:13 - 2013-05-24 01:13 - 07917405 ____A C:\Users\Eric\Downloads\handouts.zip
2013-05-20 22:20 - 2013-05-20 22:20 - 01062299 ____A C:\Users\Eric\Downloads\koda_1.7.3.0.zip
2013-05-17 22:59 - 2013-05-17 22:59 - 00000000 ____D C:\Program Files (x86)\Minitab
2013-05-17 22:55 - 2013-05-17 21:57 - 00000000 ____D C:\Users\Eric\Downloads\Minitab v16.2.3 [Multi][WwW.LoKoTorrents.CoM]
2013-05-17 21:55 - 2013-05-17 21:55 - 00017130 ____A C:\Users\Eric\Downloads\[kat.ph]minitab.v16.2.3.multi.torrent
2013-05-17 13:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-05-17 00:05 - 2013-05-17 00:05 - 00000000 ____D C:\Users\Eric\Documents\My Games
2013-05-17 00:02 - 2013-05-17 00:02 - 00002106 ____A C:\Users\Public\Desktop\Path of Exile.lnk
2013-05-17 00:02 - 2013-05-17 00:02 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2013-05-17 00:01 - 2013-05-17 00:01 - 07032832 ____A C:\Users\Eric\Downloads\PathOfExileInstaller.msi
2013-05-16 22:39 - 2012-05-17 21:06 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-05-16 22:39 - 2012-05-15 22:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-16 22:39 - 2009-07-14 00:45 - 05230120 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 22:33 - 2011-06-12 20:21 - 00000039 ____A C:\Windows\vbaddin.ini
2013-05-16 22:33 - 2011-06-12 20:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 22:33 - 2011-06-11 12:14 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-14 22:59 - 2012-04-10 00:31 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-14 22:59 - 2011-06-10 18:57 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-11 15:05 - 2011-06-11 12:26 - 00100697 ____A C:\Windows\DirectX.log
2013-05-11 15:04 - 2013-05-11 15:04 - 00000000 ____D C:\Users\Public\Games
2013-05-11 13:52 - 2011-06-26 14:53 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Apple Computer
2013-05-11 13:51 - 2011-06-26 14:53 - 00000000 ____D C:\Users\Eric\AppData\Local\Apple Computer
2013-05-11 13:00 - 2013-05-11 13:00 - 01812872 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6 (1).exe
2013-05-10 23:17 - 2013-05-10 23:17 - 00027687 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6 (1).torrent
2013-05-10 23:16 - 2013-05-10 23:16 - 00027687 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6.torrent
2013-05-10 22:38 - 2013-05-10 22:38 - 01812872 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6.exe
2013-05-09 04:59 - 2013-05-28 00:10 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-09 04:58 - 2013-05-28 00:10 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-09 04:58 - 2013-05-28 00:10 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-08 19:51 - 2011-06-26 14:52 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-05-08 19:50 - 2013-05-08 19:50 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-05-08 19:50 - 2013-05-08 19:49 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-08 19:50 - 2013-05-08 19:49 - 00000000 ____D C:\Program Files\iTunes
2013-05-08 19:50 - 2013-05-08 19:49 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-08 19:49 - 2013-05-08 19:49 - 00000000 ____D C:\Program Files\iPod
2013-05-08 19:47 - 2013-05-08 19:47 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-05-08 19:47 - 2013-05-08 19:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-06 20:20 - 2013-04-30 23:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-06 20:20 - 2013-03-08 02:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-05-06 20:18 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-05-05 17:36 - 2013-05-16 22:28 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-05 17:16 - 2013-05-16 22:28 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-05 15:25 - 2013-05-16 22:28 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-05 15:12 - 2013-05-16 22:28 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-02 22:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-02 02:06 - 2011-06-10 18:35 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-04-30 22:31 - 2013-04-30 22:31 - 00000000 ____D C:\Users\Eric\Documents\Workspace
2013-04-30 22:16 - 2013-02-01 02:19 - 00000000 ____D C:\ProgramData\Visual CertExam Suite

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2891775198-2259670834-2021801430-1000\$24259f051bfa2873771adafb081962a2

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$24259f051bfa2873771adafb081962a2

