Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose (Chrome related)


  • This topic is locked This topic is locked
14 replies to this topic

#1 zamthezealot

zamthezealot

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 19 July 2013 - 09:02 AM

So I got a bunch of malware on my Chrome browser (they were extensions that kept installing without any notice). I deleted my partition, re-formated, and reinstalled Windows 7 thrice already, but the two previous times the malware reappeared after launching Chrome and syncing the settings. I had to go into my chrome browser and delete the url for "open specific page" as well as the nasty extensions. I did this on the first format but I missed a couple of things and they kept reappearing. But after doing it again during the second format, I reformatted just to make sure they would be no apps to spread. So far I see no extensions and no malicious urls. BTW, when Chrome installs these extensions malicious software also get installed into my computer. I use both Chrome and Internet Explorer. 

 

So I just want to be a little extra careful and avoid another reformat. Here is my hijack this log.

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:57:56 AM, on 7/19/2013
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Orbitdownloader\orbitdm.exea
C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://127.0.0.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Crystal Rich Ltd - C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 10966 bytes
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:59 PM

Posted 19 July 2013 - 02:16 PM

Hello zamthezealot,

 

My name is Cody and I'll be helping you clean up your computer.

 

It looks long and unnecessary, but what's below is very important information. Please take the time to read it before we get started.

 

I will reply as soon as possible (typically within 24 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, I just ask for notice ahead of time.

 

I am in Orlando, Florida at GMT-5 Hours (Eastern Standard Time). As previously stated, I normally respond within 24 hours, but I am a university student currently working full time. If I do not respond within 48 hours, feel free to send me a private message.

 

Some points for you to keep in mind:

 

-Do NOT run any tools unless instructed to do so.

-We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

-Do not attach logs or use code boxes, just copy and paste the text.

-I cannot see your computer.

-Periodically update me on the condition of your computer, and provide detail in every post.

-Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.

 

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

 

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#3 zamthezealot

zamthezealot
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 19 July 2013 - 04:35 PM

Ok, I'll follow your instructions.



#4 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:59 PM

Posted 19 July 2013 - 11:15 PM

HijackThis isn't the best tool for a 64-bit operating system. Let's see the following:

 

  Please download  DDS by sUBs from one of the following links.  Save it to your desktop.

 

DDS.com
DDS.pif

  • Double click on the DDS icon, allow it to run.

     

  • Click on Start.

     

  • After the scan has finished, confirm the message with Ok.

     

  • DDS will automatically open the logfile.

     

  • You can find the logfile on your desktop as well.

     

  • Please post the content of that logfile with your next answer.

Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet.

 

