Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Virus Disabled Anti-Virus?


  • This topic is locked This topic is locked
24 replies to this topic

#16 epzi10n

epzi10n
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 05 September 2013 - 02:16 PM

I am currently running Scans on my computer. I have been away a few days. Sorry! I will get the FRST scan to you asap.



BC AdBot (Login to Remove)

 


#17 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:48 PM

Posted 05 September 2013 - 07:15 PM

OK I will be waiting for it


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#18 epzi10n

epzi10n
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 05 September 2013 - 08:25 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-09-2013
Ran by WPEG (administrator) on TANNER-PC on 05-09-2013 18:23:30
Running from C:\Users\WPEG\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Sendori) C:\Program Files (x86)\Sendori\sndappv2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriUp.exe
(Akamai Technologies, Inc.) C:\Users\WPEG\AppData\Local\Akamai\netsession_win.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\WPEG\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\WPEG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\WPEG\AppData\Roaming\Dropbox\bin\Dropbox.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Sendori, Inc.) C:\Program Files (x86)\Sendori\SendoriTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(sendori) C:\Program Files (x86)\Sendori\Sendori.Service.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [NVRaidService] - C:\Windows\system32\nvraidservice.exe [291872 2009-06-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Zune Launcher] - c:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1807272 2013-07-26] (Valve Corporation)
HKCU\...\Run: [AdobeBridge] -  [x]
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\WPEG\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\WPEG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-29] (Spotify Ltd)
HKCU\...\Policies\Explorer: [NoDrives] 0
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2009-09-04] (cyberlink)
HKLM-x32\...\Run: [RemoteControl] - C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [87336 2009-04-16] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [62760 2009-04-16] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2013-03-06] ()
HKLM-x32\...\Run: [Sendori Tray] - C:\Program Files (x86)\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
Startup: C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\WPEG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
 
Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Java™ Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (WacomTabletPlugin) - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
CHR Plugin: (Google Update) - C:\Users\WPEG\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\WPEG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\WPEG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\WPEG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\WPEG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\WPEG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR Extension: (Gmail) - C:\Users\WPEG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\WPEG\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
CHR StartMenuInternet: Google Chrome - C:\Users\WPEG\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 Application Sendori; C:\Program Files (x86)\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4145600 2012-06-20] (INCA Internet Co., Ltd.)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [430080 2011-05-09] (PowerUp Software, LLC)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-11] ()
R2 Service Sendori; C:\Program Files (x86)\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)
R2 sndappv2; C:\Program Files (x86)\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)
 