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

Last Boot: 2013-05-25 00:07

==================== End Of Log ============================

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 6/10/2011 6:23:38 PM
System Uptime: 5/28/2013 10:08:26 PM (0 hours ago)
.
Motherboard: PEGATRON Corp.                |  | G60VX    
Processor: Intel® Core™2 Duo CPU     P7350  @ 2.00GHz | Socket 478 | 2000/267mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 17.807 GiB free.
D: is FIXED (NTFS) - 298 GiB total, 113.506 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2D057FC6&2&05
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2D057FC6&2&05
Service: vwifimp
.
==== System Restore Points ===================
.
RP352: 3/15/2012 10:12:33 PM - Windows Update
RP353: 3/15/2012 10:31:54 PM - Windows Update
RP354: 3/15/2012 11:00:14 PM - Windows Update
RP355: 3/16/2012 6:06:55 PM - Windows Update
RP356: 3/25/2012 1:25:00 AM - Windows Update
RP357: 5/14/2012 8:20:09 PM - Windows Update
RP358: 5/14/2012 11:00:16 PM - Windows Update
RP341: 5/22/2013 9:11:19 PM - Installed Java 7 Update 21
RP342: 5/27/2013 2:11:42 AM - Windows Update
RP343: 5/28/2013 12:09:38 AM - avast! Free Antivirus Setup
RP344: 5/28/2013 8:30:55 PM - Windows Update
RP345: 5/28/2013 10:36:58 PM - Windows Backup
.
==== Installed Programs ======================
.
µTorrent
Active@ ISO Burner
Adobe AIR
Adobe Community Help
Adobe Creative Suite 5 Master Collection
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader X (10.1.7)
Adobe Shockwave Player 11.6
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS LifeFrame3
ASUS Splendid Video Enhancement Technology
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
AutoIt v3.3.6.1
avast! Free Antivirus
AviSynth 2.5
Bonjour
CDDRV_Installer
Core Temp version 0.99.7
Counter-Strike
Counter-Strike: Global Offensive Beta
CPUID CPU-Z 1.57.1
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
DivX Web Player
Dropbox
erLT
ffdshow v1.1.3572 [2010-09-13]
FXCM Trading Station
Google Chrome
Haali Media Splitter
HP Officejet 6500 E710n-z Basic Device Software
HP Officejet 6500 E710n-z Help
iCloud
ImgBurn
iPhone Backup Extractor
iTunes
Java 7 Update 15
Java Auto Updater
Java™ 7 (64-bit)
Junk Mail filter update
K-Lite Codec Pack 7.1.0 (Full)
KhalInstallWrapper
Logitech SetPoint
LogMeIn
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Hotmail Connector 64-bit
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit
Microsoft Press Training Kit Exam Prep Suite A+ 220-801, 220-802
Microsoft Project 2010 Service Pack 1 (SP1)
Microsoft Project Professional 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MySQL Server 5.5
MySQL Tools for 5.0
MySQL Workbench 5.2 CE
Nmap 5.51
NVIDIA Drivers
Path of Exile
PDF Settings CS5
PxMergeModule
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Realtek High Definition Audio Driver
Remote Mouse version 1.09
Sandboxie 3.76 (64-bit)
Secure Download Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition
Skype™ 6.3
StarCraft II
Steam
Synaptics Pointing Device Driver
TeamViewer 7
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
VC80CRTRedist - 8.0.50727.762
Ventrilo Client for Windows x64
Visual CertExam Suite
VLC media player 1.1.10
Winamp
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WinRAR 4.01 (64-bit)
Wireless Console 3
Wireshark 1.6.4
.
==== Event Viewer Messages From Past Week ========
.
5/28/2013 12:06:36 AM, Error: Service Control Manager [7023]  - The Microsoft Antimalware Service service terminated with the following error:  %%-2146869247
5/28/2013 10:35:28 PM, Error: VDS Basic Provider [1]  - Unexpected failure. Error code: 490@01010004
5/28/2013 10:09:54 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
5/28/2013 10:08:51 PM, Error: Service Control Manager [7000]  - The P&E BDM Cable Driver II service failed to start due to the following error:  The system cannot find the file specified.
5/27/2013 1:36:08 AM, Error: Service Control Manager [7000]  - The Microsoft Antimalware Service service failed to start due to the following error:  Access is denied.
5/27/2013 1:33:49 AM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
5/25/2013 1:10:19 AM, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10.
5/23/2013 12:49:30 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MsMpSvc service.
.
==== End Of File ===========================
 



#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 29 May 2013 - 12:52 PM

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warned you about the outdated version please download and run the updated version.

Attached Files


Edited by Farbar, 29 May 2013 - 01:15 PM.


#5 asoft

asoft
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 29 May 2013 - 06:41 PM

Hi Farbar

 

Here is the log after applying the fix using FRST64.exe >>>>

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-05-2013
Ran by Eric at 2013-05-29 19:32:10 Run:1
Running from C:\Users\Eric\Desktop
Boot Mode: Normal
==============================================
 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
X6va005 => Service deleted successfully.
C:\$Recycle.Bin\S-1-5-21-2891775198-2259670834-2021801430-1000\$24259f051bfa2873771adafb081962a2 => Moved successfully.
C:\$Recycle.Bin\S-1-5-18\$24259f051bfa2873771adafb081962a2 => Moved successfully.
 
=========  dir /s /a:l "c:\Program files" =========
 
 Volume in drive C has no label.
 Volume Serial Number is 623F-801F
 
 Directory of c:\Program files\Windows Defender
 
07/14/2009  01:37 AM    <SYMLINKD>     en-US [c:\windows\system32\config]
               0 File(s)              0 bytes
 
     Total Files Listed:
               0 File(s)              0 bytes
               1 Dir(s)  18,873,380,864 bytes free
 
========= End of CMD: =========
 
 
=========  dir /a/b "c:\Program files" =========
 
Adobe
ATKGFNEX
AVAST Software
Bonjour
Common Files
Core Temp
CPUID
desktop.ini
DVD Maker
ESEA
HP
Intel
Internet Explorer
iPod
iTunes
Java
Logitech
Microsoft Analysis Services
Microsoft Device Center
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
Microsoft Synchronization Services
MSBuild
MySQL
Realtek
Reference Assemblies
Sandboxie
Synaptics
Uninstall Information
Ventrilo
Windows Defender
Windows Journal
Windows Live
Windows Mail
Windows Media Player
Windows NT
Windows Photo Viewer
Windows Portable Devices
Windows Sidebar
WinPcap
WinRAR
Wireshark
 
========= End of CMD: =========
 
 
==== End of Fixlog ====


#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 29 May 2013 - 09:29 PM

Hi asoft,

 

  1. Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  2. Please download Farbar Service Scanner and run it on the computer with the issue.
    • Check all the boxes.
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.