Information on A/V control HERE


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#5 zamthezealot

zamthezealot
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 20 July 2013 - 01:54 AM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16496  BrowserJavaVersion: 10.25.2
Run by Peter Nguyen at 23:52:01 on 2013-07-19
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.6135.3385 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Vuze\Azureus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
uRun: [USB Safely Remove] C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe /startup
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\PETERN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Peter Nguyen\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\PETERN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 68.190.192.35 71.9.127.107 24.205.224.36
TCP: Interfaces\{BCEF7A4E-4518-4695-A5F5-294240EED3E9} : DHCPNameServer = 68.190.192.35 71.9.127.107 24.205.224.36
TCP: Interfaces\{BCEF7A4E-4518-4695-A5F5-294240EED3E9}\348616274756277596649603333383F58747 : DHCPNameServer = 68.190.192.35 71.9.127.107 24.205.224.36
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2009-10-9 22568]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-3-17 302632]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-6-21 413472]
R2 USBSafelyRemoveService;USB Safely Remove Assistant;C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [2013-7-19 1521464]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-10 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-10 208896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-7-19 1817560]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-7-19 1033688]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-7-19 171928]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-19 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-07-20 05:54:22 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Dropbox
2013-07-20 01:08:19 53248 ----a-r- C:\Users\Peter Nguyen\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-07-20 01:03:40 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-07-20 01:03:40 -------- d-----w- C:\Program Files (x86)\StarCraft II
2013-07-20 01:03:40 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-07-20 00:50:45 -------- d-----w- C:\Users\Peter Nguyen\Downloading
2013-07-20 00:50:45 -------- d-----r- C:\Users\Peter Nguyen\Dropbox
2013-07-20 00:50:37 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Logishrd
2013-07-20 00:48:56 -------- d-----w- C:\Users\Peter Nguyen\.swt
2013-07-20 00:48:39 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Azureus
2013-07-20 00:48:38 -------- d-----w- C:\Program Files (x86)\Vuze
2013-07-20 00:25:50 -------- d-----w- C:\ProgramData\Battle.net
2013-07-20 00:17:48 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-07-20 00:17:40 -------- d-----w- C:\Program Files (x86)\1-click run
2013-07-19 21:35:02 -------- d-----w- C:\Windows\System32\MRT
2013-07-19 21:34:19 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2013-07-19 21:14:56 -------- d-----w- C:\Windows\he-IL
2013-07-19 15:16:44 3584 ----a-w- C:\Windows\System32\drivers\uk-UA\portcls.sys.mui
2013-07-19 15:16:44 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\serscan.sys.mui
2013-07-19 15:16:43 48640 ----a-w- C:\Windows\System32\drivers\uk-UA\tcpip.sys.mui
2013-07-19 15:16:43 3072 ----a-w- C:\Windows\System32\drivers\uk-UA\ataport.sys.mui
2013-07-19 15:16:43 2048 ----a-w- C:\Windows\System32\drivers\uk-UA\amdide.sys.mui
2013-07-19 15:16:42 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\scfilter.sys.mui
2013-07-19 15:16:40 7680 ----a-w- C:\Windows\System32\drivers\uk-UA\bthport.sys.mui
2013-07-19 15:16:40 3072 ----a-w- C:\Windows\System32\drivers\uk-UA\hidbth.sys.mui
2013-07-19 15:16:40 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\BTHUSB.SYS.mui
2013-07-19 15:16:40 2048 ----a-w- C:\Windows\System32\drivers\uk-UA\bthenum.sys.mui
2013-07-19 15:11:44 3584 ----a-w- C:\Windows\System32\drivers\lv-LV\portcls.sys.mui
2013-07-19 15:11:44 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\serscan.sys.mui
2013-07-19 15:11:43 47616 ----a-w- C:\Windows\System32\drivers\lv-LV\tcpip.sys.mui
2013-07-19 15:11:43 3072 ----a-w- C:\Windows\System32\drivers\lv-LV\ataport.sys.mui
2013-07-19 15:11:43 2048 ----a-w- C:\Windows\System32\drivers\lv-LV\amdide.sys.mui
2013-07-19 15:11:42 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\scfilter.sys.mui
2013-07-19 15:11:40 7168 ----a-w- C:\Windows\System32\drivers\lv-LV\bthport.sys.mui
2013-07-19 15:11:40 3072 ----a-w- C:\Windows\System32\drivers\lv-LV\hidbth.sys.mui
2013-07-19 15:11:40 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\BTHUSB.SYS.mui
2013-07-19 15:11:40 2048 ----a-w- C:\Windows\System32\drivers\lv-LV\bthenum.sys.mui
2013-07-19 14:59:26 7168 ----a-w- C:\Windows\System32\drivers\UMDF\es-ES\WUDFUsbccidDriver.dll.mui
2013-07-19 14:54:34 6144 ----a-w- C:\Windows\System32\drivers\UMDF\he-IL\WUDFUsbccidDriver.dll.mui
2013-07-19 14:50:07 6144 ----a-w- C:\Windows\System32\drivers\UMDF\tr-TR\WUDFUsbccidDriver.dll.mui
2013-07-19 14:46:03 377856 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\mshwkor.dll
2013-07-19 14:45:59 4608 ----a-w- C:\Windows\System32\drivers\ko-KR\luafv.sys.mui
2013-07-19 14:42:33 6656 ----a-w- C:\Windows\System32\drivers\UMDF\da-DK\WUDFUsbccidDriver.dll.mui
2013-07-19 14:41:28 -------- d-----w- C:\Windows\pt-PT
2013-07-19 14:41:27 -------- d-----w- C:\Windows\SysWow64\wbem\pt-PT
2013-07-19 14:41:27 -------- d-----w- C:\Windows\SysWow64\pt
2013-07-19 14:41:27 -------- d-----w- C:\Windows\SysWow64\drivers\pt-PT
2013-07-19 14:41:25 -------- d-----w- C:\Windows\System32\wbem\pt-PT
2013-07-19 14:41:25 -------- d-----w- C:\Windows\System32\pt
2013-07-19 14:41:25 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-PT
2013-07-19 14:41:25 -------- d-----w- C:\Windows\System32\drivers\pt-PT
2013-07-19 14:37:31 -------- d-----w- C:\Windows\SysWow64\drivers\et-EE
2013-07-19 14:37:30 -------- d-----w- C:\Windows\SysWow64\wbem\et-EE
2013-07-19 14:37:30 -------- d-----w- C:\Windows\System32\wbem\et-EE
2013-07-19 14:37:30 -------- d-----w- C:\Windows\System32\drivers\et-EE
2013-07-19 14:37:29 -------- d-----w- C:\Windows\et-EE
2013-07-19 14:35:24 3584 ----a-w- C:\Windows\System32\drivers\et-EE\portcls.sys.mui
2013-07-19 14:35:24 2560 ----a-w- C:\Windows\System32\drivers\et-EE\serscan.sys.mui
2013-07-19 14:35:23 45568 ----a-w- C:\Windows\System32\drivers\et-EE\tcpip.sys.mui
2013-07-19 14:35:23 3072 ----a-w- C:\Windows\System32\drivers\et-EE\ataport.sys.mui
2013-07-19 14:35:23 2560 ----a-w- C:\Windows\System32\drivers\et-EE\scfilter.sys.mui
2013-07-19 14:35:23 2048 ----a-w- C:\Windows\System32\drivers\et-EE\amdide.sys.mui
2013-07-19 14:35:20 7168 ----a-w- C:\Windows\System32\drivers\et-EE\bthport.sys.mui
2013-07-19 14:35:20 3072 ----a-w- C:\Windows\System32\drivers\et-EE\hidbth.sys.mui
2013-07-19 14:35:20 2560 ----a-w- C:\Windows\System32\drivers\et-EE\BTHUSB.SYS.mui
2013-07-19 14:35:20 2048 ----a-w- C:\Windows\System32\drivers\et-EE\bthenum.sys.mui
2013-07-19 14:34:48 -------- d-----w- C:\Windows\SysWow64\wbem\bg-BG
2013-07-19 14:34:48 -------- d-----w- C:\Windows\SysWow64\drivers\bg-BG
2013-07-19 14:34:48 -------- d-----w- C:\Windows\System32\drivers\bg-BG
2013-07-19 14:34:48 -------- d-----w- C:\Windows\bg-BG
2013-07-19 14:34:47 -------- d-----w- C:\Windows\System32\wbem\bg-BG
2013-07-19 14:32:39 3584 ----a-w- C:\Windows\System32\drivers\bg-BG\portcls.sys.mui
2013-07-19 14:32:39 2560 ----a-w- C:\Windows\System32\drivers\bg-BG\serscan.sys.mui
2013-07-19 14:32:37 48128 ----a-w- C:\Windows\System32\drivers\bg-BG\tcpip.sys.mui
2013-07-19 14:32:37 3072 ----a-w- C:\Windows\System32\drivers\bg-BG\ataport.sys.mui
2013-07-19 14:32:37 2560 ----a-w- C:\Windows\System32\drivers\bg-BG\scfilter.sys.mui
2013-07-19 14:32:37 2048 ----a-w- C:\Windows\System32\drivers\bg-BG\amdide.sys.mui
2013-07-19 14:32:34 7680 ----a-w- C:\Windows\System32\drivers\bg-BG\bthport.sys.mui
2013-07-19 14:32:34 3072 ----a-w- C:\Windows\System32\drivers\bg-BG\hidbth.sys.mui
2013-07-19 14:32:34 2560 ----a-w- C:\Windows\System32\drivers\bg-BG\BTHUSB.SYS.mui
2013-07-19 14:32:34 2048 ----a-w- C:\Windows\System32\drivers\bg-BG\bthenum.sys.mui
2013-07-19 14:31:26 -------- d-----w- C:\Windows\SysWow64\zh-CHS
2013-07-19 14:31:26 -------- d-----w- C:\Windows\SysWow64\drivers\zh-CN
2013-07-19 14:31:25 -------- d-----w- C:\Windows\SysWow64\wbem\zh-CN
2013-07-19 14:31:24 -------- d-----w- C:\Windows\System32\zh-CHS
2013-07-19 14:31:24 -------- d-----w- C:\Windows\System32\drivers\zh-CN
2013-07-19 14:31:24 -------- d-----w- C:\Windows\System32\drivers\UMDF\zh-CN
2013-07-19 14:31:23 -------- d-----w- C:\Windows\System32\wbem\zh-CN
2013-07-19 14:31:21 -------- d-----w- C:\Windows\zh-CN
2013-07-19 14:27:59 3584 ----a-w- C:\Windows\System32\drivers\zh-CN\fltmgr.sys.mui
2013-07-19 14:26:57 -------- d-----w- C:\Windows\SysWow64\nl
2013-07-19 14:26:57 -------- d-----w- C:\Windows\SysWow64\0413
2013-07-19 14:26:57 -------- d-----w- C:\Windows\nl-NL
2013-07-19 14:26:56 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\nl-NL
2013-07-19 14:26:56 -------- d-----w- C:\Windows\SysWow64\drivers\nl-NL
2013-07-19 14:26:55 -------- d-----w- C:\Windows\SysWow64\wbem\nl-NL
2013-07-19 14:26:55 -------- d-----w- C:\Windows\System32\nl
2013-07-19 14:26:53 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL
2013-07-19 14:26:53 -------- d-----w- C:\Windows\System32\drivers\nl-NL
2013-07-19 14:26:52 -------- d-----w- C:\Windows\System32\wbem\nl-NL
2013-07-19 14:22:35 -------- d-----w- C:\Windows\SysWow64\wbem\sv-SE
2013-07-19 14:22:35 -------- d-----w- C:\Windows\SysWow64\sv
2013-07-19 14:22:35 -------- d-----w- C:\Windows\SysWow64\drivers\sv-SE
