Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 SP1 problems and Email problems.


  • This topic is locked This topic is locked
36 replies to this topic

#1 dinovo

dinovo

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 23 June 2013 - 11:02 PM

Windows 7 SP1 problems and Email problems. Hello and thanks to  bleepingcomputer

I have very limited knowledge of computers and I need some help PLEASE

 

I have been having problems with my Yahoo! Email account for many months now, now unable to open or access email, and no help from Yahoo!

 

About 6 months ago Yahoo! Started making some changes to the account, changing pages, “Switch to the new Yahoo!7 Mail” I ignored because I did not want changes.

 

In the months after that I noticed some little glitches accessing account, then got worst, contacting yahoo did nothing, eventually not able to reed mail, I can sign-in, I have changed password, made no difference.

“Message Box” Network Error
Yahoo!7 Mail was unable to connect. Please reload the page
or verify that you network connection is active.

 

I am also unable to access PayPal account.

 

Usually I use IE Explorer, but when problems started I installed FireFox as well. Unable to access many sites with either browser, firefox shows a black blank page with a with pixel in the center for EBay, IE explorer shows blank page.

 

I have installed Uninstalled browsers a few times, made no difference problem continuously, there is a lot of traffic on internet and drive C:\ “Operating system”  works continuously even if I do not use internet for many hours.

 

 

With computer have had problems as well about same time,  scanned with many programs, “ spaybot, malwarebaytes, antivirus, Ect. No malware found, system slow.

 

For the last few days only.  

Tree 3, days ago, in the morning it will not come out of sleep mode, it starts and stops every 3-4 seconds, waited nearly 15 minutes no success, finally it re-started, and it restarted as normal but on completion of re-start all the programs and web page wore all there open like I did not re-start.

 

2 days ago same thing, only five minutes to re-start, and everything same as above.

 

This morning came out of sleep mode normal, I restarted my computer normal, and after the welcome screen there was nothing on screen, only the background picture of the screen, no Icon, Programs or folders, just blank, pressing any buttons on keyboard/mouse made no difference, I waited about 3 minutes and re-started.

 

“Second re-start”  I restarted the computer and after welcome screen it went black, (black screen) nothing on screen, I could only see the start button at the bottom of screen, I waited 3-4 minutes and I restarted.

 

This time it re-started successful.

Thanks again for any help

 

Mod Edit:  Moved from Win 7 to Malware Removal Logs, 5 Jul 2013 - Hamluis.


Edited by hamluis, 06 July 2013 - 05:21 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:04 AM

Posted 24 June 2013 - 05:13 PM

Please download MiniToolBox  , save it to your desktop and run it.

 

Checkmark the following checkboxes:

  List last 10 Event Viewer log

  List Installed Programs

  List Users, Partitions and Memory size.

 

Click Go and paste the content into your next post.

 

Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link.

 

Louis



#3 dinovo

dinovo
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 24 June 2013 - 06:59 PM

Dear hamluis

Thanks for your help, here are the attach.

Please note I have just changed Email address for you reply when I got you reply, I hope it will not cause you any problems, waiting for instructions

 

 

http://speccy.piriform.com/results/CvFK1pa33GQTRbuUzXhkx5K

 

 

MiniToolBox by Farbar  Version: 16-06-2013
Ran by Administrator (administrator) on 25-06-2013 at 09:27:39
Running from "C:\Users\Administrator\Desktop"
Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/25/2013 01:12:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/25/2013 01:10:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/24/2013 07:56:28 PM) (Source: Application Hang) (User: )
Description: The program gimp-2.8.exe version 2.8.4.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: a00

Start Time: 01ce70c0f26a1322

Termination Time: 0

Application Path: C:\Program Files\GIMP 2\bin\gimp-2.8.exe

Report Id: 52049b4c-dcb4-11e2-8267-001a4d5634f4

Error: (06/23/2013 10:36:53 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2013/06/23 22:36:53.845]: [00002192]: Initialize TwdsMain Class failed!

Error: (06/23/2013 10:36:53 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2013/06/23 22:36:53.845]: [00002192]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (06/23/2013 10:36:53 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2013/06/23 22:36:53.845]: [00002192]: GetDeviceList Failed! pStiInfo = 0x0..

Error: (06/23/2013 08:03:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: Paint Shop Pro 9.exe, version: 9.0.0.0, time stamp: 0x41210e3b
Faulting module name: MFC71.DLL, version: 7.10.3077.0, time stamp: 0x3e77fdfd
Exception code: 0xc0000005
Fault offset: 0x00013d23
Faulting process id: 0x1534
Faulting application start time: 0xPaint Shop Pro 9.exe0
Faulting application path: Paint Shop Pro 9.exe1
Faulting module path: Paint Shop Pro 9.exe2
Report Id: Paint Shop Pro 9.exe3

Error: (06/23/2013 11:03:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/23/2013 11:01:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/25/2013 09:20:17 AM) (Source: Service Control Manager) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
%%1058

Error: (06/25/2013 09:18:04 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (06/24/2013 05:34:21 PM) (Source: Service Control Manager) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
%%1058

Error: (06/24/2013 05:34:02 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:31:13 PM on ?6/?24/?2013 was unexpected.

Error: (06/24/2013 05:31:31 PM) (Source: Service Control Manager) (User: )
Description: The ESET Service service hung on starting.

Error: (06/24/2013 05:30:10 PM) (Source: Service Control Manager) (User: )
Description: The OO DiskImage service failed to start due to the following error:
%%1053

Error: (06/24/2013 05:30:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the OO DiskImage service to connect.

Error: (06/24/2013 05:29:35 PM) (Source: Service Control Manager) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
%%1058

Error: (06/24/2013 09:26:18 AM) (Source: Service Control Manager) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
%%1058

Error: (06/24/2013 09:26:04 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:23:32 AM on ?6/?24/?2013 was unexpected.


Microsoft Office Sessions:
=========================
Error: (05/23/2013 05:51:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6948 seconds with 4080 seconds of active time.  This session ended with a crash.

Error: (11/07/2012 05:42:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2382 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/05/2012 07:02:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 259458 seconds with 5760 seconds of active time.  This session ended with a crash.

Error: (07/30/2012 11:03:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 375 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (07/14/2012 04:56:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 69040 seconds with 3180 seconds of active time.  This session ended with a crash.

Error: (06/06/2012 10:13:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/02/2012 10:09:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 648 seconds with 300 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-06-21 17:42:54.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:25.463
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.558
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.480
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.261
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.027
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:04.949
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:04.856
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:04.731
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

ACDSee Pro 6 (Version: 6.2.212)
Acronis True Image Home 2011 (Version: 14.0.6696)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Premiere Pro CS3 r1 SDK (Version: 1.00.0000)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
AVI Slide Show 1.7.17.17 (Version: 1.7.17.17)
Blurity version 1.4.169 (Version: 1.4.169)
Brother MFL-Pro Suite MFC-790CW (Version: 1.0.1.0)
CameraHelperMsi (Version: 13.51.815.0)
CCleaner (Version: 3.24)
Corel WordPerfect Office - iFilter (Version: 1.00.000)
D3DX10 (Version: 15.4.2368.0902)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
EMCO Malware Destroyer 7
erLT (Version: 1.20.138.34)
ERUNT 1.1j
ESET NOD32 Antivirus (Version: 4.0.468.0)
Fastest Free YouTube Downloader to MP3 Converter (Version: 4.9)
Febooti fileTweak Hash and CRC (Version: 3.0.0)
ffdshow v1.2.4422 [2012-04-09] (Version: 1.2.4422.0)
Focus Magic 4.00 (Version: 4.00)
Freemake Video Converter version 4.0.1 (Version: 4.0.1)
Garmin Communicator Plugin (Version: 4.0.1)
Garmin USB Drivers (Version: 2.3.0.0)
GIMP 2.8.4 (Version: 2.8.4)
Google Update Helper (Version: 1.3.21.135)
HashCheck Shell Extension (x86-32) (Version: 2.1.11.1)
Jasc Animation Shop 3 (Version: 3.11)
Jasc Paint Shop Photo Album 5 (Version: 5.0.1)
Jasc Paint Shop Pro 9 (Version: 9.00.0000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 16.4.3505.0912)
Lightworks (Version: 11.0.3.0)
Logitech Webcam Software (Version: 2.51)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.51.827.0)
LWS Help_main (Version: 13.51.828.0)
LWS Launcher (Version: 13.51.828.0)
LWS Motion Detection (Version: 13.51.815.0)
LWS Pictures And Video (Version: 13.51.815.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Webcam Software (Version: 13.51.815.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 21.0 (x86 en-US) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nero 12 (Version: 12.0.03500)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp (Version: 12.0.6002)
Nero BackItUp Help (CHM) (Version: 12.0.8000)
Nero Blu-ray Player (Version: 12.0.17700)
Nero Blu-ray Player Help (CHM) (Version: 12.0.9000)
Nero Burning ROM (Version: 12.0.28001)
Nero Burning ROM Help (CHM) (Version: 12.0.3000)
Nero ControlCenter (Version: 11.0.15500)
Nero ControlCenter Help (CHM) (Version: 12.0.7000)
Nero Core Components (Version: 11.0.18900)
Nero Disc Menus Basic (Version: 12.0.11500)
Nero Effects Basic (Version: 12.0.11500)
Nero Express (Version: 12.0.28001)
Nero Express Help (CHM) (Version: 12.0.5000)
Nero Kwik Media (Version: 1.18.19600)
Nero Kwik Media Help (CHM) (Version: 12.0.7000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero PiP Effects Basic (Version: 12.0.11500)
Nero Recode (Version: 12.0.31001)
Nero Recode Help (CHM) (Version: 12.0.7000)
Nero RescueAgent (Version: 12.0.10002)
Nero RescueAgent Help (CHM) (Version: 12.0.7000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
Nero Video (Version: 12.0.8000)
Nero Video Help (CHM) (Version: 12.0.7000)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia PC Suite (Version: 7.1.62.1)
Nokia Software Updater (Version: 3.0.655)
NVIDIA Control Panel 307.83 (Version: 307.83)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 307.83 (Version: 307.83)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
O&O DiskImage Professional (Version: 7.0.144)
PaperPort Image Printer (Version: 1.00.0000)
Paradox
Paradox (Version: 11.4)
PC Connectivity Solution (Version: 11.5.29.0)
Photo Gallery (Version: 16.4.3505.0912)
PhotoPad Image Editor
Pixillion Image Converter
Prerequisite installer (Version: 12.0.0003)
Prism Video File Converter
PVSonyDll (Version: 1.00.0001)
Registry Mechanic 10.0 (Version: 10.0)
Sandboxie 3.52
ScanSoft PaperPort 11 (Version: 11.1.0000)
Skype™ 6.1 (Version: 6.1.129)
Software Remove Master v5.0.1.3
swMSM (Version: 12.0.0.1)
Universal Document Converter Server Edition (Version: 5.3)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoPad Video Editor
WavePad Sound Editor
Welcome App (Start-up experience) (Version: 12.0.15000)
Win7codecs (Version: 3.5.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows DVD Maker 3.9.4
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Wondershare Video Editor(Build 3.0.2)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 2.0)
WordPerfect Office X5 - Common (Version: 15.1)
Wordperfect Office X5 - EN (Version: 15.1)
WordPerfect Office X5 - Filters (Version: 15.1)
WordPerfect Office X5 - Graphics (Version: 15.1)
WordPerfect Office X5 - IPM (Version: 15.1)
WordPerfect Office X5 - LegalTools (Version: 15.1)
WordPerfect Office X5 - Migration Manager (Version: 15.1)
WordPerfect Office X5 - Oxford (Version: 15.1)
WordPerfect Office X5 - PerfectExperts EN (Version: 15.1)
WordPerfect Office X5 - PR (Version: 15.1)
WordPerfect Office X5 - QP (Version: 15.1)
WordPerfect Office X5 - Setup Files (Version: 15.1)
WordPerfect Office X5 - Sharepoint (Version: 15.1)
WordPerfect Office X5 - Skins (Version: 15.1)
WordPerfect Office X5 - System EN (Version: 15.0)
WordPerfect Office X5 - Templates (Version: 15.1)
WordPerfect Office X5 - WP (Version: 15.1)
WordPerfect Office X5 - WT (Version: 15.1)
WordPerfect Office X5 (Version: 15.0.0.431)
WordPerfect Office X5 (Version: 15.1)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 3582.49 MB
Available physical RAM: 2183.32 MB
Total Pagefile: 7163.27 MB
Available Pagefile: 5781.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.87 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:168 GB) (Free:97.87 GB) NTFS
3 Drive d: (Local Disk) (Fixed) (Total:130.09 GB) (Free:38.95 GB) NTFS
6 Drive g: (320D500GB) (Fixed) (Total:465.76 GB) (Free:221.04 GB) NTFS