#7 asoft

asoft
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 29 May 2013 - 09:41 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-05-2013
Ran by Eric (administrator) on 29-05-2013 22:36:43
Running from C:\Users\Eric\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Akamai Technologies, Inc.) C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Akamai Technologies, Inc.) C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\Remote Mouse\server\server.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Dropbox, Inc.) C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eric\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Eric\Desktop\FRST64.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-21] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8095776 2009-08-31] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [16334368 2009-07-18] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] "C:\Program Files\Microsoft Device Center\itype.exe" [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft Device Center\ipoint.exe" [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2012-11-29] (LogMeIn, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [x]
HKCU\...\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [911160 2012-01-18] (Microsoft Corporation)
HKCU\...\Run: [Remote Mouse] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [872448 2011-05-10] ()
HKCU\...\Run: [Akamai NetSession Interface] "C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [Google Update] "C:\Users\Eric\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-05-17] (Google Inc.)
HKCU\...\Run: [pronto] "C:\Program Files (x86)\Blackboard\Blackboard IM\blackboardim.exe" [x]
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKCU\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" [765200 2012-12-16] (SANDBOXIE L.T.D)
MountPoints2: {26965b3b-da41-11e0-89e2-00261856a4c7} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Eric\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://ca.search.yahoo.com/search?p={searchTerms}&fr=mkg028
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
PDF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab
PDF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
PDF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
PDF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [20992] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\rrrbv3ff.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://ca.yahoo.com/?fr=mkg031
FF Keyword.URL: hxxp://ca.search.yahoo.com/search?fr=mkg030&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=1.1.10 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\rrrbv3ff.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Eric\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (James White) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0
CHR Extension: (YouTube) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Play) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0
CHR Extension: (Google Play Books) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0
CHR Extension: (Gmail) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
 
==================== Services (Whitelisted) =================
 
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll [4561152 2013-03-21] (Akamai Technologies, Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 hasplms; C:\Windows\system32\hasplms.exe [4466120 2013-01-11] (SafeNet Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376320 2012-12-18] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [148480 2012-12-18] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2012-11-29] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [8918 2012-10-12] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [123664 2012-12-16] (SANDBOXIE L.T.D)
 