2013-07-19 14:22:34 -------- d-----w- C:\Windows\System32\sv
2013-07-19 14:22:34 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
2013-07-19 14:22:34 -------- d-----w- C:\Windows\System32\drivers\sv-SE
2013-07-19 14:22:33 -------- d-----w- C:\Windows\System32\wbem\sv-SE
2013-07-19 14:22:32 -------- d-----w- C:\Windows\sv-SE
2013-07-19 14:20:45 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\USBSafelyRemove
2013-07-19 14:18:38 -------- d-----w- C:\Windows\de-DE
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\wbem\de-DE
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\de-DE
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\drivers\de-DE
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\de
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\0407
2013-07-19 14:18:35 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE
2013-07-19 14:18:35 -------- d-----w- C:\Windows\System32\drivers\de-DE
2013-07-19 14:18:34 -------- d-----w- C:\Windows\System32\wbem\de-DE
2013-07-19 14:18:34 -------- d-----w- C:\Windows\System32\de
2013-07-19 14:14:33 -------- d-----w- C:\Windows\SysWow64\drivers\cs-CZ
2013-07-19 14:14:33 -------- d-----w- C:\Windows\SysWow64\cs
2013-07-19 14:14:32 -------- d-----w- C:\Windows\SysWow64\wbem\cs-CZ
2013-07-19 14:14:32 -------- d-----w- C:\Windows\System32\cs
2013-07-19 14:14:32 -------- d-----w- C:\Windows\cs-CZ
2013-07-19 14:14:31 -------- d-----w- C:\Windows\System32\drivers\UMDF\cs-CZ
2013-07-19 14:14:31 -------- d-----w- C:\Windows\System32\drivers\cs-CZ
2013-07-19 14:14:30 -------- d-----w- C:\Windows\System32\wbem\cs-CZ
2013-07-19 14:08:39 46080 ----a-w- C:\Windows\System32\drivers\lt-LT\tcpip.sys.mui
2013-07-19 14:06:28 3584 ----a-w- C:\Windows\System32\drivers\hr-HR\portcls.sys.mui
2013-07-19 14:06:28 3072 ----a-w- C:\Windows\System32\drivers\hr-HR\ataport.sys.mui
2013-07-19 14:06:28 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\serscan.sys.mui
2013-07-19 14:06:28 2048 ----a-w- C:\Windows\System32\drivers\hr-HR\amdide.sys.mui
2013-07-19 14:06:27 48128 ----a-w- C:\Windows\System32\drivers\hr-HR\tcpip.sys.mui
2013-07-19 14:06:27 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\scfilter.sys.mui
2013-07-19 14:06:25 3072 ----a-w- C:\Windows\System32\drivers\hr-HR\hidbth.sys.mui
2013-07-19 14:06:24 7680 ----a-w- C:\Windows\System32\drivers\hr-HR\bthport.sys.mui
2013-07-19 14:06:24 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\BTHUSB.SYS.mui
2013-07-19 14:06:24 2048 ----a-w- C:\Windows\System32\drivers\hr-HR\bthenum.sys.mui
2013-07-19 14:05:29 -------- d-----w- C:\Windows\SysWow64\wbem\ru-RU
2013-07-19 14:05:29 -------- d-----w- C:\Windows\SysWow64\ru
2013-07-19 14:05:29 -------- d-----w- C:\Windows\SysWow64\drivers\ru-RU
2013-07-19 14:05:28 -------- d-----w- C:\Windows\System32\drivers\UMDF\ru-RU
2013-07-19 14:05:28 -------- d-----w- C:\Windows\System32\drivers\ru-RU
2013-07-19 14:05:27 -------- d-----w- C:\Windows\System32\wbem\ru-RU
2013-07-19 14:05:27 -------- d-----w- C:\Windows\System32\ru
2013-07-19 14:05:26 -------- d-----w- C:\Windows\ru-RU
2013-07-19 14:01:56 -------- d-----w- C:\Windows\it-IT
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\wbem\it-IT
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\it
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\it-IT
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\drivers\it-IT
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\0410
2013-07-19 14:01:53 -------- d-----w- C:\Windows\System32\wbem\it-IT
2013-07-19 14:01:53 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT
2013-07-19 14:01:53 -------- d-----w- C:\Windows\System32\drivers\it-IT
2013-07-19 14:01:52 -------- d-----w- C:\Windows\System32\it
2013-07-19 13:58:14 -------- d-----w- C:\Windows\ja-JP
2013-07-19 13:58:12 -------- d-----w- C:\Windows\SysWow64\ja
2013-07-19 13:58:12 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\ja-JP
2013-07-19 13:58:12 -------- d-----w- C:\Windows\SysWow64\drivers\ja-JP
2013-07-19 13:58:12 -------- d-----w- C:\Windows\SysWow64\0411
2013-07-19 13:58:11 -------- d-----w- C:\Windows\SysWow64\wbem\ja-JP
2013-07-19 13:58:10 -------- d-----w- C:\Windows\System32\ja
2013-07-19 13:58:10 -------- d-----w- C:\Windows\System32\drivers\UMDF\ja-JP
2013-07-19 13:58:10 -------- d-----w- C:\Windows\System32\drivers\ja-JP
2013-07-19 13:58:09 -------- d-----w- C:\Windows\System32\wbem\ja-JP
2013-07-19 13:54:48 -------- d-----w- C:\Windows\SysWow64\no
2013-07-19 13:54:48 -------- d-----w- C:\Windows\SysWow64\drivers\nb-NO
2013-07-19 13:54:47 -------- d-----w- C:\Windows\SysWow64\wbem\nb-NO
2013-07-19 13:54:47 -------- d-----w- C:\Windows\System32\no
2013-07-19 13:54:47 -------- d-----w- C:\Windows\nb-NO
2013-07-19 13:54:46 -------- d-----w- C:\Windows\System32\drivers\UMDF\nb-NO
2013-07-19 13:54:46 -------- d-----w- C:\Windows\System32\drivers\nb-NO
2013-07-19 13:54:45 -------- d-----w- C:\Windows\System32\wbem\nb-NO
2013-07-19 13:50:37 3584 ----a-w- C:\Windows\System32\drivers\sl-SI\portcls.sys.mui
2013-07-19 13:50:37 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\serscan.sys.mui
2013-07-19 13:50:36 3072 ----a-w- C:\Windows\System32\drivers\sl-SI\ataport.sys.mui
2013-07-19 13:50:36 2048 ----a-w- C:\Windows\System32\drivers\sl-SI\amdide.sys.mui
2013-07-19 13:50:35 48128 ----a-w- C:\Windows\System32\drivers\sl-SI\tcpip.sys.mui
2013-07-19 13:50:35 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\scfilter.sys.mui
2013-07-19 13:50:32 7680 ----a-w- C:\Windows\System32\drivers\sl-SI\bthport.sys.mui
2013-07-19 13:50:32 3072 ----a-w- C:\Windows\System32\drivers\sl-SI\hidbth.sys.mui
2013-07-19 13:50:32 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\BTHUSB.SYS.mui
2013-07-19 13:50:32 2048 ----a-w- C:\Windows\System32\drivers\sl-SI\bthenum.sys.mui
2013-07-19 13:49:44 -------- d-----w- C:\Windows\el-GR
2013-07-19 13:49:41 -------- d-----w- C:\Windows\SysWow64\wbem\el-GR
2013-07-19 13:49:41 -------- d-----w- C:\Windows\SysWow64\el
2013-07-19 13:49:41 -------- d-----w- C:\Windows\SysWow64\drivers\el-GR
2013-07-19 13:49:40 -------- d-----w- C:\Windows\System32\el
2013-07-19 13:49:40 -------- d-----w- C:\Windows\System32\drivers\UMDF\el-GR
2013-07-19 13:49:40 -------- d-----w- C:\Windows\System32\drivers\el-GR
2013-07-19 13:49:39 -------- d-----w- C:\Windows\System32\wbem\el-GR
2013-07-19 13:46:35 -------- d-----w- C:\Windows\pt-BR
2013-07-19 13:46:34 -------- d-----w- C:\Windows\SysWow64\wbem\pt-BR
2013-07-19 13:46:34 -------- d-----w- C:\Windows\SysWow64\drivers\pt-BR
2013-07-19 13:46:31 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR
2013-07-19 13:46:31 -------- d-----w- C:\Windows\System32\drivers\pt-BR
2013-07-19 13:46:30 -------- d-----w- C:\Windows\System32\wbem\pt-BR
2013-07-19 13:43:50 -------- d-----w- C:\Windows\SysWow64\wbem\ro-RO
2013-07-19 13:43:50 -------- d-----w- C:\Windows\SysWow64\drivers\ro-RO
2013-07-19 13:43:50 -------- d-----w- C:\Windows\ro-RO
2013-07-19 13:43:49 -------- d-----w- C:\Windows\System32\wbem\ro-RO
2013-07-19 13:43:49 -------- d-----w- C:\Windows\System32\drivers\ro-RO
2013-07-19 13:42:27 3584 ----a-w- C:\Windows\System32\drivers\ro-RO\portcls.sys.mui
2013-07-19 13:42:27 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\serscan.sys.mui
2013-07-19 13:42:26 47616 ----a-w- C:\Windows\System32\drivers\ro-RO\tcpip.sys.mui
2013-07-19 13:42:26 3072 ----a-w- C:\Windows\System32\drivers\ro-RO\ataport.sys.mui
2013-07-19 13:42:26 2048 ----a-w- C:\Windows\System32\drivers\ro-RO\amdide.sys.mui
2013-07-19 13:42:25 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\scfilter.sys.mui
2013-07-19 13:42:22 8192 ----a-w- C:\Windows\System32\drivers\ro-RO\bthport.sys.mui
2013-07-19 13:42:22 3072 ----a-w- C:\Windows\System32\drivers\ro-RO\hidbth.sys.mui
2013-07-19 13:42:22 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\BTHUSB.SYS.mui
2013-07-19 13:42:22 2048 ----a-w- C:\Windows\System32\drivers\ro-RO\bthenum.sys.mui
2013-07-19 13:41:30 -------- d-----w- C:\Windows\SysWow64\drivers\pl-PL
2013-07-19 13:41:29 -------- d-----w- C:\Windows\SysWow64\wbem\pl-PL
2013-07-19 13:41:29 -------- d-----w- C:\Windows\SysWow64\pl
2013-07-19 13:41:28 -------- d-----w- C:\Windows\System32\drivers\UMDF\pl-PL
2013-07-19 13:41:28 -------- d-----w- C:\Windows\System32\drivers\pl-PL
2013-07-19 13:41:28 -------- d-----w- C:\Windows\pl-PL
2013-07-19 13:41:26 -------- d-----w- C:\Windows\System32\wbem\pl-PL
2013-07-19 13:41:26 -------- d-----w- C:\Windows\System32\pl
2013-07-19 13:36:57 7168 ----a-w- C:\Windows\System32\drivers\UMDF\fr-FR\WUDFUsbccidDriver.dll.mui
2013-07-19 13:35:57 -------- d-----w- C:\Windows\fr-FR
2013-07-19 13:33:47 6144 ----a-w- C:\Windows\System32\drivers\UMDF\ar-SA\WUDFUsbccidDriver.dll.mui
2013-07-19 13:32:51 -------- d-----w- C:\Windows\SysWow64\hu
2013-07-19 13:32:51 -------- d-----w- C:\Windows\SysWow64\drivers\hu-HU
2013-07-19 13:32:50 -------- d-----w- C:\Windows\SysWow64\wbem\hu-HU
2013-07-19 13:32:50 -------- d-----w- C:\Windows\System32\hu
2013-07-19 13:32:50 -------- d-----w- C:\Windows\System32\drivers\UMDF\hu-HU
2013-07-19 13:32:50 -------- d-----w- C:\Windows\System32\drivers\hu-HU
2013-07-19 13:32:49 -------- d-----w- C:\Windows\System32\wbem\hu-HU
2013-07-19 13:32:48 -------- d-----w- C:\Windows\hu-HU
2013-07-19 13:30:35 -------- d-----w- C:\Windows\SysWow64\wbem\sr-Latn-CS
2013-07-19 13:30:35 -------- d-----w- C:\Windows\SysWow64\drivers\sr-Latn-CS
2013-07-19 13:30:35 -------- d-----w- C:\Windows\sr-Latn-CS
2013-07-19 13:30:34 -------- d-----w- C:\Windows\System32\wbem\sr-Latn-CS
2013-07-19 13:30:34 -------- d-----w- C:\Windows\System32\drivers\sr-Latn-CS
2013-07-19 13:28:50 -------- d-----w- C:\Windows\SysWow64\wbem\sk-SK
2013-07-19 13:28:50 -------- d-----w- C:\Windows\SysWow64\drivers\sk-SK
2013-07-19 13:28:50 -------- d-----w- C:\Windows\System32\wbem\sk-SK