========================= Users: ========================================

User accounts for \\KHAN

Administrator            Guest                    UpdatusUser              


**** End of log ****
 

 



#4 dinovo

dinovo
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 27 June 2013 - 06:10 PM

Dear hamluis

I have  posted to your replay several days ago

Can you Please advise if you intent to follow and help me on this topic??

thanks



#5 hamluis

hamluis

    Moderator


  • Moderator
  • 56,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:04 AM

Posted 28 June 2013 - 08:33 AM

You have a program, Freegate Professional, which appears to violate security measures imposed by properly authorized agencies protecting their license/property rights. 

 

Such acctivities are in violation of current forum rules:  ."No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences."

 

I suggest that you uninstall this program immediately.

 

 

 If you acquired this or any other program...via torrent or websites promoting illegal file-sharing...IMO, you have increased the likelihood of system infection.

 

A review of your Speccy data doesn't indicate any discernible problem with hardware or Windows.

 

Your TWN BrtTWN errors are related to your Brother product.

 

You have a variety of errors regarding applications...which may point to a damaged Windows installe, a damaged partition/file structure, or hard drive problems  I suggest that you download and run SeaTools For Windows, http://www.seagate.com/support/downloads/item/seatools-win-master/ .

 

User Guide, SeaTools For Windows

 

Please follow the directions for running the long diagnostic, nothing else.  Do this for each of your hard drives.

 

If you have been running the registry cleaner portion of CCleaner...please change the settings in that program so that you do not use it.  A registry cleaner may delete or damage key files in the registry...which could also contribute to system problems.

 

Registry Mechanic 10.0 (Version: 10.0) , I suggest you uninstall this and keep it removed from your system.

 

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons.  Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

 

Per http://en.wikipedia.org/wiki/Windows_Registry :   “The Windows registry stores all application settings in one logical repository (but a number of discrete files) and in a standardized form.  The registry contains important configuration information for the operating system, for installed applications as well as individual settings for each user and application. A careless change to the operating system configuration in the registry could cause irreversible damage, so it is usually only installer programs which perform changes to the registry database during installation/configuration and removal.  If a user wants to edit the registry manually, Microsoft recommends that a backup of the registry is performed before the change.  Editing the registry is sometimes necessary when working around Windows-specific issues e.g. problems when logging onto a domain can be resolved by editing the registry.  The Windows registry can be edited manually using programs such as regedit.exe, although these tools do not expose some of registry's metadata such as the last modified date.”

 

More per http://en.wikipedia.org/wiki/Registry_cleaner  :“A registry cleaner is a class of third party software utility designed for the Microsoft Windows operating system, whose purported purpose is to remove redundant items from the Windows registry.

 

Registry cleaners are not supported by Microsoft, but vendors of Registry cleaners claim that they are useful to repair inconsistencies arising from manual changes to applications, especially COM-based programs.  The necessity and usefulness of registry cleaners is a controversial topic, with experts in disagreement over their benefits. The problem is further clouded by the fact that malware and scareware are often associated with utilities of this type.

 

There is a popular misconception that the value of registry cleaning lies in reducing "registry bloat". Even a neglected registry will seldom contain more than two or three thousand redundant entries. Bearing in mind that the modern registry may contain more than a million entries, the elimination of two or three thousand will not save any noticeable amount of scanning time.  Some registry cleaners make no distinction as to the severity of the errors, and many that do may erroneously categorize errors as "critical" with little basis to support it. It.  Removing or changing certain registry data can prevent the system from starting, or cause application errors and crashes

 

A poorly-designed registry cleaner may not be equipped to know for sure whether a key is still being used by Windows or what detrimental effects removing it may have. This may lead to loss of functionality and/or system instability.  While it is true that some registry cleaners are safe, these cleaners do not improve performance. The rest are a mix of snake-oil, actual malware, or dangerously powerful tools unsuited to non-professionals.”

 

For the reasons pointed out above and others…BC does not encourage/suggest that any member employ…a registry cleaner/optimizer.

 

Louis



#6 dinovo

dinovo
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 29 June 2013 - 10:03 AM

Dear hamluis

Thanks for coming back and for the replay

 

 I installed Freegate Professional after I started having problems for the only reason that it changes the IP address avoiding malware infections, if it helps or not I haven’t determined.

 

I had no problem to remove this and anything that is considered or known to cause problems.

 

The problems with registry and faults, will it affect the opening of my email messages?

 

Also Emco Malware Destroyer the only program to detect this malware, it removes it on every scan but it is always there, I searched about it on Google, and seen the posts for this malware and what it does, can you Please advice if it is malware and how can I remove it

 

[EXISTS_REGKEY_HKLM]=\SYSTEM\CurrentControlSet\Services\ekrn

[EXISTS_FILE]=%appdata%\MusaLLaT.exe

 

I have scanned the hard drive with SeaTools, as you suggested, short scan and long scan, no problems from drivers, I had done the scan no long ago.

Thanks for your help



#7 hamluis

hamluis

    Moderator


  • Moderator
  • 56,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:04 AM

Posted 29 June 2013 - 05:23 PM

http://www.emsisoft.us/en/malware/Adware.Win32.EMCO_Malware_Destroyer-remove.aspx

 

I'll move this to the Am I Infected forum and they can further assist you :).

 

Registry problems...can affect any program, any data file, and Windows itself.  As for your email problems....sounds to me like that's between your ISP and you.  If it were me, I would do as the ISP suggests.

 

Louis



#8 dinovo

dinovo
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 30 June 2013 - 07:08 AM

Thanks hamluis
I'll wait and see if someone contacts me
Thanks for you help

Edited by Blade, 03 July 2013 - 04:46 PM.
Moved back to Windows 7, OP cleared of malware here: http://www.bleepingcomputer.com/forums/t/495277/i-am-infected-with-nmcwormwin32/page-4


#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,836 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:04 AM

Posted 03 July 2013 - 08:08 PM

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 dinovo

dinovo
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 04 July 2013 - 04:53 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Administrator (administrator) on 05-07-2013 07:48:04
Running from C:\Users\Administrator\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Protexis Inc.) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Dynamic Internet Technology, Inc.) F:\NEW PROGRAMS\PROXY\fg740p.exe
(Microsoft Corporation) C:\program files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\program files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\program files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [x]
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [29984 2007-10-11] (Nuance Communications, Inc.)
HKLM\...\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice [2054360 2013-06-09] (ESET)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKCU\...\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe" [405736 2011-01-13] (SANDBOXIE L.T.D)
HKCU\...\Run: [~rmvtxrr] F:\NEW PROGRAMS\PROXY\fg740p.exe [x]
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: 127.0.0.1:8580
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: msdaipp - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\cjawe3ub.default
FF Homepage: hxxp://google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

========================== Services (Whitelisted) =================

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [804528 2011-02-01] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2012-11-16] (Acronis)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [20680 2009-09-29] (ESET)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [4772144 2013-02-21] (O&O Software GmbH)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [69864 2011-01-13] (SANDBOXIE L.T.D)
R2 SgtSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [845808 2011-06-30] (Seagate)

