Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Password Changing On Its Own


  • This topic is locked This topic is locked
40 replies to this topic

#1 ihopeidonthavearkit

ihopeidonthavearkit

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 28 August 2013 - 11:16 PM

Recently when waking my desktop from sleep I cannot log into my main profile. I find that my password has been changed. I usually go into the other accounts on the desktop and change my profile's password into something that I know. I am not sure if my PC is infected with a virus. Here is my DDS log.

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2
Run by Chris at 21:00:54 on 2013-08-28
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3582.1684 [GMT -7:00]
.
AV: AVG AntiVirus 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
e:\Program Files\GNU\GnuPG\dirmngr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
E:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
E:\Program Files\NMapWin\bin\nmapserv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
H:\Zune\ZuneBusEnum.exe
H:\Zune\ZuneNss.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\Zune\ZuneLauncher.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Mindjet\MindManager 10\MMReminderService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Documents and Settings\Chris\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Documents and Settings\Chris\Application Data\Traffic Travis v4\TrafficTravisV4.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\Chris\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Evernote\Evernote\Evernote.exe
C:\Program Files\Evernote\Evernote\EvernoteTray.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
e:\Program Files\GNU\GnuPG\bin\dbus-daemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Chris\Application Data\Juniper Networks\Setup Client\JuniperSetupClient.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG2013\Tuneup\TUMICR~1.EXE
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: CmjBrowserHelperObject Object: {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - 
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6] <no file>
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [DXDllRegExe] c:\windows\system32\dxdllreg.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [zBrowser Launcher] e:\program files\logitech\itouch\iTouch.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Zune Launcher] "h:\zune\ZuneLauncher.exe"
mRun: [KeePass 2 PreLoad] "e:\program files\keepass password safe 2\KeePass.exe" --preload
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Synergy] C:/Program Files/Synergy/synergy.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MMReminderService] c:\program files\mindjet\mindmanager 10\MMReminderService.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\chris\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\chris\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\chris\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteClipper.exe
StartupFolder: c:\docume~1\chris\startm~1\programs\startup\hipchat.lnk - c:\program files\hipchat\HipChat.exe
StartupFolder: c:\docume~1\chris\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Send Image To MindManager - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll/201
IE: Send Link To MindManager - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll/203
IE: Send Page To MindManager - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll/204
IE: Send Text To MindManager - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll/202
IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - e:\program files\plotsoft\pdfill\DownloadPDF.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1117435687093
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1348681555625
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=724
TCP: Interfaces\{0254AFCD-D2E2-4BAA-89D6-1FD52FF2DB0A} : NameServer = 208.67.222.222,208.67.220.220
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\fences\FencesMenu.dll
SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
mASetup: {90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB} - c:\program files\mindjet\mindmanager 10\sys\MmInternetExplorerActiveSetup.vbs
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\chris\application data\mozilla\firefox\profiles\bo0n0r1j.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\chris\application data\mozilla\firefox\profiles\bo0n0r1j.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\documents and settings\chris\local settings\application data\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: !HIDDEN! 2009-09-01 22:10; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 39224]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 MpKsl9c270fbf;MpKsl9c270fbf;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cfcd4125-0860-44c5-a5ad-8d412d320c8a}\MpKsl9c270fbf.sys [2013-8-28 29904]
R1 NEOFLTR_710_19525;Juniper Networks TDI Filter Driver (NEOFLTR_710_19525);c:\windows\system32\drivers\NEOFLTR_710_19525.SYS [2013-8-14 85064]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 DirMngr;DirMngr;e:\program files\gnu\gnupg\dirmngr.exe [2009-9-28 242176]
R2 KodakDigitalDisplayService;KodakDigitalDisplayService;e:\program files\kodak\digital display\orbkodaklauncher\DllStartupService.exe [2009-5-14 98304]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-10-31 10384]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-7-6 374704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2011-1-11 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-2-24 47640]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-8-14 3291008]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 OpenSSHServer;Openssh SSHD;e:\program files\icw\bin\cygrunsrv.exe [2009-5-13 68096]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 cpuz135;cpuz135;c:\program files\pc wizard 2012\pcwiz_x32.sys [2012-3-19 24328]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-10-10 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-10-10 8456]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2009-6-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2009-6-17 10384]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\mcafee security scan\2.1.121\mcchsvc.exe" --> c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2002-10-22 32528]
S3 TNET1130;802.11 WLAN;c:\windows\system32\drivers\TNET1130.sys [2009-11-10 438912]
S3 WefiEngSvc;WeFi Engine Service;c:\program files\wefi\WefiEngSvc.exe [2009-11-17 140632]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S4 Apache2.2;Apache2.2;e:\program files\apache software foundation\apache2.2\bin\httpd.exe [2010-3-4 24645]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
S4 Remofscl;Remofscl; [x]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="e:\program files\adobe\adobe dreamweaver cs3\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="e:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
ShellExec: Foxit Reader.exe: print="e:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1" 
ShellExec: Foxit Reader.exe: printto="e:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4" 
ShellExec: FOXITR~1.EXE: print="e:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1" 
ShellExec: FOXITR~1.EXE: printto="e:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4" 
ShellExec: FRONTPG.EXE: edit=c:\progra~1\micros~2\office10\FRONTPG.EXE
.
=============== Created Last 30 ================
.
2013-08-28 21:43:30 -------- d-----w- c:\documents and settings\chris\application data\AVG2013
2013-08-28 21:42:36 -------- d-----w- c:\documents and settings\chris\application data\TuneUp Software
2013-08-28 21:42:17 -------- d--h--w- C:\$AVG
2013-08-28 21:42:17 -------- d-----w- c:\documents and settings\all users\application data\AVG2013
2013-08-28 21:41:29 -------- d-----w- c:\program files\AVG
2013-08-28 21:40:14 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2013-08-28 21:40:14 -------- d-----w- c:\documents and settings\chris\local settings\application data\MFAData
2013-08-28 21:40:14 -------- d-----w- c:\documents and settings\chris\local settings\application data\Avg2013
2013-08-28 21:40:14 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2013-08-28 21:11:50 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cfcd4125-0860-44c5-a5ad-8d412d320c8a}\offreg.dll
2013-08-28 21:11:50 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cfcd4125-0860-44c5-a5ad-8d412d320c8a}\MpKsl9c270fbf.sys
2013-08-28 21:04:14 7166848 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cfcd4125-0860-44c5-a5ad-8d412d320c8a}\mpengine.dll
2013-08-28 21:02:23 -------- d-----w- c:\program files\Microsoft Security Client
2013-08-27 14:24:16 7166848 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a95d5440-1534-4045-a83a-9b80eee548e9}\mpengine.dll
2013-08-19 05:22:30 -------- d-----w- c:\windows\Performance
2013-08-19 05:22:26 -------- d-----w- c:\documents and settings\chris\local settings\application data\Microsoft Corporation
2013-08-19 05:12:37 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2013-08-15 10:10:56 -------- d-----w- c:\windows\system32\MRT
2013-08-15 00:26:35 -------- d-----w- c:\program files\MSECache
2013-08-15 00:21:09 85064 ----a-w- c:\windows\system32\drivers\NEOFLTR_710_19525.SYS
2013-08-15 00:21:09 -------- d-----w- c:\program files\Juniper Networks
2013-08-14 18:11:04 4774272 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
.
==================== Find3M  ====================
.
2013-08-03 21:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47:13 43520 ------w- c:\windows\system32\licmgr10.dll
2013-07-26 02:47:12 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-07-25 15:52:59 385024 ------w- c:\windows\system32\html.iec
2013-07-20 08:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 08:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 08:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 08:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-11 19:19:53 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-11 19:19:52 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-07-11 19:19:52 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-11 19:19:52 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-10 08:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-07-04 03:03:25 2149888 ------w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30 2028544 ------w- c:\windows\system32\ntkrnlpa.exe
2013-06-19 04:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-13 06:40:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-13 06:40:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-04 07:23:02 562688 ------w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ------w- c:\windows\system32\win32k.sys
2007-04-11 20:12:16 2279464 ----a-w- c:\program files\PcSetup.exe
.
============= FINISH: 21:06:23.78 ===============
 

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:28 AM

Posted 02 September 2013 - 11:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/505976 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 ihopeidonthavearkit

ihopeidonthavearkit
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 13 September 2013 - 12:48 PM

Recently when waking my desktop from sleep I cannot log into my main profile. I find that my password has been changed. I usually go into the other accounts on the desktop and change my profile's password into something that I know. I am not sure if my PC is infected with a virus. Here is my DDS log.

 

Here is a new DDS scan.