==================== Drivers (Whitelisted) ====================
 
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [146928 2009-09-01] (CyberLink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [146928 2009-09-01] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 slb; \??\C:\AeriaGames\ScarletBlade\avital\scarlb64.sys [x]
S3 X6va006; \??\C:\Users\WPEG\AppData\Local\Temp\0062FD2.tmp [x]
S3 X6va008; \??\C:\Users\WPEG\AppData\Local\Temp\008C992.tmp [x]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hssdrv6.sys BBC89DA4065BDCE34257BE95B2F636EE
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys FC1D590039EF06A381768710E6C07E75
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28ux.sys 883269C1CA478658F1334F3C39B0C7AC
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 8FB3C853E886E1E4D57271672486111C
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040
C:\Windows\System32\DRIVERS\nvlddmkm.sys FCBA1C22727939E7CFF9EB08FE9692AB
C:\Windows\System32\DRIVERS\nvmf6264.sys C42C32BF90A78D72D4B7C144FF907FB6
C:\Windows\System32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\System32\DRIVERS\nvrd64.sys 694F5E9D9D624D47F432F5B2E66A0528
C:\Windows\System32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\DRIVERS\nvstor64.sys 05DE5DC43AFE6CAB78F9C7CA044CBCBE
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sbapifs.sys 8F19D62B04081C0BFF1E8D6F26220A28
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\taphss.sys B70DF208E97536CA9F29289E609F5B16
C:\Windows\System32\drivers\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\DRIVERS\tcpip.sys DB74544B75566C974815E79A62433F29
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys F724B03C3DFAACF08D17D38BF3333583
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacmoumonitor.sys FE75777289278A4941FE6139E82B3BD9
C:\Windows\System32\DRIVERS\wacommousefilter.sys E04D43C7D1641E95D35CAE6086C7E350
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomvhid.sys EC1CEB237E365330C1FCFC4876AA0AC0
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\drivers\WmBEnum.sys E7F4937B613B1E4294100C9D4EFC36A9
C:\Windows\System32\drivers\WmFilter.sys 6F6F2B263002B243D3501C7E6C8FC11D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\WmVirHid.sys 52B4FCC6AFAEC0FFD80BDA63F9B140CD
C:\Windows\System32\drivers\WmXlCore.sys 395B3E7FBA81BDC4501641B3B2CF2E20
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xnacc.sys 4A5CE13408945E525503B5F73D29B9C5
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B
C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl 74983ADDCA2D9618512C088D856D6615
C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl 74983ADDCA2D9618512C088D856D6615
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-09-05 12:11 - 2013-09-05 12:11 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2013-09-04 16:57 - 2013-09-04 16:57 - 05968682 _____ C:\Users\WPEG\Documents\2020presTannerRiles.pptx
2013-09-03 16:38 - 2013-09-03 16:39 - 12383696 _____ (Daring Development Inc.                                     ) C:\Users\WPEG\Downloads\Horizon.Setup.v2.7.1.4.exe
2013-09-03 16:38 - 2013-09-03 16:38 - 00000000 ____D C:\Users\WPEG\AppData\Local\Daring_Development_Inc
2013-09-03 16:38 - 2013-09-03 16:38 - 00000000 ____D C:\Program Files (x86)\Daring Development
2013-09-03 16:37 - 2013-09-03 16:37 - 01116952 _____ C:\Users\WPEG\Downloads\horizon setup.exe
2013-09-02 11:12 - 2013-09-02 11:12 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-09-02 11:11 - 2013-09-02 11:13 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Riot Games
2013-09-02 11:10 - 2013-09-02 11:10 - 32229024 _____ (Riot Games) C:\Users\WPEG\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2013-09-02 09:51 - 2013-09-02 09:51 - 00057625 _____ C:\Users\WPEG\Downloads\Erickson memories.zip
2013-09-02 09:51 - 2013-09-02 09:51 - 00049208 _____ C:\Users\WPEG\Downloads\Patti & Tom Mueller.vcf
2013-09-01 18:15 - 2013-09-01 18:17 - 82355459 _____ C:\Users\WPEG\Downloads\Amiandfriends.rar
2013-09-01 11:50 - 2013-09-01 12:26 - 00000000 ____D C:\Users\WPEG\Desktop\mbar
2013-09-01 11:50 - 2013-09-01 12:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-01 11:49 - 2013-09-01 11:49 - 12907592 _____ (Malwarebytes Corp.) C:\Users\WPEG\Downloads\mbar-1.07.0.1005.exe
2013-08-31 23:08 - 2013-08-31 23:08 - 00026408 _____ C:\ComboFix.txt
2013-08-31 20:07 - 2013-08-31 23:08 - 00000000 ____D C:\Qoobox
2013-08-31 20:07 - 2013-08-31 20:38 - 00000000 ____D C:\Windows\erdnt
2013-08-31 20:07 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-31 20:07 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-31 20:07 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-31 20:07 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-31 20:07 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-31 20:07 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-31 20:07 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-31 20:07 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-31 20:06 - 2013-08-31 20:07 - 05115930 ____R (Swearware) C:\Users\WPEG\Downloads\ComboFix.exe
2013-08-31 19:49 - 2013-08-31 19:49 - 00001778 _____ C:\Users\WPEG\Desktop\JRT.txt
2013-08-31 19:43 - 2013-08-31 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 19:41 - 2013-08-31 19:41 - 01027511 _____ (Thisisu) C:\Users\WPEG\Downloads\JRT.exe
2013-08-31 19:36 - 2013-08-31 19:37 - 00000000 ____D C:\AdwCleaner
2013-08-31 19:35 - 2013-08-31 19:36 - 00994642 _____ C:\Users\WPEG\Downloads\AdwCleaner.exe
2013-08-31 17:30 - 2013-08-31 17:30 - 00000000 ____D C:\Users\WPEG\SoundFX
2013-08-31 16:54 - 2013-09-01 10:56 - 00018364 _____ C:\Windows\PFRO.log
2013-08-30 12:09 - 2013-08-30 12:09 - 05893760 _____ (ParetoLogic, Inc.) C:\Users\WPEG\Downloads\RegCureProSetup_bing.exe
2013-08-30 11:57 - 2013-08-30 11:58 - 03191888 _____ (McAfee, Inc.) C:\Users\WPEG\Downloads\MCPR.exe
2013-08-30 11:56 - 2013-08-30 11:56 - 00000000 ____D C:\ProgramData\ErrorEND64
2013-08-30 11:55 - 2013-08-30 11:55 - 03891648 _____ C:\Users\WPEG\Downloads\ErrorEND_Installer.exe
2013-08-30 11:48 - 2013-09-05 12:30 - 00002028 _____ C:\Windows\setupact.log
2013-08-30 11:48 - 2013-08-30 11:48 - 00000000 _____ C:\Windows\setuperr.log
2013-08-30 10:58 - 2013-09-05 09:16 - 00012228 _____ C:\Windows\IE10_main.log
2013-08-29 23:09 - 2013-09-05 18:12 - 01056425 _____ C:\Windows\WindowsUpdate.log
2013-08-29 21:12 - 2013-08-29 21:12 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-29 21:12 - 2013-08-29 21:12 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Malwarebytes
2013-08-29 21:12 - 2013-08-29 21:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 21:12 - 2013-08-29 21:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 21:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-29 21:11 - 2013-08-29 21:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\WPEG\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 16:46 - 2013-08-29 16:46 - 00000397 _____ C:\Users\WPEG\Downloads\fixlist.txt
2013-08-29 13:47 - 2013-08-29 16:45 - 00000000 ____D C:\ProgramData\PC VITALWARE
2013-08-29 13:46 - 2013-08-29 13:46 - 06839184 _____ C:\Users\WPEG\Downloads\PCMRI_SM.exe
2013-08-29 13:46 - 2013-08-29 13:46 - 00000000 ____D C:\PCMRI_TMP
2013-08-29 13:29 - 2013-08-29 13:30 - 02113534 _____ C:\Users\WPEG\Documents\cc_20130829_132943.reg
2013-08-29 13:22 - 2013-08-29 13:22 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-29 13:22 - 2013-08-29 13:22 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-29 13:22 - 2013-08-29 13:22 - 00000000 ____D C:\Program Files\CCleaner
2013-08-29 13:21 - 2013-08-29 13:22 - 04454952 _____ (Piriform Ltd) C:\Users\WPEG\Downloads\ccsetup405.exe
2013-08-29 12:20 - 2013-08-29 16:51 - 00029971 _____ C:\Users\WPEG\Downloads\Addition.txt
2013-08-29 12:18 - 2013-08-31 16:56 - 00000000 ____D C:\FRST
2013-08-29 12:14 - 2013-08-29 12:14 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Define Ext
2013-08-29 12:12 - 2013-08-29 12:12 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Mozilla
2013-08-29 11:44 - 2013-08-29 11:44 - 00000000 ____D C:\Windows\system32\config\amd64
2013-08-29 11:44 - 2013-07-18 22:22 - 00185664 _____ (Microsoft Corporation) C:\Windows\system32\config\EppManifest.dll
2013-08-29 11:44 - 2013-07-18 20:25 - 00008864 _____ (Microsoft Corporation) C:\Windows\system32\config\setupres.dll
2013-08-27 08:50 - 2013-08-27 08:50 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Unity
2013-08-24 17:26 - 2013-08-24 17:26 - 00000000 ____D C:\ProgramData\dbg
2013-08-15 12:57 - 2013-08-15 12:57 - 00000000 ____D C:\Users\WPEG\Documents\ParentAudit
2013-08-14 22:30 - 2013-08-14 22:32 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 09:15 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 09:15 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 09:15 - 2013-07-18 18:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 09:15 - 2013-07-18 18:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 09:15 - 2013-07-08 23:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 09:15 - 2013-07-08 22:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 09:15 - 2013-07-08 22:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 09:15 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 09:15 - 2013-07-08 22:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 09:15 - 2013-07-08 22:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 09:15 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 09:15 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 09:15 - 2013-07-08 22:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 09:15 - 2013-07-08 22:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 09:15 - 2013-07-08 21:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 09:15 - 2013-07-08 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 09:15 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 09:15 - 2013-07-08 21:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 09:15 - 2013-07-08 21:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 09:15 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 09:15 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 09:15 - 2013-07-08 19:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 09:15 - 2013-07-08 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 09:15 - 2013-07-08 19:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 09:15 - 2013-07-08 19:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 09:15 - 2013-07-05 23:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 09:15 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-12 18:53 - 2013-08-12 18:53 - 00000928 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2013-08-12 18:52 - 2013-08-24 22:46 - 00000000 ____D C:\Users\WPEG\Documents\Guild Wars 2
2013-08-12 18:51 - 2013-08-12 18:52 - 22716480 _____ (ArenaNet) C:\Users\WPEG\Downloads\Gw2Setup.exe
 
