Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Farbar Recovery Follow up to Topic 1: (Link Below)


  • Please log in to reply
44 replies to this topic

#1 XSheWolfX

XSheWolfX

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 16 September 2014 - 02:16 AM

Topic 1: http://www.bleepingcomputer.com/forums/t/545524/ebasedll/?p=3479465

 

Topic 2: PC lagging & crashing (still)

 

1.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by SheWolf (administrator) on SHEWOLF-PC on 16-09-2014 09:08:51
Running from C:\Users\SheWolf\Downloads
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(MSI) C:\Program Files\MSI\Super-Charger\ChargeService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(MSI) C:\Program Files\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BitLeader) C:\Program Files\lg_fwupdate\fwupdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(OLYMPUS Corporation.) C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Apple Inc.) C:\Program Files\Apple Software Update\SoftwareUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [LGODDFU] => C:\Program Files\lg_fwupdate\lgfw.exe [27760 2014-08-28] (Bitleader)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Super-Charger] => C:\Program Files\MSI\Super-Charger\Super-Charger.exe [502288 2012-01-03] (MSI)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6318696 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 2.lnk
ShortcutTarget: Device Detector 2.lnk -> C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS Corporation.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://za.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x023396747185CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-za
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\SheWolf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: GoPhotoIt - C:\Users\SheWolf\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi [2012-07-31]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-18]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.chrome/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 67A1453A75DD2E15828FF371AC1E671B0A69DEAF7C5D34E65445823C2F1E546F
CHR DefaultSearchURL: Default -> CC7D0481327C2AE66A6B03DD98411E9A13E58FEA0C2B80C6073C66632FB1566F
CHR Plugin: (Shockwave Flash) - C:\Users\SheWolf\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Users\SheWolf\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR CustomProfile: C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-29]
CHR Extension: (Google Search) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-29]
CHR Extension: (Music Television Online) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\dimbohlgicfjfehdempmibdbboppdhal [2013-09-02]
CHR Extension: (Skype Click to Call) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-29]
CHR Extension: (Google Wallet) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5 video) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-10-02]
CHR Extension: (Gmail) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-29]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-09-22] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 MSI_SuperCharger; C:\Program Files\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-14] (Microsoft Corporation)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-09-15] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2010-11-20] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files\MSI\Super-Charger\NTIOLib.sys [7680 2009-12-30] (MSI) [File not signed]
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
S0 pICVhkof; System32\drivers\pICVhkof.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-16 09:08 - 2014-09-16 09:09 - 00015685 _____ () C:\Users\SheWolf\Downloads\FRST.txt
2014-09-16 09:08 - 2014-09-16 09:09 - 00000000 ___DC () C:\FRST
2014-09-16 09:07 - 2014-09-16 09:07 - 01097728 _____ (Farbar) C:\Users\SheWolf\Downloads\FRST.exe
2014-09-15 20:34 - 2014-09-15 20:34 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-09-14 11:22 - 2014-09-14 11:23 - 03441528 _____ (Solvusoft Corporation ) C:\Users\SheWolf\Downloads\Olympus_VN-2100PC_Driver_Update_06-2014.exe
2014-09-12 23:54 - 2014-09-13 00:07 - 00000000 ____D () C:\Users\SheWolf\Downloads\Broad City
2014-09-12 23:49 - 2014-09-12 23:49 - 00182550 _____ () C:\Users\SheWolf\Desktop\squashfs4.3.tar.gz