==================== Drivers (Whitelisted) ====================

R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [365056 2012-08-07] (SafeNet Inc.)
R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [116008 2009-09-29] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [108792 2009-09-29] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [95896 2009-09-29] (ESET)
S3 gdrv; C:\Windows\gdrv.sys [15600 2013-06-15] (Windows ® 2000 DDK provider)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [605128 2012-09-27] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 nmwcdnsu; C:\Windows\System32\drivers\nmwcdnsu.sys [137600 2012-01-09] (Nokia)
S3 nmwcdnsuc; C:\Windows\System32\drivers\nmwcdnsuc.sys [8576 2012-01-09] (Nokia)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [21784 2011-08-01] (Microsoft Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [98064 2012-10-24] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [29456 2012-10-24] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [209168 2012-10-24] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [32528 2012-10-24] (O&O Software GmbH)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [16472 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [11104 2010-04-09] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [125672 2011-01-13] (SANDBOXIE L.T.D)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113104 2012-08-17] (Power Software Ltd)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [125472 2012-11-13] (Acronis)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [83392 2012-11-16] (Acronis)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2011-06-23] (Windows ® Win 7 DDK provider)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-05 07:47 - 2013-07-05 07:47 - 00000000 ____D C:\FRST
2013-07-05 07:45 - 2013-07-05 07:45 - 01373373 ____A (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2013-07-04 18:26 - 2013-07-04 22:06 - 00001975 ____A C:\Users\Public\Desktop\Lightworks (11.1).lnk
2013-07-04 18:26 - 2013-07-04 18:26 - 00000000 ____D C:\Users\Administrator\.MCReferenceSdk
2013-07-04 17:57 - 2013-07-04 22:06 - 00000000 ____D C:\Program Files\Lightworks
2013-07-04 10:01 - 2013-07-04 10:01 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2013-07-04 09:45 - 2013-05-13 14:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-07-04 09:45 - 2013-05-13 14:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-07-04 09:45 - 2013-05-13 14:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-07-04 09:45 - 2013-05-13 13:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-07-04 09:45 - 2013-05-13 13:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-07-04 09:45 - 2013-05-08 15:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-07-04 09:45 - 2013-05-06 15:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-07-04 09:45 - 2013-05-06 15:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-07-04 09:45 - 2013-04-26 14:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-07-04 09:45 - 2013-04-10 15:18 - 00728424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-07-04 09:45 - 2013-04-10 15:18 - 00218984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-07-04 09:45 - 2013-04-10 13:14 - 02347520 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-04 09:45 - 2013-02-27 15:05 - 00101720 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-07-04 09:45 - 2013-02-27 14:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-07-04 09:45 - 2013-02-27 14:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-07-04 09:45 - 2013-02-27 14:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-07-04 09:45 - 2013-02-27 14:49 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-07-04 09:03 - 2013-07-04 09:04 - 08990552 ____A (Microsoft Corporation) C:\Users\Administrator\Desktop\vcredist_x86.exe
2013-07-04 01:33 - 2013-07-04 18:26 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2013-07-04 01:33 - 2013-07-04 01:33 - 00000000 ____D C:\ProgramData\Geevs
2013-07-04 00:09 - 2013-07-04 00:10 - 00000000 ____D C:\Program Files\QuickTime
2013-07-04 00:09 - 2013-07-04 00:09 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-07-04 00:09 - 2013-07-04 00:09 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-04 00:08 - 2013-07-04 00:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-04 00:07 - 2013-07-04 00:07 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apple
2013-07-04 00:07 - 2013-07-04 00:07 - 00000000 ____D C:\ProgramData\Apple
2013-07-04 00:07 - 2013-07-04 00:07 - 00000000 ____D C:\Program Files\Apple Software Update
2013-07-03 11:57 - 2013-07-04 10:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-30 08:09 - 2013-06-30 08:09 - 00015682 ____A C:\Users\Administrator\Downloads\fghelp_en.htm
2013-06-28 22:02 - 2013-06-28 22:02 - 00057069 ____A C:\Users\Administrator\Downloads\Instagram Tips Combining Multiple Photos - Instagram Blog.htm
2013-06-28 22:02 - 2013-06-28 22:02 - 00000000 ____D C:\Users\Administrator\Downloads\Instagram Tips Combining Multiple Photos - Instagram Blog_files
2013-06-28 21:34 - 2013-06-28 21:34 - 00035730 ____A C:\Users\Administrator\Downloads\How to Combine PDF Files OS X for Free.htm
2013-06-28 21:34 - 2013-06-28 21:34 - 00000000 ____D C:\Users\Administrator\Downloads\How to Combine PDF Files OS X for Free_files
2013-06-28 21:33 - 2013-06-28 21:38 - 36260680 ____A (iSkysoft Studio                                             ) C:\Users\Administrator\Downloads\pdf-editor_full1281.exe
2013-06-28 21:32 - 2013-06-28 21:32 - 00050872 ____A C:\Users\Administrator\Downloads\How to Combine Multiple PDF Files on Mac Seamlessly.html
2013-06-28 21:32 - 2013-06-28 21:32 - 00000000 ____D C:\Users\Administrator\Downloads\How to Combine Multiple PDF Files on Mac Seamlessly_files
2013-06-28 21:17 - 2013-06-28 21:17 - 00601938 ____A C:\Users\Administrator\Downloads\Photoscape Easiest Way to Combine Multiple Photos - Images.mht
2013-06-28 21:05 - 2013-06-28 21:15 - 89111376 ____A (Apple Inc.) C:\Users\Administrator\Downloads\iTunesSetup.exe
2013-06-27 22:56 - 2013-06-27 23:01 - 10328776 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\irfanview_plugins_435_setup 2.exe
2013-06-27 22:23 - 2013-06-27 22:23 - 00001876 ____A C:\Users\Administrator\Desktop\IrfanView Thumbnails.lnk
2013-06-27 22:23 - 2013-06-27 22:23 - 00000996 ____A C:\Users\Administrator\Desktop\IrfanView.lnk
2013-06-27 22:23 - 2013-06-27 22:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IrfanView
2013-06-27 22:23 - 2013-06-27 22:23 - 00000000 ____D C:\Program Files\IrfanView
2013-06-27 18:15 - 2013-06-27 18:15 - 00000000 ____A C:\Users\Administrator\Downloads\Paint Joiner.zip.wn5xhvb.partial
2013-06-27 18:07 - 2013-06-27 18:07 - 00000537 ____A C:\Users\Administrator\Downloads\IrfanView hash .txt
2013-06-27 17:53 - 2013-06-27 17:53 - 01646288 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\iview435_setup (2).exe
2013-06-27 17:48 - 2013-06-27 17:48 - 01646288 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\ifranview_4.35.exe
2013-06-27 17:47 - 2013-06-27 17:47 - 01646288 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\iview435_setup (1).exe
2013-06-27 17:37 - 2013-06-27 17:37 - 00067347 ____A C:\Users\Administrator\Downloads\Irfanview - Official Italian Mirror  Domande e Riposte (guida ad Irfanview).htm
2013-06-27 17:37 - 2013-06-27 17:37 - 00000000 ____D C:\Users\Administrator\Downloads\Irfanview - Official Italian Mirror  Domande e Riposte (guida ad Irfanview)_files
2013-06-27 17:36 - 2013-06-27 17:36 - 01646288 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\iview435_setup.exe
2013-06-27 14:32 - 2013-06-27 14:38 - 09963537 ____A C:\Users\Administrator\Downloads\irfanview_plugins_435.zip
2013-06-27 14:19 - 2013-06-27 14:30 - 10328776 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\irfanview_plugins_435_setup.exe
2013-06-27 14:10 - 2013-06-27 14:10 - 00107859 ____A C:\Users\Administrator\Downloads\Irfanview _ Downloads @ PC-Intern.com.htm
2013-06-27 14:10 - 2013-06-27 14:10 - 00000000 ____D C:\Users\Administrator\Downloads\Irfanview _ Downloads @ PC-Intern.com_files
2013-06-27 14:08 - 2013-06-27 14:08 - 08034304 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\irfanview_plugins_430_setup.exe
2013-06-27 00:42 - 2013-06-27 00:42 - 00023493 ____A C:\Users\Administrator\Desktop\Adobe Photoshop Lightroom 5_0 Final [H33T] - torrent download.htm
2013-06-27 00:42 - 2013-06-27 00:42 - 00000000 ____D C:\Users\Administrator\Desktop\Adobe Photoshop Lightroom 5_0 Final [H33T] - torrent download_files
2013-06-27 00:27 - 2013-06-27 00:27 - 00023487 ____A C:\Users\Administrator\Desktop\Download Adobe Photoshop Lightroom 5_0 Final (32 bit) [ChingLiu] Torrent  1337x_org.htm
2013-06-27 00:27 - 2013-06-27 00:27 - 00000000 ____D C:\Users\Administrator\Desktop\Download Adobe Photoshop Lightroom 5_0 Final (32 bit) [ChingLiu] Torrent  1337x_org_files
2013-06-26 22:36 - 2013-06-26 22:36 - 00067092 ____A C:\Users\Administrator\Desktop\Can You Fix a Blurry Picture.htm
2013-06-26 22:35 - 2013-06-26 22:36 - 00000000 ____D C:\Users\Administrator\Desktop\Can You Fix a Blurry Picture_files
2013-06-26 22:24 - 2013-06-26 22:24 - 00064582 ____A C:\Users\Administrator\Desktop\Making Your Digital Photo Look Like Film in photoshop.htm
2013-06-26 22:24 - 2013-06-26 22:24 - 00000000 ____D C:\Users\Administrator\Desktop\Making Your Digital Photo Look Like Film in photoshop_files
2013-06-26 22:19 - 2013-06-26 22:19 - 04767205 ____A C:\Users\Administrator\Desktop\filmlook_assets.zip
2013-06-26 17:24 - 2013-07-03 19:19 - 00018432 ___AH C:\Users\Administrator\Desktop\photothumb.db
2013-06-26 17:16 - 2013-07-03 19:28 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PhotoScape
2013-06-26 17:16 - 2013-06-26 17:16 - 00001017 ____A C:\Users\Administrator\Desktop\PhotoScape.lnk
2013-06-26 17:16 - 2013-06-26 17:16 - 00000000 ____D C:\Program Files\PhotoScape
2013-06-25 15:14 - 2013-06-25 15:14 - 00002760 ____A C:\Users\Administrator\AppData\Local\recently-used.xbel