==================== One Month Modified Files and Folders =======
 
2013-09-05 18:12 - 2013-08-29 23:09 - 01056425 _____ C:\Windows\WindowsUpdate.log
2013-09-05 18:01 - 2013-02-03 10:34 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-05 17:48 - 2011-03-24 19:23 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741429041-343856002-3516223799-1001UA.job
2013-09-05 17:26 - 2012-05-28 08:50 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-05 16:31 - 2013-02-03 11:17 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{13A230F0-C6CD-4AC9-B47F-62A0AFB987BF}
2013-09-05 13:11 - 2012-04-18 21:12 - 00000000 ____D C:\Users\WPEG\AppData\Local\LogMeIn Hamachi
2013-09-05 12:30 - 2013-08-30 11:48 - 00002028 _____ C:\Windows\setupact.log
2013-09-05 12:18 - 2009-07-13 21:45 - 00013472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-05 12:18 - 2009-07-13 21:45 - 00013472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-05 12:17 - 2013-09-05 12:16 - 01947160 _____ (Farbar) C:\Users\WPEG\Downloads\FRST64.exe
2013-09-05 12:11 - 2013-09-05 12:11 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2013-09-05 12:11 - 2013-07-08 14:30 - 00003138 _____ C:\Windows\System32\Tasks\FRAPS
2013-09-05 12:11 - 2012-10-03 10:08 - 00000000 ____D C:\ProgramData\Sendori
2013-09-05 12:11 - 2012-08-20 20:31 - 00000000 ___RD C:\Users\WPEG\Dropbox
2013-09-05 12:11 - 2012-08-20 20:29 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Dropbox
2013-09-05 12:11 - 2012-07-16 19:48 - 00000000 ____D C:\Fraps
2013-09-05 12:11 - 2011-06-11 15:48 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-05 12:11 - 2010-08-22 13:08 - 00000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-05 12:10 - 2013-02-03 10:34 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-05 12:10 - 2010-04-22 12:58 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-05 12:10 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-05 09:16 - 2013-08-30 10:58 - 00012228 _____ C:\Windows\IE10_main.log
2013-09-05 08:49 - 2010-05-02 17:35 - 00000000 ____D C:\Users\WPEG\AppData\Local\Adobe
2013-09-05 08:39 - 2013-07-04 12:54 - 00119296 _____ C:\Windows\SysWOW64\zlib.dll
2013-09-04 23:08 - 2013-07-29 19:10 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Spotify
2013-09-04 23:03 - 2013-07-29 19:11 - 00000000 ____D C:\Users\WPEG\AppData\Local\Spotify
2013-09-04 20:36 - 2012-05-12 14:33 - 00000000 ____D C:\Users\WPEG\AppData\Local\PMB Files
2013-09-04 19:48 - 2011-03-24 19:23 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741429041-343856002-3516223799-1001Core.job
2013-09-04 16:57 - 2013-09-04 16:57 - 05968682 _____ C:\Users\WPEG\Documents\2020presTannerRiles.pptx
2013-09-04 16:25 - 2009-07-13 22:13 - 00779266 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-03 20:49 - 2012-05-12 14:33 - 00000000 ____D C:\ProgramData\PMB Files
2013-09-03 16:39 - 2013-09-03 16:38 - 12383696 _____ (Daring Development Inc.                                     ) C:\Users\WPEG\Downloads\Horizon.Setup.v2.7.1.4.exe
2013-09-03 16:38 - 2013-09-03 16:38 - 00000000 ____D C:\Users\WPEG\AppData\Local\Daring_Development_Inc
2013-09-03 16:38 - 2013-09-03 16:38 - 00000000 ____D C:\Program Files (x86)\Daring Development
2013-09-03 16:37 - 2013-09-03 16:37 - 01116952 _____ C:\Users\WPEG\Downloads\horizon setup.exe
2013-09-03 14:49 - 2010-05-10 18:45 - 00000000 ____D C:\Users\WPEG\AppData\Local\Apps\2.0
2013-09-03 09:34 - 2010-09-12 23:08 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-09-03 08:32 - 2011-04-20 09:22 - 00000000 ____D C:\Users\WPEG\Documents\School
2013-09-02 11:13 - 2013-09-02 11:11 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Riot Games
2013-09-02 11:12 - 2013-09-02 11:12 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-09-02 11:12 - 2011-03-24 20:43 - 00000000 ____D C:\Riot Games
2013-09-02 11:10 - 2013-09-02 11:10 - 32229024 _____ (Riot Games) C:\Users\WPEG\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2013-09-02 09:51 - 2013-09-02 09:51 - 00057625 _____ C:\Users\WPEG\Downloads\Erickson memories.zip
2013-09-02 09:51 - 2013-09-02 09:51 - 00049208 _____ C:\Users\WPEG\Downloads\Patti & Tom Mueller.vcf
2013-09-01 18:17 - 2013-09-01 18:15 - 82355459 _____ C:\Users\WPEG\Downloads\Amiandfriends.rar
2013-09-01 16:46 - 2010-05-15 22:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-01 12:26 - 2013-09-01 11:50 - 00000000 ____D C:\Users\WPEG\Desktop\mbar
2013-09-01 12:26 - 2013-09-01 11:50 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-09-01 11:49 - 2013-09-01 11:49 - 12907592 _____ (Malwarebytes Corp.) C:\Users\WPEG\Downloads\mbar-1.07.0.1005.exe
2013-09-01 10:56 - 2013-08-31 16:54 - 00018364 _____ C:\Windows\PFRO.log
2013-08-31 23:08 - 2013-08-31 23:08 - 00026408 _____ C:\ComboFix.txt
2013-08-31 23:08 - 2013-08-31 20:07 - 00000000 ____D C:\Qoobox
2013-08-31 23:06 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini
2013-08-31 21:30 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Default
2013-08-31 20:38 - 2013-08-31 20:07 - 00000000 ____D C:\Windows\erdnt
2013-08-31 20:07 - 2013-08-31 20:06 - 05115930 ____R (Swearware) C:\Users\WPEG\Downloads\ComboFix.exe
2013-08-31 19:49 - 2013-08-31 19:49 - 00001778 _____ C:\Users\WPEG\Desktop\JRT.txt
2013-08-31 19:43 - 2013-08-31 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 19:41 - 2013-08-31 19:41 - 01027511 _____ (Thisisu) C:\Users\WPEG\Downloads\JRT.exe
2013-08-31 19:37 - 2013-08-31 19:36 - 00000000 ____D C:\AdwCleaner
2013-08-31 19:37 - 2013-04-05 22:14 - 00000000 ____D C:\ProgramData\Uniblue
2013-08-31 19:36 - 2013-08-31 19:35 - 00994642 _____ C:\Users\WPEG\Downloads\AdwCleaner.exe
2013-08-31 17:30 - 2013-08-31 17:30 - 00000000 ____D C:\Users\WPEG\SoundFX
2013-08-31 17:30 - 2010-04-22 12:30 - 00000000 ____D C:\Users\WPEG
2013-08-31 16:56 - 2013-08-29 12:18 - 00000000 ____D C:\FRST
2013-08-30 12:09 - 2013-08-30 12:09 - 05893760 _____ (ParetoLogic, Inc.) C:\Users\WPEG\Downloads\RegCureProSetup_bing.exe
2013-08-30 11:58 - 2013-08-30 11:57 - 03191888 _____ (McAfee, Inc.) C:\Users\WPEG\Downloads\MCPR.exe
2013-08-30 11:56 - 2013-08-30 11:56 - 00000000 ____D C:\ProgramData\ErrorEND64
2013-08-30 11:55 - 2013-08-30 11:55 - 03891648 _____ C:\Users\WPEG\Downloads\ErrorEND_Installer.exe
2013-08-30 11:48 - 2013-08-30 11:48 - 00000000 _____ C:\Windows\setuperr.log
2013-08-30 10:43 - 2013-07-30 11:51 - 00000000 ____D C:\Program Files (x86)\The Mighty Quest For Epic Loot
2013-08-30 10:42 - 2013-04-22 10:16 - 00000000 ____D C:\The Forge
2013-08-30 10:35 - 2011-03-24 19:28 - 00002057 _____ C:\Windows\epplauncher.mif
2013-08-30 10:23 - 2010-08-10 22:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-29 21:12 - 2013-08-29 21:12 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-29 21:12 - 2013-08-29 21:12 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Malwarebytes
2013-08-29 21:12 - 2013-08-29 21:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 21:12 - 2013-08-29 21:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-29 21:11 - 2013-08-29 21:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\WPEG\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 16:51 - 2013-08-29 12:20 - 00029971 _____ C:\Users\WPEG\Downloads\Addition.txt
2013-08-29 16:46 - 2013-08-29 16:46 - 00000397 _____ C:\Users\WPEG\Downloads\fixlist.txt
2013-08-29 16:45 - 2013-08-29 13:47 - 00000000 ____D C:\ProgramData\PC VITALWARE
2013-08-29 13:46 - 2013-08-29 13:46 - 06839184 _____ C:\Users\WPEG\Downloads\PCMRI_SM.exe
2013-08-29 13:46 - 2013-08-29 13:46 - 00000000 ____D C:\PCMRI_TMP
2013-08-29 13:30 - 2013-08-29 13:29 - 02113534 _____ C:\Users\WPEG\Documents\cc_20130829_132943.reg
2013-08-29 13:28 - 2012-09-08 15:54 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\TS3Client
2013-08-29 13:28 - 2010-04-28 10:09 - 00000000 ____D C:\Users\WPEG\AppData\Local\CrashDumps
2013-08-29 13:28 - 2010-04-22 13:19 - 00000000 ____D C:\Windows\Panther
2013-08-29 13:22 - 2013-08-29 13:22 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-29 13:22 - 2013-08-29 13:22 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-29 13:22 - 2013-08-29 13:22 - 00000000 ____D C:\Program Files\CCleaner
2013-08-29 13:22 - 2013-08-29 13:21 - 04454952 _____ (Piriform Ltd) C:\Users\WPEG\Downloads\ccsetup405.exe