2014-09-12 00:20 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 00:20 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 00:20 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 00:20 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 00:20 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 00:20 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 00:20 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 00:20 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 00:20 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 00:20 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 00:20 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 00:20 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 00:20 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 00:20 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 00:20 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 00:20 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 00:20 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 00:20 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 00:20 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 00:20 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 00:20 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 00:20 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 00:20 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 00:20 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 00:20 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 00:20 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 00:20 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 00:20 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 00:20 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 00:20 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 00:19 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 22:20 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 22:20 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 22:17 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 22:16 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 22:16 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 22:16 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 16:39 - 2014-09-10 16:39 - 00000000 ____D () C:\Users\SheWolf\Documents\Digital Wave Player
2014-09-10 15:22 - 2014-09-10 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Olympus Digital Wave Player
2014-09-10 15:22 - 2003-12-15 19:44 - 00073728 _____ (OLYMPUS CORPORATION) C:\Windows\system32\VNUSB.dll
2014-09-10 15:22 - 2003-06-13 17:49 - 00073728 _____ (OLYMPUS OPTICAL CO.,LTD.) C:\Windows\system32\DW90USB.DLL
2014-09-10 15:19 - 2014-09-10 15:23 - 00000000 ___DC () C:\Program Files\Olympus
2014-09-10 15:08 - 2014-09-10 15:17 - 01057488 _____ (Adobe) C:\Users\SheWolf\Downloads\install_reader11_en_mssa_aaa_aih.exe
2014-09-09 14:12 - 2014-09-12 23:55 - 00000000 ____D () C:\Users\SheWolf\Desktop\Oscar 2
2014-09-08 20:55 - 2014-09-08 22:18 - 00003236 _____ () C:\Users\SheWolf\Documents\Lee_Wolf_Oscar_1_preverdict_export.aup
2014-09-08 20:55 - 2014-09-08 20:55 - 00004258 _____ () C:\Users\SheWolf\Documents\Lee_Wolf_Oscar_1_preverdict_export.aup.bak
2014-09-06 13:53 - 2014-09-06 13:53 - 00000958 _____ () C:\Users\SheWolf\Documents\Dropbox - Shortcut.lnk
2014-09-04 23:41 - 2014-09-04 23:42 - 01370467 _____ () C:\Users\SheWolf\Downloads\adwcleaner_3.309.exe
2014-09-03 22:12 - 2014-09-03 23:27 - 00000000 ____D () C:\Users\SheWolf\Downloads\True Detective Season 1 COMPLETE 720p HDTV x264 [MKV,AC3,5.1] Ehhhh
2014-09-02 21:54 - 2014-09-03 07:59 - 00000000 ____D () C:\Users\SheWolf\Downloads\VA - SuperBomb_Pack 2
2014-09-02 00:54 - 2014-09-02 00:54 - 00009474 _____ () C:\Users\SheWolf\Downloads\[kickass.to]the.fault.in.our.stars.2014.720p.brrip.x264.yify.torrent
2014-09-02 00:02 - 2014-09-10 07:44 - 00000000 ____D () C:\Users\SheWolf\Downloads\VA - SuperBomb_Pack 1
2014-09-01 21:01 - 2014-09-01 21:01 - 00013974 _____ () C:\Users\SheWolf\Downloads\[kickass.to]va.super.bomb.pack.1.2014.torrent
2014-09-01 21:00 - 2014-09-01 21:00 - 00013630 _____ () C:\Users\SheWolf\Downloads\[kickass.to]va.superbomb.pack.2.2014.torrent
2014-09-01 15:12 - 2014-09-01 15:12 - 00033938 _____ () C:\Users\SheWolf\Desktop\download.htm
2014-08-31 23:18 - 2014-08-31 23:18 - 00013593 _____ () C:\Users\SheWolf\Downloads\[kickass.to]silicon.valley.season.1.complete.torrentgod.torrent
2014-08-31 23:15 - 2014-08-31 23:15 - 00021600 _____ () C:\Users\SheWolf\Downloads\[kickass.to]broad.city.season.1.720p.x264.aac.mkv.torrent
2014-08-31 23:14 - 2014-08-31 23:14 - 00016009 _____ () C:\Users\SheWolf\Downloads\[kickass.to]hbo.girls.s01.season.1.bdrip.xvid.demand.torrent
2014-08-31 23:14 - 2014-08-31 23:14 - 00014926 _____ () C:\Users\SheWolf\Downloads\[kickass.to]the.golden.girls.season.1.complete.dvdrip.torrent
2014-08-31 23:12 - 2014-08-31 23:12 - 00018306 _____ () C:\Users\SheWolf\Downloads\[kickass.to]louie.season.1.720p.mkv.compression.mkvgod.torrent
2014-08-31 23:10 - 2014-08-31 23:10 - 00013916 _____ () C:\Users\SheWolf\Downloads\[kickass.to]masters.of.sex.season.1.complete.720p.web.dl.sujaidr.pimprg.torrent
2014-08-31 23:08 - 2014-08-31 23:08 - 00095229 _____ () C:\Users\SheWolf\Downloads\[kickass.to]hannibal.season.1.hdtv.xvid.pawulon.torrent
2014-08-31 23:07 - 2014-08-31 23:07 - 00013164 _____ () C:\Users\SheWolf\Downloads\[kickass.to]true.detective.season.1.complete.720p.hdtv.x264.mkv.ac3.5.1.ehhhh.torrent