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2
Run by Chris at 2:19:30 on 2013-09-13
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3582.1896 [GMT -7:00]
.
AV: AVG AntiVirus 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
e:\Program Files\GNU\GnuPG\dirmngr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
E:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
E:\Program Files\NMapWin\bin\nmapserv.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Windows Media Player\WMPNetwk.exe
H:\Zune\ZuneBusEnum.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
E:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Zune\ZuneLauncher.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Mindjet\MindManager 10\MMReminderService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Chris\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Documents and Settings\Chris\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Evernote\Evernote\Evernote.exe
C:\Program Files\Evernote\Evernote\EvernoteTray.exe
H:\Zune\ZuneNss.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Chris\Application Data\Juniper Networks\Setup Client\JuniperSetupClient.exe
C:\PROGRA~1\AVG\AVG2013\Tuneup\TUMICR~1.EXE
C:\WINDOWS\system32\wuauclt.exe
E:\Program Files\KeePass Password Safe 2\KeePass.exe
E:\Program Files\Mozilla Firefox6\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: CmjBrowserHelperObject Object: {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\chris\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Spotify Web Helper] "c:\documents and settings\chris\application data\spotify\data\SpotifyWebHelper.exe"
uRun: [TrafficTravisv4] c:\documents and settings\chris\application data\traffic travis v4\TrafficTravisV4.exe
uRun: [Spotify] "c:\documents and settings\chris\application data\spotify\Spotify.exe" /uri spotify:autostart
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [zBrowser Launcher] e:\program files\logitech\itouch\iTouch.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Zune Launcher] "h:\zune\ZuneLauncher.exe"
mRun: [KeePass 2 PreLoad] "e:\program files\keepass password safe 2\KeePass.exe" --preload
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MMReminderService] c:\program files\mindjet\mindmanager 10\MMReminderService.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\chris\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\chris\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\chris\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteClipper.exe
StartupFolder: c:\docume~1\chris\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Send Image To MindManager - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll/201
IE: Send Link To MindManager - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll/203
IE: Send Page To MindManager - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll/204
IE: Send Text To MindManager - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll/202
IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 10\Mm8InternetExplorer.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - e:\program files\plotsoft\pdfill\DownloadPDF.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1117435687093
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1348681555625
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=724
TCP: Interfaces\{0254AFCD-D2E2-4BAA-89D6-1FD52FF2DB0A} : NameServer = 208.67.222.222,208.67.220.220
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\fences\FencesMenu.dll
SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
mASetup: {90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB} - c:\program files\mindjet\mindmanager 10\sys\MmInternetExplorerActiveSetup.vbs
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\chris\application data\mozilla\firefox\profiles\bo0n0r1j.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\chris\application data\mozilla\firefox\profiles\bo0n0r1j.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\documents and settings\chris\local settings\application data\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: !HIDDEN! 2009-09-01 22:10; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 39224]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 NEOFLTR_650_15255;Juniper Networks TDI Filter Driver (NEOFLTR_650_15255);c:\windows\system32\drivers\NEOFLTR_650_15255.SYS [2013-8-29 85360]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 DirMngr;DirMngr;e:\program files\gnu\gnupg\dirmngr.exe [2009-9-28 242176]
R2 KodakDigitalDisplayService;KodakDigitalDisplayService;e:\program files\kodak\digital display\orbkodaklauncher\DllStartupService.exe [2009-5-14 98304]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-10-31 10384]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-7-6 374704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2011-1-11 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-2-24 47640]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-8-14 3291008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 OpenSSHServer;Openssh SSHD;e:\program files\icw\bin\cygrunsrv.exe [2009-5-13 68096]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 cpuz135;cpuz135;c:\program files\pc wizard 2012\pcwiz_x32.sys [2012-3-19 24328]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-10-10 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-10-10 8456]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2009-6-17 40720]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2009-6-17 10384]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2002-10-22 32528]
S3 TNET1130;802.11 WLAN;c:\windows\system32\drivers\TNET1130.sys [2009-11-10 438912]
S3 WefiEngSvc;WeFi Engine Service;c:\program files\wefi\WefiEngSvc.exe [2009-11-17 140632]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S4 Apache2.2;Apache2.2;e:\program files\apache software foundation\apache2.2\bin\httpd.exe [2010-3-4 24645]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
S4 Remofscl;Remofscl; [x]
SUnknown McComponentHostService;McComponentHostService; [x]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="e:\program files\adobe\adobe dreamweaver cs3\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="e:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
ShellExec: Foxit Reader.exe: print="e:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1"
ShellExec: Foxit Reader.exe: printto="e:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4"
ShellExec: FOXITR~1.EXE: print="e:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1"
ShellExec: FOXITR~1.EXE: printto="e:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4"
ShellExec: FRONTPG.EXE: edit=c:\progra~1\micros~2\office10\FRONTPG.EXE
.
=============== Created Last 30 ================
.
2013-09-08 09:09:10    60872    ----a-w-    c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8657d98b-aa47-48f9-958c-1730b682b694}\offreg.dll
2013-09-06 16:48:19    7166848    ----a-w-    c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{8657d98b-aa47-48f9-958c-1730b682b694}\mpengine.dll
2013-09-05 16:48:06    7166848    ----a-w-    c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-08-29 16:43:13    --------    d-----w-    c:\documents and settings\chris\local settings\application data\Ofi Labs
2013-08-29 16:00:59    --------    d-----w-    C:\Tables
2013-08-29 14:14:15    85360    ----a-w-    c:\windows\system32\drivers\NEOFLTR_650_15255.SYS
2013-08-28 21:43:30    --------    d-----w-    c:\documents and settings\chris\application data\AVG2013
2013-08-28 21:42:36    --------    d-----w-    c:\documents and settings\chris\application data\TuneUp Software
2013-08-28 21:42:17    --------    d--h--w-    C:\$AVG
2013-08-28 21:42:17    --------    d-----w-    c:\documents and settings\all users\application data\AVG2013
2013-08-28 21:41:29    --------    d-----w-    c:\program files\AVG
2013-08-28 21:40:14    --------    d--h--w-    c:\documents and settings\all users\application data\Common Files
2013-08-28 21:40:14    --------    d-----w-    c:\documents and settings\chris\local settings\application data\MFAData
2013-08-28 21:40:14    --------    d-----w-    c:\documents and settings\chris\local settings\application data\Avg2013
2013-08-28 21:40:14    --------    d-----w-    c:\documents and settings\all users\application data\MFAData
2013-08-28 21:02:23    --------    d-----w-    c:\program files\Microsoft Security Client
2013-08-27 14:24:16    7166848    ----a-w-    c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{a95d5440-1534-4045-a83a-9b80eee548e9}\mpengine.dll
2013-08-19 05:22:30    --------    d-----w-    c:\windows\Performance
2013-08-19 05:22:26    --------    d-----w-    c:\documents and settings\chris\local settings\application data\Microsoft Corporation
2013-08-19 05:12:37    --------    d-----w-    c:\program files\Microsoft Windows 7 Upgrade Advisor
2013-08-15 10:10:56    --------    d-----w-    c:\windows\system32\MRT
2013-08-15 00:26:35    --------    d-----w-    c:\program files\MSECache
2013-08-15 00:21:09    --------    d-----w-    c:\program files\Juniper Networks
2013-08-14 18:11:04    4774272    ----a-w-    c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
.
==================== Find3M  ====================
.
2013-08-03 21:18:38    1543680    ------w-    c:\windows\system32\wmvdecod.dll
2013-07-26 02:47:17    920064    ----a-w-    c:\windows\system32\wininet.dll
2013-07-26 02:47:13    43520    ------w-    c:\windows\system32\licmgr10.dll
2013-07-26 02:47:12    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2013-07-25 15:52:59    385024    ------w-    c:\windows\system32\html.iec
2013-07-20 08:51:00    246072    ----a-w-    c:\windows\system32\drivers\avglogx.sys
2013-07-20 08:50:56    60216    ----a-w-    c:\windows\system32\drivers\avgidshx.sys
2013-07-20 08:50:56    208184    ----a-w-    c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 08:50:50    171320    ----a-w-    c:\windows\system32\drivers\avgldx86.sys
2013-07-11 19:19:53    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-07-11 19:19:52    867240    ----a-w-    c:\windows\system32\npdeployJava1.dll
2013-07-11 19:19:52    789416    ----a-w-    c:\windows\system32\deployJava1.dll
2013-07-11 19:19:52    144896    ----a-w-    c:\windows\system32\javacpl.cpl
2013-07-10 10:37:53    406016    ----a-w-    c:\windows\system32\usp10.dll
2013-07-10 08:32:40    39224    ----a-w-    c:\windows\system32\drivers\avgrkx86.sys
2013-07-04 03:03:25    2149888    ------w-    c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30    2028544    ------w-    c:\windows\system32\ntkrnlpa.exe
2013-06-19 04:50:08    211560    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2007-04-11 20:12:16    2279464    ----a-w-    c:\program files\PcSetup.exe
.
============= FINISH:  2:19:57.64 ===============
 



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 15 September 2013 - 08:57 AM

Greetings ihopeidonthavearkit and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please consider and run these programs for me.

===================================================

Multiple Antivirus Programs

-------------------

I do not recommend that you have more than one anti virus product installed on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please remove all but one of the below listed Antivirus programs currently on your computer, even if only one is running. You can do this via Add/Remove Programs, or Programs and Features in the Control Panel.


AVG AntiVirus 2013
Microsoft Security Essentials


===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Delete
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[S1].txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • FRST results
  • Addition log

Edited by Oh My, 15 September 2013 - 09:15 AM.
Added instructions

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 ihopeidonthavearkit

ihopeidonthavearkit
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 18 September 2013 - 02:25 AM

You can go ahead and call me Chris

 

Here are my results.

 

# AdwCleaner v3.004 - Report created 17/09/2013 at 23:45:02
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Chris - MOMDESK
# Running from : C:\Documents and Settings\Chris\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Documents and Settings\Chris\Local Settings\Application Data\apn
Folder Deleted : C:\Documents and Settings\Chris\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Chris\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Chris Trillana\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\bo0n0r1j.default\StumbleUpon
Folder Deleted : C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\bo0n0r1j.default\Extensions\toolbar@ask.com
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Product Deleted : Ask Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\bo0n0r1j.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5854 octets] - [17/09/2013 23:40:26]
AdwCleaner[S0].txt - [5901 octets] - [17/09/2013 23:45:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5961 octets] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Chris on Wed 09/18/2013 at  0:02:23.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 09/18/2013 at  0:10:01.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013 03
Ran by Chris (administrator) on MOMDESK on 18-09-2013 00:11:25
Running from C:\Documents and Settings\Chris\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

() C:\WINDOWS\system32\Ati2evxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() e:\Program Files\GNU\GnuPG\dirmngr.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Orb Networks, Inc.) E:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
() E:\Program Files\NMapWin\bin\nmapserv.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) H:\Zune\ZuneBusEnum.exe
(Microsoft Corporation) H:\Zune\ZuneNss.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SigmaTel, Inc.) C:\WINDOWS\stsystra.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
(Logitech Inc.) E:\Program Files\Logitech\iTouch\iTouch.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
(Microsoft Corporation) H:\Zune\ZuneLauncher.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Mindjet) C:\Program Files\Mindjet\MindManager 10\MMReminderService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPNSCFG.exe
(Spotify Ltd) C:\Documents and Settings\Chris\Application Data\Spotify\Data\SpotifyWebHelper.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(Mozilla Corporation) E:\Program Files\Mozilla Firefox6\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SigmatelSysTrayApp] - C:\Windows\stsystra.exe [339968 2005-03-22] (SigmaTel, Inc.)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-03] (Microsoft Corporation)
HKLM\...\Run: [HP Component Manager] - C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [241664 2004-05-12] (Hewlett-Packard Company)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2011-01-11] (LogMeIn, Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-04-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [zBrowser Launcher] - e:\Program Files\Logitech\iTouch\iTouch.exe [892928 2004-03-18] (Logitech Inc.)
HKLM\...\Run: [ATIPTA] - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [339968 2004-08-25] (ATI Technologies, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft

Corporation)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Zune Launcher] - H:\Zune\ZuneLauncher.exe [159472 2010-11-11] (Microsoft Corporation)
HKLM\...\Run: [KeePass 2 PreLoad] - E:\Program Files\KeePass Password Safe 2\KeePass.exe [1764352 2011-07-12] (Dominik Reichl)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Nikon Message Center 2] - C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [MMReminderService] - C:\Program Files\Mindjet\MindManager 10\MMReminderService.exe [37728 2011-09-14] (Mindjet)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\LMIinit: C:\Windows\system32\LMIinit.dll (LogMeIn, Inc.)
Winlogon\Notify\WgaLogon: C:\Windows\system32\WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [133104 2009-10-20] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2006-10-18] (Microsoft Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Documents and Settings\Chris\Application Data\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-10] (Spotify Ltd)
MountPoints2: {1517892a-cb0e-11db-a0a6-00123f6fc56f} - I:\LaunchU3.exe -a
HKU\Guest\...\Run: [] - [x]
HKU\Guest\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [ 2009-04-27] (Advanced Micro Devices, Inc.)
HKU\Guest\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-13] (Microsoft Corporation)
HKU\Guest\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKU\Guest\...\Run: [Aim6] - C:\Program Files\AIM6\aim6.exe [ 2009-05-18] (AOL LLC)
HKU\Guest\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [ 2012-10-25] (Apple Inc.)
Startup: C:\Documents and Settings\Chris\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Chris\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Documents and Settings\Chris\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
Startup: C:\Documents and Settings\Chris\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =

http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard

Co.)
BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

(Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1117435687093
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=724
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\PROGRA~1\WINDOW~4\MpShHook.dll [83224 2006-11-03] (Microsoft

Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\..\Interfaces\{0254AFCD-D2E2-4BAA-89D6-1FD52FF2DB0A}: [NameServer]208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\bo0n0r1j.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/Photosynth,version=2.0 - C:\Program Files\Photosynth\npPhotosynthMozilla.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Chris\Local Settings\Application

Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Chris\Local Settings\Application

Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\bo0n0r1j.default\Extensions\collector@broceliand.fr
FF Extension: Pocket - C:\Documents and Settings\Chris\Application Data\Mozilla\Firefox\Profiles\bo0n0r1j.default\Extensions\isreaditlater@ideashower.com
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Documents and Settings\Chris\Application

Data\Mozilla\Firefox\Profiles\bo0n0r1j.default\Extensions\LogMeInClient@logmein.com
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Chris\Application

Data\Mozilla\Firefox\Profiles\bo0n0r1j.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Evernote Web Clipper - C:\Documents and Settings\Chris\Application

Data\Mozilla\Firefox\Profiles\bo0n0r1j.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation

Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\FirefoxNightly\firefox.exe

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) -

{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchCli

ent}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) -

{google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={g

oogle:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital

Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\Chris\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U3) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.30.255) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Photosynth) - C:\Program Files\Photosynth\npPhotosynthMozilla.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Pearltrees Extension) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User

Data\Default\Extensions\bgngjfgpahnnncnimlhjgjhdajmaeeoa\6.0.13_0
CHR Extension: (YouTube) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Timer) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd\1.8.0.4_0
CHR Extension: (MAFIAAFire Redirector for Chrome) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User

Data\Default\Extensions\hnifiobpjihmmjgiokkaalgomddebhng\0.1_0
CHR Extension: (Speed Dial 2) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.7.0_0
CHR Extension: (LogMeIn) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmgnihglilniboicepgjclfiageofdfj\1.0.0.1029_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User

Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Evernote Web Clipper) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User

Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.9.20_0
CHR Extension: (Gmail) - C:\DOCUME~1\Chris\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Es\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-05-12] ()
S4 Apache2.2; E:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe [24645 2010-03-04] (Apache Software Foundation)
R2 Ati HotKey Poller; C:\Windows\system32\Ati2evxx.exe [389120 2004-08-25] ()
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-04-27] ()
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
R2 DirMngr; e:\Program Files\GNU\GnuPG\dirmngr.exe [242176 2009-09-28] ()
S3 Imapi Helper; E:\Program Files\ISO Recorder\ImapiHelper.exe [163840 2006-01-05] (Alex Feinman)
R2 KodakDigitalDisplayService; E:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe [98304 2009-05-14] (Orb Networks, Inc.)
R2 NMap; E:\Program Files\NMapWin\bin\nmapserv.exe [290816 2002-11-20] ()
S2 OpenSSHServer; E:\Program Files\ICW\bin\cygrunsrv.exe [68096 2009-05-13] ()
S3 OpenVPNService; e:\Program Files\OpenVPN\bin\openvpnserv.exe [36352 2009-10-01] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies

S.A.)
S3 WefiEngSvc; C:\Program Files\WeFi\WefiEngSvc.exe [140632 2009-11-17] (WeFi)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 WMZuneComm; H:\Zune\WMZuneComm.exe [268528 2010-11-11] (Microsoft Corporation)
R2 ZuneBusEnum; H:\Zune\ZuneBusEnum.exe [57072 2010-11-11] (Microsoft Corporation)
R2 ZuneNetworkSvc; H:\Zune\ZuneNss.exe [6351600 2010-11-11] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; H:\Zune\ZuneWlanCfgSvc.exe [444656 2010-11-11] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

R1 AFS2K; C:\Windows\System32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)
R1 BANTExt; C:\Windows\System32\Drivers\BANTExt.sys [3840 2008-02-27] ()
S3 cpuz135; C:\Program Files\PC Wizard 2012\pcwiz_x32.sys [24328 2012-02-07] (CPUID)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13192 2011-07-29] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-07-29] ()
R3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [94208 2010-09-29] (VSO Software)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
S3 IntelC51; C:\Windows\System32\DRIVERS\IntelC51.sys [1233525 2004-03-05] (Intel Corporation)
S3 IntelC52; C:\Windows\System32\DRIVERS\IntelC52.sys [647929 2004-03-05] (Intel Corporation)
S3 IntelC53; C:\Windows\System32\DRIVERS\IntelC53.sys [60949 2004-03-05] (Intel Corporation)
S3 LCcfltr; C:\Windows\System32\Drivers\LCcFltr.Sys [14095 2004-03-03] (Logitech, Inc.)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.)
S3 LHidUsb; C:\Windows\System32\Drivers\LHidUsb.Sys [37887 2004-03-03] (Logitech, Inc.)
R2 LMIInfo; C:\Program Files\LogMeIn\x86\RaInfo.sys [12856 2011-01-11] (LogMeIn, Inc.)
R2 LMIRfsDriver; C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [47640 2011-01-11] (LogMeIn, Inc.)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 mohfilt; C:\Windows\System32\DRIVERS\mohfilt.sys [37048 2004-03-05] (Intel Corporation)
S3 MREMPR5; C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [19345 2004-11-22] (Motive, Inc.)
S3 MRENDIS5; C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [18003 2004-11-22] (Motive, Inc.)
R1 NEOFLTR_650_15255; C:\WINDOWS\system32\Drivers\NEOFLTR_650_15255.SYS [85360 2010-02-18] (Juniper Networks)
S3 NPF; C:\Windows\System32\drivers\npf.sys [32528 2002-10-22] (Politecnico di Torino)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R3 odysseyIM3; C:\Windows\System32\DRIVERS\odysseyIM3.sys [62865 2009-10-21] (Funk Software, Inc.)
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-10-01] (The OpenVPN Project)
S3 TNET1130; C:\Windows\System32\DRIVERS\tnet1130.sys [438912 2004-12-01] (Texas Instruments)
R2 zumbus; C:\Windows\System32\DRIVERS\zumbus.sys [41472 2010-09-24] (Microsoft Corporation)
S4 IntelIde; No ImagePath
U5 itchfltr; C:\Windows\System32\Drivers\itchfltr.sys [12953 2004-03-10] (Logitech, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 mcdbus; system32\DRIVERS\mcdbus.sys [x]
S3 netwg311; system32\DRIVERS\netwg311.sys [x]
S4 Remofscl; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 VirtualFD; \??\C:\Documents and Settings\Chris\Desktop\Virtual Floppy\vfd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-18 00:11 - 2013-09-18 00:11 - 01083437 _____ (Farbar) C:\Documents and Settings\Chris\Desktop\FRST.exe
2013-09-18 00:11 - 2013-09-18 00:11 - 00000000 ____D C:\FRST
2013-09-18 00:10 - 2013-09-18 00:10 - 00000589 _____ C:\Documents and Settings\Chris\Desktop\JRT.txt
2013-09-18 00:02 - 2013-09-18 00:02 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-18 00:01 - 2013-09-18 00:01 - 01029675 _____ (Thisisu) C:\Documents and Settings\Chris\Desktop\JRT.exe
2013-09-17 23:57 - 2013-09-18 00:10 - 00006650 _____ C:\Documents and Settings\Chris\Desktop\bleep.txt
2013-09-17 23:48 - 2013-09-17 23:48 - 00000021 _____ C:\WINDOWS\S.dirmngr
2013-09-17 23:40 - 2013-09-17 23:45 - 00000000 ____D C:\AdwCleaner
2013-09-17 23:39 - 2013-09-17 23:39 - 01039554 _____ C:\Documents and Settings\Chris\Desktop\adwcleaner.exe
2013-09-14 09:22 - 2013-09-14 09:22 - 14038408 _____ (Affilorama Ltd.                                             ) C:\Documents and

Settings\Chris\Desktop\traffic_travis_v4.exe
2013-09-13 12:26 - 2013-09-13 12:26 - 00000000 ____D C:\Documents and Settings\Default User\Application Data\TuneUp Software
2013-09-13 12:26 - 2013-09-13 12:26 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-09-13 03:08 - 2013-09-13 03:09 - 00026216 _____ C:\WINDOWS\iis6.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00024731 _____ C:\WINDOWS\FaxSetup.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00015340 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00011824 _____ C:\WINDOWS\ocgen.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00011280 _____ C:\WINDOWS\tsoc.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00008108 _____ C:\WINDOWS\comsetup.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00007396 _____ C:\WINDOWS\msmqinst.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00004920 _____ C:\WINDOWS\ntdtcsetup.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00004559 _____ C:\WINDOWS\updspapi.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00004332 _____ C:\WINDOWS\netfxocm.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00001700 _____ C:\WINDOWS\MedCtrOC.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00001374 _____ C:\WINDOWS\imsins.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00001368 _____ C:\WINDOWS\ocmsn.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00001244 _____ C:\WINDOWS\tabletoc.log
2013-09-13 03:08 - 2013-09-13 03:09 - 00001236 _____ C:\WINDOWS\msgsocm.log
2013-09-13 03:08 - 2013-09-13 03:08 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-09-13 03:08 - 2013-09-13 03:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 03:08 - 2013-09-13 03:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 03:08 - 2013-09-13 03:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-13 02:17 - 2013-09-13 03:08 - 00012991 _____ C:\WINDOWS\KB2876315.log
2013-09-13 02:17 - 2013-09-13 03:08 - 00012022 _____ C:\WINDOWS\KB2876217.log
2013-09-13 02:17 - 2013-09-13 03:08 - 00011890 _____ C:\WINDOWS\KB2864063.log
2013-09-11 23:06 - 2013-09-11 23:06 - 00001289 _____ C:\WINDOWS\setupact.log
2013-09-11 23:06 - 2013-09-11 23:06 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-09-11 13:53 - 2013-09-13 12:25 - 00017626 _____ C:\WINDOWS\setupapi.log
2013-09-07 08:45 - 2013-09-07 08:45 - 00619476 _____ C:\Documents and Settings\Chris\Desktop\cc_20130907_084525.reg
2013-09-03 05:15 - 2013-09-03 05:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2013-09-03 05:14 - 2013-09-03 05:14 - 04454952 _____ (Piriform Ltd) C:\Documents and Settings\Chris\Desktop\ccsetup405.exe
2013-08-29 09:43 - 2013-08-29 09:43 - 00000000 ____D C:\Documents and Settings\Chris\Local Settings\Application Data\Ofi Labs
2013-08-29 09:01 - 2013-08-29 09:01 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Local Settings\Application Data\Sun
2013-08-29 09:01 - 2013-08-29 09:01 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Application Data\Sun
2013-08-29 09:00 - 2013-08-29 09:00 - 00000000 ____D C:\Tables
2013-08-29 07:21 - 2013-08-29 07:21 - 00000000 __SHD C:\Documents and Settings\Chris Trillana\PrivacIE
2013-08-29 07:21 - 2013-08-29 07:21 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Application Data\Adobe
2013-08-29 07:20 - 2013-08-29 07:20 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Application Data\Yahoo!
2013-08-29 07:20 - 2013-08-29 07:20 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Application Data\AVG2013
2013-08-29 07:19 - 2013-08-29 07:19 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Local Settings\Application Data\Avg2013
2013-08-29 07:14 - 2013-08-29 07:14 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Juniper Networks
2013-08-29 07:14 - 2010-02-18 17:24 - 00085360 _____ (Juniper Networks) C:\WINDOWS\system32\Drivers\NEOFLTR_650_15255.SYS
2013-08-28 21:06 - 2013-09-13 02:20 - 00032964 _____ C:\Documents and Settings\Chris\Desktop\attach.txt
2013-08-28 21:06 - 2013-09-13 02:19 - 00021666 _____ C:\Documents and Settings\Chris\Desktop\dds.txt
2013-08-28 21:00 - 2013-09-13 02:19 - 00688992 ____R (Swearware) C:\Documents and Settings\Chris\Desktop\dds.com
2013-08-28 14:43 - 2013-08-28 14:43 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\AVG2013
2013-08-28 14:42 - 2013-09-13 12:26 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
2013-08-28 14:42 - 2013-08-28 14:43 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2013
2013-08-28 14:42 - 2013-08-28 14:42 - 00000000 ___HD C:\$AVG
2013-08-28 14:42 - 2013-08-28 14:42 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\TuneUp Software
2013-08-28 14:41 - 2013-08-28 14:41 - 00000000 ____D C:\Program Files\AVG
2013-08-28 14:40 - 2013-09-17 20:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-08-28 14:40 - 2013-08-28 14:47 - 00000000 ____D C:\Documents and Settings\Chris\Local Settings\Application Data\Avg2013
2013-08-28 14:40 - 2013-08-28 14:40 - 00000000 ____D C:\Documents and Settings\Chris\Local Settings\Application Data\MFAData
2013-08-28 14:39 - 2013-08-28 14:39 - 04491824 _____ (AVG Technologies) C:\Documents and Settings\Chris\Desktop\avg_avct_stb_all_2013_3392_cm10.exe
2013-08-28 14:02 - 2013-08-28 14:02 - 11233112 _____ (Microsoft Corporation) C:\Documents and Settings\Chris\Desktop\mseinstall.exe
2013-08-28 13:51 - 2013-08-28 13:51 - 00015251 _____ C:\Documents and Settings\Chris\Desktop\hijackthis.log
2013-08-28 13:46 - 2013-08-28 13:46 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\Chris\Desktop\HijackThis.exe
2013-08-28 13:35 - 2013-09-11 13:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$