2013-07-19 13:28:50 -------- d-----w- C:\Windows\System32\drivers\sk-SK
2013-07-19 13:28:50 -------- d-----w- C:\Windows\sk-SK
2013-07-19 13:26:21 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\ProgSense
2013-07-19 13:26:19 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\GrabPro
2013-07-19 13:26:19 -------- d-----w- C:\downloads
2013-07-19 13:26:17 -------- d-----w- C:\Program Files (x86)\WinPcap
2013-07-19 13:26:14 -------- d-----w- C:\Program Files (x86)\Orbitdownloader
2013-07-19 13:25:55 3584 ----a-w- C:\Windows\System32\drivers\th-TH\portcls.sys.mui
2013-07-19 13:25:55 3072 ----a-w- C:\Windows\System32\drivers\th-TH\ataport.sys.mui
2013-07-19 13:25:55 2560 ----a-w- C:\Windows\System32\drivers\th-TH\serscan.sys.mui
2013-07-19 13:25:55 2048 ----a-w- C:\Windows\System32\drivers\th-TH\amdide.sys.mui
2013-07-19 13:25:54 46592 ----a-w- C:\Windows\System32\drivers\th-TH\tcpip.sys.mui
2013-07-19 13:25:54 2560 ----a-w- C:\Windows\System32\drivers\th-TH\scfilter.sys.mui
2013-07-19 13:25:51 7168 ----a-w- C:\Windows\System32\drivers\th-TH\bthport.sys.mui
2013-07-19 13:25:51 3072 ----a-w- C:\Windows\System32\drivers\th-TH\hidbth.sys.mui
2013-07-19 13:25:51 2560 ----a-w- C:\Windows\System32\drivers\th-TH\BTHUSB.SYS.mui
2013-07-19 13:25:51 2048 ----a-w- C:\Windows\System32\drivers\th-TH\bthenum.sys.mui
2013-07-19 13:24:53 -------- d-----w- C:\Windows\fi-FI
2013-07-19 13:24:52 -------- d-----w- C:\Windows\SysWow64\XPSViewer
2013-07-19 13:24:52 -------- d-----w- C:\Windows\SysWow64\fi
2013-07-19 13:24:52 -------- d-----w- C:\Windows\SysWow64\drivers\fi-FI
2013-07-19 13:24:51 -------- d-----w- C:\Windows\SysWow64\wbem\fi-FI
2013-07-19 13:24:49 -------- d-----w- C:\Windows\System32\wbem\fi-FI
2013-07-19 13:24:49 -------- d-----w- C:\Windows\System32\fi
2013-07-19 13:24:49 -------- d-----w- C:\Windows\System32\drivers\UMDF\fi-FI
2013-07-19 13:24:49 -------- d-----w- C:\Windows\System32\drivers\fi-FI
2013-07-19 13:14:51 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-07-19 13:14:47 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-07-19 13:14:37 -------- d-----w- C:\Windows\PCHEALTH
2013-07-19 13:14:37 -------- d-----w- C:\Program Files\Microsoft SQL Server
2013-07-19 13:10:07 -------- d-----w- C:\Program Files\DivX
2013-07-19 13:10:06 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2013-07-19 13:09:53 -------- d-----w- C:\Program Files (x86)\DivX
2013-07-19 13:09:44 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-07-19 13:09:44 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-07-19 13:09:39 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Microsoft Help
2013-07-19 13:07:27 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\calibre
2013-07-19 13:07:05 255552 ----a-w- C:\Windows\SysWow64\drivers\mcdbus.sys
2013-07-19 13:07:05 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2013-07-19 13:07:05 -------- d-----w- C:\Program Files (x86)\MagicDisc
2013-07-19 13:06:05 -------- d-----w- C:\Program Files (x86)\MagicISO
2013-07-19 13:05:57 -------- d-----w- C:\Program Files (x86)\Calibre2
2013-07-19 13:03:40 -------- d-----w- C:\ProgramData\USBSRService
2013-07-19 13:03:38 -------- d-----w- C:\Program Files (x86)\USB Safely Remove
2013-07-19 13:03:01 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Highresolution Enterprises
2013-07-19 13:03:00 -------- d-----w- C:\Program Files\Highresolution Enterprises
2013-07-19 13:02:18 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\SumatraPDF
2013-07-19 13:02:03 -------- d-----w- C:\Program Files (x86)\SumatraPDF
2013-07-19 13:01:23 -------- d-----w- C:\ProgramData\PlotSoft
2013-07-19 13:01:23 -------- d-----w- C:\Program Files (x86)\PlotSoft
2013-07-19 12:58:01 201728 ----a-w- C:\hjsplit.exe
2013-07-19 12:57:41 -------- d-----w- C:\Program Files\Unlocker
2013-07-19 12:56:11 -------- d-----w- C:\ProgramData\Stardock
2013-07-19 12:56:08 -------- d-----w- C:\Program Files (x86)\Stardock
2013-07-19 12:56:00 241664 ----a-w- C:\Duplicate File Finder (Favorite) (Full).exe
2013-07-19 12:53:29 -------- d-----w- C:\Program Files\MPC-HC
2013-07-19 12:52:50 -------- d-----w- C:\Program Files (x86)\IrfanView
2013-07-19 12:52:37 -------- d-----w- C:\ProgramData\DivX
2013-07-19 12:52:20 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-07-19 12:44:29 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Google
2013-07-19 12:42:37 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Deployment
2013-07-19 12:42:37 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Apps
2013-07-19 12:30:40 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2013-07-19 12:30:40 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2013-07-19 12:13:07 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2013-07-19 12:13:07 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2013-07-19 12:04:12 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-07-19 12:04:12 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-07-19 12:04:12 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-07-19 12:04:12 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-07-19 11:40:36 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-07-19 11:40:36 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-07-19 11:40:36 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-07-19 11:40:36 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-07-19 11:40:36 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-07-19 11:40:36 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-07-19 11:39:54 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-07-19 11:39:54 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-07-19 11:39:54 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-07-19 11:39:54 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-07-19 11:39:53 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-07-19 11:39:53 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-07-19 11:39:53 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-07-19 11:31:57 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2013-07-19 11:31:57 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-07-19 11:31:57 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-07-19 11:31:57 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-07-19 11:31:57 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-07-19 11:28:14 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2013-07-19 11:24:22 -------- d-----w- C:\Windows\Panther
2013-07-19 11:00:27 -------- d-----w- C:\Program Files (x86)\NEC Electronics
2013-07-19 11:00:08 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Downloaded Installations
2013-07-19 10:59:07 104480 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-07-19 10:56:22 408600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2013-07-19 10:55:06 -------- d-----w- C:\Program Files (x86)\Marvell
2013-07-19 10:51:13 741480 ------w- C:\Windows\System32\HPDiscoPM9311.dll
2013-07-19 10:50:59 -------- d-----w- C:\Program Files (x86)\HP
2013-07-19 10:50:58 -------- d-----w- C:\Program Files\HP
2013-07-19 10:50:44 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\HP
2013-07-19 10:47:19 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\AVG2013
2013-07-19 10:46:56 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\TuneUp Software
2013-07-19 10:46:51 -------- d--h--w- C:\$AVG
2013-07-19 10:46:51 -------- d-----w- C:\ProgramData\AVG2013
2013-07-19 10:46:34 -------- d-----w- C:\Program Files (x86)\AVG
2013-07-19 10:43:54 139264 ----a-w- C:\Windows\System32\cabview.dll
2013-07-19 10:43:54 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2013-07-19 10:43:54 -------- d-----w- C:\Program Files\Realtek
2013-07-19 10:43:45 3615888 ----a-w- C:\Windows\System32\RtkAPO64.dll
2013-07-19 10:43:44 -------- d-----w- C:\Program Files (x86)\Realtek
2013-07-19 10:43:28 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-07-19 10:43:28 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-07-19 10:43:28 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-07-19 10:43:23 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-07-19 10:43:23 -------- d--h--w- C:\Program Files (x86)\Temp
2013-07-19 10:43:12 -------- d-----w- C:\Intel
2013-07-19 10:41:55 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-07-19 10:41:55 6496544 ----a-w- C:\Windows\System32\nvcpl.dll
2013-07-19 10:41:55 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-07-19 10:41:55 3514656 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-07-19 10:41:55 3253909 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-07-19 10:41:55 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-07-19 10:41:51 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2013-07-19 10:41:51 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-07-19 10:41:49 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-07-19 10:41:47 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-07-19 10:38:01 -------- d-----w- C:\NVIDIA
2013-07-19 10:36:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-07-19 10:36:10 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-07-19 10:36:08 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-06-21 12:16:02 566048 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
==================== Find3M  ====================
.
2013-07-19 13:31:28 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-19 13:31:28 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-19 13:29:33 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-19 13:29:33 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-19 13:29:33 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-07-19 10:36:48 327008 ----a-w- C:\Windows\System32\RaCoInstx.dll
2013-07-19 10:36:48 1617472 ----a-w- C:\Windows\System32\drivers\netr28ux.sys
.
============= FINISH: 23:52:11.31 ===============