2014-08-31 23:03 - 2014-08-31 23:03 - 00036815 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dominion.s01e08.hdtv.x264.killers.ettv.torrent
2014-08-31 23:02 - 2014-08-31 23:02 - 00030403 _____ () C:\Users\SheWolf\Downloads\[kickass.to]gang.related.s01e13.hdtv.x264.killers.ettv.torrent
2014-08-31 23:02 - 2014-08-31 23:02 - 00026506 _____ () C:\Users\SheWolf\Downloads\[kickass.to]gang.related.s01e12.hdtv.x264.killers.ettv.torrent
2014-08-31 22:36 - 2014-08-31 22:36 - 00033950 _____ () C:\Users\SheWolf\Downloads\[kickass.to]house.of.lies.season.3.hdtv.x264.2hd.ettv (1).torrent
2014-08-31 22:32 - 2014-08-31 22:32 - 00034224 _____ () C:\Users\SheWolf\Downloads\[kickass.to]the.vampire.diaries.s04.soundtrack.torrent
2014-08-31 22:30 - 2014-08-31 22:30 - 00043522 _____ () C:\Users\SheWolf\Downloads\[kickass.to]true.blood.s07e10.hdtv.x264.killers.ettv.torrent
2014-08-31 22:29 - 2014-08-31 22:29 - 00018763 _____ () C:\Users\SheWolf\Downloads\[kickass.to]chef.2014.720p.web.dl.900mb.shaanig.torrent
2014-08-31 22:27 - 2014-08-31 22:27 - 00004669 _____ () C:\Users\SheWolf\Downloads\[kickass.to]shame.2011.limited.dvdrip.xvid.amiable (1).torrent
2014-08-31 22:25 - 2014-08-31 22:25 - 00000855 _____ () C:\Users\SheWolf\Desktop\µTorrent.lnk
2014-08-31 22:25 - 2014-08-31 22:25 - 00000835 _____ () C:\Users\SheWolf\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-31 22:18 - 2014-08-31 22:18 - 01942864 _____ (BitTorrent Inc.) C:\Users\SheWolf\Downloads\uTorrent.exe
2014-08-31 22:10 - 2014-08-31 22:10 - 00004669 _____ () C:\Users\SheWolf\Downloads\[kickass.to]shame.2011.limited.dvdrip.xvid.amiable.torrent
2014-08-28 22:54 - 2014-08-28 22:54 - 00000000 ___DC () C:\Program Files\ESET
2014-08-28 22:53 - 2014-08-28 22:54 - 02347384 _____ (ESET) C:\Users\SheWolf\Downloads\esetsmartinstaller_enu.exe
2014-08-28 22:37 - 2014-09-10 02:43 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 22:37 - 2014-08-28 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 22:29 - 2014-09-16 08:34 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 22:29 - 2014-09-16 08:32 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 22:28 - 2014-08-28 22:29 - 00895120 _____ (Google Inc.) C:\Users\SheWolf\Downloads\ChromeSetup.exe
2014-08-28 17:39 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-08-28 17:39 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-08-28 17:39 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-08-28 17:39 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-08-28 17:39 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-08-28 17:39 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-08-28 15:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-28 13:44 - 2014-08-29 03:19 - 00043892 _____ () C:\Windows\iis7.log
2014-08-28 13:44 - 2014-08-28 13:44 - 00000000 ____D () C:\Windows\system32\msmq
2014-08-28 13:44 - 2014-08-28 13:44 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-08-28 13:43 - 2014-08-28 13:43 - 00000000 ___DC () C:\inetpub
2014-08-28 13:38 - 2014-08-28 13:39 - 00000000 ___DC () C:\Temp
2014-08-27 23:45 - 2014-09-15 20:40 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 23:45 - 2014-08-27 23:45 - 00001016 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 23:44 - 2014-08-27 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 23:44 - 2014-08-27 23:44 - 00000000 ___DC () C:\Program Files\Malwarebytes Anti-Malware
2014-08-27 23:44 - 2014-08-27 23:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 23:44 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-27 23:44 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-27 23:44 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-27 23:07 - 2014-09-03 08:13 - 00000895 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-27 23:06 - 2014-08-27 23:06 - 00000000 ___DC () C:\Program Files\AVG
2014-08-27 22:54 - 2014-08-27 22:54 - 00098268 _____ () C:\ProgramData\1409172710.bdinstall.bin
2014-08-27 22:51 - 2014-08-27 22:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SheWolf\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 22:51 - 2014-08-27 22:51 - 00037629 _____ () C:\ProgramData\1409172708.bdinstall.bin
2014-08-27 22:49 - 2014-08-27 22:51 - 04755920 _____ (AVG Technologies) C:\Users\SheWolf\Downloads\avg_free_stb_all_2014_4336_ppc3.exe
2014-08-27 21:39 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:39 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-25 23:32 - 2014-08-25 23:32 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 22:45 - 2014-09-04 23:45 - 00000000 ___DC () C:\AdwCleaner
2014-08-24 22:00 - 2014-08-31 00:23 - 00034437 _____ () C:\Users\SheWolf\Downloads\Result.txt
2014-08-24 21:59 - 2014-08-24 22:00 - 00401920 _____ (Farbar) C:\Users\SheWolf\Downloads\MiniToolBox (1).exe
2014-08-24 19:48 - 2014-08-24 19:48 - 02091520 _____ (Conner Bernhard) C:\Users\SheWolf\Downloads\NetAdapterRepair1.2.exe
2014-08-24 18:24 - 2014-09-14 12:00 - 00000504 _____ () C:\Windows\Tasks\One-Click Tweak.job