==================== Drivers (Whitelisted) ====================
 
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-09] (CPUID)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331144 2013-03-11] (SafeNet Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [16896 2007-03-20] (http://libusb-win32.sourceforge.net)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2012-11-29] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202632 2012-12-16] (SANDBOXIE L.T.D)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2010-08-26] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-07] (Duplex Secure Ltd.)
R3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [30336 2007-08-17] (Razer (Asia-Pacific) Pte Ltd)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [259248 2010-01-13] (Jungo)
U3 asm4fmfk; C:\Windows\System32\Drivers\asm4fmfk.sys [0 ] (Advanced Micro Devices)
R3 ALSysIO; \??\C:\Users\Eric\AppData\Local\Temp\ALSysIO64.sys [x]
S3 GIVEIO; \??\C:\Windows\SYSTEM32\DRIVERS\GIVEIO.SYS [x]
S4 LMIRfsClientNP; No ImagePath
S3 npf; system32\drivers\npf.sys [x]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [x]
S3 Ser2pl64; system32\DRIVERS\ser2pl64.sys [x]
S2 VICHW11; \??\C:\Windows\SYSTEM32\DRIVERS\VICHW11.SYS [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-05-29 22:33 - 2013-05-29 22:33 - 00354297 ____A (Farbar) C:\Users\Eric\Desktop\FSS.exe
2013-05-29 22:31 - 2013-05-29 22:31 - 01915774 ____A (Farbar) C:\Users\Eric\Desktop\FRST64.exe
2013-05-29 19:42 - 2013-05-29 19:42 - 00000397 ____A C:\Users\Eric\Downloads\fixlist.txt
2013-05-29 08:01 - 2013-05-29 08:01 - 00000000 ____D C:\FRST
2013-05-29 00:47 - 2013-05-29 00:47 - 00004608 ____A C:\Users\Eric\Downloads\lab1data.MTW
2013-05-29 00:44 - 2013-05-29 00:44 - 00000000 ____D C:\ProgramData\Minitab
2013-05-29 00:39 - 2013-05-29 00:39 - 00001888 ____A C:\Users\Public\Desktop\Minitab 16.lnk
2013-05-29 00:39 - 2013-05-29 00:39 - 00000000 ____D C:\ProgramData\FLEXnet
2013-05-29 00:38 - 2013-05-29 00:38 - 00021793 ____A C:\Windows\aksdrvsetup.log
2013-05-29 00:38 - 2013-05-29 00:38 - 00000000 ____D C:\Users\Eric\AppData\Local\SafeNet Sentinel
2013-05-29 00:38 - 2013-05-29 00:38 - 00000000 ____D C:\ProgramData\SafeNet Sentinel
2013-05-29 00:38 - 2013-03-11 12:03 - 00331144 ____A (SafeNet Inc.) C:\Windows\System32\Drivers\hardlock.sys
2013-05-29 00:38 - 2013-02-19 15:04 - 00141064 ____A (SafeNet Inc.) C:\Windows\System32\Drivers\aksfridge.sys
2013-05-29 00:38 - 2013-01-14 12:32 - 00198088 ____A (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll
2013-05-29 00:38 - 2013-01-14 12:32 - 00090056 ____A (SafeNet Inc.) C:\Windows\System32\Drivers\aksdf.sys
2013-05-29 00:38 - 2013-01-11 16:36 - 04466120 ____A (SafeNet Inc.) C:\Windows\System32\hasplms.exe
2013-05-29 00:38 - 2013-01-11 16:36 - 04466120 ____A (SafeNet Inc.) C:\Windows\System32\aksllmtp.exe
2013-05-29 00:37 - 2013-05-29 00:37 - 00000000 ____D C:\Windows\Downloaded Installations
2013-05-29 00:30 - 2013-05-29 00:30 - 00000183 ____A C:\Users\Eric\Downloads\100193753519 (1).sdx
2013-05-29 00:04 - 2013-05-29 00:04 - 00773120 ____A C:\Users\Eric\Downloads\SDM_EN (2).msi
2013-05-29 00:04 - 2013-05-29 00:04 - 00000183 ____A C:\Users\Eric\Downloads\100193753519.sdx
2013-05-28 22:49 - 2013-05-28 22:49 - 00024937 ____A C:\Users\Eric\Desktop\dds.txt
2013-05-28 22:49 - 2013-05-28 22:49 - 00012432 ____A C:\Users\Eric\Desktop\attach.txt
2013-05-28 22:47 - 2013-05-28 22:47 - 00688992 ____R (Swearware) C:\Users\Eric\Downloads\dds.com
2013-05-28 21:27 - 2013-05-28 21:27 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Eric\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-28 21:27 - 2013-05-28 21:27 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-28 21:27 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-28 21:02 - 2013-05-28 21:02 - 05073758 ____A (Swearware) C:\Users\Eric\Downloads\ComboFix.exe
2013-05-28 20:55 - 2013-05-28 20:55 - 00000000 ___RD C:\Sandbox
2013-05-28 20:53 - 2013-05-28 21:03 - 00001606 ____A C:\Windows\Sandboxie.ini
2013-05-28 20:53 - 2013-05-28 20:53 - 00000896 ____A C:\Users\Eric\Desktop\Sandboxed Web Browser.lnk
2013-05-28 20:53 - 2013-05-28 20:53 - 00000000 ____D C:\Program Files\Sandboxie
2013-05-28 20:52 - 2013-05-28 20:52 - 02565392 ____A (SANDBOXIE L.T.D) C:\Users\Eric\Downloads\SandboxieInstall.exe
2013-05-28 00:10 - 2013-05-28 20:42 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-28 00:10 - 2013-05-28 00:10 - 00001922 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-05-28 00:10 - 2013-05-09 04:59 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-28 00:10 - 2013-05-09 04:59 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-28 00:10 - 2013-05-09 04:58 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-28 00:10 - 2013-05-09 04:58 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-28 00:09 - 2013-05-28 00:09 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-28 00:09 - 2013-05-28 00:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-28 00:08 - 2013-05-28 00:08 - 117478104 ____A C:\Users\Eric\Downloads\avast_free_antivirus_setup.exe
2013-05-28 00:03 - 2013-05-28 00:03 - 13475464 ____A (Microsoft Corporation) C:\Users\Eric\Downloads\mseinstall.exe
2013-05-27 02:08 - 2013-05-27 02:08 - 00000000 __SHD C:\found.000
2013-05-27 01:20 - 2013-05-28 21:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-27 01:20 - 2013-05-27 01:20 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Malwarebytes
2013-05-27 01:20 - 2013-05-27 01:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-25 01:07 - 2013-05-25 05:04 - 00001209 ____A C:\Users\Eric\Desktop\Table of Contents.html
2013-05-25 01:04 - 2013-05-25 01:04 - 00223590 ____A C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5252013 104 AM.zip
2013-05-24 01:33 - 2013-05-24 01:34 - 19088847 ____A C:\Users\Eric\Downloads\COMPTECH 3DS3 DATA STRUCTURES & ALGORITHMS content download 5242013 133 AM.zip
2013-05-24 01:31 - 2013-05-24 01:31 - 00000000 ____D C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5242013 130 AM
2013-05-24 01:30 - 2013-05-24 01:31 - 25046763 ____A C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5242013 130 AM.zip
2013-05-24 01:14 - 2013-05-24 01:14 - 00062712 ____A C:\Users\Eric\Downloads\ch03.zip
2013-05-24 01:14 - 2013-05-24 01:14 - 00047048 ____A C:\Users\Eric\Downloads\ch01.zip
2013-05-24 01:13 - 2013-05-24 01:13 - 07917405 ____A C:\Users\Eric\Downloads\handouts.zip
2013-05-20 22:20 - 2013-05-27 06:05 - 00000000 ____D C:\Users\Eric\Downloads\koda_1.7.3.0
2013-05-20 22:20 - 2013-05-20 22:20 - 01062299 ____A C:\Users\Eric\Downloads\koda_1.7.3.0.zip
2013-05-17 22:59 - 2013-05-17 22:59 - 00000000 ____D C:\Program Files (x86)\Minitab
2013-05-17 21:57 - 2013-05-17 22:55 - 00000000 ____D C:\Users\Eric\Downloads\Minitab v16.2.3 [Multi][WwW.LoKoTorrents.CoM]
2013-05-17 21:55 - 2013-05-17 21:55 - 00017130 ____A C:\Users\Eric\Downloads\[kat.ph]minitab.v16.2.3.multi.torrent
2013-05-17 00:05 - 2013-05-17 00:05 - 00000000 ____D C:\Users\Eric\Documents\My Games
2013-05-17 00:02 - 2013-05-17 00:02 - 00002106 ____A C:\Users\Public\Desktop\Path of Exile.lnk
2013-05-17 00:02 - 2013-05-17 00:02 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2013-05-17 00:01 - 2013-05-17 00:01 - 07032832 ____A C:\Users\Eric\Downloads\PathOfExileInstaller.msi
2013-05-16 22:28 - 2013-05-05 17:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 22:28 - 2013-05-05 17:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-16 22:28 - 2013-05-05 15:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-16 22:28 - 2013-05-05 15:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-16 22:27 - 2013-04-04 21:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-16 22:27 - 2013-04-04 21:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 22:27 - 2013-04-04 21:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-16 22:27 - 2013-04-04 21:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 22:27 - 2013-04-04 20:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-16 22:27 - 2013-04-04 20:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-16 22:27 - 2013-04-04 20:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 22:27 - 2013-04-04 20:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-16 22:27 - 2013-04-04 20:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 22:27 - 2013-04-04 20:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-16 22:27 - 2013-04-04 20:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-16 22:27 - 2013-04-04 20:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 22:27 - 2013-04-04 20:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-16 22:27 - 2013-04-04 20:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-16 22:27 - 2013-04-04 18:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 22:27 - 2013-04-04 18:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-16 22:27 - 2013-04-04 18:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-16 22:27 - 2013-04-04 18:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 22:27 - 2013-04-04 18:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-16 22:27 - 2013-04-04 18:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-16 22:27 - 2013-04-04 17:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 22:27 - 2013-04-04 17:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 22:27 - 2013-04-04 17:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-16 22:27 - 2013-04-04 17:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-16 22:27 - 2013-04-04 17:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 22:27 - 2013-04-04 17:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-16 22:27 - 2013-04-04 17:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-16 22:27 - 2013-04-04 17:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 22:28 - 2013-04-10 02:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 22:28 - 2013-04-10 02:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 22:28 - 2013-02-27 02:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 22:28 - 2013-02-27 01:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 22:28 - 2013-02-27 01:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 22:28 - 2013-02-27 01:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 22:28 - 2013-02-27 01:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 22:28 - 2013-02-27 00:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 22:28 - 2013-02-27 00:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 22:28 - 2013-02-27 00:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-15 22:28 - 2011-02-03 07:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 22:27 - 2013-04-09 23:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 22:27 - 2013-03-19 01:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 22:27 - 2013-03-19 01:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-11 15:04 - 2013-05-11 15:04 - 00000000 ____D C:\Users\Public\Games
2013-05-11 13:00 - 2013-05-11 13:00 - 01812872 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6 (1).exe
2013-05-10 23:17 - 2013-05-10 23:17 - 00027687 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6 (1).torrent
2013-05-10 23:16 - 2013-05-10 23:16 - 00027687 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6.torrent
2013-05-10 22:38 - 2013-05-10 22:38 - 01812872 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6.exe
2013-05-08 19:50 - 2013-05-08 19:50 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-05-08 19:50 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2013-05-08 19:49 - 2013-05-08 19:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-08 19:49 - 2013-05-08 19:50 - 00000000 ____D C:\Program Files\iTunes
2013-05-08 19:49 - 2013-05-08 19:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-08 19:49 - 2013-05-08 19:49 - 00000000 ____D C:\Program Files\iPod
2013-05-08 19:47 - 2013-05-08 19:47 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-05-08 19:47 - 2013-05-08 19:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-04-30 23:17 - 2013-05-06 20:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-04-30 22:31 - 2013-04-30 22:31 - 00000000 ____D C:\Users\Eric\Documents\Workspace
2013-04-29 20:34 - 2013-04-18 00:35 - 00000000 ____D C:\Users\Eric\Downloads\500+ Hacking Tutorials[Team Nanban][TPB]
2013-04-29 20:23 - 2013-05-28 07:25 - 06849509 ____A C:\Users\Eric\Downloads\500+ Hacking Tutorials[Team Nanban][TPB].rar
 