2013-06-25 10:41 - 2013-06-25 15:05 - 01259705 ____A C:\Users\Administrator\Desktop\Gimp 001681.xcf
2013-06-25 10:18 - 2013-06-25 10:18 - 00000000 ____D C:\Users\Administrator\AppData\Local\webkit
2013-06-24 20:08 - 2013-06-24 20:08 - 00000000 ____D C:\Users\Administrator\.thumbnails
2013-06-24 19:55 - 2013-06-29 09:02 - 00000000 ____D C:\Users\Administrator\.gimp-2.8
2013-06-24 19:55 - 2013-06-24 19:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\gegl-0.2
2013-06-24 19:52 - 2013-06-24 19:54 - 00000000 ____D C:\Program Files\GIMP 2
2013-06-24 14:05 - 2013-07-03 22:06 - 00006095 ____A C:\Users\Administrator\Desktop\Sign.txt
2013-06-22 19:38 - 2013-06-30 08:33 - 00000449 ____A C:\Users\Administrator\Downloads\fg.ini
2013-06-22 18:40 - 2013-06-24 14:06 - 00000000 ____D C:\JRT
2013-06-22 18:40 - 2013-06-22 18:40 - 00000000 ____D C:\Windows\ERUNT
2013-06-22 09:06 - 2013-06-22 09:07 - 00000000 ____D C:\Program Files\ProcsExplor
2013-06-21 19:57 - 2013-06-22 19:16 - 00001438 ____A C:\Windows\Sandboxie.ini
2013-06-21 19:57 - 2013-06-21 19:57 - 00001077 ____A C:\Users\Administrator\Desktop\Sandboxed Web Browser.lnk
2013-06-21 19:57 - 2013-06-21 19:57 - 00000000 ____D C:\Program Files\Sandboxie
2013-06-21 17:49 - 2013-06-21 17:49 - 00000000 ____D C:\Windows\System32\eventlog
2013-06-21 17:42 - 2013-06-21 17:42 - 00000762 ____A C:\Windows\certutil.log
2013-06-21 13:50 - 2013-06-21 13:50 - 25592231 ____A C:\Windows\System32\config\wfpstate.xml
2013-06-21 13:50 - 2013-06-21 13:50 - 00117199 ____A C:\Windows\System32\config\netevents.xml
2013-06-21 13:50 - 2013-06-21 13:50 - 00009801 ____A C:\Windows\System32\config\FileSharing.txt
2013-06-21 13:50 - 2013-06-21 13:50 - 00006237 ____A C:\Windows\System32\config\Neighbors.txt
2013-06-21 13:50 - 2013-06-21 13:50 - 00003054 ____A C:\Windows\System32\config\gpresult.txt
2013-06-21 13:50 - 2013-06-21 13:50 - 00000484 ____A C:\Windows\System32\config\sysports.xml
2013-06-21 13:49 - 2013-06-21 17:49 - 00009600 ____A C:\Windows\System32\config\osinfo.txt
2013-06-21 13:49 - 2013-06-21 17:49 - 00006008 ____A C:\Windows\System32\tempfile.txt
2013-06-21 13:49 - 2013-06-21 17:49 - 00004879 ____A C:\Windows\System32\config\envinfo.txt
2013-06-21 13:49 - 2013-06-21 17:49 - 00000000 ____A C:\Windows\System32\config\adapterinfo.txt
2013-06-21 13:49 - 2013-06-21 13:50 - 23368770 ____A C:\Windows\System32\config\wfpfilters.xml
2013-06-21 13:49 - 2013-06-21 13:50 - 00420668 ____A C:\Windows\System32\config\WindowsFirewallConfig.txt
2013-06-21 13:49 - 2013-06-21 13:50 - 00186972 ____A C:\Windows\System32\config\Dns.txt
2013-06-21 13:49 - 2013-06-21 13:50 - 00075483 ____A C:\Windows\System32\config\WcnInfo.txt
2013-06-21 13:49 - 2013-06-21 13:50 - 00044841 ____A C:\Windows\System32\config\WindowsFirewallEffectiveRules.txt
2013-06-21 13:49 - 2013-06-21 13:50 - 00000272 ____A C:\Windows\System32\config\netiostate.txt
2013-06-21 13:49 - 2013-06-21 13:50 - 00000062 ____A C:\Windows\System32\config\wfplog.log
2013-06-21 13:49 - 2013-06-21 13:49 - 01118208 ____A C:\Windows\System32\config\WindowsFirewallLog.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00069632 ____A C:\Windows\System32\config\WLANAutoConfigLog.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00069632 ____A C:\Windows\System32\config\WindowsFirewallLogVerbose.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00069632 ____A C:\Windows\System32\config\WindowsFirewallConsecLogVerbose.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00069632 ____A C:\Windows\System32\config\WindowsFirewallConsecLog.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____D C:\Windows\System32\Reg
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____D C:\Windows\System32\config\LocaleMetaData
2013-06-21 11:05 - 2013-06-21 11:05 - 02756800 ____A (Sysinternals - www.sysinternals.com) C:\Users\Administrator\Downloads\procexp.exe
2013-06-20 15:38 - 2013-06-20 16:22 - 00000412 _RASH C:\ProgramData\ntuser.pol
2013-06-19 10:47 - 2013-06-12 21:48 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-19 10:47 - 2013-06-12 21:43 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-19 10:47 - 2013-06-12 21:43 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-19 10:47 - 2013-06-12 21:43 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-19 10:46 - 2013-06-19 10:47 - 00004790 ____A C:\Windows\System32\jupdate-1.7.0_25-b16.log
2013-06-19 10:45 - 2013-06-19 10:45 - 00000000 ____D C:\ProgramData\McAfee
2013-06-18 16:57 - 2013-06-18 19:26 - 00001908 ____A C:\Windows\diagerr.xml
2013-06-18 15:32 - 2013-06-18 15:32 - 00004108 ____A C:\Users\Administrator\Documents\All Kee's.txt
2013-06-18 14:27 - 2013-06-18 14:27 - 00004108 ____A C:\Users\Administrator\Desktop\All Kee's.txt
2013-06-18 13:09 - 2013-07-05 07:39 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-18 13:09 - 2013-06-18 13:09 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-18 13:09 - 2013-06-18 13:09 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-18 12:40 - 2013-06-18 12:40 - 00000000 ____D C:\ProgramData\C__Program Files_WebcamMax_wcmmon.exe
2013-06-18 11:35 - 2013-06-18 11:35 - 00160654 ____A C:\Users\Administrator\Desktop\How to perform a clean boot to troubleshoot a problem in Windows 8, Windows 7, or Windows Vista.htm
2013-06-18 11:35 - 2013-06-18 11:35 - 00000000 ____D C:\Users\Administrator\Desktop\How to perform a clean boot to troubleshoot a problem in Windows 8, Windows 7, or Windows Vista_files
2013-06-18 08:45 - 2013-06-18 08:45 - 00000000 ____D C:\ProgramData\OO Software
2013-06-15 17:37 - 2013-06-15 17:37 - 00063337 ____A C:\Users\Administrator\Downloads\LicenseCrawler - Download - heise online.htm
2013-06-15 17:37 - 2013-06-15 17:37 - 00001759 ____A C:\Users\Administrator\Downloads\About_com http--www_klinzmann_name-licensecrawler_htm.htm
2013-06-15 17:37 - 2013-06-15 17:37 - 00000000 ____D C:\Users\Administrator\Downloads\LicenseCrawler - Download - heise online_files
2013-06-15 17:37 - 2013-06-15 17:37 - 00000000 ____D C:\Users\Administrator\Downloads\About_com http--www_klinzmann_name-licensecrawler_htm_files
2013-06-15 17:36 - 2013-06-15 17:36 - 01392906 ____A C:\Users\Administrator\Downloads\licensecrawler_1.30.359.zip
2013-06-15 17:34 - 2013-06-15 17:34 - 00002519 ____A C:\Users\Administrator\Downloads\language_italian.zip
2013-06-15 17:12 - 2013-06-15 17:12 - 00011628 ____A C:\Users\Administrator\Downloads\KeyFinder  Magical Jelly Bean.htm
2013-06-15 17:12 - 2013-06-15 17:12 - 00000000 ____D C:\Users\Administrator\Downloads\KeyFinder  Magical Jelly Bean_files
2013-06-15 17:11 - 2013-06-15 17:11 - 00008352 ____A C:\Users\Administrator\Downloads\KeyFinder FAQ.htm
2013-06-15 17:11 - 2013-06-15 17:11 - 00000000 ____D C:\Users\Administrator\Downloads\KeyFinder FAQ_files
2013-06-15 17:06 - 2013-06-15 17:06 - 01199992 ____A (Magical Jelly Bean                                          ) C:\Users\Administrator\Downloads\KeyFinderInstaller.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 13:45 - 2013-06-15 13:45 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-15 13:45 - 2013-06-15 13:45 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-15 13:45 - 2013-06-15 13:45 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-15 13:45 - 2013-06-15 13:45 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-15 13:45 - 2013-06-15 13:45 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-15 13:40 - 2013-06-15 13:47 - 00006206 ____A C:\Windows\IE10_main.log
2013-06-15 13:18 - 2013-07-04 10:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-15 13:18 - 2013-06-15 13:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-06-15 11:48 - 2013-06-15 11:48 - 00000590 ____A C:\Users\Administrator\Documents\cc_20130615_114810.reg
2013-06-15 11:47 - 2013-06-15 11:47 - 00006552 ____A C:\Users\Administrator\Documents\cc_20130615_114745.reg
2013-06-15 11:46 - 2013-06-15 11:46 - 00066498 ____A C:\Users\Administrator\Documents\cc_20130615_114623.reg
2013-06-15 09:38 - 2013-06-15 09:38 - 00001594 ____A C:\Windows\DPINST.LOG
2013-06-14 08:52 - 2013-06-14 08:52 - 00000079 ____A C:\Windows\wininit.ini
2013-06-10 14:08 - 2013-06-10 14:08 - 00001041 ____A C:\Users\Administrator\Desktop\AVI Slide Show.lnk
2013-06-10 14:08 - 2013-06-10 14:08 - 00000000 ____D C:\Program Files\AVISlideShow
2013-06-10 14:04 - 2013-06-10 14:05 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\GetRightToGo
2013-06-10 11:23 - 2013-06-10 11:23 - 00000000 ____D C:\Windows\XSxS
2013-06-10 11:07 - 2013-06-10 11:07 - 00045912 ____A C:\Users\Administrator\Documents\cc_20130610_110731.reg
2013-06-10 01:59 - 2013-06-10 02:00 - 07419544 ____A (MPC-HC Team                                                 ) C:\Users\Administrator\Desktop\MPC-HC.1.6.7.7114.x86.exe
2013-06-09 10:20 - 2013-06-09 10:20 - 00000000 ____D C:\ProgramData\ESET
2013-06-09 10:20 - 2013-06-09 10:20 - 00000000 ____D C:\Program Files\ESET
2013-06-09 09:19 - 2013-06-09 09:19 - 00000922 ____A C:\Users\UpdatusUser.KHAN\Desktop\NTREGOPT.lnk
2013-06-09 09:19 - 2013-06-09 09:19 - 00000903 ____A C:\Users\UpdatusUser.KHAN\Desktop\ERUNT.lnk
2013-06-08 17:35 - 2013-06-08 17:35 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\dvdcss
2013-06-08 16:46 - 2013-06-08 16:46 - 00000288 ____A C:\Users\Administrator\AppData\Roaming\.backup.dm
2013-06-07 16:36 - 2013-06-07 16:36 - 00005018 ____A C:\Users\Administrator\Documents\cc_20130607_163651.reg
2013-06-06 15:15 - 2013-06-06 15:16 - 10062224 ____A C:\Users\Administrator\Downloads\tixati-1.96-1.win32-install.exe
2013-06-06 12:00 - 2013-06-06 12:40 - 00000000 ____D C:\Users\Administrator\Desktop\VirtualDub
2013-06-06 09:54 - 2013-06-06 11:06 - 00001132 ____A C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2013-06-06 09:34 - 2013-06-06 09:34 - 00001728 ____A C:\Users\Administrator\Documents\cc_20130606_093448.reg
2013-06-06 09:30 - 2013-06-06 09:30 - 00122720 ____A C:\Users\Administrator\Documents\cc_20130606_093048.reg