==================== One Month Modified Files and Folders =======

2013-09-18 00:11 - 2013-09-18 00:11 - 01083437 _____ (Farbar) C:\Documents and Settings\Chris\Desktop\FRST.exe
2013-09-18 00:11 - 2013-09-18 00:11 - 00000000 ____D C:\FRST
2013-09-18 00:11 - 2009-10-20 01:24 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1604221776-839522115-1004UA.job
2013-09-18 00:10 - 2013-09-18 00:10 - 00000589 _____ C:\Documents and Settings\Chris\Desktop\JRT.txt
2013-09-18 00:10 - 2013-09-17 23:57 - 00006650 _____ C:\Documents and Settings\Chris\Desktop\bleep.txt
2013-09-18 00:02 - 2013-09-18 00:02 - 00000000 ____D C:\WINDOWS\ERUNT
2013-09-18 00:01 - 2013-09-18 00:01 - 01029675 _____ (Thisisu) C:\Documents and Settings\Chris\Desktop\JRT.exe
2013-09-17 23:54 - 2012-02-29 23:13 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\Spotify
2013-09-17 23:54 - 2011-07-30 03:02 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\Dropbox
2013-09-17 23:53 - 2011-07-30 03:04 - 00000000 ___RD C:\Documents and Settings\Chris\My Documents\Dropbox
2013-09-17 23:51 - 2012-03-20 13:35 - 00000178 ___SH C:\Documents and Settings\Chris Trillana\ntuser.ini
2013-09-17 23:51 - 2009-09-25 21:24 - 00000236 _____ C:\WINDOWS\Tasks\OGALogon.job
2013-09-17 23:51 - 2005-05-29 23:48 - 01978694 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-17 23:51 - 2003-03-31 05:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-17 23:48 - 2013-09-17 23:48 - 00000021 _____ C:\WINDOWS\S.dirmngr
2013-09-17 23:48 - 2009-12-20 03:47 - 00000000 ____D C:\Documents and Settings\All Users\Documents\My Slide Shows
2013-09-17 23:48 - 2005-05-29 07:35 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-09-17 23:48 - 2005-05-29 07:35 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-09-17 23:47 - 2005-05-29 14:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-17 23:46 - 2007-03-04 16:50 - 00000278 ___SH C:\Documents and Settings\Chris\ntuser.ini
2013-09-17 23:46 - 2007-03-04 06:41 - 00131072 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-09-17 23:46 - 2005-05-29 14:48 - 00032394 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-17 23:45 - 2013-09-17 23:40 - 00000000 ____D C:\AdwCleaner
2013-09-17 23:39 - 2013-09-17 23:39 - 01039554 _____ C:\Documents and Settings\Chris\Desktop\adwcleaner.exe
2013-09-17 23:39 - 2009-10-20 22:31 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\KeePass
2013-09-17 23:33 - 2011-02-07 02:22 - 00001945 _____ C:\WINDOWS\epplauncher.mif
2013-09-17 20:41 - 2013-08-28 14:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-09-17 15:11 - 2009-10-20 01:24 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1604221776-839522115-1004Core.job
2013-09-17 14:19 - 2009-12-20 05:01 - 00000422 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{C5E31E93-CCBD-4EF5-A104-70AB2705CCD7}.job
2013-09-14 15:53 - 2009-06-14 11:44 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-09-14 09:22 - 2013-09-14 09:22 - 14038408 _____ (Affilorama Ltd.                                             ) C:\Documents and