#6 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:59 PM

Posted 21 July 2013 - 01:30 PM

Hello zamthezealot,

 

Going over your logs I noticed that you have Vuze installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall Vuze, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

---------------------------------------------------------------------------

 

Let's see this:

 

Launch DDS again.

 

Put a checkmark in the box next to "DDS.txt" and "Attach.txt".

 

Expand the pane for "options for dds.txt" and put a check mark next to "Force scan all domains".

 

Click "Start".

 

Include the two resulting logs in your next reply.

 

---------------------------------------------------------------------------

 

I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Edited by TheShooter93, 21 July 2013 - 01:30 PM.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#7 zamthezealot

zamthezealot
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 21 July 2013 - 05:49 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16496  BrowserJavaVersion: 10.25.2
Run by Peter Nguyen at 12:45:11 on 2013-07-21
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.6135.3553 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files (x86)\Vuze\Azureus.exe
C:\Users\Peter Nguyen\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\Program Files (x86)\Orbitdownloader\orbitnet.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll
uRun: [USB Safely Remove] C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe /startup
uRun: [Azureus] C:\Program Files (x86)\Vuze\Azureus.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\PETERN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Peter Nguyen\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 68.190.192.35 71.9.127.107 24.205.224.36
TCP: Interfaces\{BCEF7A4E-4518-4695-A5F5-294240EED3E9} : DHCPNameServer = 68.190.192.35 71.9.127.107 24.205.224.36
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2009-10-9 22568]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-7-19 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-7-19 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-7-19 171928]
R2 USBSafelyRemoveService;USB Safely Remove Assistant;C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [2013-7-19 1521464]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-10 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-10 208896]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-19 1255736]
.
=============== Created Last 30 ================
.
2013-07-21 19:44:44 -------- d--h--w- C:\Windows\PIF
2013-07-21 10:12:04 -------- d-----w- C:\Python27
2013-07-21 10:09:10 -------- d-----w- C:\Users\Peter Nguyen\.idlerc
2013-07-21 09:53:21 -------- d-----w- C:\Python33
2013-07-21 08:46:42 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\NVIDIA
2013-07-21 08:07:10 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Slick Savings
2013-07-21 08:07:08 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2013-07-21 08:06:35 -------- d-----w- C:\Program Files (x86)\GreenTree Applications
2013-07-20 23:29:55 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Malwarebytes
2013-07-20 23:29:50 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-20 23:21:28 -------- d-----w- C:\Windows\System32\appmgmt
2013-07-20 23:18:12 -------- d-----w- C:\Program Files (x86)\CDisplay
2013-07-20 21:46:34 163504 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-07-20 21:45:42 -------- d-----w- C:\Program Files (x86)\Cooler Master
2013-07-20 10:04:37 -------- d-----w- C:\Users\Peter Nguyen\Torrents
2013-07-20 09:43:05 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-07-20 09:33:10 -------- d-----w- C:\Users\Peter Nguyen\.swt
2013-07-20 08:16:14 -------- d-----w- C:\Program Files (x86)\EVGA Precision X
2013-07-20 05:54:22 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Dropbox
2013-07-20 01:03:40 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-07-20 01:03:40 -------- d-----w- C:\Program Files (x86)\StarCraft II
2013-07-20 01:03:40 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-07-20 00:50:45 -------- d-----w- C:\Users\Peter Nguyen\Downloading
2013-07-20 00:50:45 -------- d-----r- C:\Users\Peter Nguyen\Dropbox
2013-07-20 00:50:37 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Logishrd
2013-07-20 00:48:39 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Azureus
2013-07-20 00:48:38 -------- d-----w- C:\Program Files (x86)\Vuze
2013-07-20 00:25:50 -------- d-----w- C:\ProgramData\Battle.net
2013-07-20 00:17:48 -------- d-----w- C:\ProgramData\YTD Video Downloader
2013-07-20 00:17:40 -------- d-----w- C:\Program Files (x86)\1-click run
2013-07-19 21:35:02 -------- d-----w- C:\Windows\System32\MRT
2013-07-19 21:34:19 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2013-07-19 21:14:56 -------- d-----w- C:\Windows\he-IL
2013-07-19 15:16:44 3584 ----a-w- C:\Windows\System32\drivers\uk-UA\portcls.sys.mui
2013-07-19 15:16:44 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\serscan.sys.mui
2013-07-19 15:16:43 48640 ----a-w- C:\Windows\System32\drivers\uk-UA\tcpip.sys.mui
2013-07-19 15:16:43 3072 ----a-w- C:\Windows\System32\drivers\uk-UA\ataport.sys.mui
2013-07-19 15:16:43 2048 ----a-w- C:\Windows\System32\drivers\uk-UA\amdide.sys.mui
2013-07-19 15:16:42 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\scfilter.sys.mui
2013-07-19 15:16:40 7680 ----a-w- C:\Windows\System32\drivers\uk-UA\bthport.sys.mui
2013-07-19 15:16:40 3072 ----a-w- C:\Windows\System32\drivers\uk-UA\hidbth.sys.mui
2013-07-19 15:16:40 2560 ----a-w- C:\Windows\System32\drivers\uk-UA\BTHUSB.SYS.mui
2013-07-19 15:16:40 2048 ----a-w- C:\Windows\System32\drivers\uk-UA\bthenum.sys.mui
2013-07-19 15:11:44 3584 ----a-w- C:\Windows\System32\drivers\lv-LV\portcls.sys.mui
2013-07-19 15:11:44 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\serscan.sys.mui
2013-07-19 15:11:43 47616 ----a-w- C:\Windows\System32\drivers\lv-LV\tcpip.sys.mui
2013-07-19 15:11:43 3072 ----a-w- C:\Windows\System32\drivers\lv-LV\ataport.sys.mui
2013-07-19 15:11:43 2048 ----a-w- C:\Windows\System32\drivers\lv-LV\amdide.sys.mui
2013-07-19 15:11:42 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\scfilter.sys.mui
2013-07-19 15:11:40 7168 ----a-w- C:\Windows\System32\drivers\lv-LV\bthport.sys.mui
2013-07-19 15:11:40 3072 ----a-w- C:\Windows\System32\drivers\lv-LV\hidbth.sys.mui
2013-07-19 15:11:40 2560 ----a-w- C:\Windows\System32\drivers\lv-LV\BTHUSB.SYS.mui
2013-07-19 15:11:40 2048 ----a-w- C:\Windows\System32\drivers\lv-LV\bthenum.sys.mui
2013-07-19 14:59:26 7168 ----a-w- C:\Windows\System32\drivers\UMDF\es-ES\WUDFUsbccidDriver.dll.mui
2013-07-19 14:54:34 6144 ----a-w- C:\Windows\System32\drivers\UMDF\he-IL\WUDFUsbccidDriver.dll.mui
2013-07-19 14:50:07 6144 ----a-w- C:\Windows\System32\drivers\UMDF\tr-TR\WUDFUsbccidDriver.dll.mui
2013-07-19 14:46:03 377856 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\mshwkor.dll
2013-07-19 14:45:59 4608 ----a-w- C:\Windows\System32\drivers\ko-KR\luafv.sys.mui
2013-07-19 14:42:33 6656 ----a-w- C:\Windows\System32\drivers\UMDF\da-DK\WUDFUsbccidDriver.dll.mui
2013-07-19 14:41:28 -------- d-----w- C:\Windows\pt-PT
2013-07-19 14:41:27 -------- d-----w- C:\Windows\SysWow64\wbem\pt-PT
2013-07-19 14:41:27 -------- d-----w- C:\Windows\SysWow64\pt
2013-07-19 14:41:27 -------- d-----w- C:\Windows\SysWow64\drivers\pt-PT
2013-07-19 14:41:25 -------- d-----w- C:\Windows\System32\wbem\pt-PT
2013-07-19 14:41:25 -------- d-----w- C:\Windows\System32\pt
2013-07-19 14:41:25 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-PT
2013-07-19 14:41:25 -------- d-----w- C:\Windows\System32\drivers\pt-PT
2013-07-19 14:37:31 -------- d-----w- C:\Windows\SysWow64\drivers\et-EE
2013-07-19 14:37:30 -------- d-----w- C:\Windows\SysWow64\wbem\et-EE
2013-07-19 14:37:30 -------- d-----w- C:\Windows\System32\wbem\et-EE
2013-07-19 14:37:30 -------- d-----w- C:\Windows\System32\drivers\et-EE
2013-07-19 14:37:29 -------- d-----w- C:\Windows\et-EE
2013-07-19 14:35:24 3584 ----a-w- C:\Windows\System32\drivers\et-EE\portcls.sys.mui
2013-07-19 14:35:24 2560 ----a-w- C:\Windows\System32\drivers\et-EE\serscan.sys.mui
2013-07-19 14:35:23 45568 ----a-w- C:\Windows\System32\drivers\et-EE\tcpip.sys.mui
2013-07-19 14:35:23 3072 ----a-w- C:\Windows\System32\drivers\et-EE\ataport.sys.mui
2013-07-19 14:35:23 2560 ----a-w- C:\Windows\System32\drivers\et-EE\scfilter.sys.mui
2013-07-19 14:35:23 2048 ----a-w- C:\Windows\System32\drivers\et-EE\amdide.sys.mui
2013-07-19 14:35:20 7168 ----a-w- C:\Windows\System32\drivers\et-EE\bthport.sys.mui
2013-07-19 14:35:20 3072 ----a-w- C:\Windows\System32\drivers\et-EE\hidbth.sys.mui
2013-07-19 14:35:20 2560 ----a-w- C:\Windows\System32\drivers\et-EE\BTHUSB.SYS.mui
2013-07-19 14:35:20 2048 ----a-w- C:\Windows\System32\drivers\et-EE\bthenum.sys.mui
2013-07-19 14:34:48 -------- d-----w- C:\Windows\SysWow64\wbem\bg-BG
2013-07-19 14:34:48 -------- d-----w- C:\Windows\SysWow64\drivers\bg-BG
2013-07-19 14:34:48 -------- d-----w- C:\Windows\System32\drivers\bg-BG
2013-07-19 14:34:48 -------- d-----w- C:\Windows\bg-BG
2013-07-19 14:34:47 -------- d-----w- C:\Windows\System32\wbem\bg-BG
2013-07-19 14:32:39 3584 ----a-w- C:\Windows\System32\drivers\bg-BG\portcls.sys.mui
2013-07-19 14:32:39 2560 ----a-w- C:\Windows\System32\drivers\bg-BG\serscan.sys.mui
2013-07-19 14:32:37 48128 ----a-w- C:\Windows\System32\drivers\bg-BG\tcpip.sys.mui
2013-07-19 14:32:37 3072 ----a-w- C:\Windows\System32\drivers\bg-BG\ataport.sys.mui
2013-07-19 14:32:37 2560 ----a-w- C:\Windows\System32\drivers\bg-BG\scfilter.sys.mui
2013-07-19 14:32:37 2048 ----a-w- C:\Windows\System32\drivers\bg-BG\amdide.sys.mui
2013-07-19 14:32:34 7680 ----a-w- C:\Windows\System32\drivers\bg-BG\bthport.sys.mui
2013-07-19 14:32:34 3072 ----a-w- C:\Windows\System32\drivers\bg-BG\hidbth.sys.mui
2013-07-19 14:32:34 2560 ----a-w- C:\Windows\System32\drivers\bg-BG\BTHUSB.SYS.mui
2013-07-19 14:32:34 2048 ----a-w- C:\Windows\System32\drivers\bg-BG\bthenum.sys.mui
2013-07-19 14:31:26 -------- d-----w- C:\Windows\SysWow64\zh-CHS
2013-07-19 14:31:26 -------- d-----w- C:\Windows\SysWow64\drivers\zh-CN
2013-07-19 14:31:25 -------- d-----w- C:\Windows\SysWow64\wbem\zh-CN
2013-07-19 14:31:24 -------- d-----w- C:\Windows\System32\zh-CHS
2013-07-19 14:31:24 -------- d-----w- C:\Windows\System32\drivers\zh-CN
2013-07-19 14:31:24 -------- d-----w- C:\Windows\System32\drivers\UMDF\zh-CN
2013-07-19 14:31:23 -------- d-----w- C:\Windows\System32\wbem\zh-CN
2013-07-19 14:31:21 -------- d-----w- C:\Windows\zh-CN
2013-07-19 14:27:59 3584 ----a-w- C:\Windows\System32\drivers\zh-CN\fltmgr.sys.mui
2013-07-19 14:26:57 -------- d-----w- C:\Windows\SysWow64\nl
2013-07-19 14:26:57 -------- d-----w- C:\Windows\SysWow64\0413
2013-07-19 14:26:57 -------- d-----w- C:\Windows\nl-NL
2013-07-19 14:26:56 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\nl-NL
2013-07-19 14:26:56 -------- d-----w- C:\Windows\SysWow64\drivers\nl-NL
2013-07-19 14:26:55 -------- d-----w- C:\Windows\SysWow64\wbem\nl-NL
2013-07-19 14:26:55 -------- d-----w- C:\Windows\System32\nl
2013-07-19 14:26:53 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL
2013-07-19 14:26:53 -------- d-----w- C:\Windows\System32\drivers\nl-NL
2013-07-19 14:26:52 -------- d-----w- C:\Windows\System32\wbem\nl-NL
2013-07-19 14:22:35 -------- d-----w- C:\Windows\SysWow64\wbem\sv-SE
2013-07-19 14:22:35 -------- d-----w- C:\Windows\SysWow64\sv
2013-07-19 14:22:35 -------- d-----w- C:\Windows\SysWow64\drivers\sv-SE
2013-07-19 14:22:34 -------- d-----w- C:\Windows\System32\sv
2013-07-19 14:22:34 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
2013-07-19 14:22:34 -------- d-----w- C:\Windows\System32\drivers\sv-SE
2013-07-19 14:22:33 -------- d-----w- C:\Windows\System32\wbem\sv-SE
2013-07-19 14:22:32 -------- d-----w- C:\Windows\sv-SE
2013-07-19 14:20:45 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\USBSafelyRemove
2013-07-19 14:18:38 -------- d-----w- C:\Windows\de-DE
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\wbem\de-DE
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\de-DE
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\drivers\de-DE
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\de
2013-07-19 14:18:37 -------- d-----w- C:\Windows\SysWow64\0407
2013-07-19 14:18:35 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE
2013-07-19 14:18:35 -------- d-----w- C:\Windows\System32\drivers\de-DE