2014-08-24 09:28 - 2014-08-24 09:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-24 01:13 - 2014-08-24 01:13 - 00014623 _____ () C:\Users\SheWolf\Downloads\[kickass.to]imagine.dragons.radioactive.feat.kendrick.lamar.2014.single.torrent
2014-08-24 00:50 - 2014-08-24 00:50 - 00019965 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.vanishing.point.original.mix.mp3.electronic.deep.house.torrent
2014-08-24 00:50 - 2014-08-24 00:50 - 00012437 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.flo.jam.original.mix.edm.deep.house.gepression.torrent
2014-08-24 00:50 - 2014-08-24 00:50 - 00012437 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.flo.jam.original.mix.edm.deep.house.gepression (1).torrent
2014-08-24 00:50 - 2014-08-24 00:50 - 00011614 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.nobody.else.original.mix.mp3.torrent
2014-08-24 00:49 - 2014-08-24 00:49 - 00001351 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.love.taking.over.single.steps.edm.rg.mousr.torrent
2014-08-24 00:48 - 2014-08-24 00:48 - 00009979 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.benny.ill.9t8.2014.edm.deep.house.tech.house.gepression.torrent
2014-08-24 00:47 - 2014-08-24 00:47 - 00019984 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.careless.original.mix.edm.deep.house.gepression.torrent
2014-08-24 00:35 - 2014-08-24 00:36 - 00032391 _____ () C:\Users\SheWolf\Downloads\[kickass.to]the.vampire.diaries.soundtrack.season.5.torrent
2014-08-23 16:54 - 2014-08-23 16:54 - 00033950 _____ () C:\Users\SheWolf\Downloads\[kickass.to]house.of.lies.season.3.hdtv.x264.2hd.ettv.torrent
2014-08-22 22:52 - 2014-08-22 22:52 - 00002842 _____ () C:\Windows\system32\lic2.xml3550
2014-08-21 23:29 - 2014-08-21 23:29 - 00001137 _____ () C:\Users\SheWolf\Desktop\Pictures - Shortcut.lnk
2014-08-21 22:54 - 2014-08-21 22:54 - 00367357 _____ () C:\ProgramData\1408652626.bdinstall.bin
2014-08-21 22:37 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-21 22:21 - 2014-09-04 23:47 - 00122602 _____ () C:\Windows\PFRO.log
2014-08-20 21:36 - 2014-08-05 09:20 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-20 20:44 - 2014-08-20 20:44 - 00045299 _____ () C:\ProgramData\1408560268.bdinstall.bin
2014-08-20 19:39 - 2014-09-16 08:32 - 00016216 _____ () C:\Windows\setupact.log
2014-08-20 19:39 - 2014-08-20 19:39 - 00143936 _____ () C:\Windows\Minidump\082014-52759-01.dmp
2014-08-20 19:38 - 2014-08-24 21:45 - 367909435 _____ () C:\Windows\MEMORY.DMP
2014-08-20 19:27 - 2014-08-20 19:27 - 00043914 _____ () C:\ProgramData\1408555599.bdinstall.bin
2014-08-20 19:26 - 2014-08-21 22:26 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\QuickScan
2014-08-20 19:00 - 2014-08-20 19:00 - 00757800 _____ (Webroot) C:\Users\SheWolf\Downloads\wsafnbidsn.exe
2014-08-19 11:31 - 2014-09-16 08:32 - 00000296 _____ () C:\Windows\Tasks\Application Starter - 8882161c434ab0fd43dca37f474f4351.job
2014-08-19 11:28 - 2014-08-19 11:28 - 00000000 ___DC () C:\Program Files\MSECache
2014-08-19 06:16 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 06:16 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 06:16 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 06:16 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 06:16 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 06:16 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 06:16 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 06:15 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 06:15 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 00:02 - 2014-08-19 02:19 - 368945248 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
2014-08-18 22:17 - 2014-08-18 22:19 - 02959376 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\dotnetfx35setup.exe
2014-08-18 22:14 - 2014-08-19 00:20 - 38808920 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\FileFormatConverters.exe
2014-08-18 19:13 - 2014-08-18 21:42 - 18891671 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\Unconfirmed 980549.crdownload
2014-08-18 19:13 - 2014-08-18 19:13 - 202112291 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\Unconfirmed 187745.crdownload
2014-08-18 19:09 - 2014-08-18 19:09 - 00030217 _____ () C:\Users\SheWolf\Downloads\[kickass.to]true.blood.s07e09.hdtv.x264.asap.ettv.torrent
2014-08-18 17:31 - 2014-08-18 17:32 - 00018184 ____H () C:\Users\SheWolf\Desktop\~WRL2825.tmp
2014-08-17 19:11 - 2014-08-17 19:11 - 00000000 ____D () C:\ProgramData\REGSERVO
2014-08-17 18:03 - 2014-08-17 18:03 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-17 17:39 - 2014-08-17 17:48 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-17 17:12 - 2014-08-17 17:13 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\SheWolf\Downloads\setup (1).exe
2014-08-17 12:46 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-16 09:09 - 2014-09-16 09:08 - 00015685 _____ () C:\Users\SheWolf\Downloads\FRST.txt