==================== One Month Modified Files and Folders ========

2013-07-05 07:47 - 2013-07-05 07:47 - 00000000 ____D C:\FRST
2013-07-05 07:45 - 2013-07-05 07:45 - 01373373 ____A (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2013-07-05 07:39 - 2013-06-18 13:09 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-05 06:25 - 2011-12-08 17:16 - 01733485 ____A C:\Windows\WindowsUpdate.log
2013-07-04 22:59 - 2009-07-14 14:34 - 00020704 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-04 22:59 - 2009-07-14 14:34 - 00020704 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-04 22:52 - 2013-05-20 01:00 - 00002819 ____A C:\Windows\setupact.log
2013-07-04 22:52 - 2009-07-14 14:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-04 22:35 - 2013-05-04 13:56 - 00032156 ____A C:\Windows\PFRO.log
2013-07-04 22:06 - 2013-07-04 18:26 - 00001975 ____A C:\Users\Public\Desktop\Lightworks (11.1).lnk
2013-07-04 22:06 - 2013-07-04 17:57 - 00000000 ____D C:\Program Files\Lightworks
2013-07-04 18:26 - 2013-07-04 18:26 - 00000000 ____D C:\Users\Administrator\.MCReferenceSdk
2013-07-04 18:26 - 2013-07-04 01:33 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2013-07-04 18:26 - 2011-12-08 04:22 - 00000000 ____D C:\users\Administrator
2013-07-04 13:40 - 2012-11-19 12:56 - 00000000 ____D C:\Users\Administrator\Documents\My PSP Files
2013-07-04 10:55 - 2009-07-14 12:37 - 00000000 ____D C:\Windows\rescache
2013-07-04 10:14 - 2013-07-03 11:57 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-04 10:14 - 2013-06-15 13:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-04 10:11 - 2009-07-14 12:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-04 10:01 - 2013-07-04 10:01 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2013-07-04 10:00 - 2009-07-14 14:33 - 00430448 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-04 09:50 - 2011-12-08 04:27 - 00864168 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-04 09:04 - 2013-07-04 09:03 - 08990552 ____A (Microsoft Corporation) C:\Users\Administrator\Desktop\vcredist_x86.exe
2013-07-04 01:33 - 2013-07-04 01:33 - 00000000 ____D C:\ProgramData\Geevs
2013-07-04 00:10 - 2013-07-04 00:09 - 00000000 ____D C:\Program Files\QuickTime
2013-07-04 00:09 - 2013-07-04 00:09 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-07-04 00:09 - 2013-07-04 00:09 - 00000000 ____D C:\ProgramData\Apple Computer
2013-07-04 00:08 - 2013-07-04 00:08 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-07-04 00:07 - 2013-07-04 00:07 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apple
2013-07-04 00:07 - 2013-07-04 00:07 - 00000000 ____D C:\ProgramData\Apple
2013-07-04 00:07 - 2013-07-04 00:07 - 00000000 ____D C:\Program Files\Apple Software Update
2013-07-03 22:06 - 2013-06-24 14:05 - 00006095 ____A C:\Users\Administrator\Desktop\Sign.txt
2013-07-03 20:09 - 2013-04-04 11:09 - 00000164 ____A C:\Users\Administrator\AppData\Roaming\PLGComp.ini
2013-07-03 19:28 - 2013-06-26 17:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\PhotoScape
2013-07-03 19:19 - 2013-06-26 17:24 - 00018432 ___AH C:\Users\Administrator\Desktop\photothumb.db
2013-07-03 17:35 - 2013-03-23 13:08 - 00000000 ____D C:\Users\Administrator\Desktop\Temp Video
2013-07-03 17:04 - 2011-12-11 11:37 - 00000000 ____D C:\Program Files\Brother
2013-07-03 16:46 - 2012-05-14 00:14 - 00000000 ____D C:\Windows\ERDNT
2013-07-03 15:49 - 2013-05-04 13:50 - 00000000 ____D C:\Users\Administrator\Desktop\New net ora
2013-06-30 08:33 - 2013-06-22 19:38 - 00000449 ____A C:\Users\Administrator\Downloads\fg.ini
2013-06-30 08:09 - 2013-06-30 08:09 - 00015682 ____A C:\Users\Administrator\Downloads\fghelp_en.htm
2013-06-30 01:43 - 2012-11-13 21:01 - 00000000 ____D C:\Program Files\Seagate
2013-06-29 09:02 - 2013-06-24 19:55 - 00000000 ____D C:\Users\Administrator\.gimp-2.8
2013-06-28 22:02 - 2013-06-28 22:02 - 00057069 ____A C:\Users\Administrator\Downloads\Instagram Tips Combining Multiple Photos - Instagram Blog.htm
2013-06-28 22:02 - 2013-06-28 22:02 - 00000000 ____D C:\Users\Administrator\Downloads\Instagram Tips Combining Multiple Photos - Instagram Blog_files
2013-06-28 21:38 - 2013-06-28 21:33 - 36260680 ____A (iSkysoft Studio                                             ) C:\Users\Administrator\Downloads\pdf-editor_full1281.exe
2013-06-28 21:34 - 2013-06-28 21:34 - 00035730 ____A C:\Users\Administrator\Downloads\How to Combine PDF Files OS X for Free.htm
2013-06-28 21:34 - 2013-06-28 21:34 - 00000000 ____D C:\Users\Administrator\Downloads\How to Combine PDF Files OS X for Free_files
2013-06-28 21:32 - 2013-06-28 21:32 - 00050872 ____A C:\Users\Administrator\Downloads\How to Combine Multiple PDF Files on Mac Seamlessly.html
2013-06-28 21:32 - 2013-06-28 21:32 - 00000000 ____D C:\Users\Administrator\Downloads\How to Combine Multiple PDF Files on Mac Seamlessly_files
2013-06-28 21:17 - 2013-06-28 21:17 - 00601938 ____A C:\Users\Administrator\Downloads\Photoscape Easiest Way to Combine Multiple Photos - Images.mht
2013-06-28 21:15 - 2013-06-28 21:05 - 89111376 ____A (Apple Inc.) C:\Users\Administrator\Downloads\iTunesSetup.exe
2013-06-28 10:24 - 2013-05-08 17:26 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DVD Flick
2013-06-27 23:01 - 2013-06-27 22:56 - 10328776 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\irfanview_plugins_435_setup 2.exe
2013-06-27 22:23 - 2013-06-27 22:23 - 00001876 ____A C:\Users\Administrator\Desktop\IrfanView Thumbnails.lnk
2013-06-27 22:23 - 2013-06-27 22:23 - 00000996 ____A C:\Users\Administrator\Desktop\IrfanView.lnk
2013-06-27 22:23 - 2013-06-27 22:23 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IrfanView
2013-06-27 22:23 - 2013-06-27 22:23 - 00000000 ____D C:\Program Files\IrfanView
2013-06-27 18:15 - 2013-06-27 18:15 - 00000000 ____A C:\Users\Administrator\Downloads\Paint Joiner.zip.wn5xhvb.partial
2013-06-27 18:07 - 2013-06-27 18:07 - 00000537 ____A C:\Users\Administrator\Downloads\IrfanView hash .txt
2013-06-27 17:53 - 2013-06-27 17:53 - 01646288 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\iview435_setup (2).exe
2013-06-27 17:48 - 2013-06-27 17:48 - 01646288 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\ifranview_4.35.exe
2013-06-27 17:47 - 2013-06-27 17:47 - 01646288 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\iview435_setup (1).exe
2013-06-27 17:37 - 2013-06-27 17:37 - 00067347 ____A C:\Users\Administrator\Downloads\Irfanview - Official Italian Mirror  Domande e Riposte (guida ad Irfanview).htm
2013-06-27 17:37 - 2013-06-27 17:37 - 00000000 ____D C:\Users\Administrator\Downloads\Irfanview - Official Italian Mirror  Domande e Riposte (guida ad Irfanview)_files
2013-06-27 17:36 - 2013-06-27 17:36 - 01646288 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\iview435_setup.exe
2013-06-27 14:38 - 2013-06-27 14:32 - 09963537 ____A C:\Users\Administrator\Downloads\irfanview_plugins_435.zip
2013-06-27 14:30 - 2013-06-27 14:19 - 10328776 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\irfanview_plugins_435_setup.exe
2013-06-27 14:10 - 2013-06-27 14:10 - 00107859 ____A C:\Users\Administrator\Downloads\Irfanview _ Downloads @ PC-Intern.com.htm
2013-06-27 14:10 - 2013-06-27 14:10 - 00000000 ____D C:\Users\Administrator\Downloads\Irfanview _ Downloads @ PC-Intern.com_files
2013-06-27 14:08 - 2013-06-27 14:08 - 08034304 ____A (Irfan Skiljan) C:\Users\Administrator\Downloads\irfanview_plugins_430_setup.exe
2013-06-27 00:42 - 2013-06-27 00:42 - 00023493 ____A C:\Users\Administrator\Desktop\Adobe Photoshop Lightroom 5_0 Final [H33T] - torrent download.htm
2013-06-27 00:42 - 2013-06-27 00:42 - 00000000 ____D C:\Users\Administrator\Desktop\Adobe Photoshop Lightroom 5_0 Final [H33T] - torrent download_files
2013-06-27 00:27 - 2013-06-27 00:27 - 00023487 ____A C:\Users\Administrator\Desktop\Download Adobe Photoshop Lightroom 5_0 Final (32 bit) [ChingLiu] Torrent  1337x_org.htm
2013-06-27 00:27 - 2013-06-27 00:27 - 00000000 ____D C:\Users\Administrator\Desktop\Download Adobe Photoshop Lightroom 5_0 Final (32 bit) [ChingLiu] Torrent  1337x_org_files
2013-06-26 22:36 - 2013-06-26 22:36 - 00067092 ____A C:\Users\Administrator\Desktop\Can You Fix a Blurry Picture.htm
2013-06-26 22:36 - 2013-06-26 22:35 - 00000000 ____D C:\Users\Administrator\Desktop\Can You Fix a Blurry Picture_files
2013-06-26 22:24 - 2013-06-26 22:24 - 00064582 ____A C:\Users\Administrator\Desktop\Making Your Digital Photo Look Like Film in photoshop.htm
2013-06-26 22:24 - 2013-06-26 22:24 - 00000000 ____D C:\Users\Administrator\Desktop\Making Your Digital Photo Look Like Film in photoshop_files
2013-06-26 22:19 - 2013-06-26 22:19 - 04767205 ____A C:\Users\Administrator\Desktop\filmlook_assets.zip
2013-06-26 17:16 - 2013-06-26 17:16 - 00001017 ____A C:\Users\Administrator\Desktop\PhotoScape.lnk
2013-06-26 17:16 - 2013-06-26 17:16 - 00000000 ____D C:\Program Files\PhotoScape
2013-06-25 15:14 - 2013-06-25 15:14 - 00002760 ____A C:\Users\Administrator\AppData\Local\recently-used.xbel
2013-06-25 15:05 - 2013-06-25 10:41 - 01259705 ____A C:\Users\Administrator\Desktop\Gimp 001681.xcf
2013-06-25 10:18 - 2013-06-25 10:18 - 00000000 ____D C:\Users\Administrator\AppData\Local\webkit
2013-06-24 20:08 - 2013-06-24 20:08 - 00000000 ____D C:\Users\Administrator\.thumbnails
2013-06-24 19:55 - 2013-06-24 19:55 - 00000000 ____D C:\Users\Administrator\AppData\Local\gegl-0.2
2013-06-24 19:54 - 2013-06-24 19:52 - 00000000 ____D C:\Program Files\GIMP 2
2013-06-24 14:11 - 2011-12-17 14:11 - 00000000 ____D C:\Program Files\MSXML 4.0
2013-06-24 14:06 - 2013-06-22 18:40 - 00000000 ____D C:\JRT
2013-06-24 09:09 - 2013-03-07 23:00 - 00007606 ____A C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2013-06-22 19:16 - 2013-06-21 19:57 - 00001438 ____A C:\Windows\Sandboxie.ini
2013-06-22 18:40 - 2013-06-22 18:40 - 00000000 ____D C:\Windows\ERUNT
2013-06-22 09:59 - 2009-07-14 12:37 - 00000000 ____D C:\Windows\System32\NDF
2013-06-22 09:07 - 2013-06-22 09:06 - 00000000 ____D C:\Program Files\ProcsExplor
2013-06-22 09:06 - 2009-07-14 14:52 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-06-21 19:57 - 2013-06-21 19:57 - 00001077 ____A C:\Users\Administrator\Desktop\Sandboxed Web Browser.lnk
2013-06-21 19:57 - 2013-06-21 19:57 - 00000000 ____D C:\Program Files\Sandboxie
2013-06-21 17:49 - 2013-06-21 17:49 - 00000000 ____D C:\Windows\System32\eventlog
2013-06-21 17:49 - 2013-06-21 13:49 - 00009600 ____A C:\Windows\System32\config\osinfo.txt
2013-06-21 17:49 - 2013-06-21 13:49 - 00006008 ____A C:\Windows\System32\tempfile.txt
2013-06-21 17:49 - 2013-06-21 13:49 - 00004879 ____A C:\Windows\System32\config\envinfo.txt
2013-06-21 17:49 - 2013-06-21 13:49 - 00000000 ____A C:\Windows\System32\config\adapterinfo.txt
2013-06-21 17:42 - 2013-06-21 17:42 - 00000762 ____A C:\Windows\certutil.log
2013-06-21 13:50 - 2013-06-21 13:50 - 25592231 ____A C:\Windows\System32\config\wfpstate.xml
2013-06-21 13:50 - 2013-06-21 13:50 - 00117199 ____A C:\Windows\System32\config\netevents.xml
2013-06-21 13:50 - 2013-06-21 13:50 - 00009801 ____A C:\Windows\System32\config\FileSharing.txt