2013-08-29 13:00 - 2012-08-24 08:51 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Skype
2013-08-29 12:33 - 2009-07-14 00:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-29 12:14 - 2013-08-29 12:14 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Define Ext
2013-08-29 12:14 - 2013-06-15 12:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-29 12:14 - 2011-03-24 19:28 - 00772990 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-29 12:12 - 2013-08-29 12:12 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Mozilla
2013-08-29 12:02 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-29 12:00 - 2013-07-28 16:05 - 00000000 ____D C:\Users\WPEG\Documents\Shadowrun Returns
2013-08-29 12:00 - 2013-07-16 13:00 - 00000000 ____D C:\Users\WPEG\Desktop\New folder
2013-08-29 12:00 - 2013-07-15 16:23 - 00000000 ____D C:\Users\WPEG\Desktop\FTB Server
2013-08-29 12:00 - 2013-07-15 16:08 - 00000000 ____D C:\Users\WPEG\Desktop\FTB
2013-08-29 12:00 - 2013-07-05 10:11 - 00000000 ____D C:\Users\WPEG\Desktop\New folder (2)
2013-08-29 12:00 - 2013-06-24 09:24 - 00000000 ____D C:\Users\WPEG\Desktop\OFF Translation v. 2.0
2013-08-29 12:00 - 2013-04-29 18:58 - 00000000 ____D C:\Users\WPEG\AppData\Local\Aeria Games
2013-08-29 12:00 - 2013-04-19 11:58 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\ftblauncher
2013-08-29 12:00 - 2013-04-01 08:31 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\.technic
2013-08-29 12:00 - 2013-03-28 23:36 - 00000000 ____D C:\Users\WPEG\Documents\Arma 3 Alpha Lite
2013-08-29 12:00 - 2013-03-13 20:26 - 00000000 ____D C:\Users\WPEG\Documents\StarCraft II
2013-08-29 12:00 - 2013-02-12 14:41 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2013-08-29 12:00 - 2012-11-15 16:22 - 00000000 ____D C:\Users\WPEG\Downloads\Skyrim
2013-08-29 12:00 - 2012-11-15 16:22 - 00000000 ____D C:\Users\WPEG\Downloads\API
2013-08-29 12:00 - 2012-11-03 20:27 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Rainmeter
2013-08-29 12:00 - 2012-10-27 12:33 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineHD.TV
2013-08-29 12:00 - 2012-10-03 10:09 - 00000000 ____D C:\Users\WPEG\AppData\Local\ezvid,_inc
2013-08-29 12:00 - 2012-10-03 10:08 - 00000000 ____D C:\Program Files (x86)\Sendori
2013-08-29 12:00 - 2012-09-08 15:56 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\ts3overlay
2013-08-29 12:00 - 2012-09-08 15:54 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-08-29 12:00 - 2012-08-20 20:30 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-08-29 12:00 - 2012-07-08 13:47 - 00000000 ____D C:\Users\WPEG\Downloads\SMCO
2013-08-29 12:00 - 2012-07-08 13:47 - 00000000 ____D C:\Users\WPEG\AppData\Local\SkyrimMTO
2013-08-29 12:00 - 2012-05-01 00:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-08-29 12:00 - 2012-02-13 17:59 - 00000000 ____D C:\Users\WPEG\AppData\Local\Black_Tree_Gaming
2013-08-29 12:00 - 2011-11-02 17:53 - 00000000 ____D C:\Users\WPEG\AppData\Local\Akamai
2013-08-29 12:00 - 2011-09-08 00:52 - 00000000 ____D C:\Users\WPEG\AppData\Local\backburner
2013-08-29 12:00 - 2011-08-25 15:09 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\ProtectDISC
2013-08-29 12:00 - 2011-06-26 22:53 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-08-29 12:00 - 2011-06-19 20:22 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-29 12:00 - 2011-05-05 18:09 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-08-29 12:00 - 2011-04-29 20:56 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Ventrilo
2013-08-29 12:00 - 2011-04-24 12:49 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\.minecraft
2013-08-29 12:00 - 2011-03-26 11:19 - 00000000 ___RD C:\Users\WPEG\Podcasts
2013-08-29 12:00 - 2011-03-25 14:06 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\GetRightToGo
2013-08-29 12:00 - 2011-03-24 19:28 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-08-29 12:00 - 2011-03-24 19:23 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-08-29 12:00 - 2010-08-10 22:32 - 00000000 ____D C:\Users\WPEG\AppData\Local\Microsoft Help
2013-08-29 12:00 - 2010-05-15 22:17 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\CyberLink
2013-08-29 12:00 - 2010-04-22 12:31 - 00000000 ___RD C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-29 12:00 - 2010-04-22 12:31 - 00000000 ___RD C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-08-29 12:00 - 2010-04-22 12:30 - 00000000 ___RD C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-08-29 12:00 - 2010-04-22 12:30 - 00000000 ___RD C:\Users\WPEG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-08-29 12:00 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2013-08-29 11:59 - 2013-07-15 16:14 - 00000000 ____D C:\Users\WPEG\Downloads\Ultimate
2013-08-29 11:59 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-08-29 11:58 - 2013-05-28 17:29 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\TERA
2013-08-29 11:58 - 2012-12-19 09:29 - 00000000 ____D C:\Users\WPEG\Documents\Tabletops
2013-08-29 11:58 - 2012-11-03 20:27 - 00000000 ____D C:\Users\WPEG\Documents\Rainmeter
2013-08-29 11:58 - 2011-08-26 12:51 - 00000000 ____D C:\Users\WPEG\Documents\Mudbox
2013-08-29 11:58 - 2011-06-25 14:26 - 00000000 ____D C:\Users\WPEG\Documents\My Games
2013-08-29 11:57 - 2012-08-27 12:28 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-08-29 11:57 - 2012-01-11 15:02 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\SecondLife
2013-08-29 11:57 - 2011-08-12 21:53 - 00000000 ____D C:\Users\WPEG\AppData\Local\Mozilla
2013-08-29 11:57 - 2011-08-08 18:17 - 00000000 ____D C:\Users\WPEG\AppData\Local\PunkBuster
2013-08-29 11:57 - 2011-05-29 01:29 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Loonies
2013-08-29 11:57 - 2010-04-22 13:03 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Macromedia
2013-08-29 11:57 - 2010-04-22 13:03 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Adobe
2013-08-29 11:57 - 2010-04-22 12:30 - 00000000 ____D C:\Users\WPEG\AppData\Local\VirtualStore
2013-08-29 11:56 - 2013-02-03 10:34 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-29 11:56 - 2011-09-04 15:25 - 00000000 ____D C:\Users\WPEG\AppData\Local\Autodesk
2013-08-29 11:56 - 2011-06-27 23:55 - 00000000 ____D C:\Users\WPEG\AppData\Local\CCP
2013-08-29 11:56 - 2011-03-24 19:23 - 00000000 ____D C:\Users\WPEG\AppData\Local\Google
2013-08-29 11:44 - 2013-08-29 11:44 - 00000000 ____D C:\Windows\system32\config\amd64
2013-08-27 08:50 - 2013-08-27 08:50 - 00000000 ____D C:\Users\WPEG\AppData\Roaming\Unity
2013-08-24 22:46 - 2013-08-12 18:52 - 00000000 ____D C:\Users\WPEG\Documents\Guild Wars 2
2013-08-24 17:26 - 2013-08-24 17:26 - 00000000 ____D C:\ProgramData\dbg
2013-08-20 15:26 - 2013-05-15 22:27 - 17139080 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-08-20 15:26 - 2012-05-28 08:50 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 15:26 - 2012-05-28 08:50 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-20 15:26 - 2011-06-15 22:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-19 08:33 - 2012-08-24 08:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-19 08:33 - 2012-08-24 08:51 - 00000000 ____D C:\ProgramData\Skype
2013-08-15 13:23 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-08-15 12:57 - 2013-08-15 12:57 - 00000000 ____D C:\Users\WPEG\Documents\ParentAudit
2013-08-14 22:32 - 2013-08-14 22:30 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 22:30 - 2010-04-22 12:57 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 14:00 - 2012-10-09 14:19 - 00000000 ____D C:\Users\WPEG\AppData\Local\Windows Live
2013-08-12 18:53 - 2013-08-12 18:53 - 00000928 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2013-08-12 18:52 - 2013-08-12 18:51 - 22716480 _____ (ArenaNet) C:\Users\WPEG\Downloads\Gw2Setup.exe
2013-08-12 13:30 - 2011-08-08 18:17 - 00298584 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-12 13:30 - 2011-08-08 18:03 - 00298584 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-12 13:30 - 2010-05-10 18:45 - 00000000 ____D C:\Users\WPEG\AppData\Local\Deployment
2013-08-11 20:59 - 2011-08-08 18:03 - 00298584 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-11 16:12 - 2011-08-08 18:03 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-11 11:57 - 2013-02-03 10:37 - 00000000 ___RD C:\Users\WPEG\Google Drive
 