Settings\Chris\Desktop\traffic_travis_v4.exe
2013-09-14 09:22 - 2013-03-26 09:59 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\Traffic Travis v4
2013-09-14 09:22 - 2013-03-26 09:59 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Traffic Travis v4
2013-09-13 12:26 - 2013-09-13 12:26 - 00000000 ____D C:\Documents and Settings\Default User\Application Data\TuneUp Software
2013-09-13 12:26 - 2013-09-13 12:26 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-09-13 12:26 - 2013-08-28 14:42 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
2013-09-13 12:25 - 2013-09-11 13:53 - 00017626 _____ C:\WINDOWS\setupapi.log
2013-09-13 11:01 - 2012-08-16 01:44 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2013-09-13 04:00 - 2012-04-25 03:58 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-13 04:00 - 2011-06-16 12:07 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-09-13 03:25 - 2012-02-29 23:13 - 00000000 ____D C:\Documents and Settings\Chris\Local Settings\Application Data\Spotify
2013-09-13 03:20 - 2005-05-29 07:33 - 01499256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-13 03:19 - 2012-05-02 14:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-13 03:09 - 2013-09-13 03:08 - 00026216 _____ C:\WINDOWS\iis6.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00024731 _____ C:\WINDOWS\FaxSetup.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00015340 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00011824 _____ C:\WINDOWS\ocgen.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00011280 _____ C:\WINDOWS\tsoc.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00008108 _____ C:\WINDOWS\comsetup.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00007396 _____ C:\WINDOWS\msmqinst.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00004920 _____ C:\WINDOWS\ntdtcsetup.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00004559 _____ C:\WINDOWS\updspapi.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00004332 _____ C:\WINDOWS\netfxocm.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00001700 _____ C:\WINDOWS\MedCtrOC.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00001374 _____ C:\WINDOWS\imsins.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00001368 _____ C:\WINDOWS\ocmsn.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00001244 _____ C:\WINDOWS\tabletoc.log
2013-09-13 03:09 - 2013-09-13 03:08 - 00001236 _____ C:\WINDOWS\msgsocm.log
2013-09-13 03:08 - 2013-09-13 03:08 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-09-13 03:08 - 2013-09-13 03:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 03:08 - 2013-09-13 03:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 03:08 - 2013-09-13 03:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-13 03:08 - 2013-09-13 02:17 - 00012991 _____ C:\WINDOWS\KB2876315.log
2013-09-13 03:08 - 2013-09-13 02:17 - 00012022 _____ C:\WINDOWS\KB2876217.log
2013-09-13 03:08 - 2013-09-13 02:17 - 00011890 _____ C:\WINDOWS\KB2864063.log
2013-09-13 03:08 - 2009-06-14 02:27 - 00000000 ____D C:\WINDOWS\ie8updates
2013-09-13 03:07 - 2013-08-15 03:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-09-13 03:00 - 2007-03-04 01:11 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-09-13 02:20 - 2013-08-28 21:06 - 00032964 _____ C:\Documents and Settings\Chris\Desktop\attach.txt
2013-09-13 02:19 - 2013-08-28 21:06 - 00021666 _____ C:\Documents and Settings\Chris\Desktop\dds.txt
2013-09-13 02:19 - 2013-08-28 21:00 - 00688992 ____R (Swearware) C:\Documents and Settings\Chris\Desktop\dds.com
2013-09-11 23:06 - 2013-09-11 23:06 - 00001289 _____ C:\WINDOWS\setupact.log
2013-09-11 23:06 - 2013-09-11 23:06 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-09-11 14:15 - 2011-01-29 01:09 - 00000000 ____D C:\Documents and Settings\Chris\Start Menu\Programs\JBidwatcher
2013-09-11 14:05 - 2005-05-29 07:34 - 00572930 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-09-11 13:53 - 2013-08-28 13:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-09-11 13:53 - 2013-08-15 03:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-09-11 13:53 - 2013-07-10 18:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-09-11 13:53 - 2013-07-10 18:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-09-11 13:53 - 2013-05-16 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2829361$
2013-09-11 13:53 - 2013-04-10 03:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2820917$
2013-09-11 13:53 - 2013-04-10 03:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808735$
2013-09-11 13:53 - 2013-03-22 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2807986$
2013-09-11 13:53 - 2013-02-13 04:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2778344$
2013-09-11 13:53 - 2012-12-12 04:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2779030$
2013-09-11 13:53 - 2012-11-15 01:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2761226$
2013-09-11 13:53 - 2012-11-15 01:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2727528$
2013-09-11 13:53 - 2012-10-10 03:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2749655$
2013-09-11 13:53 - 2012-08-15 22:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2731847$
2013-09-11 13:53 - 2012-07-12 03:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2718523$
2013-09-11 13:53 - 2012-06-13 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2709162$
2013-09-11 13:53 - 2012-03-13 16:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2641653$
2013-09-11 13:53 - 2012-02-16 04:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2660465$
2013-09-11 13:53 - 2012-01-12 04:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2646524$
2013-09-11 13:53 - 2011-12-28 23:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2639417$
2013-09-11 13:53 - 2011-10-12 23:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2567053$
2013-09-11 13:53 - 2011-08-11 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2567680$
2013-09-11 13:53 - 2011-07-14 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2555917$
2013-09-11 13:53 - 2011-04-16 03:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2506223$
2013-09-11 13:53 - 2011-04-16 03:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2412687$
2013-09-11 13:53 - 2011-04-16 03:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2508429$
2013-09-11 13:53 - 2011-02-09 05:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2479628$
2013-09-11 13:53 - 2010-12-15 04:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2467659$
2013-09-11 13:53 - 2010-12-15 04:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2436673$
2013-09-11 13:53 - 2010-12-15 04:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2423089$
2013-09-11 13:53 - 2010-10-14 03:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2378111_WM9$
2013-09-11 13:53 - 2010-10-14 03:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2345886$
2013-09-11 13:53 - 2010-09-16 03:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2121546$
2013-09-11 13:53 - 2010-08-12 03:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2160329$
2013-09-11 13:53 - 2008-08-10 00:48 - 00000000 __HDC C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2013-09-11 13:53 - 2008-08-10 00:48 - 00000000 __HDC C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2013-09-11 13:53 - 2007-03-04 01:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB835409$
2013-09-11 13:53 - 2007-03-04 00:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB896428_0$
2013-09-11 13:53 - 2007-03-04 00:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB888302_0$
2013-09-11 13:52 - 2013-07-10 18:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-09-11 13:52 - 2012-05-11 03:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2659262$
2013-09-11 13:52 - 2012-05-11 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2686509$
2013-09-11 13:52 - 2012-02-16 04:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2661637$
2013-09-11 13:52 - 2011-03-23 18:57 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2524375$
2013-09-11 13:52 - 2008-09-11 17:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB938464$
2013-09-11 13:52 - 2008-04-09 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941693$
2013-09-11 13:52 - 2008-01-09 04:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941644$
2013-09-11 13:52 - 2007-12-12 04:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB942763$
2013-09-11 13:52 - 2007-12-12 04:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941569$
2013-09-11 13:52 - 2007-12-07 16:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB939683$
2013-09-11 13:52 - 2007-09-03 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB933360$
2013-09-11 13:52 - 2007-08-15 03:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB936782_WMP9$
2013-09-11 13:52 - 2007-08-15 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB938127$
2013-09-11 13:52 - 2007-07-11 03:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB936357$
2013-09-11 13:52 - 2007-04-11 13:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB931261$
2013-09-11 13:52 - 2007-04-11 13:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB930178$
2013-09-11 13:52 - 2007-03-04 06:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB835221WXP$
2013-09-11 13:52 - 2007-03-04 06:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB931836$
2013-09-11 13:52 - 2007-03-04 06:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB927802$
2013-09-11 13:52 - 2007-03-04 06:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929969$
2013-09-11 13:52 - 2007-03-04 06:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB926255$
2013-09-11 13:52 - 2007-03-04 06:09 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB923689$
2013-09-11 13:52 - 2007-03-04 06:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB885884$
2013-09-11 13:52 - 2007-03-04 06:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB911565$
2013-09-11 13:52 - 2007-03-04 01:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB925486-IE6SP1-20060918.120000$
2013-09-11 13:52 - 2007-03-04 01:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB923414_0$
2013-09-11 13:52 - 2007-03-04 01:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB917953_0$
2013-09-11 13:52 - 2007-03-04 01:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB917734_WMP8$
2013-09-11 13:52 - 2007-03-04 01:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB905749_0$
2013-09-11 13:52 - 2007-03-04 00:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB835732$
2013-09-11 13:52 - 2007-03-04 00:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB898461$
2013-09-11 13:51 - 2011-07-23 11:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2013-09-11 13:51 - 2011-07-23 11:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973442_WM11$
2013-09-11 13:51 - 2010-10-14 03:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982132$
2013-09-11 13:51 - 2010-10-14 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB981957$
2013-09-11 13:51 - 2010-09-16 03:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB981322$
2013-09-11 13:51 - 2010-08-12 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982214$
2013-09-11 13:51 - 2010-06-11 03:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979559$
2013-09-11 13:51 - 2010-06-11 03:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978695_WM9$
2013-09-11 13:51 - 2010-04-14 03:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978601$
2013-09-11 13:51 - 2010-02-10 14:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971468$
2013-09-11 13:51 - 2009-12-10 04:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971737$
2013-09-11 13:51 - 2009-12-07 17:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01007$
2013-09-11 13:51 - 2009-11-10 15:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB969947$
2013-09-11 13:51 - 2009-10-15 03:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958869$
2013-09-11 13:51 - 2009-10-15 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB974112$
2013-09-11 13:51 - 2009-10-15 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954155_WM9$
2013-09-11 13:51 - 2009-09-09 23:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB968816_WM9$
2013-09-11 13:51 - 2009-09-09 23:22 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956844$
2013-09-11 13:51 - 2009-08-13 03:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB960859$
2013-09-11 13:51 - 2009-08-13 03:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971657$
2013-09-11 13:51 - 2009-08-13 03:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973540_WM9$
2013-09-11 13:51 - 2009-07-05 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01005$
2013-09-11 13:51 - 2009-06-09 22:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB968537$
2013-09-11 13:51 - 2009-04-15 22:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB960803$
2013-09-11 13:51 - 2009-03-11 00:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958690$
2013-09-11 13:51 - 2009-03-11 00:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB959772_WM11$
2013-09-11 13:51 - 2009-01-13 23:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958687$
2013-09-11 13:51 - 2008-12-12 04:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB955839$
2013-09-11 13:51 - 2008-12-12 04:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954600$
2013-09-11 13:51 - 2008-10-15 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB957095$
2013-09-11 13:51 - 2008-10-15 03:01 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954211$
2013-09-11 13:51 - 2008-09-11 17:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954154_WM11$
2013-09-11 13:51 - 2008-08-12 23:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951072-v2$
2013-09-11 13:51 - 2007-12-22 04:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB946627$
2013-09-11 13:51 - 2007-12-07 13:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallMSCompPackV1$
2013-09-11 13:51 - 2007-12-07 13:56 - 00000000 __HDC C:\WINDOWS\$NtUninstallWudf01000$
2013-09-11 13:51 - 2007-03-04 06:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallWIC$
2013-09-10 01:34 - 2013-03-01 10:32 - 00022328 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimx.sys
2013-09-07 08:45 - 2013-09-07 08:45 - 00619476 _____ C:\Documents and Settings\Chris\Desktop\cc_20130907_084525.reg
2013-09-05 01:43 - 2013-07-10 01:32 - 00039224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys
2013-09-03 05:15 - 2013-09-03 05:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2013-09-03 05:15 - 2010-06-27 03:14 - 00000000 ____D C:\Program Files\CCleaner
2013-09-03 05:14 - 2013-09-03 05:14 - 04454952 _____ (Piriform Ltd) C:\Documents and Settings\Chris\Desktop\ccsetup405.exe
2013-09-03 05:13 - 2007-04-29 01:32 - 00000000 __SHD C:\Documents and Settings\Chris\UserData
2013-09-03 05:13 - 2007-03-04 16:50 - 00000000 ____D C:\Documents and Settings\Chris
2013-09-03 05:03 - 2012-04-23 12:57 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Evernote.lnk
2013-08-29 19:17 - 2003-03-31 05:00 - 00000750 _____ C:\WINDOWS\win.ini
2013-08-29 09:43 - 2013-08-29 09:43 - 00000000 ____D C:\Documents and Settings\Chris\Local Settings\Application Data\Ofi Labs
2013-08-29 09:01 - 2013-08-29 09:01 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Local Settings\Application Data\Sun
2013-08-29 09:01 - 2013-08-29 09:01 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Application Data\Sun
2013-08-29 09:00 - 2013-08-29 09:00 - 00000000 ____D C:\Tables
2013-08-29 07:21 - 2013-08-29 07:21 - 00000000 __SHD C:\Documents and Settings\Chris Trillana\PrivacIE
2013-08-29 07:21 - 2013-08-29 07:21 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Application Data\Adobe
2013-08-29 07:21 - 2012-03-20 13:35 - 00000000 ____D C:\Documents and Settings\Chris Trillana
2013-08-29 07:20 - 2013-08-29 07:20 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Application Data\Yahoo!
2013-08-29 07:20 - 2013-08-29 07:20 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Application Data\AVG2013
2013-08-29 07:19 - 2013-08-29 07:19 - 00000000 ____D C:\Documents and Settings\Chris Trillana\Local Settings\Application Data\Avg2013
2013-08-29 07:15 - 2013-06-12 03:23 - 00000022 _____ C:\Documents and Settings\Chris\BugSent.txt
2013-08-29 07:14 - 2013-08-29 07:14 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Juniper Networks
2013-08-29 07:14 - 2013-08-14 17:21 - 00000028 _____ C:\pending.un
2013-08-28 14:47 - 2013-08-28 14:40 - 00000000 ____D C:\Documents and Settings\Chris\Local Settings\Application Data\Avg2013
2013-08-28 14:43 - 2013-08-28 14:43 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\AVG2013
2013-08-28 14:43 - 2013-08-28 14:42 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2013
2013-08-28 14:42 - 2013-08-28 14:42 - 00000000 ___HD C:\$AVG
2013-08-28 14:42 - 2013-08-28 14:42 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\TuneUp Software
2013-08-28 14:41 - 2013-08-28 14:41 - 00000000 ____D C:\Program Files\AVG
2013-08-28 14:40 - 2013-08-28 14:40 - 00000000 ____D C:\Documents and Settings\Chris\Local Settings\Application Data\MFAData
2013-08-28 14:39 - 2013-08-28 14:39 - 04491824 _____ (AVG Technologies) C:\Documents and Settings\Chris\Desktop\avg_avct_stb_all_2013_3392_cm10.exe
2013-08-28 14:02 - 2013-08-28 14:02 - 11233112 _____ (Microsoft Corporation) C:\Documents and Settings\Chris\Desktop\mseinstall.exe
2013-08-28 13:51 - 2013-08-28 13:51 - 00015251 _____ C:\Documents and Settings\Chris\Desktop\hijackthis.log
2013-08-28 13:46 - 2013-08-28 13:46 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\Chris\Desktop\HijackThis.exe
2013-08-28 13:42 - 2009-11-01 02:02 - 00000000 ____D C:\Documents and Settings\Chris\Application Data\gnupg
2013-08-26 22:26 - 2010-12-16 20:51 - 00000000 __SHD C:\Documents and Settings\Chris\Application Data\.#
2013-08-26 21:12 - 2009-05-12 20:42 - 00041728 _____ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2013-08-22 03:35 - 2009-10-23 12:37 - 00000000 ___RD C:\Program Files\Skype
2013-08-22 03:35 - 2009-10-23 12:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-08-19 07:13 - 2009-10-31 00:09 - 00001984 _____ C:\WINDOWS\system32\d3d9caps.dat

Some content of TEMP:
====================
C:\Documents and Settings\Chris\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Guest\Local Settings\Temp\chocolatier_s1_l1_gF2029T1L1_d17431404[1].exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================








Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-09-2013 03
Ran by Chris at 2013-09-18 00:12:45
Running from C:\Documents and Settings\Chris\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