==================== One Month Modified Files and Folders =======
 
2013-05-29 22:37 - 2012-05-17 20:49 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2891775198-2259670834-2021801430-1000UA.job
2013-05-29 22:37 - 2012-05-17 20:49 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2891775198-2259670834-2021801430-1000Core.job
2013-05-29 22:33 - 2013-05-29 22:33 - 00354297 ____A (Farbar) C:\Users\Eric\Desktop\FSS.exe
2013-05-29 22:31 - 2013-05-29 22:31 - 01915774 ____A (Farbar) C:\Users\Eric\Desktop\FRST64.exe
2013-05-29 22:22 - 2011-08-01 15:22 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Skype
2013-05-29 22:21 - 2011-06-10 18:23 - 01359913 ____A C:\Windows\WindowsUpdate.log
2013-05-29 21:59 - 2012-04-10 00:31 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-29 19:48 - 2011-09-28 09:30 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Dropbox
2013-05-29 19:46 - 2011-09-28 09:31 - 00000000 ___RD C:\Users\Eric\Dropbox
2013-05-29 19:42 - 2013-05-29 19:42 - 00000397 ____A C:\Users\Eric\Downloads\fixlist.txt
2013-05-29 08:01 - 2013-05-29 08:01 - 00000000 ____D C:\FRST
2013-05-29 07:59 - 2012-05-29 22:23 - 00000434 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-05-29 07:50 - 2013-01-25 20:22 - 00000000 ____D C:\ProgramData\LogMeIn
2013-05-29 00:47 - 2013-05-29 00:47 - 00004608 ____A C:\Users\Eric\Downloads\lab1data.MTW
2013-05-29 00:44 - 2013-05-29 00:44 - 00000000 ____D C:\ProgramData\Minitab
2013-05-29 00:39 - 2013-05-29 00:39 - 00001888 ____A C:\Users\Public\Desktop\Minitab 16.lnk
2013-05-29 00:39 - 2013-05-29 00:39 - 00000000 ____D C:\ProgramData\FLEXnet
2013-05-29 00:38 - 2013-05-29 00:38 - 00021793 ____A C:\Windows\aksdrvsetup.log
2013-05-29 00:38 - 2013-05-29 00:38 - 00000000 ____D C:\Users\Eric\AppData\Local\SafeNet Sentinel
2013-05-29 00:38 - 2013-05-29 00:38 - 00000000 ____D C:\ProgramData\SafeNet Sentinel
2013-05-29 00:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\Setup
2013-05-29 00:37 - 2013-05-29 00:37 - 00000000 ____D C:\Windows\Downloaded Installations
2013-05-29 00:30 - 2013-05-29 00:30 - 00000183 ____A C:\Users\Eric\Downloads\100193753519 (1).sdx
2013-05-29 00:30 - 2013-01-01 22:35 - 00000000 ____A C:\Users\Eric\Downloads\SecureDownloadManager.log
2013-05-29 00:04 - 2013-05-29 00:04 - 00773120 ____A C:\Users\Eric\Downloads\SDM_EN (2).msi
2013-05-29 00:04 - 2013-05-29 00:04 - 00000183 ____A C:\Users\Eric\Downloads\100193753519.sdx
2013-05-28 22:49 - 2013-05-28 22:49 - 00024937 ____A C:\Users\Eric\Desktop\dds.txt
2013-05-28 22:49 - 2013-05-28 22:49 - 00012432 ____A C:\Users\Eric\Desktop\attach.txt
2013-05-28 22:47 - 2013-05-28 22:47 - 00688992 ____R (Swearware) C:\Users\Eric\Downloads\dds.com
2013-05-28 22:16 - 2009-07-14 01:13 - 00730596 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-28 22:16 - 2009-07-14 00:45 - 00017712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-28 22:16 - 2009-07-14 00:45 - 00017712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-28 22:09 - 2011-06-12 05:04 - 00045056 ____A C:\Windows\System32\acovcnt.exe
2013-05-28 22:08 - 2011-06-10 18:27 - 00029624 ____A C:\Windows\PFRO.log
2013-05-28 22:08 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-28 22:08 - 2009-07-14 00:51 - 00066504 ____A C:\Windows\setupact.log
2013-05-28 21:27 - 2013-05-28 21:27 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Eric\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-28 21:27 - 2013-05-28 21:27 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-28 21:27 - 2013-05-27 01:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-28 21:03 - 2013-05-28 20:53 - 00001606 ____A C:\Windows\Sandboxie.ini
2013-05-28 21:02 - 2013-05-28 21:02 - 05073758 ____A (Swearware) C:\Users\Eric\Downloads\ComboFix.exe
2013-05-28 20:55 - 2013-05-28 20:55 - 00000000 ___RD C:\Sandbox
2013-05-28 20:53 - 2013-05-28 20:53 - 00000896 ____A C:\Users\Eric\Desktop\Sandboxed Web Browser.lnk
2013-05-28 20:53 - 2013-05-28 20:53 - 00000000 ____D C:\Program Files\Sandboxie
2013-05-28 20:52 - 2013-05-28 20:52 - 02565392 ____A (SANDBOXIE L.T.D) C:\Users\Eric\Downloads\SandboxieInstall.exe
2013-05-28 20:42 - 2013-05-28 00:10 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-28 07:25 - 2013-04-29 20:23 - 06849509 ____A C:\Users\Eric\Downloads\500+ Hacking Tutorials[Team Nanban][TPB].rar
2013-05-28 00:10 - 2013-05-28 00:10 - 00001922 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-05-28 00:09 - 2013-05-28 00:09 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-28 00:09 - 2013-05-28 00:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-28 00:09 - 2011-06-10 19:32 - 00002115 ____A C:\Windows\epplauncher.mif
2013-05-28 00:08 - 2013-05-28 00:08 - 117478104 ____A C:\Users\Eric\Downloads\avast_free_antivirus_setup.exe
2013-05-28 00:03 - 2013-05-28 00:03 - 13475464 ____A (Microsoft Corporation) C:\Users\Eric\Downloads\mseinstall.exe
2013-05-27 06:05 - 2013-05-20 22:20 - 00000000 ____D C:\Users\Eric\Downloads\koda_1.7.3.0
2013-05-27 06:05 - 2013-01-25 20:22 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2013-05-27 06:05 - 2012-10-12 22:37 - 00000000 ____D C:\ProgramData\MySQL
2013-05-27 06:05 - 2012-05-17 21:05 - 00000000 ____D C:\Users\Eric\AppData\Roaming\uTorrent
2013-05-27 06:05 - 2011-11-02 23:56 - 00000000 ____D C:\Users\Eric\AppData\Local\Akamai
2013-05-27 06:05 - 2011-06-25 13:04 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-27 06:05 - 2011-06-12 20:01 - 00000000 __RHD C:\MSOCache
2013-05-27 06:05 - 2009-07-14 03:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-05-27 06:05 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-27 06:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\Msdtc