2013-06-21 13:50 - 2013-06-21 13:50 - 00006237 ____A C:\Windows\System32\config\Neighbors.txt
2013-06-21 13:50 - 2013-06-21 13:50 - 00003054 ____A C:\Windows\System32\config\gpresult.txt
2013-06-21 13:50 - 2013-06-21 13:50 - 00000484 ____A C:\Windows\System32\config\sysports.xml
2013-06-21 13:50 - 2013-06-21 13:49 - 23368770 ____A C:\Windows\System32\config\wfpfilters.xml
2013-06-21 13:50 - 2013-06-21 13:49 - 00420668 ____A C:\Windows\System32\config\WindowsFirewallConfig.txt
2013-06-21 13:50 - 2013-06-21 13:49 - 00186972 ____A C:\Windows\System32\config\Dns.txt
2013-06-21 13:50 - 2013-06-21 13:49 - 00075483 ____A C:\Windows\System32\config\WcnInfo.txt
2013-06-21 13:50 - 2013-06-21 13:49 - 00044841 ____A C:\Windows\System32\config\WindowsFirewallEffectiveRules.txt
2013-06-21 13:50 - 2013-06-21 13:49 - 00000272 ____A C:\Windows\System32\config\netiostate.txt
2013-06-21 13:50 - 2013-06-21 13:49 - 00000062 ____A C:\Windows\System32\config\wfplog.log
2013-06-21 13:49 - 2013-06-21 13:49 - 01118208 ____A C:\Windows\System32\config\WindowsFirewallLog.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00069632 ____A C:\Windows\System32\config\WLANAutoConfigLog.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00069632 ____A C:\Windows\System32\config\WindowsFirewallLogVerbose.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00069632 ____A C:\Windows\System32\config\WindowsFirewallConsecLogVerbose.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00069632 ____A C:\Windows\System32\config\WindowsFirewallConsecLog.evtx
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____D C:\Windows\System32\Reg
2013-06-21 13:49 - 2013-06-21 13:49 - 00000000 ____D C:\Windows\System32\config\LocaleMetaData
2013-06-21 13:41 - 2012-12-06 15:50 - 00000000 ____D C:\Program Files\AviSynth 2.5
2013-06-21 11:05 - 2013-06-21 11:05 - 02756800 ____A (Sysinternals - www.sysinternals.com) C:\Users\Administrator\Downloads\procexp.exe
2013-06-20 16:22 - 2013-06-20 15:38 - 00000412 _RASH C:\ProgramData\ntuser.pol
2013-06-20 15:32 - 2009-07-14 12:37 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2013-06-19 10:47 - 2013-06-19 10:46 - 00004790 ____A C:\Windows\System32\jupdate-1.7.0_25-b16.log
2013-06-19 10:47 - 2013-03-07 08:20 - 00000000 ____D C:\Program Files\Java
2013-06-19 10:45 - 2013-06-19 10:45 - 00000000 ____D C:\ProgramData\McAfee
2013-06-18 19:26 - 2013-06-18 16:57 - 00001908 ____A C:\Windows\diagerr.xml
2013-06-18 19:26 - 2012-06-19 12:17 - 00001908 ____A C:\Windows\diagwrn.xml
2013-06-18 19:14 - 2013-05-04 13:56 - 00000000 ____A C:\Windows\setuperr.log
2013-06-18 15:59 - 2012-10-25 01:35 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Acronis
2013-06-18 15:32 - 2013-06-18 15:32 - 00004108 ____A C:\Users\Administrator\Documents\All Kee's.txt
2013-06-18 14:27 - 2013-06-18 14:27 - 00004108 ____A C:\Users\Administrator\Desktop\All Kee's.txt
2013-06-18 13:09 - 2013-06-18 13:09 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-18 13:09 - 2013-06-18 13:09 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-18 12:40 - 2013-06-18 12:40 - 00000000 ____D C:\ProgramData\C__Program Files_WebcamMax_wcmmon.exe
2013-06-18 12:12 - 2012-01-20 12:07 - 00000000 ____D C:\Windows\pss
2013-06-18 11:35 - 2013-06-18 11:35 - 00160654 ____A C:\Users\Administrator\Desktop\How to perform a clean boot to troubleshoot a problem in Windows 8, Windows 7, or Windows Vista.htm
2013-06-18 11:35 - 2013-06-18 11:35 - 00000000 ____D C:\Users\Administrator\Desktop\How to perform a clean boot to troubleshoot a problem in Windows 8, Windows 7, or Windows Vista_files
2013-06-18 08:45 - 2013-06-18 08:45 - 00000000 ____D C:\ProgramData\OO Software
2013-06-17 23:52 - 2012-03-14 12:23 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2013-06-17 16:39 - 2012-03-13 15:27 - 00000000 ____D C:\Users\Administrator\AppData\Local\Windows Live
2013-06-15 17:37 - 2013-06-15 17:37 - 00063337 ____A C:\Users\Administrator\Downloads\LicenseCrawler - Download - heise online.htm
2013-06-15 17:37 - 2013-06-15 17:37 - 00001759 ____A C:\Users\Administrator\Downloads\About_com http--www_klinzmann_name-licensecrawler_htm.htm
2013-06-15 17:37 - 2013-06-15 17:37 - 00000000 ____D C:\Users\Administrator\Downloads\LicenseCrawler - Download - heise online_files
2013-06-15 17:37 - 2013-06-15 17:37 - 00000000 ____D C:\Users\Administrator\Downloads\About_com http--www_klinzmann_name-licensecrawler_htm_files
2013-06-15 17:36 - 2013-06-15 17:36 - 01392906 ____A C:\Users\Administrator\Downloads\licensecrawler_1.30.359.zip
2013-06-15 17:34 - 2013-06-15 17:34 - 00002519 ____A C:\Users\Administrator\Downloads\language_italian.zip
2013-06-15 17:12 - 2013-06-15 17:12 - 00011628 ____A C:\Users\Administrator\Downloads\KeyFinder  Magical Jelly Bean.htm
2013-06-15 17:12 - 2013-06-15 17:12 - 00000000 ____D C:\Users\Administrator\Downloads\KeyFinder  Magical Jelly Bean_files
2013-06-15 17:11 - 2013-06-15 17:11 - 00008352 ____A C:\Users\Administrator\Downloads\KeyFinder FAQ.htm
2013-06-15 17:11 - 2013-06-15 17:11 - 00000000 ____D C:\Users\Administrator\Downloads\KeyFinder FAQ_files
2013-06-15 17:06 - 2013-06-15 17:06 - 01199992 ____A (Magical Jelly Bean                                          ) C:\Users\Administrator\Downloads\KeyFinderInstaller.exe
2013-06-15 15:32 - 2011-12-10 18:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-15 15:29 - 2012-01-20 12:59 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-15 15:07 - 2012-11-08 11:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET
2013-06-15 13:47 - 2013-06-15 13:40 - 00006206 ____A C:\Windows\IE10_main.log
2013-06-15 13:45 - 2013-06-15 13:45 - 14327808 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 13760512 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 13:45 - 2013-06-15 13:45 - 02046976 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 01767936 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-15 13:45 - 2013-06-15 13:45 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-15 13:45 - 2013-06-15 13:45 - 01141248 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-15 13:45 - 2013-06-15 13:45 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-15 13:45 - 2013-06-15 13:45 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-15 13:45 - 2013-06-15 13:45 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-15 13:45 - 2013-06-15 13:45 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-15 13:18 - 2013-06-15 13:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-06-15 13:18 - 2012-11-02 17:19 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2013-06-15 11:48 - 2013-06-15 11:48 - 00000590 ____A C:\Users\Administrator\Documents\cc_20130615_114810.reg
2013-06-15 11:47 - 2013-06-15 11:47 - 00006552 ____A C:\Users\Administrator\Documents\cc_20130615_114745.reg
2013-06-15 11:46 - 2013-06-15 11:46 - 00066498 ____A C:\Users\Administrator\Documents\cc_20130615_114623.reg
2013-06-15 09:38 - 2013-06-15 09:38 - 00001594 ____A C:\Windows\DPINST.LOG
2013-06-15 09:06 - 2011-12-10 11:45 - 00015600 ____A (Windows ® 2000 DDK provider) C:\Windows\gdrv.sys
2013-06-14 08:52 - 2013-06-14 08:52 - 00000079 ____A C:\Windows\wininit.ini
2013-06-13 23:56 - 2009-07-14 14:34 - 00018432 ____A C:\Windows\System32\umstartup.etl
2013-06-12 21:48 - 2013-06-19 10:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-12 21:48 - 2012-10-13 23:11 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-12 21:48 - 2012-10-13 23:11 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-12 21:43 - 2013-06-19 10:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-12 21:43 - 2013-06-19 10:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-12 21:43 - 2013-06-19 10:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-12 16:44 - 2013-02-21 16:32 - 00000000 ____D C:\Program Files\7-ZipPortable
2013-06-12 14:24 - 2013-04-15 14:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Nero_AG
2013-06-10 21:45 - 2013-01-16 11:25 - 00000000 ____D C:\Program Files\Portable
2013-06-10 14:08 - 2013-06-10 14:08 - 00001041 ____A C:\Users\Administrator\Desktop\AVI Slide Show.lnk
2013-06-10 14:08 - 2013-06-10 14:08 - 00000000 ____D C:\Program Files\AVISlideShow
2013-06-10 14:05 - 2013-06-10 14:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\GetRightToGo
2013-06-10 11:25 - 2012-11-29 08:35 - 00071680 __ASH C:\Users\Administrator\Documents\Thumbs.db
2013-06-10 11:23 - 2013-06-10 11:23 - 00000000 ____D C:\Windows\XSxS
2013-06-10 11:07 - 2013-06-10 11:07 - 00045912 ____A C:\Users\Administrator\Documents\cc_20130610_110731.reg
2013-06-10 02:00 - 2013-06-10 01:59 - 07419544 ____A (MPC-HC Team                                                 ) C:\Users\Administrator\Desktop\MPC-HC.1.6.7.7114.x86.exe
2013-06-09 11:53 - 2012-10-24 14:26 - 00000039 ____A C:\Windows\vbaddin.ini
2013-06-09 10:59 - 2012-01-12 08:14 - 00011264 __ASH C:\Users\Administrator\Thumbs.db
2013-06-09 10:20 - 2013-06-09 10:20 - 00000000 ____D C:\ProgramData\ESET
2013-06-09 10:20 - 2013-06-09 10:20 - 00000000 ____D C:\Program Files\ESET
2013-06-09 09:19 - 2013-06-09 09:19 - 00000922 ____A C:\Users\UpdatusUser.KHAN\Desktop\NTREGOPT.lnk
2013-06-09 09:19 - 2013-06-09 09:19 - 00000903 ____A C:\Users\UpdatusUser.KHAN\Desktop\ERUNT.lnk
2013-06-09 09:19 - 2012-09-21 12:29 - 00000922 ____A C:\Users\Administrator\Desktop\NTREGOPT.lnk
2013-06-09 09:19 - 2012-09-21 12:29 - 00000903 ____A C:\Users\Administrator\Desktop\ERUNT.lnk
2013-06-09 09:19 - 2012-09-21 12:29 - 00000000 ____D C:\Program Files\ERUNT
2013-06-09 09:09 - 2009-07-14 12:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-06-09 08:18 - 2009-07-14 12:04 - 00000215 ____A C:\Windows\system.ini
2013-06-08 19:32 - 2012-09-20 10:14 - 00000000 ____D C:\Users\Administrator\Desktop\NewNow
2013-06-08 17:35 - 2013-06-08 17:35 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\dvdcss
2013-06-08 16:46 - 2013-06-08 16:46 - 00000288 ____A C:\Users\Administrator\AppData\Roaming\.backup.dm
2013-06-07 16:36 - 2013-06-07 16:36 - 00005018 ____A C:\Users\Administrator\Documents\cc_20130607_163651.reg
2013-06-06 15:16 - 2013-06-06 15:15 - 10062224 ____A C:\Users\Administrator\Downloads\tixati-1.96-1.win32-install.exe
2013-06-06 12:40 - 2013-06-06 12:00 - 00000000 ____D C:\Users\Administrator\Desktop\VirtualDub
2013-06-06 11:37 - 2012-11-05 18:58 - 00002533 ____A C:\Users\Public\Desktop\O&O DiskImage.lnk
2013-06-06 11:06 - 2013-06-06 09:54 - 00001132 ____A C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2013-06-06 09:54 - 2011-12-10 16:51 - 00000000 ____D C:\Program Files\NCH Software
2013-06-06 09:34 - 2013-06-06 09:34 - 00001728 ____A C:\Users\Administrator\Documents\cc_20130606_093448.reg
2013-06-06 09:30 - 2013-06-06 09:30 - 00122720 ____A C:\Users\Administrator\Documents\cc_20130606_093048.reg
2013-06-06 09:12 - 2012-02-21 16:58 - 00000000 ____D C:\ProgramData\Win7codecs
2013-06-05 21:59 - 2012-11-18 17:48 - 00000000 ____D C:\Users\Administrator\Desktop\registration_files
2013-06-05 16:21 - 2011-12-10 20:34 - 00007308 __ASH C:\ProgramData\KGyGaAvL.sys
2013-06-05 16:21 - 2009-07-14 14:52 - 00000000 ____D C:\Windows\System32\FxsTmp