23_24_2500Tour (Version: 5.31.1.27)
2400 (Version: 5.31.1.27)
2400_2500Help (Version: 5.31.1.27)
2400_2500trb (Version: 5.31.1.27)
32 Bit HP CIO Components Installer (Version: 6.1.1)
ActiveState ActiveTcl 8.5.7.1 (Version: 8.5.7.1)
Adobe AIR (Version: 3.7.0.2090)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color Common Settings (Version: 1.0.1)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Digital Editions
Adobe Dreamweaver CS3 (Version: 9)
Adobe Dreamweaver CS3 (Version: 9.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.135)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Help Viewer CS3 (Version: 1)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS (Version: CS)
Adobe Reader X (10.1.8) (Version: 10.1.8)
Adobe Setup (Version: 1.0)
Adobe Shockwave Player 11.5 (Version: 11.5.2.602)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
AIM 6
AiO_Scan (Version: 5.31.1.27)
AIOMinimal (Version: 5.31.1.27)
AiOSoftware (Version: 5.31.1.27)
Air Video Server 2.4.3 (Version: 2.4.3)
Amazon Kindle For PC v1.0
Apache HTTP Server 2.2.15 (Version: 2.2.15)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
ATI AVIVO Codecs (Version: 10.0.0.40103)
ATI Catalyst Control Center (Version: 2.009.0427.2330)
ATI Control Panel (Version: 6.14.10.5120)
ATI Display Driver (Version: 8.051-040825a-019641C-Dell)
ATT-AACE
Audacity 1.2.6
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3408)
AVG 2013 (Version: 2013.0.3408)
AviSynth 2.5
AVS Audio Converter version 6.1
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
AVStoDVD 2.4.2 (Version: 2.4.2)
Bejeweled Twist (remove only)
Belarc Advisor 8.1
BlindWrite 6 (Version: 6.2.0.10)
BlogDesk 2.8 (Version: 2.8)
Bonjour (Version: 3.0.0.10)
Brother HL-5250DN (Version: 1.00)
BufferChm (Version: 130.0.331.000)
C4700 (Version: 130.0.373.000)
calibre (Version: 0.6.53)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0427.2331.40409)
Catalyst Control Center Graphics Full Existing (Version: 2009.0427.2331.40409)
Catalyst Control Center Graphics Full New (Version: 2009.0427.2331.40409)
Catalyst Control Center Graphics Light (Version: 2009.0427.2331.40409)
Catalyst Control Center Graphics Previews Common (Version: 2007.0202.1923.34565)
Catalyst Control Center Graphics Previews Common (Version: 2009.0427.2331.40409)
Catalyst Control Center HydraVision Full (Version: 2009.0427.2331.40409)
Catalyst Control Center Localization All (Version: 2009.0427.2331.40409)
CCC Help Chinese Standard (Version: 2009.0427.2330.40409)
CCC Help Chinese Traditional (Version: 2009.0427.2330.40409)
CCC Help Czech (Version: 2009.0427.2330.40409)
CCC Help Danish (Version: 2009.0427.2330.40409)
CCC Help Dutch (Version: 2009.0427.2330.40409)
CCC Help English (Version: 2007.0202.1922.34565)
CCC Help English (Version: 2009.0427.2330.40409)
CCC Help Finnish (Version: 2009.0427.2330.40409)
CCC Help French (Version: 2009.0427.2330.40409)
CCC Help German (Version: 2009.0427.2330.40409)
CCC Help Greek (Version: 2009.0427.2330.40409)
CCC Help Hungarian (Version: 2009.0427.2330.40409)
CCC Help Italian (Version: 2009.0427.2330.40409)
CCC Help Japanese (Version: 2009.0427.2330.40409)
CCC Help Korean (Version: 2009.0427.2330.40409)
CCC Help Norwegian (Version: 2009.0427.2330.40409)
CCC Help Polish (Version: 2009.0427.2330.40409)
CCC Help Portuguese (Version: 2009.0427.2330.40409)
CCC Help Russian (Version: 2009.0427.2330.40409)
CCC Help Spanish (Version: 2009.0427.2330.40409)
CCC Help Swedish (Version: 2009.0427.2330.40409)
CCC Help Thai (Version: 2009.0427.2330.40409)
CCC Help Turkish (Version: 2009.0427.2330.40409)
ccc-core-preinstall (Version: 2009.0427.2331.40409)
ccc-core-static (Version: 2009.0427.2331.40409)
ccc-utility (Version: 2009.0427.2331.40409)
CCleaner (Version: 4.05)
CDDRV_Installer (Version: 4.60)
CDisplayEx 1.4
Chanalyzer Lite (Version: 1.1.1)
ClearType Tuning Control Panel Applet (Version: 1.01.0000)
Combined Community Codec Pack 2009-09-09 (Version: 2009.09.09.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copssh (remove only)
Copy (Version: 5.31.0.150)
CreativeProjects (Version: 5.31.0.150)
Critical Update for Windows Media Player 11 (KB959772)
Debugging Tools for Windows (x86) (Version: 6.9.3.113)
DeductionPro 2007 (Version: 14.19)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
Disk Space Fan 2.2.7.821
Disk Space Fan 4 Free (4.0.2.102)
DocProc (Version: 3.1.0.0)
Dropbox (HKCU Version: 2.0.22)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
EASEUS Data Recovery Wizard Professional 5.5.1
EASEUS Partition Master 9.1.0 Home Edition
erLT (Version: 1.20.0137)
Evernote v. 4.5.4 (Version: 4.5.4.6498)
Fax (Version: 5.31.2.31)
Fences
Fences (Version: 1.0)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Folding@home-x86 (Version: 6.23)
Foxit Reader (Version: 3.1.3.1030)
Frets On Fire (Version: 1.3.110-win32)
Full Tilt Poker (Version: 4.22.11.WIN.FullTilt.COM)
Google Chrome (HKCU Version: 29.0.1547.66)
Google Earth Pro 4.2
GPBaseService2 (Version: 130.0.371.000)
Gpg4win (2.0.1) (Version: 2.0.1)
GPL Ghostscript 8.64
Haali Media Splitter
Half-Life® 2 (Version: 1.0.0.0)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HijackThis 2.0.2 (Version: 2.0.2)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photo & Imaging 3.1 (Version: 3.1)
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP PSC & OfficeJet 3.0 (Version: 3.0)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Unload DLL Patch (Version: 1.00.0000)
HP Update (Version: 5.002.001.004)
hpmdtab (Version: 2.0.470.1598)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
HPSystemDiagnostics (Version: 1.5.0.0)
hpWLPGInstaller (Version: 130.0.303.000)
ICW Base(remove only)
ImgBurn (Version: 2.5.5.0)
inSSIDer (Version: 1.2.3)
InstantShare (Version: 3.1.0.13)
Intel® 537EP V9x DF PCI Modem
Intel® PRO Network Connections Drivers
Intel® Processor ID Utility (Version: 4.22.0000)
iPhone Configuration Utility (Version: 2.1.0.163)
iPhone Explorer 0.992
ISO Recorder (Version: 2.0.0)
iTunes (Version: 11.0.2.26)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JBidwatcher 2.5.3pre3 (Version: 2.5.3pre3)
join.me (HKCU Version: 1.3.1.429)
Juniper Networks Host Checker (HKCU Version: 7.0.0.17289)
Juniper Networks Secure Application Manager (Version: 6.5.0.15255)
Juniper Networks Setup Client Activex Control (Version: 2.1.1.1)
Juniper Networks, Inc. Setup Client (HKCU Version: 7.1.4.13103)
KEDDS (Version: 1.04.0000.0005)
KeePass Password Safe 2.16
KhalInstallWrapper (Version: 2.00.0000)
Kodak EasyShare software
Logitech iTouch Software
Logitech SetPoint (Version: 4.80)
Logitech Touch Mouse Server 1.0 (Version: 1.0)
LogMeIn (Version: 4.1.1868)
Magic Video Converter Trial Version (English) 8.0.2.18
Market Samurai (Version: 0.85.20)
MarketResearch (Version: 130.0.374.000)
Media Player Classic - Home Cinema v. 1.3.1249.0
MediaInfo 0.7.58 (Version: 0.7.58)
Memories Disc Creator 2.0 (Version: 2.0.470.1598)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Default Manager (Version: 2.1.55.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Mindjet MindManager 2012 (Version: 10.0.445)
Minecraft Beta Cracked
MKVtoolnix 4.9.1 (Version: 4.9.1)
MobileMe Control Panel (Version: 3.1.8.0)
Mobipocket Reader 6.2 (Version: 6.2.608)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
mp4UI
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
netbrdg (Version: 7.01.0000.0001)
Network (Version: 130.0.374.000)
Nightly 20.0a1 (x86 en-US) (Version: 20.0a1)
Nikon File Uploader 2 (Version: 2.0.2)
Nikon Message Center 2 (Version: 2.1.0)
Nikon Movie Editor (Version: 2.7.0)
nLite 1.4.9.1 (Version: 1.4.9.1)
NMapWin (Version: 1.3.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OLYMPUS Master 2 (Version: 1.0.6)
OmmWriter (Version: 0.1.0.8)
OpenVPN 2.1_rc20 (Version: 2.1_rc20)
Overland (Version: 1.76.0)
overland (Version: 2.1.5)
PC Wizard 2012.2.0
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
PDFill PDF Editor with FREE Writer and Free Tools (Version: 7.0)
PDF-XChange 3
PFPortChecker 1.0.32 (Version: 1.0.32)
PhotoGallery (Version: 5.31.0.158)
Photosynth 2.0109.1002.1657 (Version: 2.0109.1002.1657)
Picture Control Utility (Version: 1.4.9)
Plucker 1.6
PrintScreen (Version: 5.31.0.147)
PS_AIO_06_C4700_SW_Min (Version: 130.0.373.000)
PS3 Media Server (Version: 1.50.1)
Python 2.6.5 (Version: 2.6.5150)
QFolder (Version: 1.00.0000)
QuickProjects (Version: 5.31.0.147)
QuickTime (Version: 7.73.80.64)
Rainmeter (Version: 2.5 beta r1786)
RAW Thumbnail Viewer
Readme (Version: 5.31.1.27)
Rosetta Stone Version 3 (Version: 3.3.5.2)
Safari (Version: 5.34.57.2)
Scan (Version: 13.0.0.0)
Screencaster Plug-in for FF (Version: 5.1.0.0)
Segoe UI (Version: 14.0.4327.805)
SFR (Version: 7.00.0000.0004)
Shop for HP Supplies (Version: 13.0)
SigmaTel Audio (Version: 5.10.4600.0)
Skins (Version: 2009.0427.2331.40409)
SkinsHP1 (Version: 5.31.0.147)
SkinsHP2 (Version: 5.31.0.147)
Skype Click to Call (Version: 6.11.13348)
Skype™ 6.1 (Version: 6.1.129)
SmartWebPrinting (Version: 130.0.373.000)
Snagit 11 (Version: 11.1.0)
SolutionCenter (Version: 130.0.373.000)
Speccy
SpeedFan (remove only)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Status (Version: 130.0.373.000)
Steam™ (Version: 1.0.0.0)
SURE Trader 2.9.0.0 (Version: 2.9.0.0)
System47 Screen Saver
TaxCut California 2007 (Version: 1.07.5401)
TaxCut Premium + State 2007 (Version: 07.04.0000)
TextPad 5 (Version: 5.0.3)
The 5 Bucks a Day Action Enforcer
thinkorswim from TD AMERITRADE
Toolbox (Version: 130.0.648.000)
Traffic Travis 4.1.0
TrayApp (Version: 130.0.376.000)
Trillian
TweetDeck (Version: 0.32.1)
Twingly Screensaver (Version: 1.0.0)
TypingMaster Pro (Version: 7.00)
Ubuntu (Version: 9.10ubuntu1-rev160)
Ultimate Poker (Version: 3.0.4273)
Unload (Version: 3.1.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USB Video Driver (Version: 1.00)
ViewNX 2 (Version: 2.7.1)
Virtual Desktop Manager Powertoy for Windows XP (Version: 1.00.0001)
VLC media player 1.0.5 (Version: 1.0.5)
VNC Free Edition 4.1.3 (Version: 4.1.3)
Vuze (Version: 4.4)
WebEx
WebFldrs XP (Version: 9.50.6513)
WebReg (Version: 130.0.132.017)
WeFi 3.7.6.9 (Version: 3.7.6.9)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
WinDirStat 1.1.2
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Defender (Version: 1.1.1593.0)
Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media  (08/31/2007 5.7.0831.0) (Version: 08/31/2007 5.7.0831.0)
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA  (08/31/2007 5.7.0831.0) (Version: 08/31/2007 5.7.0831.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Mobile Device Updater Component (Version: 04.07.1404.01)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinImage
WinPcap 3.0 alpha 4
WinRAR archiver
WinUpdatesList (Version: 1.23)
WinX DVD Ripper Platinum 6.0.2
XHeader (Version: 1.106)
XML Paper Specification Shared Components Pack 1.0
Yahoo! Install Manager
Yahoo! Toolbar
YAMB
Zune (Version: 04.07.1404.01)
Zune Language Pack (DEU) (Version: 04.07.1404.01)
Zune Language Pack (ESP) (Version: 04.07.1404.01)
Zune Language Pack (FRA) (Version: 04.07.1404.01)
Zune Language Pack (ITA) (Version: 04.07.1404.01)
Zune Language Pack (NLD) (Version: 04.07.1404.01)
Zune Language Pack (PTB) (Version: 04.07.1404.01)
Zune Language Pack (PTG) (Version: 04.07.1404.01)