Files to move or delete:
====================
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\kernel32.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\mfc90.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\mfc90u.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\mfcm90.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\mfcm90u.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\msvcp100.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\msvcr100.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\psapi.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\python27.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\pythoncom27.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\PyWinTypes27.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\shell32.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxbase294u_net_vc90.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxbase294u_vc90.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxmsw294u_adv_vc90.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxmsw294u_core_vc90.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxmsw294u_html_vc90.dll
C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxmsw294u_webview_vc90.dll
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {5d82f220-4e4c-11df-99a3-b99c7708c484}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {5d82f222-4e4c-11df-99a3-b99c7708c484}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {5d82f220-4e4c-11df-99a3-b99c7708c484}
nx                      OptIn
quietboot               Yes
 
Windows Boot Loader
-------------------
identifier              {5d82f222-4e4c-11df-99a3-b99c7708c484}
device                  ramdisk=[C:]\Recovery\5d82f222-4e4c-11df-99a3-b99c7708c484\Winre.wim,{5d82f223-4e4c-11df-99a3-b99c7708c484}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\5d82f222-4e4c-11df-99a3-b99c7708c484\Winre.wim,{5d82f223-4e4c-11df-99a3-b99c7708c484}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {5d82f220-4e4c-11df-99a3-b99c7708c484}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {5d82f223-4e4c-11df-99a3-b99c7708c484}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\5d82f222-4e4c-11df-99a3-b99c7708c484\boot.sdi
 
 
 
LastRegBack: 2013-09-01 12:21
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-09-2013
Ran by WPEG at 2013-09-05 18:24:48
Running from C:\Users\WPEG\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
   