Files to move or delete:
====================
C:\ProgramData\C__Program Files_WebcamMax_wcmmon.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-07-03 00:33

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-07-2013
Ran by Administrator at 2013-07-05 07:48:53
Running from C:\Users\Administrator\Desktop
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

ACDSee Pro 6 (Version: 6.2.212)
Acronis True Image Home 2011 (Version: 14.0.6696)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Premiere Pro CS3 r1 SDK (Version: 1.00.0000)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Apple Application Support (Version: 2.3.4)
Apple Software Update (Version: 2.1.3.127)
AVI Slide Show 1.7.17.17 (Version: 1.7.17.17)
Blurity version 1.4.169 (Version: 1.4.169)
Brother MFL-Pro Suite MFC-790CW (Version: 1.0.1.0)
CameraHelperMsi (Version: 13.51.815.0)
Corel WordPerfect Office - iFilter (Version: 1.00.000)
D3DX10 (Version: 15.4.2368.0902)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
EMCO Malware Destroyer 7
erLT (Version: 1.20.138.34)
ERUNT 1.1j
ESET NOD32 Antivirus (Version: 4.0.468.0)
Fastest Free YouTube Downloader to MP3 Converter (HKCU Version: 4.9)
Febooti fileTweak Hash and CRC (Version: 3.0.0)
ffdshow v1.2.4422 [2012-04-09] (Version: 1.2.4422.0)
Freemake Video Converter version 4.0.1 (Version: 4.0.1)
Garmin Communicator Plugin (Version: 4.0.1)
Garmin USB Drivers (Version: 2.3.0.0)
GIMP 2.8.4 (Version: 2.8.4)
Google Update Helper (Version: 1.3.21.135)
HashCheck Shell Extension (x86-32) (Version: 2.1.11.1)
IrfanView (remove only) (Version: 4.35)
Jasc Animation Shop 3 (Version: 3.11)
Jasc Paint Shop Photo Album 5 (Version: 5.0.1)
Jasc Paint Shop Pro 9 (Version: 9.00.0000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 16.4.3505.0912)
Lightworks (Version: 11.1.0.0)
Logitech Webcam Software (Version: 2.51)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.51.827.0)
LWS Help_main (Version: 13.51.828.0)
LWS Launcher (Version: 13.51.828.0)
LWS Motion Detection (Version: 13.51.815.0)
LWS Pictures And Video (Version: 13.51.815.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Webcam Software (Version: 13.51.815.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nero 12 (Version: 12.0.03500)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp (Version: 12.0.6002)
Nero BackItUp Help (CHM) (Version: 12.0.8000)
Nero Blu-ray Player (Version: 12.0.17700)
Nero Blu-ray Player Help (CHM) (Version: 12.0.9000)
Nero Burning ROM (Version: 12.0.28001)
Nero Burning ROM Help (CHM) (Version: 12.0.3000)
Nero ControlCenter (Version: 11.0.15500)
Nero ControlCenter Help (CHM) (Version: 12.0.7000)
Nero Core Components (Version: 11.0.18900)
Nero Disc Menus Basic (Version: 12.0.11500)
Nero Effects Basic (Version: 12.0.11500)
Nero Express (Version: 12.0.28001)
Nero Express Help (CHM) (Version: 12.0.5000)
Nero Kwik Media (Version: 1.18.19600)
Nero Kwik Media Help (CHM) (Version: 12.0.7000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero PiP Effects Basic (Version: 12.0.11500)
Nero Recode (Version: 12.0.31001)
Nero Recode Help (CHM) (Version: 12.0.7000)
Nero RescueAgent (Version: 12.0.10002)
Nero RescueAgent Help (CHM) (Version: 12.0.7000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
Nero Video (Version: 12.0.8000)
Nero Video Help (CHM) (Version: 12.0.7000)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia PC Suite (Version: 7.1.62.1)
Nokia Software Updater (Version: 3.0.655)
NVIDIA Control Panel 307.83 (Version: 307.83)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Graphics Driver 307.83 (Version: 307.83)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
O&O DiskImage Professional (Version: 7.0.144)
PaperPort Image Printer (Version: 1.00.0000)
Paradox
Paradox (Version: 11.4)
PC Connectivity Solution (Version: 11.5.29.0)
Photo Gallery (Version: 16.4.3505.0912)
PhotoPad Image Editor
PhotoScape
Pixillion Image Converter
Prerequisite installer (Version: 12.0.0003)
Prism Video File Converter
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.74.80.86)
Sandboxie 3.52
ScanSoft PaperPort 11 (Version: 11.1.0000)
Skype™ 6.1 (Version: 6.1.129)
Software Remove Master v5.0.1.3
swMSM (Version: 12.0.0.1)
Universal Document Converter Server Edition (Version: 5.3)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoPad Video Editor
WavePad Sound Editor
Welcome App (Start-up experience) (Version: 12.0.15000)
Win7codecs (Version: 3.5.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows DVD Maker 3.9.4
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Wondershare Video Editor(Build 3.0.2)
WordPerfect Lightning - IPM (Version: 1.0)
WordPerfect Lightning - Messages (Version: 1.0)
WordPerfect Lightning - MSOM (Version: 1.1)
WordPerfect Lightning (Version: 2.0)
WordPerfect Office X5 - Common (Version: 15.1)
Wordperfect Office X5 - EN (Version: 15.1)
WordPerfect Office X5 - Filters (Version: 15.1)
WordPerfect Office X5 - Graphics (Version: 15.1)
WordPerfect Office X5 - IPM (Version: 15.1)
WordPerfect Office X5 - LegalTools (Version: 15.1)
WordPerfect Office X5 - Migration Manager (Version: 15.1)
WordPerfect Office X5 - Oxford (Version: 15.1)
WordPerfect Office X5 - PerfectExperts EN (Version: 15.1)
WordPerfect Office X5 - PR (Version: 15.1)
WordPerfect Office X5 - QP (Version: 15.1)
WordPerfect Office X5 - Setup Files (Version: 15.1)
WordPerfect Office X5 - Sharepoint (Version: 15.1)
WordPerfect Office X5 - Skins (Version: 15.1)
WordPerfect Office X5 - System EN (Version: 15.0)
WordPerfect Office X5 - Templates (Version: 15.1)
WordPerfect Office X5 - WP (Version: 15.1)
WordPerfect Office X5 - WT (Version: 15.1)
WordPerfect Office X5 (Version: 15.0.0.431)
WordPerfect Office X5 (Version: 15.1)

==================== Restore Points  =========================

27-06-2013 05:19:45 Scheduled Checkpoint
28-06-2013 15:25:00 Installed SeaTools for Windows
03-07-2013 14:08:35 Installed QuickTime
03-07-2013 14:14:27 Installed Microsoft Visual C++ 2005 Redistributable
03-07-2013 23:46:01 Windows Update
04-07-2013 06:53:15 Installed Microsoft Visual C++ 2005 Redistributable
04-07-2013 07:17:23 Installed Microsoft Visual C++ 2005 Redistributable
04-07-2013 07:23:13 Removed Microsoft Visual C++ 2005 Redistributable
04-07-2013 07:30:09 Installed Microsoft Visual C++ 2005 Redistributable
04-07-2013 07:57:59 Installed Microsoft Visual C++ 2005 Redistributable