2014-09-16 09:09 - 2014-09-16 09:08 - 00000000 ___DC () C:\FRST
2014-09-16 09:09 - 2013-09-08 18:37 - 00000000 ____D () C:\Users\SheWolf\Documents\Outlook Files
2014-09-16 09:07 - 2014-09-16 09:07 - 01097728 _____ (Farbar) C:\Users\SheWolf\Downloads\FRST.exe
2014-09-16 09:05 - 2013-08-18 13:39 - 00809984 ___SH () C:\Users\SheWolf\Desktop\Thumbs.db
2014-09-16 08:58 - 2012-09-04 15:32 - 00000000 ____D () C:\Users\SheWolf\AppData\Local\Adobe
2014-09-16 08:39 - 2009-07-14 06:34 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 08:39 - 2009-07-14 06:34 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-16 08:38 - 2013-11-03 20:33 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-931832994-1781046335-47412457-1000UA.job
2014-09-16 08:38 - 2012-08-01 23:52 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-16 08:37 - 2012-08-29 05:17 - 01811502 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 08:34 - 2014-08-28 22:29 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-16 08:34 - 2010-11-20 23:01 - 00834556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 08:33 - 2012-08-01 23:33 - 00000337 _____ () C:\Windows\lgfwup.ini
2014-09-16 08:33 - 2012-08-01 23:33 - 00000000 ____D () C:\Program Files\lg_fwupdate
2014-09-16 08:32 - 2014-08-28 22:29 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 08:32 - 2014-08-20 19:39 - 00016216 _____ () C:\Windows\setupact.log
2014-09-16 08:32 - 2014-08-19 11:31 - 00000296 _____ () C:\Windows\Tasks\Application Starter - 8882161c434ab0fd43dca37f474f4351.job
2014-09-16 08:32 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 20:40 - 2014-08-27 23:45 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 20:38 - 2013-11-03 20:33 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-931832994-1781046335-47412457-1000Core.job
2014-09-15 20:34 - 2014-09-15 20:34 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-09-15 15:55 - 2012-08-02 00:08 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\uTorrent
2014-09-15 15:36 - 2012-08-29 13:48 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\Skype
2014-09-14 23:05 - 2013-10-25 19:46 - 00000000 ____D () C:\Users\SheWolf\Documents\Clients
2014-09-14 16:57 - 2012-08-29 11:08 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\vlc
2014-09-14 12:00 - 2014-08-24 18:24 - 00000504 _____ () C:\Windows\Tasks\One-Click Tweak.job
2014-09-14 11:23 - 2014-09-14 11:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\SheWolf\Downloads\Olympus_VN-2100PC_Driver_Update_06-2014.exe
2014-09-13 00:07 - 2014-09-12 23:54 - 00000000 ____D () C:\Users\SheWolf\Downloads\Broad City
2014-09-12 23:55 - 2014-09-09 14:12 - 00000000 ____D () C:\Users\SheWolf\Desktop\Oscar 2
2014-09-12 23:49 - 2014-09-12 23:49 - 00182550 _____ () C:\Users\SheWolf\Desktop\squashfs4.3.tar.gz
2014-09-12 23:04 - 2012-10-23 00:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-09-12 07:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-12 07:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-12 00:20 - 2012-09-01 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 00:19 - 2013-08-15 03:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 00:06 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 00:06 - 2012-09-01 21:46 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 00:02 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-09-10 16:39 - 2014-09-10 16:39 - 00000000 ____D () C:\Users\SheWolf\Documents\Digital Wave Player
2014-09-10 15:23 - 2014-09-10 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Olympus Digital Wave Player
2014-09-10 15:23 - 2014-09-10 15:19 - 00000000 ___DC () C:\Program Files\Olympus
2014-09-10 15:22 - 2012-08-01 23:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-10 15:17 - 2014-09-10 15:08 - 01057488 _____ (Adobe) C:\Users\SheWolf\Downloads\install_reader11_en_mssa_aaa_aih.exe
2014-09-10 07:44 - 2014-09-02 00:02 - 00000000 ____D () C:\Users\SheWolf\Downloads\VA - SuperBomb_Pack 1
2014-09-10 02:43 - 2014-08-28 22:37 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-09 14:13 - 2013-11-19 02:53 - 00000000 ____D () C:\Users\SheWolf\Documents\Progam
2014-09-08 22:18 - 2014-09-08 20:55 - 00003236 _____ () C:\Users\SheWolf\Documents\Lee_Wolf_Oscar_1_preverdict_export.aup
2014-09-08 20:55 - 2014-09-08 20:55 - 00004258 _____ () C:\Users\SheWolf\Documents\Lee_Wolf_Oscar_1_preverdict_export.aup.bak
2014-09-06 13:57 - 2013-02-27 10:44 - 00000000 ___RD () C:\Users\SheWolf\Dropbox
2014-09-06 13:53 - 2014-09-06 13:53 - 00000958 _____ () C:\Users\SheWolf\Documents\Dropbox - Shortcut.lnk
2014-09-05 03:52 - 2014-09-11 22:16 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 03:47 - 2014-09-11 22:16 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 23:47 - 2014-08-21 22:21 - 00122602 _____ () C:\Windows\PFRO.log
2014-09-04 23:45 - 2014-08-25 22:45 - 00000000 ___DC () C:\AdwCleaner
2014-09-04 23:42 - 2014-09-04 23:41 - 01370467 _____ () C:\Users\SheWolf\Downloads\adwcleaner_3.309.exe