7-Zip 9.20 (x32)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.7)
Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0)
Adobe Color EU Extra Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Recommended Settings (x32 Version: 1.0)
Adobe Community Help (x32 Version: 3.5.23)
Adobe Creative Suite 5.5 Design Standard (x32 Version: 5.5)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Photoshop CS3 (x32 Version: 10.0)
Adobe Reader XI (11.0.02) (x32 Version: 11.0.02)
Adobe Setup (x32 Version: 1.0)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
Akamai NetSession Interface (HKCU)
Akamai NetSession Interface Service (x32)
Apple Application Support (x32 Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Audiosurf (x32)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0)
Autodesk Backburner 2012.0.0 (x32 Version: 2012.0.0)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
Autodesk Material Library 2012 (x32 Version: 2.5.0.8)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8)
Autodesk Material Library Medium Resolution Image Library 2012 (x32 Version: 2.5.0.8)
Autodesk Mudbox 2012 64-bit - English (Version: 6.0.0.0)
Bamboo (Version: 5.2.5-5)
Bamboo Dock (x32 Version: 4.0)
Bamboo Dock (x32 Version: 4.1.0)
Bandisoft MPEG-1 Decoder (x32)
Belkin Setup and Router Monitor (x32)
Blacklight: Retribution (x32)
Bonjour (Version: 3.0.0.10)
Borderlands (x32)
BOSS (x32 Version: 2.1.1)
CCleaner (Version: 4.05)
Cisco Connect (x32 Version: 1.4.11350.0)
Composite 2012 64-bit (Version: 7.0.0)
CWA Reminder by We-Care.com v4.1.19.3 (x32 Version: 4.1.19.3)
CyberLink Hi-Def Suite (x32 Version: 5.0.1319)
CyberLink PowerDVD (x32 Version: 7.3.5711.0)
D3DX10 (x32 Version: 15.4.2368.0902)
DaeViewer (x32 Version: 1)
DaeViewer (x32 Version: v1)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Diablo III (x32 Version: 1.0.3.10485)
DivX Setup (x32 Version: 2.6.1.44)
Don't Starve (x32)
Dropbox (HKCU Version: 2.0.22)
Fraps (remove only) (x32)
Free MTS Converter (x32)
Game Dev Tycoon version 1.3.9 (x32 Version: 1.3.9)
Gear Up (x32)
Ghost Recon Online (NCSA-Live) (HKCU Version: 1.34.288.2)
Google Chrome (HKCU Version: 29.0.1547.66)
Google Drive (x32 Version: 1.11.4865.2530)
Google Update Helper (x32 Version: 1.3.21.153)
Guild Wars 2 (x32)
Horizon v2.7.1.4 (x32 Version: 2.7.1.4)
iTunes (Version: 11.0.2.26)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java™ 6 Update 25 (64-bit) (Version: 6.0.250)
Java™ 6 Update 37 (x32 Version: 6.0.370)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
Java™ SE Development Kit 7 Update 3 (64-bit) (Version: 1.7.0.30)
JavaFX 2.0.3 (64-bit) (Version: 2.0.3)
JavaFX 2.0.3 SDK (64-bit) (Version: 2.0.3)
Lagarith lossless video codec (Remove Only) (x32)
League of Legends (x32 Version: 1.3)
League of Legends (x32 Version: 3.0.0)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Magicka (x32)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3505.0912)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
NCSOFT Game Launcher (x32)
Nexon Game Manager (x32)
NVIDIA 3D Vision Controller Driver 310.90 (Version: 310.90)
NVIDIA 3D Vision Driver 311.06 (Version: 311.06)
NVIDIA Control Panel 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Graphics Driver 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Pando Media Booster (x32 Version: 2.6.0.7)
Path of Exile (x32 Version: 0.10.7.24409)
PDF Settings (x32 Version: 1.0)
PDF Settings CS5 (x32 Version: 10.0)
Phoenix Viewer 1.6.0.1691 (x32)
Photo Gallery (x32 Version: 16.4.3505.0912)
Pinnacle Game Profiler (x32 Version: 5.0.0)
Planescape Torment (x32)
PlanetSide 2 (x32)
PunkBuster Services (x32 Version: 0.993)
PVSonyDll (Version: 1.00.0001)
QuickTime (x32 Version: 7.69.80.9)
Sendori (x32 Version: 2.0.15)
Shadowrun Returns (x32)
Skype Click to Call (x32 Version: 6.11.13348)
Skype™ 6.3 (x32 Version: 6.3.105)
Source SDK Base 2007 (x32)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
SR4CharGen 0.4.0.0 (x32 Version: 0.4.0.0)
StarCraft II (x32 Version: 2.0.6.25180)
Steam (x32 Version: 1.0.0.0)
Team Fortress 2 (x32)
TeamSpeak 3 Client (x32 Version: 3.0.6)
Terraria (x32)
The Elder Scrolls V: Skyrim (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
us Mod Manager (Version: 0.45.2)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
WebTablet FB Plugin (x32 Version: 2.0.0.1)
WebTablet IE Plugin (x32 Version: 1.1.0.12)
WebTablet Netscape Plugin (x32 Version: 1.1.0.10)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
WinRAR 4.00 (32-bit) (x32 Version: 4.00.0)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)
 