2013-07-19 14:18:34 -------- d-----w- C:\Windows\System32\wbem\de-DE
2013-07-19 14:18:34 -------- d-----w- C:\Windows\System32\de
2013-07-19 14:14:33 -------- d-----w- C:\Windows\SysWow64\drivers\cs-CZ
2013-07-19 14:14:33 -------- d-----w- C:\Windows\SysWow64\cs
2013-07-19 14:14:32 -------- d-----w- C:\Windows\SysWow64\wbem\cs-CZ
2013-07-19 14:14:32 -------- d-----w- C:\Windows\System32\cs
2013-07-19 14:14:32 -------- d-----w- C:\Windows\cs-CZ
2013-07-19 14:14:31 -------- d-----w- C:\Windows\System32\drivers\UMDF\cs-CZ
2013-07-19 14:14:31 -------- d-----w- C:\Windows\System32\drivers\cs-CZ
2013-07-19 14:14:30 -------- d-----w- C:\Windows\System32\wbem\cs-CZ
2013-07-19 14:08:39 46080 ----a-w- C:\Windows\System32\drivers\lt-LT\tcpip.sys.mui
2013-07-19 14:06:28 3584 ----a-w- C:\Windows\System32\drivers\hr-HR\portcls.sys.mui
2013-07-19 14:06:28 3072 ----a-w- C:\Windows\System32\drivers\hr-HR\ataport.sys.mui
2013-07-19 14:06:28 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\serscan.sys.mui
2013-07-19 14:06:28 2048 ----a-w- C:\Windows\System32\drivers\hr-HR\amdide.sys.mui
2013-07-19 14:06:27 48128 ----a-w- C:\Windows\System32\drivers\hr-HR\tcpip.sys.mui
2013-07-19 14:06:27 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\scfilter.sys.mui
2013-07-19 14:06:25 3072 ----a-w- C:\Windows\System32\drivers\hr-HR\hidbth.sys.mui
2013-07-19 14:06:24 7680 ----a-w- C:\Windows\System32\drivers\hr-HR\bthport.sys.mui
2013-07-19 14:06:24 2560 ----a-w- C:\Windows\System32\drivers\hr-HR\BTHUSB.SYS.mui
2013-07-19 14:06:24 2048 ----a-w- C:\Windows\System32\drivers\hr-HR\bthenum.sys.mui
2013-07-19 14:05:29 -------- d-----w- C:\Windows\SysWow64\wbem\ru-RU
2013-07-19 14:05:29 -------- d-----w- C:\Windows\SysWow64\ru
2013-07-19 14:05:29 -------- d-----w- C:\Windows\SysWow64\drivers\ru-RU
2013-07-19 14:05:28 -------- d-----w- C:\Windows\System32\drivers\UMDF\ru-RU
2013-07-19 14:05:28 -------- d-----w- C:\Windows\System32\drivers\ru-RU
2013-07-19 14:05:27 -------- d-----w- C:\Windows\System32\wbem\ru-RU
2013-07-19 14:05:27 -------- d-----w- C:\Windows\System32\ru
2013-07-19 14:05:26 -------- d-----w- C:\Windows\ru-RU
2013-07-19 14:01:56 -------- d-----w- C:\Windows\it-IT
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\wbem\it-IT
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\it
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\it-IT
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\drivers\it-IT
2013-07-19 14:01:55 -------- d-----w- C:\Windows\SysWow64\0410
2013-07-19 14:01:53 -------- d-----w- C:\Windows\System32\wbem\it-IT
2013-07-19 14:01:53 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT
2013-07-19 14:01:53 -------- d-----w- C:\Windows\System32\drivers\it-IT
2013-07-19 14:01:52 -------- d-----w- C:\Windows\System32\it
2013-07-19 13:58:14 -------- d-----w- C:\Windows\ja-JP
2013-07-19 13:58:12 -------- d-----w- C:\Windows\SysWow64\ja
2013-07-19 13:58:12 -------- d-----w- C:\Windows\SysWow64\drivers\UMDF\ja-JP
2013-07-19 13:58:12 -------- d-----w- C:\Windows\SysWow64\drivers\ja-JP
2013-07-19 13:58:12 -------- d-----w- C:\Windows\SysWow64\0411
2013-07-19 13:58:11 -------- d-----w- C:\Windows\SysWow64\wbem\ja-JP
2013-07-19 13:58:10 -------- d-----w- C:\Windows\System32\ja
2013-07-19 13:58:10 -------- d-----w- C:\Windows\System32\drivers\UMDF\ja-JP
2013-07-19 13:58:10 -------- d-----w- C:\Windows\System32\drivers\ja-JP
2013-07-19 13:58:09 -------- d-----w- C:\Windows\System32\wbem\ja-JP
2013-07-19 13:54:48 -------- d-----w- C:\Windows\SysWow64\no
2013-07-19 13:54:48 -------- d-----w- C:\Windows\SysWow64\drivers\nb-NO
2013-07-19 13:54:47 -------- d-----w- C:\Windows\SysWow64\wbem\nb-NO
2013-07-19 13:54:47 -------- d-----w- C:\Windows\System32\no
2013-07-19 13:54:47 -------- d-----w- C:\Windows\nb-NO
2013-07-19 13:54:46 -------- d-----w- C:\Windows\System32\drivers\UMDF\nb-NO
2013-07-19 13:54:46 -------- d-----w- C:\Windows\System32\drivers\nb-NO
2013-07-19 13:54:45 -------- d-----w- C:\Windows\System32\wbem\nb-NO
2013-07-19 13:50:37 3584 ----a-w- C:\Windows\System32\drivers\sl-SI\portcls.sys.mui
2013-07-19 13:50:37 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\serscan.sys.mui
2013-07-19 13:50:36 3072 ----a-w- C:\Windows\System32\drivers\sl-SI\ataport.sys.mui
2013-07-19 13:50:36 2048 ----a-w- C:\Windows\System32\drivers\sl-SI\amdide.sys.mui
2013-07-19 13:50:35 48128 ----a-w- C:\Windows\System32\drivers\sl-SI\tcpip.sys.mui
2013-07-19 13:50:35 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\scfilter.sys.mui
2013-07-19 13:50:32 7680 ----a-w- C:\Windows\System32\drivers\sl-SI\bthport.sys.mui
2013-07-19 13:50:32 3072 ----a-w- C:\Windows\System32\drivers\sl-SI\hidbth.sys.mui
2013-07-19 13:50:32 2560 ----a-w- C:\Windows\System32\drivers\sl-SI\BTHUSB.SYS.mui
2013-07-19 13:50:32 2048 ----a-w- C:\Windows\System32\drivers\sl-SI\bthenum.sys.mui
2013-07-19 13:49:44 -------- d-----w- C:\Windows\el-GR
2013-07-19 13:49:41 -------- d-----w- C:\Windows\SysWow64\wbem\el-GR
2013-07-19 13:49:41 -------- d-----w- C:\Windows\SysWow64\el
2013-07-19 13:49:41 -------- d-----w- C:\Windows\SysWow64\drivers\el-GR
2013-07-19 13:49:40 -------- d-----w- C:\Windows\System32\el
2013-07-19 13:49:40 -------- d-----w- C:\Windows\System32\drivers\UMDF\el-GR
2013-07-19 13:49:40 -------- d-----w- C:\Windows\System32\drivers\el-GR
2013-07-19 13:49:39 -------- d-----w- C:\Windows\System32\wbem\el-GR
2013-07-19 13:46:35 -------- d-----w- C:\Windows\pt-BR
2013-07-19 13:46:34 -------- d-----w- C:\Windows\SysWow64\wbem\pt-BR
2013-07-19 13:46:34 -------- d-----w- C:\Windows\SysWow64\drivers\pt-BR
2013-07-19 13:46:31 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR
2013-07-19 13:46:31 -------- d-----w- C:\Windows\System32\drivers\pt-BR
2013-07-19 13:46:30 -------- d-----w- C:\Windows\System32\wbem\pt-BR
2013-07-19 13:43:50 -------- d-----w- C:\Windows\SysWow64\wbem\ro-RO
2013-07-19 13:43:50 -------- d-----w- C:\Windows\SysWow64\drivers\ro-RO
2013-07-19 13:43:50 -------- d-----w- C:\Windows\ro-RO
2013-07-19 13:43:49 -------- d-----w- C:\Windows\System32\wbem\ro-RO
2013-07-19 13:43:49 -------- d-----w- C:\Windows\System32\drivers\ro-RO
2013-07-19 13:42:27 3584 ----a-w- C:\Windows\System32\drivers\ro-RO\portcls.sys.mui
2013-07-19 13:42:27 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\serscan.sys.mui
2013-07-19 13:42:26 47616 ----a-w- C:\Windows\System32\drivers\ro-RO\tcpip.sys.mui
2013-07-19 13:42:26 3072 ----a-w- C:\Windows\System32\drivers\ro-RO\ataport.sys.mui
2013-07-19 13:42:26 2048 ----a-w- C:\Windows\System32\drivers\ro-RO\amdide.sys.mui
2013-07-19 13:42:25 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\scfilter.sys.mui
2013-07-19 13:42:22 8192 ----a-w- C:\Windows\System32\drivers\ro-RO\bthport.sys.mui
2013-07-19 13:42:22 3072 ----a-w- C:\Windows\System32\drivers\ro-RO\hidbth.sys.mui
2013-07-19 13:42:22 2560 ----a-w- C:\Windows\System32\drivers\ro-RO\BTHUSB.SYS.mui
2013-07-19 13:42:22 2048 ----a-w- C:\Windows\System32\drivers\ro-RO\bthenum.sys.mui
2013-07-19 13:41:30 -------- d-----w- C:\Windows\SysWow64\drivers\pl-PL
2013-07-19 13:41:29 -------- d-----w- C:\Windows\SysWow64\wbem\pl-PL
2013-07-19 13:41:29 -------- d-----w- C:\Windows\SysWow64\pl
2013-07-19 13:41:28 -------- d-----w- C:\Windows\System32\drivers\UMDF\pl-PL
2013-07-19 13:41:28 -------- d-----w- C:\Windows\System32\drivers\pl-PL
2013-07-19 13:41:28 -------- d-----w- C:\Windows\pl-PL
2013-07-19 13:41:26 -------- d-----w- C:\Windows\System32\wbem\pl-PL
2013-07-19 13:41:26 -------- d-----w- C:\Windows\System32\pl
2013-07-19 13:36:57 7168 ----a-w- C:\Windows\System32\drivers\UMDF\fr-FR\WUDFUsbccidDriver.dll.mui
2013-07-19 13:35:57 -------- d-----w- C:\Windows\fr-FR
2013-07-19 13:33:47 6144 ----a-w- C:\Windows\System32\drivers\UMDF\ar-SA\WUDFUsbccidDriver.dll.mui
2013-07-19 13:32:51 -------- d-----w- C:\Windows\SysWow64\hu
2013-07-19 13:32:51 -------- d-----w- C:\Windows\SysWow64\drivers\hu-HU
2013-07-19 13:32:50 -------- d-----w- C:\Windows\SysWow64\wbem\hu-HU
2013-07-19 13:32:50 -------- d-----w- C:\Windows\System32\hu
2013-07-19 13:32:50 -------- d-----w- C:\Windows\System32\drivers\UMDF\hu-HU
2013-07-19 13:32:50 -------- d-----w- C:\Windows\System32\drivers\hu-HU
2013-07-19 13:32:49 -------- d-----w- C:\Windows\System32\wbem\hu-HU
2013-07-19 13:32:48 -------- d-----w- C:\Windows\hu-HU
2013-07-19 13:30:35 -------- d-----w- C:\Windows\SysWow64\wbem\sr-Latn-CS
2013-07-19 13:30:35 -------- d-----w- C:\Windows\SysWow64\drivers\sr-Latn-CS
2013-07-19 13:30:35 -------- d-----w- C:\Windows\sr-Latn-CS
2013-07-19 13:30:34 -------- d-----w- C:\Windows\System32\wbem\sr-Latn-CS
2013-07-19 13:30:34 -------- d-----w- C:\Windows\System32\drivers\sr-Latn-CS
2013-07-19 13:28:50 -------- d-----w- C:\Windows\SysWow64\wbem\sk-SK
2013-07-19 13:28:50 -------- d-----w- C:\Windows\SysWow64\drivers\sk-SK
2013-07-19 13:28:50 -------- d-----w- C:\Windows\System32\wbem\sk-SK
2013-07-19 13:28:50 -------- d-----w- C:\Windows\System32\drivers\sk-SK
2013-07-19 13:28:50 -------- d-----w- C:\Windows\sk-SK
2013-07-19 13:26:21 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\ProgSense
2013-07-19 13:26:19 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\GrabPro
2013-07-19 13:26:17 -------- d-----w- C:\Program Files (x86)\WinPcap
2013-07-19 13:26:14 -------- d-----w- C:\Program Files (x86)\Orbitdownloader
2013-07-19 13:25:55 3584 ----a-w- C:\Windows\System32\drivers\th-TH\portcls.sys.mui
2013-07-19 13:25:55 3072 ----a-w- C:\Windows\System32\drivers\th-TH\ataport.sys.mui
2013-07-19 13:25:55 2560 ----a-w- C:\Windows\System32\drivers\th-TH\serscan.sys.mui
2013-07-19 13:25:55 2048 ----a-w- C:\Windows\System32\drivers\th-TH\amdide.sys.mui
2013-07-19 13:25:54 46592 ----a-w- C:\Windows\System32\drivers\th-TH\tcpip.sys.mui
2013-07-19 13:25:54 2560 ----a-w- C:\Windows\System32\drivers\th-TH\scfilter.sys.mui
2013-07-19 13:25:51 7168 ----a-w- C:\Windows\System32\drivers\th-TH\bthport.sys.mui
2013-07-19 13:25:51 3072 ----a-w- C:\Windows\System32\drivers\th-TH\hidbth.sys.mui
2013-07-19 13:25:51 2560 ----a-w- C:\Windows\System32\drivers\th-TH\BTHUSB.SYS.mui
2013-07-19 13:25:51 2048 ----a-w- C:\Windows\System32\drivers\th-TH\bthenum.sys.mui
2013-07-19 13:24:53 -------- d-----w- C:\Windows\fi-FI
2013-07-19 13:24:52 -------- d-----w- C:\Windows\SysWow64\XPSViewer
2013-07-19 13:24:52 -------- d-----w- C:\Windows\SysWow64\fi
2013-07-19 13:24:52 -------- d-----w- C:\Windows\SysWow64\drivers\fi-FI
2013-07-19 13:24:51 -------- d-----w- C:\Windows\SysWow64\wbem\fi-FI
2013-07-19 13:24:49 -------- d-----w- C:\Windows\System32\wbem\fi-FI
2013-07-19 13:24:49 -------- d-----w- C:\Windows\System32\fi
2013-07-19 13:24:49 -------- d-----w- C:\Windows\System32\drivers\UMDF\fi-FI
2013-07-19 13:24:49 -------- d-----w- C:\Windows\System32\drivers\fi-FI
2013-07-19 13:14:51 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-07-19 13:14:47 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-07-19 13:14:37 -------- d-----w- C:\Windows\PCHEALTH
2013-07-19 13:14:37 -------- d-----w- C:\Program Files\Microsoft SQL Server
2013-07-19 13:10:07 -------- d-----w- C:\Program Files\DivX
2013-07-19 13:10:06 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2013-07-19 13:09:53 -------- d-----w- C:\Program Files (x86)\DivX
2013-07-19 13:09:44 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-07-19 13:09:44 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-07-19 13:09:39 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Microsoft Help
2013-07-19 13:07:27 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\calibre
2013-07-19 13:07:05 255552 ----a-w- C:\Windows\SysWow64\drivers\mcdbus.sys
2013-07-19 13:07:05 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2013-07-19 13:07:05 -------- d-----w- C:\Program Files (x86)\MagicDisc
2013-07-19 13:06:05 -------- d-----w- C:\Program Files (x86)\MagicISO
2013-07-19 13:05:57 -------- d-----w- C:\Program Files (x86)\Calibre2
2013-07-19 13:03:40 -------- d-----w- C:\ProgramData\USBSRService
2013-07-19 13:03:38 -------- d-----w- C:\Program Files (x86)\USB Safely Remove
2013-07-19 13:03:01 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\Highresolution Enterprises
2013-07-19 13:03:00 -------- d-----w- C:\Program Files\Highresolution Enterprises
2013-07-19 13:02:18 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\SumatraPDF
2013-07-19 13:02:03 -------- d-----w- C:\Program Files (x86)\SumatraPDF
2013-07-19 13:01:23 -------- d-----w- C:\ProgramData\PlotSoft