2014-09-03 23:27 - 2014-09-03 22:12 - 00000000 ____D () C:\Users\SheWolf\Downloads\True Detective Season 1 COMPLETE 720p HDTV x264 [MKV,AC3,5.1] Ehhhh
2014-09-03 08:13 - 2014-08-27 23:07 - 00000895 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-09-03 08:13 - 2014-04-01 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-03 07:59 - 2014-09-02 21:54 - 00000000 ____D () C:\Users\SheWolf\Downloads\VA - SuperBomb_Pack 2
2014-09-02 00:54 - 2014-09-02 00:54 - 00009474 _____ () C:\Users\SheWolf\Downloads\[kickass.to]the.fault.in.our.stars.2014.720p.brrip.x264.yify.torrent
2014-09-01 21:01 - 2014-09-01 21:01 - 00013974 _____ () C:\Users\SheWolf\Downloads\[kickass.to]va.super.bomb.pack.1.2014.torrent
2014-09-01 21:00 - 2014-09-01 21:00 - 00013630 _____ () C:\Users\SheWolf\Downloads\[kickass.to]va.superbomb.pack.2.2014.torrent
2014-09-01 15:12 - 2014-09-01 15:12 - 00033938 _____ () C:\Users\SheWolf\Desktop\download.htm
2014-08-31 23:18 - 2014-08-31 23:18 - 00013593 _____ () C:\Users\SheWolf\Downloads\[kickass.to]silicon.valley.season.1.complete.torrentgod.torrent
2014-08-31 23:15 - 2014-08-31 23:15 - 00021600 _____ () C:\Users\SheWolf\Downloads\[kickass.to]broad.city.season.1.720p.x264.aac.mkv.torrent
2014-08-31 23:14 - 2014-08-31 23:14 - 00016009 _____ () C:\Users\SheWolf\Downloads\[kickass.to]hbo.girls.s01.season.1.bdrip.xvid.demand.torrent
2014-08-31 23:14 - 2014-08-31 23:14 - 00014926 _____ () C:\Users\SheWolf\Downloads\[kickass.to]the.golden.girls.season.1.complete.dvdrip.torrent
2014-08-31 23:12 - 2014-08-31 23:12 - 00018306 _____ () C:\Users\SheWolf\Downloads\[kickass.to]louie.season.1.720p.mkv.compression.mkvgod.torrent
2014-08-31 23:10 - 2014-08-31 23:10 - 00013916 _____ () C:\Users\SheWolf\Downloads\[kickass.to]masters.of.sex.season.1.complete.720p.web.dl.sujaidr.pimprg.torrent
2014-08-31 23:08 - 2014-08-31 23:08 - 00095229 _____ () C:\Users\SheWolf\Downloads\[kickass.to]hannibal.season.1.hdtv.xvid.pawulon.torrent
2014-08-31 23:07 - 2014-08-31 23:07 - 00013164 _____ () C:\Users\SheWolf\Downloads\[kickass.to]true.detective.season.1.complete.720p.hdtv.x264.mkv.ac3.5.1.ehhhh.torrent
2014-08-31 23:03 - 2014-08-31 23:03 - 00036815 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dominion.s01e08.hdtv.x264.killers.ettv.torrent
2014-08-31 23:02 - 2014-08-31 23:02 - 00030403 _____ () C:\Users\SheWolf\Downloads\[kickass.to]gang.related.s01e13.hdtv.x264.killers.ettv.torrent
2014-08-31 23:02 - 2014-08-31 23:02 - 00026506 _____ () C:\Users\SheWolf\Downloads\[kickass.to]gang.related.s01e12.hdtv.x264.killers.ettv.torrent
2014-08-31 22:36 - 2014-08-31 22:36 - 00033950 _____ () C:\Users\SheWolf\Downloads\[kickass.to]house.of.lies.season.3.hdtv.x264.2hd.ettv (1).torrent
2014-08-31 22:32 - 2014-08-31 22:32 - 00034224 _____ () C:\Users\SheWolf\Downloads\[kickass.to]the.vampire.diaries.s04.soundtrack.torrent
2014-08-31 22:30 - 2014-08-31 22:30 - 00043522 _____ () C:\Users\SheWolf\Downloads\[kickass.to]true.blood.s07e10.hdtv.x264.killers.ettv.torrent
2014-08-31 22:29 - 2014-08-31 22:29 - 00018763 _____ () C:\Users\SheWolf\Downloads\[kickass.to]chef.2014.720p.web.dl.900mb.shaanig.torrent
2014-08-31 22:27 - 2014-08-31 22:27 - 00004669 _____ () C:\Users\SheWolf\Downloads\[kickass.to]shame.2011.limited.dvdrip.xvid.amiable (1).torrent
2014-08-31 22:25 - 2014-08-31 22:25 - 00000855 _____ () C:\Users\SheWolf\Desktop\µTorrent.lnk
2014-08-31 22:25 - 2014-08-31 22:25 - 00000835 _____ () C:\Users\SheWolf\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-31 22:18 - 2014-08-31 22:18 - 01942864 _____ (BitTorrent Inc.) C:\Users\SheWolf\Downloads\uTorrent.exe
2014-08-31 22:10 - 2014-08-31 22:10 - 00004669 _____ () C:\Users\SheWolf\Downloads\[kickass.to]shame.2011.limited.dvdrip.xvid.amiable.torrent
2014-08-31 00:23 - 2014-08-24 22:00 - 00034437 _____ () C:\Users\SheWolf\Downloads\Result.txt
2014-08-29 03:21 - 2013-02-27 10:40 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\Dropbox
2014-08-29 03:19 - 2014-08-28 13:44 - 00043892 _____ () C:\Windows\iis7.log
2014-08-29 00:11 - 2012-09-09 02:11 - 00000000 ___RD () C:\Users\SheWolf\Downloads\Download Shortcuts
2014-08-28 22:54 - 2014-08-28 22:54 - 00000000 ___DC () C:\Program Files\ESET
2014-08-28 22:54 - 2014-08-28 22:53 - 02347384 _____ (ESET) C:\Users\SheWolf\Downloads\esetsmartinstaller_enu.exe
2014-08-28 22:37 - 2014-08-28 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 22:37 - 2012-11-19 15:14 - 00000000 ____D () C:\Program Files\Google
2014-08-28 22:29 - 2014-08-28 22:28 - 00895120 _____ (Google Inc.) C:\Users\SheWolf\Downloads\ChromeSetup.exe
2014-08-28 22:20 - 2012-08-02 00:16 - 00000000 ____D () C:\Users\SheWolf\AppData\Local\Google
2014-08-28 13:44 - 2014-08-28 13:44 - 00000000 ____D () C:\Windows\system32\msmq
2014-08-28 13:44 - 2014-08-28 13:44 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-08-28 13:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-28 13:43 - 2014-08-28 13:43 - 00000000 ___DC () C:\inetpub