==================== Restore Points  =========================
 
01-09-2013 07:21:26 Windows Update
01-09-2013 23:43:11 Removed League of Legends
02-09-2013 07:19:07 Windows Update
02-09-2013 18:12:20 Installed League of Legends
02-09-2013 18:13:01 Installed DirectX
02-09-2013 21:25:51 Windows Update
04-09-2013 06:15:29 Windows Update
04-09-2013 18:13:28 Windows Update
05-09-2013 07:10:06 Windows Update
05-09-2013 16:15:55 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 19:34 - 2013-08-31 21:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {04BF0354-0DDA-45F3-A817-372649B97391} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {0C900EBD-26C2-4CE5-99C9-DBE4F6C5C384} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2741429041-343856002-3516223799-1001UA => C:\Users\WPEG\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24] (Google Inc.)
Task: {15D677D7-1984-4CEA-AC65-764082A9093F} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {1E21CCCA-6459-41F7-B85E-8D30077BA7B2} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {25275888-0798-4F61-A94B-434396890498} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe
Task: {3358C2E5-7BFF-4A78-99A2-C3A608F15026} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4B38F43F-87B6-46C2-85EB-E3838BEABF88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {5AA4B4AE-CC4D-4EFB-A584-CA6F51FFF1A7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {61BB14DF-4377-4D96-A0DE-0C46F076F4E0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2741429041-343856002-3516223799-1001Core => C:\Users\WPEG\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24] (Google Inc.)
Task: {64C00F0A-2A8E-4B4D-928D-9EF0814CC4EA} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe
Task: {7885D4EA-2DCA-4838-A978-488E120364DB} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2012-08-22] (Beepa P/L)
Task: {8818781B-830E-4004-8765-DF2A72E2951A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {8F0AF305-922A-451A-801A-3B90F2EC7B2A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {93CE4DE8-875F-437D-B5C0-34FE5CE9B1D8} - System32\Tasks\User_Feed_Synchronization-{13A230F0-C6CD-4AC9-B47F-62A0AFB987BF} => C:\Windows\system32\msfeedssync.exe [2013-03-18] (Microsoft Corporation)
Task: {97400E22-FDA5-409F-AB54-C5C7BA2FD24A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {CE366546-D34C-4B73-8238-947C3CD8FF29} - System32\Tasks\{421C888A-6B58-45E3-A6EC-E6DBF0B8CB1F} => C:\Users\WPEG\Desktop\Adobe CS3\Setup.exe
Task: {CFAE3E74-4370-468D-B98C-CAE22276D38B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {F9AC1D83-05BB-41D5-B9D7-2022BB9CDFB8} - System32\Tasks\AdobeAAMUpdater-1.0-TANNER-PC-WPEG => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FFD8CD66-2F63-43C6-8B6F-49F7312D1792} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741429041-343856002-3516223799-1001Core.job => C:\Users\WPEG\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741429041-343856002-3516223799-1001UA.job => C:\Users\WPEG\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2009-07-13 17:22 - 2009-07-13 18:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2011-12-18 14:47 - 2011-09-08 18:48 - 01183096 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2011-12-18 14:47 - 2011-09-08 18:48 - 01665400 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.dll
2013-05-24 17:36 - 2013-05-24 17:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\WPEG\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-04-22 13:20 - 2009-06-30 17:37 - 00064032 _____ (NVIDIA Corporation) C:\Windows\System32\NvRaidSvENU.dll
2012-11-17 17:21 - 2013-01-18 08:00 - 04155680 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvUI.dll
2012-11-17 17:22 - 2012-12-29 03:34 - 00778680 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU64.DLL
2012-11-17 17:22 - 2012-12-29 03:34 - 03584440 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
2012-11-17 17:22 - 2012-12-29 03:34 - 00981432 _____ (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL
2013-02-26 00:32 - 2013-02-26 00:32 - 18055184 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2011-02-22 23:28 - 2010-11-20 06:27 - 01435648 _____ (Microsoft Corporation) C:\Windows\System32\Speech\Common\sapi.dll
2012-11-28 11:33 - 2012-10-16 00:39 - 00561664 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcLayers.DLL
2013-05-15 21:33 - 2013-04-12 21:45 - 02176512 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcGenral.DLL
2009-07-13 16:26 - 2009-07-13 18:14 - 00211968 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcXtrnal.DLL
2011-06-11 15:52 - 2013-08-28 14:47 - 00288680 _____ (Valve Corporation) C:\Program Files (x86)\Steam\crashhandler.dll
2011-06-11 15:52 - 2013-07-15 15:32 - 02895272 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steam.dll
2011-06-11 15:52 - 2013-08-28 14:47 - 10654632 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steamui.dll
2013-03-12 17:10 - 2013-08-21 15:18 - 00687104 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2011-06-11 15:52 - 2013-08-28 14:47 - 00263080 _____ (Valve Corporation) C:\Program Files (x86)\Steam\tier0_s.dll
2011-06-11 15:52 - 2013-08-28 14:47 - 00236456 _____ (Valve Corporation) C:\Program Files (x86)\Steam\vstdlib_s.dll
2011-06-11 15:52 - 2013-06-14 16:49 - 00122864 _____ (Valve) C:\Program Files (x86)\Steam\CSERHelper.dll
2013-05-07 14:30 - 2013-08-28 14:47 - 00169384 _____ (Valve Corporation) C:\Program Files (x86)\Steam\bin\filesystem_stdio.DLL
2011-07-13 13:38 - 2013-08-28 14:47 - 00694696 _____ (Valve Corporation) C:\Program Files (x86)\Steam\bin\vgui2_s.DLL
2011-07-13 13:38 - 2013-08-28 14:47 - 01120680 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2011-06-11 15:52 - 2013-08-07 12:31 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-16 22:26 - 2013-06-14 16:49 - 09955112 _____ (The ICU Project) C:\Program Files (x86)\Steam\bin\icudt.dll
2012-03-16 22:26 - 2013-06-14 16:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-16 22:26 - 2013-06-14 16:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-16 22:26 - 2013-06-14 16:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2011-06-11 15:52 - 2013-08-28 14:47 - 07745960 _____ (Valve Corporation) C:\Program Files (x86)\Steam\steamclient.dll
2011-06-11 15:52 - 2013-08-28 14:47 - 02449832 _____ (Valve Corporation) c:\program files (x86)\steam\bin\friendsui.DLL
2011-06-11 15:52 - 2013-08-28 14:47 - 01804712 _____ (Valve Corporation) c:\program files (x86)\steam\bin\serverbrowser.DLL
2012-11-13 16:32 - 2012-11-13 16:32 - 03558400 _____ (wxWidgets development team) C:\Users\WPEG\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 13:48 - 2013-03-13 13:48 - 24978944 _____ () C:\Users\WPEG\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 13:48 - 2013-03-13 13:48 - 09956864 _____ (The ICU Project) C:\Users\WPEG\AppData\Roaming\Dropbox\bin\icudt.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 02436608 _____ (Python Software Foundation) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\python27.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 00098816 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32api.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00110080 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\pywintypes27.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 00364544 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\pythoncom27.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 00044032 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\_socket.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 01153024 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\_ssl.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00320512 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32com.shell.shell.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00711680 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\_hashlib.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 01175040 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wx._core_.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 01985024 _____ (wxWidgets development team) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxbase294u_vc90.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 00154112 _____ (wxWidgets development team) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxbase294u_net_vc90.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 04598272 _____ (wxWidgets development team) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxmsw294u_core_vc90.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 01234944 _____ (wxWidgets development team) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxmsw294u_adv_vc90.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 00805888 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wx._gdi_.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00811008 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wx._windows_.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00595968 _____ (wxWidgets development team) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxmsw294u_html_vc90.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 01062400 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wx._controls_.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00735232 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wx._misc_.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00128512 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\_elementtree.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00127488 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\pyexpat.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00557056 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\pysqlite2._sqlite.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00087040 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\_ctypes.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00119808 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32file.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00108544 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32security.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00018432 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32event.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00038912 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32inet.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00122368 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wx._wizard.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00686080 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\unicodedata.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00026624 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\_multiprocessing.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00070656 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wx._html2.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00091648 _____ (wxWidgets development team) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\wxmsw294u_webview_vc90.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 00010240 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\select.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00025600 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32pdh.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00504832 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\windows._cacheinvalidation.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00421200 _____ (Microsoft Corporation) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\MSVCP100.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 00773968 _____ (Microsoft Corporation) C:\Users\WPEG\AppData\Local\Temp\_MEI50402\MSVCR100.dll
2013-09-05 12:11 - 2013-09-05 12:11 - 00011264 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32crypt.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00035840 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32process.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00017408 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32profile.pyd
2013-09-05 12:11 - 2013-09-05 12:11 - 00022528 _____ () C:\Users\WPEG\AppData\Local\Temp\_MEI50402\win32ts.pyd
2013-07-01 12:28 - 2013-07-01 12:28 - 00275744 _____ (Sendori, Inc.) C:\Program Files (x86)\Sendori\DynLib.dll
2012-08-22 05:20 - 2012-08-22 05:20 - 00233648 _____ (Beepa P/L) C:\Fraps\FRAPS32.DLL
2013-02-12 19:38 - 2013-02-12 19:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2010-03-15 16:57 - 2010-03-15 16:57 - 00053024 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01292136 _____ (The ICU Project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00923496 _____ (The ICU Project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 16303976 _____ (The ICU Project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2013-09-03 13:50 - 2013-09-02 13:34 - 47074256 _____ (Google Inc.) C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll
2013-09-03 13:50 - 2013-09-02 13:35 - 09962960 _____ (The ICU Project) C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll
2013-01-18 08:16 - 2013-01-18 08:16 - 01028648 _____ (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2013-09-03 13:50 - 2013-09-02 11:46 - 03231688 _____ (Microsoft Corporation) C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll
2013-09-03 13:50 - 2013-09-02 13:35 - 00709584 _____ () C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-03 13:50 - 2013-09-02 13:35 - 00099792 _____ () C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-03 13:50 - 2013-09-02 13:35 - 04053456 _____ () C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-03 13:50 - 2013-09-02 13:35 - 00410576 _____ () C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-03 13:50 - 2013-09-02 13:35 - 02110928 _____ (Google Inc.) C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll
2013-09-03 13:50 - 2013-09-02 13:35 - 01604560 _____ () C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-09-03 13:50 - 2013-09-02 13:35 - 13599184 _____ () C:\Users\WPEG\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) ==========
 