==================== Hosts content: ==========================

2012-07-30 10:34 - 2013-06-09 08:18 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {04C97422-413F-409E-880C-0FBFF50857D7} - System32\Tasks\NCH Software\photostageDowngrade => C:\Program Files\NCH Software\PhotoStage\photostage.exe No File
Task: {06D8E3C9-92D4-4D36-9BF5-D9A95C2477DE} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files\NCH Software\VideoPad\VideoPad.exe [2013-06-06] (NCH Software)
Task: {178909FA-264A-49EC-8FF2-9C56A9B13A2A} - System32\Tasks\{742B0DA6-B0BA-407B-AD13-2EF45C8B5136} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2011-07-27] (Microsoft Corporation)
Task: {28455495-D1FC-4558-B070-A172B5334163} - System32\Tasks\{92123959-9F6E-472B-9509-79B7C22FE5A1} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2011-07-27] (Microsoft Corporation)
Task: {3436C4BF-0C04-4F99-A743-4F9D177D3E99} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-18] (Adobe Systems Incorporated)
Task: {3967B16F-08ED-4990-9728-2855AA26C8D3} - System32\Tasks\{C49E02A8-FD5A-45A2-ABA7-BD66E3C3D11D} => C:\Program Files\Skype\\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {3F7C37F2-8AC7-4C9E-B26C-43A3CC8B83C9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {47939221-4A52-4194-B085-AEB2A6C2103D} - System32\Tasks\{5BE0F675-129F-4995-8F06-03EF74B0F692} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2011-07-27] (Microsoft Corporation)
Task: {648379B7-A8E6-448B-8580-CBDEA0E444C7} - System32\Tasks\NCH Software\prismShakeIcon => C:\Program Files\NCH Software\Prism\Prism.exe [2012-03-12] (NCH Software)
Task: {6A0D6B4E-077D-46AE-AAD1-C4E1A58C890D} - System32\Tasks\RMSmartUpdate => C:\Program Files\Registry Mechanic\update.exe No File
Task: {82BF0377-0F7E-46FD-B45F-93885DF2B269} - System32\Tasks\{D92EDE2F-6ECB-46C4-AF2C-088BB3266C49} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {890B2389-A6B5-45A0-9849-A5366388FDE6} - System32\Tasks\{95D1C131-0D1F-4424-A00C-8CCE20F30E63} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {B177F071-9301-4D0C-B593-A419C8B5EA23} - System32\Tasks\{20D1E792-D56E-4846-9382-5FF8FAA93B7B} => C:\Windows\System32\msiexec.exe [2010-11-20] (Microsoft Corporation)
Task: {B3E43441-8ECB-43DC-8562-A96F368EAD6B} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2411852452-117403543-12125213-500 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {BBF2949A-4162-481B-9376-BCDC50F8C162} - System32\Tasks\{2C790D64-18D8-4479-85A7-21DC465C9ACF} => F:\NEW PROGRAMS\OFFICE\Microsoft Office Word 2003 Pro Portable - the11thmtndiv\Microsoft Office Word 2003 Pro Portable.exe [2011-07-27] (Microsoft Corporation)
Task: {C71616B4-1BC4-462D-9BD7-247DFF7A644C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe No File
Task: {EAFB4792-2E9F-4098-AF9B-6700216F9A04} - System32\Tasks\{37343038-3FED-49FC-A743-8DDDFE16F4F7} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2011-07-27] (Microsoft Corporation)
Task: {ECC60568-9ECA-4416-81F9-ACAF060249A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FBCBC6EF-D7CE-4A65-B778-D35411F56594} - System32\Tasks\{4B12E91A-5B39-42C5-B438-D29669D9D6C1} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2011-07-27] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2013 00:31:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/04/2013 11:10:32 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2329. The arguments are: 32, C:\Config.Msi\d4027.rbf,

Error: (07/04/2013 11:10:29 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET NOD32 Antivirus\callmsi.exe.

Error: (07/04/2013 11:10:29 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll.

Error: (07/04/2013 11:10:29 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe.

Error: (07/04/2013 11:10:28 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOutlookEmon.dll.

Error: (07/04/2013 11:10:28 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll.

Error: (07/04/2013 11:10:28 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET NOD32 Antivirus\eeclnt.exe.

Error: (07/04/2013 11:10:27 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe.

Error: (07/04/2013 11:10:27 PM) (Source: MsiInstaller) (User: KHAN)
Description: Product: ESET NOD32 Antivirus -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll.

System errors:
=============
Error: (07/05/2013 01:37:53 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.

Error: (07/04/2013 10:52:33 PM) (Source: Service Control Manager) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
%%1058

Error: (07/04/2013 10:46:44 PM) (Source: DCOM) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (07/04/2013 10:35:49 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/04/2013 10:35:48 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/04/2013 10:35:44 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/04/2013 10:35:37 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/04/2013 10:35:33 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
discache
ehdrv
SCDEmu
spldr
Wanarpv6

Error: (07/04/2013 10:35:32 PM) (Source: Service Control Manager) (User: )
Description: The Fax service depends on the Print Spooler service which failed to start because of the following error:
%%1068

Error: (07/04/2013 10:35:29 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:33:21 PM on ?7/?4/?2013 was unexpected.

Microsoft Office Sessions:
=========================
Error: (05/23/2013 05:51:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6948 seconds with 4080 seconds of active time.  This session ended with a crash.

Error: (11/07/2012 05:42:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2382 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/05/2012 07:02:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 259458 seconds with 5760 seconds of active time.  This session ended with a crash.

Error: (07/30/2012 11:03:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 375 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (07/14/2012 04:56:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 69040 seconds with 3180 seconds of active time.  This session ended with a crash.

Error: (06/06/2012 10:13:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/02/2012 10:09:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 648 seconds with 300 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2013-06-21 17:42:54.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:25.463
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.558
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.480
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.261
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:05.027
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:04.949
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:04.856
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-21 17:42:04.731
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 31%
Total physical RAM: 3582.49 MB
Available physical RAM: 2436.4 MB
Total Pagefile: 7163.27 MB
Available Pagefile: 5589.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:168 GB) (Free:98.82 GB) NTFS
Drive d: (Local Disk) (Fixed) (Total:130.09 GB) (Free:38.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (1TERA_10GB) (Fixed) (Total:931.51 GB) (Free:334.05 GB) NTFS
Drive g: (320D500GB) (Fixed) (Total:465.76 GB) (Free:221.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: BFBBC8F1)
Partition 1: (Active) - (Size=130 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=168 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 33091F32)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 932 GB) (Disk ID: A4FE0168)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,836 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:04 AM

Posted 04 July 2013 - 06:39 PM

Registry cleaners do more damage than benefits. Lets perform some cleaning of junk files and adware.

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

AdwCleaner.GIF

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please post it in your next reply.

 

bf_new.gif Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
 

 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 dinovo

dinovo
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 05 July 2013 - 04:42 AM

Dear JSntgRvr Thanks for your help

 

I had Malwarebytes Anti-Malware installed and running on my computer

I have uninstalled the installed one, I downloaded and installed new program as suggested and run the scan, attached report

Thanks

 

 

 

 

# AdwCleaner v2.304 - Logfile created 07/05/2013 at 19:28:32
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Administrator - KHAN
# Boot Mode : Normal
# Running from : C:\Users\Administrator\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****

Found : APNMCP

***** [Files / Folders] *****

Folder Found : C:\Program Files\AskPartnerNetwork
Folder Found : C:\ProgramData\APN
Folder Found : C:\ProgramData\AskPartnerNetwork
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
Folder Found : C:\Users\ADMINI~1\AppData\Local\Temp\APN

***** [Registry] *****

Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKLM\Software\AskPartnerNetwork

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16618

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\cjawe3ub.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1063 octets] - [05/07/2013 19:28:32]

########## EOF - C:\AdwCleaner[R1].txt - [1123 octets] ##########
 

 

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.04.10

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16618
Administrator :: KHAN [administrator]

Protection: Disabled

7/5/2013 6:42:53 PM
MBAM-log-2013-07-05 (19-23-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 272852
Time elapsed: 9 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Administrator\AppData\Local\temp\7zO1BCC.tmp\MagicJellyBeanKeyFinder.exe (RiskWare.Tool.CK) -> No action taken.
C:\Users\Administrator\AppData\Local\temp\7zO1DAF.tmp\MagicJellyBeanKeyFinder.exe (RiskWare.Tool.CK) -> No action taken.

(end)
 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Ultimate x86
Ran by Administrator on Fri 07/05/2013 at 18:16:17.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\cjawe3ub.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 07/05/2013 at 18:17:31.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#13 dinovo

dinovo
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 05 July 2013 - 05:15 AM

# AdwCleaner v2.304 - Logfile created 07/05/2013 at 19:42:59
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Administrator - KHAN
# Boot Mode : Normal
# Running from : C:\Users\Administrator\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
Folder Deleted : C:\Users\ADMINI~1\AppData\Local\Temp\APN

***** [Registry] *****

Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskPartnerNetwork

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16618

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\cjawe3ub.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1192 octets] - [05/07/2013 19:28:32]
AdwCleaner[R2].txt - [1295 octets] - [05/07/2013 19:42:37]
AdwCleaner[S1].txt - [354 octets] - [05/07/2013 19:32:54]
AdwCleaner[S2].txt - [1240 octets] - [05/07/2013 19:42:59]

########## EOF - C:\AdwCleaner[S2].txt - [1300 octets] ##########



#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,836 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:04 AM

Posted 05 July 2013 - 07:42 AM

  • Copy the entire contents of the Quote Box below to Notepad.
  • Name the file as fixlist.txt
  • Change the Save as Type to All Files
  • and Save it next to FRST.
  • Run FRST as you did before, except that his time around click on the fix button and wait.
  • The tool will make a log next to FRST (Fixlog.txt). Please post it in your next reply.

HKCU\...\Run: [~rmvtxrr] F:\NEW PROGRAMS\PROXY\fg740p.exe [x]
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: 127.0.0.1:8580
C:\Users\Administrator\AppData\Local\temp\MagicJellyBeanKeyFinder.exe
C:\Users\Administrator\AppData\Local\temp\7zO1DAF.tmp\MagicJellyBeanKeyFinder.exe

Restart the computer.

Any improvement?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 dinovo

dinovo
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:09:04 PM

Posted 05 July 2013 - 10:21 AM

Dear JSntgRvr

 

I have done some poking around it seams better, thank you

Last post, before this one I could not send with FireFox, this is now sent with FireFox.

 

It is hard to say in afew minutes but has improved.

 

Copy and paste very difficult, it wouls not copy the notepad report

 

Thank you

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 04-07-2013
Ran by Administrator at 2013-07-06 00:23:26 Run:1
Running from C:\Users\Administrator\Desktop
Boot Mode: Normal

==============================================

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\~rmvtxrr => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.

==== End of Fixlog ====






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users