2014-08-28 13:39 - 2014-08-28 13:38 - 00000000 ___DC () C:\Temp
2014-08-28 13:39 - 2012-08-01 23:33 - 00016384 _____ (BitLeader) C:\Windows\system32\lgfwunis.exe
2014-08-28 07:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-08-27 23:45 - 2014-08-27 23:45 - 00001016 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 23:45 - 2014-08-27 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 23:44 - 2014-08-27 23:44 - 00000000 ___DC () C:\Program Files\Malwarebytes Anti-Malware
2014-08-27 23:44 - 2014-08-27 23:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 23:08 - 2013-09-25 20:45 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-27 23:07 - 2012-08-29 01:08 - 00000000 __HDC () C:\$AVG
2014-08-27 23:06 - 2014-08-27 23:06 - 00000000 ___DC () C:\Program Files\AVG
2014-08-27 22:56 - 2014-08-27 22:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SheWolf\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 22:54 - 2014-08-27 22:54 - 00098268 _____ () C:\ProgramData\1409172710.bdinstall.bin
2014-08-27 22:51 - 2014-08-27 22:51 - 00037629 _____ () C:\ProgramData\1409172708.bdinstall.bin
2014-08-27 22:51 - 2014-08-27 22:49 - 04755920 _____ (AVG Technologies) C:\Users\SheWolf\Downloads\avg_free_stb_all_2014_4336_ppc3.exe
2014-08-27 22:40 - 2013-06-12 18:27 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\TeraCopy
2014-08-27 22:40 - 2012-08-01 23:39 - 00000000 ___HD () C:\SuperChargerProfile
2014-08-27 22:40 - 2012-08-01 23:25 - 00000000 ____D () C:\Users\SheWolf
2014-08-27 22:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-08-27 22:05 - 2009-07-14 06:33 - 03793312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-25 23:32 - 2014-08-25 23:32 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 22:49 - 2012-08-01 23:27 - 00001102 _____ () C:\Users\SheWolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-25 22:38 - 2009-07-14 04:04 - 00000678 _____ () C:\Windows\win.ini
2014-08-24 22:00 - 2014-08-24 21:59 - 00401920 _____ (Farbar) C:\Users\SheWolf\Downloads\MiniToolBox (1).exe
2014-08-24 21:45 - 2014-08-20 19:38 - 367909435 _____ () C:\Windows\MEMORY.DMP
2014-08-24 21:45 - 2014-08-13 15:42 - 00000000 ____D () C:\Windows\Minidump
2014-08-24 19:48 - 2014-08-24 19:48 - 02091520 _____ (Conner Bernhard) C:\Users\SheWolf\Downloads\NetAdapterRepair1.2.exe
2014-08-24 09:28 - 2014-08-24 09:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-24 09:28 - 2012-08-29 13:48 - 00000000 ____D () C:\ProgramData\Skype
2014-08-24 01:13 - 2014-08-24 01:13 - 00014623 _____ () C:\Users\SheWolf\Downloads\[kickass.to]imagine.dragons.radioactive.feat.kendrick.lamar.2014.single.torrent
2014-08-24 00:50 - 2014-08-24 00:50 - 00019965 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.vanishing.point.original.mix.mp3.electronic.deep.house.torrent
2014-08-24 00:50 - 2014-08-24 00:50 - 00012437 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.flo.jam.original.mix.edm.deep.house.gepression.torrent
2014-08-24 00:50 - 2014-08-24 00:50 - 00012437 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.flo.jam.original.mix.edm.deep.house.gepression (1).torrent
2014-08-24 00:50 - 2014-08-24 00:50 - 00011614 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.nobody.else.original.mix.mp3.torrent
2014-08-24 00:49 - 2014-08-24 00:49 - 00001351 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.love.taking.over.single.steps.edm.rg.mousr.torrent
2014-08-24 00:48 - 2014-08-24 00:48 - 00009979 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.benny.ill.9t8.2014.edm.deep.house.tech.house.gepression.torrent
2014-08-24 00:47 - 2014-08-24 00:47 - 00019984 _____ () C:\Users\SheWolf\Downloads\[kickass.to]dusky.careless.original.mix.edm.deep.house.gepression.torrent
2014-08-24 00:36 - 2014-08-24 00:35 - 00032391 _____ () C:\Users\SheWolf\Downloads\[kickass.to]the.vampire.diaries.soundtrack.season.5.torrent
2014-08-23 16:54 - 2014-08-23 16:54 - 00033950 _____ () C:\Users\SheWolf\Downloads\[kickass.to]house.of.lies.season.3.hdtv.x264.2hd.ettv.torrent
2014-08-23 03:46 - 2014-08-27 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-08-27 21:39 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 22:52 - 2014-08-22 22:52 - 00002842 _____ () C:\Windows\system32\lic2.xml3550
2014-08-22 17:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-21 23:29 - 2014-08-21 23:29 - 00001137 _____ () C:\Users\SheWolf\Desktop\Pictures - Shortcut.lnk
2014-08-21 22:54 - 2014-08-21 22:54 - 00367357 _____ () C:\ProgramData\1408652626.bdinstall.bin
2014-08-21 22:26 - 2014-08-20 19:26 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\QuickScan
2014-08-20 20:44 - 2014-08-20 20:44 - 00045299 _____ () C:\ProgramData\1408560268.bdinstall.bin
2014-08-20 19:39 - 2014-08-20 19:39 - 00143936 _____ () C:\Windows\Minidump\082014-52759-01.dmp
2014-08-20 19:27 - 2014-08-20 19:27 - 00043914 _____ () C:\ProgramData\1408555599.bdinstall.bin