2013-05-27 06:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2013-05-27 06:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\AppCompat
2013-05-27 02:10 - 2011-06-10 18:23 - 00000000 ____D C:\users\Eric
2013-05-27 02:08 - 2013-05-27 02:08 - 00000000 __SHD C:\found.000
2013-05-27 01:20 - 2013-05-27 01:20 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Malwarebytes
2013-05-27 01:20 - 2013-05-27 01:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-25 05:04 - 2013-05-25 01:07 - 00001209 ____A C:\Users\Eric\Desktop\Table of Contents.html
2013-05-25 01:04 - 2013-05-25 01:04 - 00223590 ____A C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5252013 104 AM.zip
2013-05-24 01:34 - 2013-05-24 01:33 - 19088847 ____A C:\Users\Eric\Downloads\COMPTECH 3DS3 DATA STRUCTURES & ALGORITHMS content download 5242013 133 AM.zip
2013-05-24 01:31 - 2013-05-24 01:31 - 00000000 ____D C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5242013 130 AM
2013-05-24 01:31 - 2013-05-24 01:30 - 25046763 ____A C:\Users\Eric\Downloads\ENGTECH 3ST3 ENGINEERING STATISTICS content download 5242013 130 AM.zip
2013-05-24 01:14 - 2013-05-24 01:14 - 00062712 ____A C:\Users\Eric\Downloads\ch03.zip
2013-05-24 01:14 - 2013-05-24 01:14 - 00047048 ____A C:\Users\Eric\Downloads\ch01.zip
2013-05-24 01:13 - 2013-05-24 01:13 - 07917405 ____A C:\Users\Eric\Downloads\handouts.zip
2013-05-20 22:20 - 2013-05-20 22:20 - 01062299 ____A C:\Users\Eric\Downloads\koda_1.7.3.0.zip
2013-05-17 22:59 - 2013-05-17 22:59 - 00000000 ____D C:\Program Files (x86)\Minitab
2013-05-17 22:55 - 2013-05-17 21:57 - 00000000 ____D C:\Users\Eric\Downloads\Minitab v16.2.3 [Multi][WwW.LoKoTorrents.CoM]
2013-05-17 21:55 - 2013-05-17 21:55 - 00017130 ____A C:\Users\Eric\Downloads\[kat.ph]minitab.v16.2.3.multi.torrent
2013-05-17 13:28 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-05-17 00:05 - 2013-05-17 00:05 - 00000000 ____D C:\Users\Eric\Documents\My Games
2013-05-17 00:02 - 2013-05-17 00:02 - 00002106 ____A C:\Users\Public\Desktop\Path of Exile.lnk
2013-05-17 00:02 - 2013-05-17 00:02 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2013-05-17 00:01 - 2013-05-17 00:01 - 07032832 ____A C:\Users\Eric\Downloads\PathOfExileInstaller.msi
2013-05-16 22:39 - 2012-05-17 21:06 - 00000000 ____D C:\Program Files (x86)\uTorrent
2013-05-16 22:39 - 2012-05-15 22:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-16 22:39 - 2009-07-14 00:45 - 05230120 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-16 22:33 - 2011-06-12 20:21 - 00000039 ____A C:\Windows\vbaddin.ini
2013-05-16 22:33 - 2011-06-12 20:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 22:33 - 2011-06-11 12:14 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-14 22:59 - 2012-04-10 00:31 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-14 22:59 - 2011-06-10 18:57 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-11 15:05 - 2011-06-11 12:26 - 00100697 ____A C:\Windows\DirectX.log
2013-05-11 15:04 - 2013-05-11 15:04 - 00000000 ____D C:\Users\Public\Games
2013-05-11 13:52 - 2011-06-26 14:53 - 00000000 ____D C:\Users\Eric\AppData\Roaming\Apple Computer
2013-05-11 13:51 - 2011-06-26 14:53 - 00000000 ____D C:\Users\Eric\AppData\Local\Apple Computer
2013-05-11 13:00 - 2013-05-11 13:00 - 01812872 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6 (1).exe
2013-05-10 23:17 - 2013-05-10 23:17 - 00027687 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6 (1).torrent
2013-05-10 23:16 - 2013-05-10 23:16 - 00027687 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6.torrent
2013-05-10 22:38 - 2013-05-10 22:38 - 01812872 ____A C:\Users\Eric\Downloads\Neverwinter_NW.1.20130416a.6.exe
2013-05-09 04:59 - 2013-05-28 00:10 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-09 04:59 - 2013-05-28 00:10 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-09 04:58 - 2013-05-28 00:10 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-09 04:58 - 2013-05-28 00:10 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-08 19:51 - 2011-06-26 14:52 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-05-08 19:50 - 2013-05-08 19:50 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-05-08 19:50 - 2013-05-08 19:49 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-08 19:50 - 2013-05-08 19:49 - 00000000 ____D C:\Program Files\iTunes
2013-05-08 19:50 - 2013-05-08 19:49 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-08 19:49 - 2013-05-08 19:49 - 00000000 ____D C:\Program Files\iPod
2013-05-08 19:47 - 2013-05-08 19:47 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-05-08 19:47 - 2013-05-08 19:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-06 20:20 - 2013-04-30 23:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-06 20:20 - 2013-03-08 02:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2013-05-06 20:18 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-05-05 17:36 - 2013-05-16 22:28 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-05 17:16 - 2013-05-16 22:28 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-05 15:25 - 2013-05-16 22:28 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-05 15:12 - 2013-05-16 22:28 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-02 22:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\System32\NDF
2013-05-02 02:06 - 2011-06-10 18:35 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-04-30 22:31 - 2013-04-30 22:31 - 00000000 ____D C:\Users\Eric\Documents\Workspace
2013-04-30 22:16 - 2013-02-01 02:19 - 00000000 ____D C:\ProgramData\Visual CertExam Suite
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
Last Boot: 2013-05-25 00:07
 