==================== Restore Points  =========================

28-08-2013 20:35:53 Software Distribution Service 3.0
28-08-2013 21:03:39 Software Distribution Service 3.0
28-08-2013 21:41:27 Installed AVG 2013
28-08-2013 21:41:57 Installed AVG 2013
30-08-2013 00:32:36 System Checkpoint
30-08-2013 16:48:08 Software Distribution Service 3.0
31-08-2013 16:48:03 Software Distribution Service 3.0
01-09-2013 09:08:19 Software Distribution Service 3.0
01-09-2013 16:47:56 Software Distribution Service 3.0
02-09-2013 16:47:52 Software Distribution Service 3.0
03-09-2013 16:47:59 Software Distribution Service 3.0
04-09-2013 16:48:05 Software Distribution Service 3.0
05-09-2013 16:48:03 Software Distribution Service 3.0
06-09-2013 16:48:15 Software Distribution Service 3.0
09-09-2013 05:48:32 System Checkpoint
10-09-2013 16:33:44 System Checkpoint
11-09-2013 21:23:04 System Checkpoint
13-09-2013 06:16:56 System Checkpoint
13-09-2013 10:00:19 Software Distribution Service 3.0
13-09-2013 10:28:20 Software Distribution Service 3.0
13-09-2013 17:57:14 Software Distribution Service 3.0
13-09-2013 17:59:30 Software Distribution Service 3.0
14-09-2013 18:18:46 Software Distribution Service 3.0
15-09-2013 08:46:45 Software Distribution Service 3.0
15-09-2013 18:17:24 Software Distribution Service 3.0
16-09-2013 18:18:08 Software Distribution Service 3.0
17-09-2013 18:18:15 Software Distribution Service 3.0

==================== Hosts content: ==========================

2003-03-31 05:00 - 2012-10-24 22:31 - 00000763 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1604221776-839522115-1004Core.job => C:\Documents and Settings\Chris\Local Settings\Application

Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1604221776-839522115-1004UA.job => C:\Documents and Settings\Chris\Local Settings\Application

Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\OGALogon.job => C:\WINDOWS\system32\OGAEXEC.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{C5E31E93-CCBD-4EF5-A104-70AB2705CCD7}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2003-03-31 05:00 - 2009-02-26 21:56 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfime.ime
2008-02-24 19:13 - 2012-11-05 10:38 - 00092072 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIinit.dll
2008-02-24 19:14 - 2012-11-05 10:38 - 00083912 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIRfsClientNP.dll
2009-10-04 18:09 - 2009-04-16 14:08 - 00123904 ____N (Hewlett-Packard Company) C:\WINDOWS\system32\hpf3l70v.dll
2003-08-11 01:07 - 2003-08-11 01:07 - 00147512 ____N (HP) C:\WINDOWS\system32\hpzlnt09.dll
2008-02-24 19:14 - 2012-11-05 10:38 - 00031144 _____ (LogMeIn, Inc.) C:\WINDOWS\system32\LMIport.dll
2013-05-31 00:24 - 2006-01-30 08:32 - 00005632 _____ (Tracker Software) C:\WINDOWS\system32\pxc25pm.dll
2008-02-03 23:32 - 2008-02-03 23:32 - 00051716 ____N () C:\WINDOWS\system32\pdf995mon.dll
2010-03-23 05:07 - 2008-06-21 08:24 - 00026112 _____ (Windows ® Codename Longhorn DDK provider) E:\Program

Files\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll
2009-10-04 18:09 - 2009-04-16 14:08 - 00312832 ____N (Hewlett-Packard Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpfpp70v.dll
2008-02-24 19:14 - 2012-11-05 10:38 - 00052648 _____ (LogMeIn, Inc.) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LMIproc.dll
2007-03-04 06:28 - 2008-07-06 05:06 - 00089088 ____N (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00053024 _____ (Open Source Software community project) C:\Program Files\Common Files\Apple\Apple Application

Support\pthreadVC2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00073064 _____ (Apple Inc.) C:\WINDOWS\system32\dnssd.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-09-28 09:11 - 2009-09-28 09:11 - 00206336 _____ () e:\Program Files\GNU\GnuPG\libksba-8.dll
2009-09-28 09:08 - 2009-09-28 09:08 - 00045568 _____ () e:\Program Files\GNU\GnuPG\libgpg-error-0.dll
2009-09-28 09:06 - 2009-09-28 09:06 - 00038400 _____ () e:\Program Files\GNU\GnuPG\libw32pth-0.dll
2009-09-28 09:12 - 2009-09-28 09:12 - 00598016 _____ () e:\Program Files\GNU\GnuPG\libgcrypt-11.dll
2011-07-06 16:32 - 2012-11-05 10:38 - 01021864 _____ (LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianDll.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 00044544 ____N (Hewlett-Packard) c:\windows\system32\hpzinw12.dll
2008-12-03 20:05 - 2008-12-03 20:05 - 00053760 ____N (Hewlett-Packard) c:\windows\system32\hpzipm12.dll
2012-11-29 14:59 - 2012-11-29 14:59 - 00093696 _____ () E:\Program Files\FileZilla FTP Client\fzshellext.dll
2007-03-04 06:53 - 2005-11-16 16:35 - 00172032 ____N (SigmaTel, Inc.) C:\WINDOWS\system32\stacapi.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00106496 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3404.40477__90ba9c70f846762e\MOM.Implementation.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00032768 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00032768 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00061440 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3404.40476__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00028672 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3404.40477__90ba9c70f846762e\CCC.Implementation.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00028672 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
2010-11-11 13:55 - 2010-11-11 13:55 - 00050928 _____ (Microsoft Corporation) H:\Zune\ZuneCfg.DLL
2010-11-11 13:57 - 2010-11-11 13:57 - 00059632 _____ (Microsoft Corporation) H:\Zune\ZuneShellExt.dll
2011-09-14 12:54 - 2011-09-14 12:54 - 00214368 _____ (Mindjet) C:\Program Files\Mindjet\MindManager 10\MmServiceUtilities.dll
2011-09-14 12:55 - 2011-09-14 12:55 - 01721688 _____ (Mindjet) C:\Program Files\Mindjet\MindManager 10\MmUtilities.dll
2011-09-14 12:55 - 2011-09-14 12:55 - 00226632 _____ (Catenary Systems) C:\Program Files\Mindjet\MindManager 10\VIC32.DLL
2011-09-14 12:54 - 2011-09-14 12:54 - 00150856 _____ () C:\Program Files\Mindjet\MindManager 10\zlib.dll
2011-09-14 12:53 - 2011-09-14 12:53 - 08054616 _____ (BCGSoft Ltd) C:\Program Files\Mindjet\MindManager 10\BCGCBPRO1500u.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00073728 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00057344 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3404.40396__90ba9c70f846762e\CLI.Component.SkinFactory.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00028672 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00014848 ____N () C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00081920 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3404.40395__90ba9c70f846762e\CLI.Component.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00045056 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00040960 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00032768 ____N (Advanced Micro Devices Inc.) C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00045056 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3404.40393__90ba9c70f846762e\AEM.Server.dll
2008-11-25 13:35 - 2008-11-25 13:35 - 00573440 _____ (Stardock Corporation) C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\32\wbocx.ocx
2009-10-20 03:10 - 2009-10-20 03:10 - 00013312 ____N ( ) C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
2006-10-10 10:55 - 2006-10-10 10:55 - 00050688 _____ (Stardock.Net, Inc) C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\32\wbhelp2.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00045056 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3404.40490__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00045056 ____N (ATI Technologies Inc.)

C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (ATI Technologies Inc.)

C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00011776 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3404.40497__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00008704 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3404.40496__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00061440 ____N (Advanced Mirco Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00290816 ____N (Advanced Mirco Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3404.40397__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00024576 ____N (ATI Technologies Inc.)

C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.) C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00081920 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3404.40395__90ba9c70f846762e\ATIDEMOS.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00077824 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3404.40464__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00036864 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3404.40436__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00065536 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3404.40404__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00036864 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3404.40445__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00032768 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00024576 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00040960 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3404.40437__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00053248 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00065536 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3404.40436__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00049152 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00028672 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00028672 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3404.40413__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00061440 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3404.40452__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00053248 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00061440 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3404.40394__90ba9c70f846762e\APM.Server.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00007168 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3404.40393__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00405504 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3404.40409__90ba9c70f846762e\CLI.Component.Wizard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00040960 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00024576 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00040960 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3404.40409__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00491520 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3404.40482__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00094208 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3404.40453__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 01728512 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3404.40413__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00204800 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3404.40414__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00364544 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3404.40469__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00040960 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00007168 ____N ( ) C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00007680 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3404.40500__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 01142784 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3404.40401__90ba9c70f846762e\CLI.Component.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00020480 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2008-10-30 14:39 - 2008-10-30 14:39 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00073728 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3404.40404__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00016384 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00139264 ____N (Advanced Mirco Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3404.40483__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00225280 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3404.40414__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00712704 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3404.40405__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00126976 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3404.40446__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00438272 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3404.40437__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00798720 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3404.40465__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00450560 ____N (Advanced Micro Devices, Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3404.40433__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00364544 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3404.40452__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00106496 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3404.40414__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
2009-10-20 03:10 - 2009-10-20 03:10 - 00007680 ____N (Advanced Micro Devices Inc.)