2013-07-19 13:01:23 -------- d-----w- C:\Program Files (x86)\PlotSoft
2013-07-19 12:58:01 201728 ----a-w- C:\hjsplit.exe
2013-07-19 12:57:41 -------- d-----w- C:\Program Files\Unlocker
2013-07-19 12:56:11 -------- d-----w- C:\ProgramData\Stardock
2013-07-19 12:56:00 241664 ----a-w- C:\Duplicate File Finder (Favorite) (Full).exe
2013-07-19 12:53:29 -------- d-----w- C:\Program Files\MPC-HC
2013-07-19 12:52:50 -------- d-----w- C:\Program Files (x86)\IrfanView
2013-07-19 12:52:37 -------- d-----w- C:\ProgramData\DivX
2013-07-19 12:52:20 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-07-19 12:44:29 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Google
2013-07-19 12:42:37 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Deployment
2013-07-19 12:42:37 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Apps
2013-07-19 12:30:40 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2013-07-19 12:30:40 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2013-07-19 12:13:07 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2013-07-19 12:13:07 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2013-07-19 12:04:12 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-07-19 12:04:12 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-07-19 12:04:12 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-07-19 12:04:12 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-07-19 11:40:36 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-07-19 11:40:36 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-07-19 11:40:36 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-07-19 11:40:36 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-07-19 11:40:36 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-07-19 11:40:36 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-07-19 11:39:54 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-07-19 11:39:54 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-07-19 11:39:54 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-07-19 11:39:54 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-07-19 11:39:53 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-07-19 11:39:53 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-07-19 11:39:53 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-07-19 11:31:57 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2013-07-19 11:31:57 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-07-19 11:31:57 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-07-19 11:31:57 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-07-19 11:31:57 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-07-19 11:28:14 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2013-07-19 11:24:22 -------- d-----w- C:\Windows\Panther
2013-07-19 11:00:27 -------- d-----w- C:\Program Files (x86)\NEC Electronics
2013-07-19 11:00:08 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\Downloaded Installations
2013-07-19 10:59:07 104480 ----a-w- C:\Windows\System32\RTNUninst64.dll
2013-07-19 10:56:22 408600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2013-07-19 10:55:06 -------- d-----w- C:\Program Files (x86)\Marvell
2013-07-19 10:51:13 741480 ----a-w- C:\Windows\System32\HPDiscoPM9311.dll
2013-07-19 10:50:59 -------- d-----w- C:\Program Files (x86)\HP
2013-07-19 10:50:58 -------- d-----w- C:\Program Files\HP
2013-07-19 10:50:44 -------- d-----w- C:\Users\Peter Nguyen\AppData\Local\HP
2013-07-19 10:47:19 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\AVG2013
2013-07-19 10:46:56 -------- d-----w- C:\Users\Peter Nguyen\AppData\Roaming\TuneUp Software
2013-07-19 10:46:51 -------- d--h--w- C:\$AVG
2013-07-19 10:46:51 -------- d-----w- C:\ProgramData\AVG2013
2013-07-19 10:46:34 -------- d-----w- C:\Program Files (x86)\AVG
2013-07-19 10:43:54 139264 ----a-w- C:\Windows\System32\cabview.dll
2013-07-19 10:43:54 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2013-07-19 10:43:54 -------- d-----w- C:\Program Files\Realtek
2013-07-19 10:43:45 3615888 ----a-w- C:\Windows\System32\RtkAPO64.dll
2013-07-19 10:43:44 -------- d-----w- C:\Program Files (x86)\Realtek
2013-07-19 10:43:28 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-07-19 10:43:28 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-07-19 10:43:28 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-07-19 10:43:23 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-07-19 10:43:23 -------- d--h--w- C:\Program Files (x86)\Temp
2013-07-19 10:43:12 -------- d-----w- C:\Intel
2013-07-19 10:41:55 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-07-19 10:41:55 6496544 ----a-w- C:\Windows\System32\nvcpl.dll
2013-07-19 10:41:55 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-07-19 10:41:55 3514656 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-07-19 10:41:55 3253909 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-07-19 10:41:55 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-07-19 10:41:51 61216 ----a-w- C:\Windows\System32\OpenCL.dll
2013-07-19 10:41:51 53024 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-07-19 10:41:49 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-07-19 10:41:47 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-07-19 10:38:01 -------- d-----w- C:\NVIDIA
2013-07-19 10:36:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-07-19 10:36:10 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-07-19 10:36:08 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
.
==================== Find3M  ====================
.
2013-07-19 13:31:28 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-19 13:31:28 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-19 13:29:33 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-19 13:29:33 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-19 13:29:33 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-07-19 10:36:48 327008 ----a-w- C:\Windows\System32\RaCoInstx.dll
2013-07-19 10:36:48 1617472 ----a-w- C:\Windows\System32\drivers\netr28ux.sys
2013-05-16 07:07:08 3920384 ----a-w- C:\Windows\System32\python33.dll
2013-05-16 07:06:12 93696 ----a-w- C:\Windows\py.exe
2013-05-16 07:06:10 94208 ----a-w- C:\Windows\pyw.exe
.
============= FINISH: 12:45:36.91 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume1
Install Date: 7/19/2013 3:31:01 AM
System Uptime: 7/21/2013 12:23:36 PM (0 hours ago)
.
Motherboard:  EVGA  |  | 131-GT-E767
Processor: Intel® Core™ i7 CPU         950  @ 3.07GHz | Socket 423 | 3060/135mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 64.43 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 621.471 GiB free.
G: is CDROM ()
H: is FIXED (NTFS) - 932 GiB total, 774.902 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP29: 7/21/2013 1:10:58 AM - Removed YTD Toolbar v7.3.
RP30: 7/21/2013 2:51:30 AM - Installed Python 3.3.2 (64-bit)
RP31: 7/21/2013 2:52:22 AM - Installed Python 3.3.2 (64-bit)
RP32: 7/21/2013 3:00:10 AM - Windows Update
RP33: 7/21/2013 3:11:28 AM - Installed Python 2.7 (64-bit)
RP34: 7/21/2013 3:29:36 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
AVG 2013
calibre
CDisplay 1.8
CoolerMaster Trigger
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
DivX Setup
Dropbox
Google Chrome
Google Update Helper
HiJackThis
HP Deskjet 3050 J610 series Basic Device Software
HP Deskjet 3050 J610 series Help
IrfanView (remove only)
Java 7 Update 25
Java Auto Updater
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Office 32-bit Components 2013
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared 32-bit MUI (English) 2013
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Publisher MUI (English) 2013
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Word MUI (English) 2013
MPC-HC 1.6.8 (64-bit)
NEC Electronics USB 3.0 Host Controller Driver
Notepad++
NVIDIA Control Panel 320.49
NVIDIA GeForce Experience 1.5
NVIDIA Graphics Driver 320.49
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0604
NVIDIA Update 4.11.9
NVIDIA Update Components
Orbit Downloader
Outils de vérification linguistique 2013 de Microsoft Office - Français
PDFill PDF Editor with FREE Writer and FREE Tools
Picasa 3
Python 2.7 (64-bit)
Python 3.3.2 (64-bit)
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Spybot - Search & Destroy
SumatraPDF
Unlocker 1.9.1-x64
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760538) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2817468) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2817469) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
USB Safely Remove 5.2
Visual C++ 2008 Runtime (x64)
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.7
Vuze
WinPcap 4.1.3
WinRAR 4.00 (64-bit)
X-Mouse Button Control 2.5
YTD Video Downloader 4.3
YTD Video Downloader Pro 4.1
.
==== Event Viewer Messages From Past Week ========
.
7/21/2013 3:32:38 AM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.
7/21/2013 2:29:06 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000003d (0xfffff8800b2b9120, 0x0000000000000000, 0x0000000000000000, 0xfffff88001316cc1). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072113-40419-01.
7/21/2013 12:24:22 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  mv91xx
7/21/2013 1:35:41 AM, Error: mv91xx [9]  - The device, \Device\Scsi\mv91xx1, did not respond within the timeout period.
7/20/2013 7:28:01 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer EXPERIENCE that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BCEF7A4E-4518-4695-A5F5-294240EED3E9}. The master browser is stopping or an election is being forced.
7/20/2013 4:16:35 PM, Error: Service Control Manager [7030]  - The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
7/20/2013 2:00:57 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB982018).
7/20/2013 2:00:57 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB977617).
7/20/2013 2:00:57 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2732487).
7/20/2013 2:00:57 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2529073).
7/20/2013 2:00:57 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2532531).
7/20/2013 1:08:58 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000000a (0x0000060410ef12af, 0x0000000000000002, 0x0000000000000000, 0xfffff800030667df). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072013-25708-01.
7/19/2013 9:41:22 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 00-00-00-00-00-00. Network operations on this system may be disrupted as a result.
7/19/2013 6:12:49 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume I:.
7/19/2013 6:12:49 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume .
7/19/2013 5:41:31 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).
7/19/2013 5:39:56 AM, Error: Service Control Manager [7023]  - 
7/19/2013 5:37:51 AM, Error: Service Control Manager [7034]  - The Intel® Matrix Storage Event Monitor service terminated unexpectedly.  It has done this 1 time(s).
7/19/2013 5:37:51 AM, Error: Service Control Manager [7031]  - The Spybot-S&D 2 Security Center Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/19/2013 5:37:49 AM, Error: Service Control Manager [7031]  - The Spybot-S&D 2 Updating Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/19/2013 5:37:49 AM, Error: Service Control Manager [7031]  - The Spybot-S&D 2 Scanner Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/19/2013 5:37:48 AM, Error: Service Control Manager [7034]  - The NVIDIA Update Service Daemon service terminated unexpectedly.  It has done this 1 time(s).
7/19/2013 5:37:48 AM, Error: Service Control Manager [7034]  - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.  It has done this 1 time(s).
7/19/2013 5:29:38 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070103: NVIDIA driver update for NVIDIA GeForce GTX 580.
7/19/2013 5:29:38 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070103: NVIDIA Corporation - Audio Device, Other hardware - NVIDIA High Definition Audio.
7/19/2013 5:18:40 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.0.8 with the system having network hardware address 5C-F6-DC-07-09-26. Network operations on this system may be disrupted as a result.
7/19/2013 2:12:20 PM, Error: Service Control Manager [7031]  - The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/19/2013 2:11:18 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.0.13 with the system having network hardware address 5C-F6-DC-07-09-26. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================