==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-05-2013
Ran by Eric at 2013-05-29 08:04:00 Run:
Running from C:\Users\Eric\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
µTorrent (Version: 3.3.0.29625)
Active@ ISO Burner (Version: 2.5.1)
Adobe AIR (Version: 3.5.0.1060)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.7) (Version: 10.1.7)
Adobe Shockwave Player 11.6 (Version: 11.6.0.626)
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0051)
ATK Media (Version: 2.0.0005)
ATKOSD2 (Version: 7.0.0005)
AutoIt v3.3.6.1
avast! Free Antivirus (Version: 8.0.1489.0)
AviSynth 2.5
Bonjour (Version: 3.0.0.10)
Bootstrapper (Version: 1.1.2.0)
CDDRV_Installer (Version: 4.60)
Core Temp version 0.99.7 (Version: 0.99.7)
Counter-Strike
Counter-Strike: Global Offensive Beta
CPUID CPU-Z 1.57.1
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.47.1.0333)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
DivX Web Player (Version: 1.5.0)
Dropbox (Version: 1.6.18)
erLT (Version: 1.20.0137)
ffdshow v1.1.3572 [2010-09-13] (Version: 1.1.3572.0)
FXCM Trading Station (Version: 011212)
Google Chrome (Version: 27.0.1453.94)
Haali Media Splitter
HP Officejet 6500 E710n-z Basic Device Software (Version: 22.50.231.0)
HP Officejet 6500 E710n-z Help (Version: 140.0.2.2)
iCloud (Version: 2.1.2.8)
ImgBurn (Version: 2.5.5.0)
iPhone Backup Extractor (Version: 3.3.9.0)
iTunes (Version: 11.0.2.26)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
Java™ 7 (64-bit) (Version: 7.0.0)
Junk Mail filter update (Version: 15.4.3502.0922)
KhalInstallWrapper (Version: 2.00.0000)
K-Lite Codec Pack 7.1.0 (Full) (Version: 7.1.0)
Logitech SetPoint (Version: 4.80)
LogMeIn (Version: 4.1.2634)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 1.1.500.0)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Project MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Hotmail Connector 64-bit (Version: 14.0.6123.5001)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (Version: 14.0.5120.5000)
Microsoft Press Training Kit Exam Prep Suite A+ 220-801, 220-802 (Version: 1.0.0)
Microsoft Project 2010 Service Pack 1 (SP1)
Microsoft Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Professional 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Minitab 16 (Version: 16.2.4)
Minitab Software Update Manager (Version: 1.1.0.0)
Minitab16 (Version: 16.2.4.1)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MySQL Server 5.5 (Version: 5.5.15)
MySQL Tools for 5.0 (Version: 5.0.17)
MySQL Workbench 5.2 CE (Version: 5.2.44)
Nmap 5.51
NVIDIA Drivers (Version: 1.5)
Path of Exile (Version: 0.10.8.24753)
PDF Settings CS5 (Version: 10.0)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.73.80.64)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Realtek High Definition Audio Driver (Version: 6.0.1.5928)
Remote Mouse version 1.09 (Version: 1.09)
Sandboxie 3.76 (64-bit) (Version: 3.76)
Secure Download Manager (Version: 3.1.0)
Skype™ 6.3 (Version: 6.3.105)
SoftwareManager (Version: 1.1.0.0)
StarCraft II (Version: 1.5.1.22763)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 13.2.6.1)
TeamViewer 7 (Version: 7.0.14563)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual CertExam Suite
VLC media player 1.1.10 (Version: 1.1.10)
Winamp (Version: 5.621 )
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
Wireless Console 3 (Version: 3.0.10)
Wireshark 1.6.4 (Version: 1.6.4)
 