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/05/2013 03:16:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/04/2013 06:09:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/03/2013 09:27:22 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/02/2013 11:56:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/01/2013 07:00:03 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (09/01/2013 06:51:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/01/2013 00:21:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/31/2013 10:42:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (09/05/2013 04:11:21 PM) (Source: Service Control Manager) (User: )
Description: The Service Sendori service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (09/05/2013 00:13:23 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (09/05/2013 00:13:23 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (09/05/2013 00:11:33 PM) (Source: nvrd64) (User: )
Description: The driver detected a controller error on .
 
Error: (09/05/2013 00:11:21 PM) (Source: Service Control Manager) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/05/2013 09:16:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.
 
Error: (09/05/2013 08:42:14 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (09/05/2013 08:42:14 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (09/05/2013 08:40:42 AM) (Source: nvrd64) (User: )
Description: The driver detected a controller error on .
 
Error: (09/05/2013 08:40:13 AM) (Source: Service Control Manager) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (09/05/2013 03:16:34 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe
 
Error: (09/04/2013 06:09:45 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe
 
Error: (09/03/2013 09:27:22 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe
 
Error: (09/02/2013 11:56:14 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe
 
Error: (09/01/2013 07:00:03 PM) (Source: Windows Backup)(User: )
Description: I:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 
Error: (09/01/2013 06:51:35 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe
 
Error: (09/01/2013 00:21:12 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe
 
Error: (08/31/2013 10:42:55 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-31 20:55:51.842
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-31 20:55:51.733
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-31 20:55:51.608
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-31 20:55:51.514
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-31 20:17:26.049
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-08-31 20:17:25.940
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 39%
Total physical RAM: 8190.54 MB
Available physical RAM: 4976.07 MB
Total Pagefile: 16379.26 MB
Available Pagefile: 12930.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.42 GB) (Free:641.37 GB) NTFS
Drive d: (Jul 29 2013) (CDROM) (Total:0.69 GB) (Free:0.63 GB) UDF
Drive h: (TOSHIBA EXT) (Fixed) (Total:698.64 GB) (Free:697.33 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6872096D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 407641EA)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 



#19 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:48 PM

Posted 06 September 2013 - 09:43 AM

Hello

I would like you to download this file to the desktop and then I want you to right click on it and select Merge

Restart the computer and see if defender is working


http://download.bleepingcomputer.com/win-services/7/WinDefend.reg


William
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#20 epzi10n

epzi10n
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 08 September 2013 - 12:38 PM

It doesn't seem to have worked...



#21 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:48 PM

Posted 08 September 2013 - 08:29 PM


Hello epzi10n

I would like to see a report that combofix makes.

extra combofix report
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok
copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#22 epzi10n

epzi10n
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 11 September 2013 - 06:03 PM

7-Zip 9.20
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Community Help
Adobe Creative Suite 5.5 Design Standard
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Download Assistant
Adobe ExtendScript Toolkit 2
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader XI (11.0.02)
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Software Update
Audiosurf
Autodesk Backburner 2012.0.0
Autodesk Material Library 2012
Autodesk Material Library Base Resolution Image Library 2012
Autodesk Material Library Medium Resolution Image Library 2012
Bamboo Dock
Bandisoft MPEG-1 Decoder
Belkin Setup and Router Monitor
Blacklight: Retribution
Borderlands
BOSS
Cisco Connect
CWA Reminder by We-Care.com v4.1.19.3
CyberLink Hi-Def Suite
CyberLink PowerDVD
D3DX10
DaeViewer
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diablo III
DivX Setup
Don't Starve
Dropbox
Fraps (remove only)
Free MTS Converter
Game Dev Tycoon version 1.3.9
Gear Up
Ghost Recon Online (NCSA-Live)
Google Chrome
Google Drive
Google Update Helper
Guild Wars 2
Java 7 Update 25
Java Auto Updater
Java™ 6 Update 37
Lagarith lossless video codec (Remove Only)
League of Legends
LogMeIn Hamachi
Magicka
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Movie Maker
MSVCRT
MSVCRT110
NCSOFT Game Launcher
Nexon Game Manager
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Pando Media Booster
Path of Exile
PDF Settings
PDF Settings CS5
Phoenix Viewer 1.6.0.1691
Photo Common
Photo Gallery
Pinnacle Game Profiler
Planescape Torment
PlanetSide 2
PunkBuster Services
QuickTime
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Sendori
Shadowrun Returns
Skype Click to Call
Skype™ 6.3
Source SDK Base 2007
Spotify
SR4CharGen 0.4.0.0
StarCraft II
Steam
Team Fortress 2
TeamSpeak 3 Client
Terraria
The Elder Scrolls V: Skyrim
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
WebTablet FB Plugin
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.00 (32-bit)
 

Also, my FRAPS program seems to not be recording video.

THAT, or my computer isn't playing AVI files...



#23 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:48 PM

Posted 12 September 2013 - 11:20 AM


Hello

try reinstalling it and see what happens

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

Clean Out Temp Files
  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. default settings are fine
    • Click Run Cleaner.
    • Close CCleaner.
: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#24 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:48 PM

Posted 18 September 2013 - 01:51 AM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#25 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,362 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:06:48 PM

Posted 21 September 2013 - 12:44 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users