Attached Files

  • Attached File  ESET.txt   282bytes   4 downloads


#8 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:59 PM

Posted 22 July 2013 - 09:22 PM

Hello zamthezealot,

 

Everything looks OK with your log, but let's try one that will look at your Chrome extensions and make sure you're clean there too.

 

--------------------------------------------------------------------------

 

We need to create an OTL Report

  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the otlicon.png icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the runscan.png button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

--------------------------------------------------------------------------

 

Also, in reference to the following part of your log:

C: is FIXED (NTFS) - 233 GiB total, 64.43 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 621.471 GiB free.
G: is CDROM ()
H: is FIXED (NTFS) - 932 GiB total, 774.902 GiB free.

This configuration appears a bit different than usual. Can you confirm for me that you have 3 CD/DVD drives and 3 harddrives (or partitions)?

If it was not your doing, it may be a symptom of malware.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#9 zamthezealot

zamthezealot
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 24 July 2013 - 12:02 AM

Sorry for the wait, but OTL doesn't work with my 64-bit system.



#10 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:59 PM

Posted 24 July 2013 - 07:23 PM

Hello zamthezealot,

 

OTL works just fine with 64bit systems.

 

Try deleting your copy and downloading it again.

 

Are you getting an error message when you try to run OTL?
 


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#11 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:59 PM

Posted 27 July 2013 - 09:05 PM

Hello zamthezealot,

 

It has been at least 72 hours since my last post. Are you still there?

 

If you need more time, just let me know.

 

Otherwise, this thread will be closed due to inactivity.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#12 zamthezealot

zamthezealot
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 29 July 2013 - 03:08 AM

Hi, sorry for keeping you waiting. Things have come up for me and I've been too busy to get on this. I'm sure these adware / malware will keep popping up. Before your OTL post, I installed CDIsplay from CNET and I somehow managed to install sweet packs.I will continue to get these annoying or malicious software with the apps that I download. I think we should stop.



#13 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:59 PM

Posted 29 July 2013 - 09:49 AM

Hello zamthezealot,

 

It's OK, there is no rush. As I said initially, I just request notice if you expect to be away longer than 72 hours.

 

As for cleaning out your computer, it's still something that is fully possible.

 

If you feel your computer practices will lead to downloading malware, I can suggest ways to be safer while web browsing and installing programs, as well as make sure your antivirus software is installed properly and is up to date.

 

------------------------------------------------------------------------------

 

Having said that, this is a completely voluntary task for both of us -- if you no longer want me to clean your computer, of course that option is available. :)

 

Please let me know what you would like to do.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#14 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,793 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:09:59 PM

Posted 01 August 2013 - 10:02 AM

Hello zamthezealot,

 

It's been 72 hours since my last reply. Are you still with me?

 

If you need more time, just let me know.

 

If you do not reply within 48 hours, this thread will closed due to inactivity.


CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.


#15 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:59 PM

Posted 05 August 2013 - 06:44 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users