==================== Restore Points  =========================
 
16-03-2012 22:06:55 Windows Update
25-03-2012 05:25:00 Windows Update
15-05-2012 00:20:09 Windows Update
15-05-2012 03:00:16 Windows Update
27-05-2013 06:11:42 Windows Update
28-05-2013 04:09:38 avast! Free Antivirus Setup
29-05-2013 00:30:55 Windows Update
29-05-2013 02:36:58 Windows Backup
29-05-2013 04:37:54 MinitabCIA
29-05-2013 11:50:58 Windows Update
 
==================== Hosts content: ==========================
 
 
74.208.105.171 gs.apple.com
127.0.0.1 activate.adobe.com
 
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/29/2013 07:50:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21815430
 
Error: (05/29/2013 07:50:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21815430
 
Error: (05/29/2013 07:50:41 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/29/2013 07:50:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21814275
 
Error: (05/29/2013 07:50:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21814275
 
Error: (05/29/2013 07:50:40 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/29/2013 07:50:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21813074
 
Error: (05/29/2013 07:50:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21813074
 
Error: (05/29/2013 07:50:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/29/2013 07:50:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21812013
 
 
System errors:
=============
Error: (05/29/2013 07:59:38 AM) (Source: ipnathlp) (User: )
Description: 192.168.0.12192.168.137.0255.255.255.0
 
Error: (05/29/2013 07:59:38 AM) (Source: ipnathlp) (User: )
Description: 
 
Error: (05/29/2013 07:59:37 AM) (Source: ipnathlp) (User: )
Description: 0
 
Error: (05/28/2013 10:55:04 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (05/28/2013 10:35:28 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (05/28/2013 10:09:54 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (05/28/2013 10:08:51 PM) (Source: Service Control Manager) (User: )
Description: The P&E BDM Cable Driver II service failed to start due to the following error: 
%%2
 
Error: (05/28/2013 08:50:52 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (05/28/2013 08:35:45 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: 490@01010004
 
Error: (05/28/2013 00:47:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
 
Microsoft Office Sessions:
=========================
Error: (05/29/2013 07:50:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21815430
 
Error: (05/29/2013 07:50:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21815430
 
Error: (05/29/2013 07:50:41 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/29/2013 07:50:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21814275
 
Error: (05/29/2013 07:50:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21814275
 
Error: (05/29/2013 07:50:40 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/29/2013 07:50:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21813074
 
Error: (05/29/2013 07:50:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21813074
 
Error: (05/29/2013 07:50:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/29/2013 07:50:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21812013
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 66%
Total physical RAM: 4095.3 MB
Available physical RAM: 1379.64 MB
Total Pagefile: 8188.79 MB
Available Pagefile: 4084.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.69 GB) (Free:17.55 GB) NTFS (Disk=1 Partition=2)
Drive d: () (Fixed) (Total:298.09 GB) (Free:25 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: AFDA0808)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 3879CBF5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 

 

Farbar Service Scanner Version: 25-05-2013
Ran by Eric (administrator) on 29-05-2013 at 22:41:16
Running from "C:\Users\Eric\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 29 May 2013 - 09:59 PM

  1. Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST/FRST64 and press the Fix button just once and wait.
    If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Note: If the tool warned you about the outdated version please download and run the updated version.
     
  2. Please tell me if you can run Windows defender.

Attached Files



#9 asoft

asoft
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 29 May 2013 - 10:37 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-05-2013
Ran by Eric at 2013-05-29 23:30:24 Run:2
Running from C:\Users\Eric\Desktop
Boot Mode: Normal
==============================================
 
"c:\Program files\Windows Defender" => Deleting junctions and unlocking files completed successfully.
 
==== End of Fixlog ====

 

 

Thank you very much Farbar! Windows Defender is launching great. I've also verified the directory of Windows Defender and it no longer points to "C:\Windows\system32\config".

 

I definitely appreciate your help! You are an excellent contributor to this forum.



#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 30 May 2013 - 12:54 AM

It looks good and you are good to go. :thumbup2:

  • Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
    You may download both x32 and x64 versions of Java from http://www.java.com/en/download/manual.jsp

    Uninstall the following older Java:

    Java 7 Update 15
    Java™ 7 (64-bit) (Version: 6.0.290)


    Then install the downloaded Java versions.
     
  • Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    Run FRST/FRST64 and press the Fix button just once and wait.
    If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    We don't need the log any more.

    Note: If the tool warned you about the outdated version please download and run the updated version.
     
  • Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
     
  • You may delete any tool or log we used from your computer.
     
  • Remove the old restore points and create a new restore point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Setting a new restore point AFTER cleaning your system will enable your computer to "roll-back" to a clean working state if needed. :
    • Go to Start => Right-click "Computer" and select "Properties".
    • In the left pane select "System Protection".
    • Press "Configure".
    • Select "Delete". Then press "Continue" close and "OK".
    • Select your drive (drive C) and press "Create".
      Fill in a name for the restore point and press "Create".
      After finished press "Close".
  • Take care asoft. :)

Attached Files



#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 20,683 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 04 June 2013 - 08:16 AM

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users