C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3404.40496__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
2012-03-29 12:31 - 2012-03-29 12:31 - 00284160 _____ (Evernote Corporation) C:\Program Files\Evernote\Evernote\encrashrep.dll
2012-03-29 12:33 - 2012-03-29 12:33 - 00433664 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll
2012-03-29 12:33 - 2012-03-29 12:33 - 00258048 _____ (Evernote Corporation, 333 West Evelyn Avenue, Mountain View, CA 94041) C:\Program

Files\Evernote\Evernote\LibPCRE.dll
2012-03-29 12:33 - 2012-03-29 12:33 - 00315392 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll
2013-05-24 17:36 - 2013-05-24 17:36 - 00130736 _____ (Dropbox, Inc.) C:\Documents and Settings\Chris\Application Data\Dropbox\bin\DropboxExt.19.dll
2010-06-22 10:22 - 2010-06-22 10:22 - 00202088 _____ (Stardock) C:\Program Files\Fences\FencesMenu.dll
2010-06-22 10:22 - 2010-06-22 10:22 - 00599400 _____ (Stardock) c:\program files\fences\DesktopDock.dll
2013-09-13 02:22 - 2013-09-13 02:23 - 03551640 _____ () E:\Program Files\Mozilla Firefox6\mozjs.dll

==================== Alternate Data Streams (whitelisted) ==========


==================== Faulty Device Manager Devices =============

Name: 802.11g Wireless PCI Card
Description: 802.11g Wireless PCI Card
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Texas Instruments
Service: TNET1130
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/12/2013 08:42:27 PM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/12/2013 04:42:26 PM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/12/2013 09:01:32 AM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/12/2013 04:42:26 AM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/11/2013 08:42:27 AM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/10/2013 08:42:26 AM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/10/2013 04:42:25 AM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/09/2013 04:42:26 PM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/09/2013 09:01:31 AM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]

Error: (09/09/2013 00:42:26 AM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]


System errors:
=============
Error: (09/17/2013 11:48:05 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (09/17/2013 03:57:52 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (09/15/2013 03:54:32 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (09/13/2013 11:07:18 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (09/12/2013 09:47:15 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.3.0216.01.157.1352.06%%851NT AUTHORITYNETWORK SERVICES-1-5-202%%8011%%8031.1.9800.00x80072ee7The server name or address could not be resolved

1%%852http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9800.0&avdelta=1.157.1352.0&asdelta=1.157.1352.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752

CCA7094

Error: (09/12/2013 09:47:15 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.3.0216.01.157.1352.06%%851NT AUTHORITYNETWORK SERVICES-1-5-201%%8001%%8031.1.9800.00x80072ee7The server name or address could not be resolved

1%%852http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.9800.0&avdelta=1.157.1352.0&asdelta=1.157.1352.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752

CCA7094

Error: (09/12/2013 09:47:15 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.3.0216.01.157.1352.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.9800.00x8024402cAn unexpected problem occurred while checking for updates.

For information on installing or troubleshooting updates, see Help and Support. 1%%852http://www.microsoft.com

Error: (09/11/2013 09:47:15 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.3.0216.01.157.1352.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.9800.00x8024402cAn unexpected problem occurred while checking for updates.

For information on installing or troubleshooting updates, see Help and Support. 1%%852http://www.microsoft.com

Error: (09/11/2013 07:07:20 AM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set

schedule. Windows will continue to try to establish a connection.

Error: (09/10/2013 09:47:15 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.3.0216.01.157.1352.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8031.1.9800.00x8024402cAn unexpected problem occurred while checking for updates.

For information on installing or troubleshooting updates, see Help and Support. 1%%852http://www.microsoft.com


Microsoft Office Sessions:
=========================
Error: (09/12/2013 08:42:27 PM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/12/2013 04:42:26 PM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/12/2013 09:01:32 AM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/12/2013 04:42:26 AM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/11/2013 08:42:27 AM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/10/2013 08:42:26 AM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/10/2013 04:42:25 AM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/09/2013 04:42:26 PM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/09/2013 09:01:31 AM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000

Error: (09/09/2013 00:42:26 AM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000


==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 3582.09 MB
Available physical RAM: 2843.26 MB
Total Pagefile: 3801.34 MB
Available Pagefile: 3057.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.06 GB) (Free:4.06 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (SliTaz ophcrack) (CDROM) (Total:0.41 GB) (Free:0 GB) CDFS
Drive e: () (Fixed) (Total:109.99 GB) (Free:3.37 GB) NTFS
Drive g: (Untitled Disc) (CDROM) (Total:0.65 GB) (Free:0 GB) UDF
Drive h: () (Fixed) (Total:145.29 GB) (Free:1.18 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: DAD5DAD5)
Partition 1: (Active) - (Size=39 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)
Partition 2: (Active) - (Size=145 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4 GB) - (Type=DB)

==================== End Of Log ============================





 



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 18 September 2013 - 09:21 AM

Hi Chris,

Glad to have you with us.

I would be careful with this:

MAFIAAFire Redirector for Chrome

Please consider and do this.

===================================================

Use of Registry Cleaner Not Recommended - CCleaner

--------------------

BleepingComputer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:
  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.
    • The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
  • Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.
If you persist in using a registry cleaner you should always backup the registry before doing so.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKU\Guest\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
S4 LMIRfsClientNP; No ImagePath
S3 mcdbus; system32\DRIVERS\mcdbus.sys [x]
S3 netwg311; system32\DRIVERS\netwg311.sys [x]
S4 Remofscl; No ImagePath
S4 IntelIde; No ImagePath
C:\Documents and Settings\Chris\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Guest\Local Settings\Temp\chocolatier_s1_l1_gF2029T1L1_d17431404[1].exe
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Test your password issue
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Farbar log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 ihopeidonthavearkit

ihopeidonthavearkit
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 18 September 2013 - 09:43 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-09-2013 03
Ran by Chris at 2013-09-18 07:39:55 Run:1
Running from C:\Documents and Settings\Chris\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\Guest\...\Run: [] - [x]
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
S4 LMIRfsClientNP; No ImagePath
S3 mcdbus; system32\DRIVERS\mcdbus.sys [x]
S3 netwg311; system32\DRIVERS\netwg311.sys [x]
S4 Remofscl; No ImagePath
S4 IntelIde; No ImagePath
C:\Documents and Settings\Chris\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Guest\Local Settings\Temp\chocolatier_s1_l1_gF2029T1L1_d17431404[1].exe
*****************

HKU\Guest\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\SearchMigratedDefaultURL => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
LMIRfsClientNP => Service deleted successfully.
mcdbus => Service deleted successfully.
netwg311 => Service deleted successfully.
Remofscl => Service deleted successfully.
IntelIde => Service deleted successfully.
C:\Documents and Settings\Chris\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\Guest\Local Settings\Temp\chocolatier_s1_l1_gF2029T1L1_d17431404[1].exe => Moved successfully.

==== End of Fixlog ====



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 18 September 2013 - 10:43 AM

Test your password issue

Any difference?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 ihopeidonthavearkit

ihopeidonthavearkit
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 18 September 2013 - 10:47 AM

I've restarted the computer a few times and it seems like the password issue is fixed.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 18 September 2013 - 11:44 AM

Hi Chris,

Glad to hear that. Let's run a couple of scans. Please do this for me.

===================================================

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download. You can also right click on the link and select Save Link As
  • Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
    • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
      For instructions with screenshots, please refer to this Guide.
    • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version .
    • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
    • If an update is found, the program will automatically update itself. Press the OK button and continue.
    • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
    • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
    • Click on the Scan button.
    • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked and then click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab.
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
    • Exit Malwarebytes when done.
  • Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not be presented with a log.
  • Click the Back button.
  • Click the Finish button.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • MBAM results
  • ESET results
  • How is your computer running now? Any issues?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 ihopeidonthavearkit

ihopeidonthavearkit
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 19 September 2013 - 01:27 AM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.18.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Chris :: MOMDESK [administrator]

9/18/2013 10:00:14 AM
mbam-log-2013-09-18 (10-00-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 356509
Time elapsed: 13 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


C:\Documents and Settings\Chris\Application Data\Apple Computer\Safari\PubSub\Feeds\f9fe570c37d1c6a0b5832de387bafdcf1c495b5b.xml    JS/Agent.NJV trojan    cleaned by deleting - quarantined
C:\Program Files\AVStoDVD\ImgBurn\SetupImgBurn_2.5.5.0.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
E:\Program Files\PFPortChecker.exe    a variant of Win32/Bundled.Toolbar.Ask.A application    cleaned by deleting - quarantined
H:\Downloads E Backup 10-10-2011\Downloads\Program Install Temp\NOD32 Antivirus 3.0.642(with unlimited update fix)\NOD32 Antivirus 3.0.642(with unlimited update fix)\NOD32 Antivirus 3.0.642(with unlimited update fix)\Fix\NOD32_~1.EXE    Win32/RiskWare.HackAV.BG application    cleaned by deleting - quarantined
H:\Downloads E Backup 10-10-2011\Downloads\Program Install Temp\Windows Vista Activation 2008\Activation.exe    a variant of Win32/HiddenStart.A application    deleted - quarantined
H:\Jellys Computer Old Files\2004_files\JeLLieZFoLDeR\DOWNLOADS\eXeem_0.21_setup.exe    multiple threats    cleaned by deleting - quarantined
H:\Old_Windows_XP_Home_Archive\Documents and Settings\GUESSSST\My Documents\kazaa_setup.exe    a variant of Win32/Adware.Kazaa.A application    cleaned by deleting - quarantined
 



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 19 September 2013 - 08:55 AM

Hi Chris,

Good. Now please run this.

===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Security Check log
  • How is your computer running? Any issues?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 ihopeidonthavearkit

ihopeidonthavearkit
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 19 September 2013 - 11:08 AM

 Results of screen317's Security Check version 0.99.73  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG AntiVirus 2013              
Microsoft Security Essentials   
 Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Out of date HijackThis  installed!
 Windows Defender    
 Malwarebytes Anti-Malware version 1.75.0.1300  
 HijackThis 2.0.2    
 CCleaner     
 Java 7 Update 25  
 Adobe Flash Player     11.8.800.168  
 Adobe Reader 8 Adobe Reader out of Date!
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox (23.0.1)
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 25% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

 

 

Hmm, I thought I uninstalled Microsoft Security Essentials



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 19 September 2013 - 01:11 PM

Greetings Chris,
 

Hmm, I thought I uninstalled Microsoft Security Essentials

Please use this program.

Let's update Adobe.

===================================================

Update Adobe Reader

--------------------

Your Adobe Reader is out of date and a security concern. Here is some excellent information and a video which explains the importance of minimizing the risk of infection through compromised PDF files.

Adobe Reader Update
  • Please download Adobe Reader
  • After installing the latest Adobe Reader, uninstall all previous versions through Add/Remove Programs.
  • If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed Uncheck the box which says Also Download Adobe Photoshop® Album Starter Edition
===================================================

Things I would like to see in your next reply. :thumbsup2:
  • Did Security Essential delete?
  • Did Adobe install properly?
  • Is your computer still running well?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 ihopeidonthavearkit

ihopeidonthavearkit
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 19 September 2013 - 03:36 PM

I used the recommended Microsoft Security Essentials uninstaller.

 

I updated Adobe Reader.

 

But now on start-up it takes much longer for the desktop to appear and be fully functional. The wallpaper will appear but no taskbar or startmenu or icons.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users