2014-08-20 19:00 - 2014-08-20 19:00 - 00757800 _____ (Webroot) C:\Users\SheWolf\Downloads\wsafnbidsn.exe
2014-08-19 19:39 - 2014-09-12 00:20 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 11:42 - 2014-06-17 17:53 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-19 11:32 - 2012-09-01 21:19 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 11:28 - 2014-08-19 11:28 - 00000000 ___DC () C:\Program Files\MSECache
2014-08-19 02:19 - 2014-08-19 00:02 - 368945248 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
2014-08-19 00:26 - 2014-09-12 00:20 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:20 - 2014-08-18 22:14 - 38808920 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\FileFormatConverters.exe
2014-08-19 00:08 - 2014-09-12 00:20 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 23:57 - 2014-09-12 00:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 23:57 - 2014-09-12 00:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 23:46 - 2014-09-12 00:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 23:45 - 2014-09-12 00:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 23:44 - 2014-09-12 00:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-12 00:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-12 00:20 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 23:39 - 2014-09-12 00:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 23:39 - 2014-09-12 00:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 23:37 - 2014-09-12 00:20 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 23:36 - 2014-09-12 00:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 23:36 - 2014-09-12 00:20 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:35 - 2014-09-12 00:20 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 23:30 - 2014-09-12 00:20 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:27 - 2014-09-12 00:20 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:22 - 2014-09-12 00:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-12 00:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:17 - 2014-09-12 00:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:17 - 2014-09-12 00:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:15 - 2014-09-12 00:20 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:09 - 2014-09-12 00:20 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:08 - 2014-09-12 00:20 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:08 - 2014-09-12 00:20 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:07 - 2014-09-12 00:20 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 22:46 - 2014-09-12 00:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 22:38 - 2014-09-12 00:20 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:36 - 2014-09-12 00:20 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:19 - 2014-08-18 22:17 - 02959376 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\dotnetfx35setup.exe
2014-08-18 21:42 - 2014-08-18 19:13 - 18891671 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\Unconfirmed 980549.crdownload
2014-08-18 19:13 - 2014-08-18 19:13 - 202112291 _____ (Microsoft Corporation) C:\Users\SheWolf\Downloads\Unconfirmed 187745.crdownload
2014-08-18 19:09 - 2014-08-18 19:09 - 00030217 _____ () C:\Users\SheWolf\Downloads\[kickass.to]true.blood.s07e09.hdtv.x264.asap.ettv.torrent
2014-08-18 17:32 - 2014-08-18 17:31 - 00018184 ____H () C:\Users\SheWolf\Desktop\~WRL2825.tmp
2014-08-17 19:11 - 2014-08-17 19:11 - 00000000 ____D () C:\ProgramData\REGSERVO
2014-08-17 18:03 - 2014-08-17 18:03 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-17 18:03 - 2014-08-07 23:21 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-17 18:03 - 2014-08-07 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-17 17:48 - 2014-08-17 17:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-17 17:24 - 2014-08-16 21:28 - 00000000 ___DC () C:\Program Files\DriverToolkit
2014-08-17 17:13 - 2014-08-17 17:12 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\SheWolf\Downloads\setup (1).exe
 
Some content of TEMP:
====================
C:\Users\SheWolf\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk74ubr.dll
C:\Users\SheWolf\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-06 00:54
 
==================== End Of Log ============================

 

2.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by SheWolf at 2014-09-16 09:10:26
Running from C:\Users\SheWolf\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33870 - BitTorrent Inc.)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{13088D41-3475-A25E-BE76-5B4D36939498}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
bl (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center InstallProxy (Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2011.0728.1755.30366 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2011.0728.1756.30366 - Advanced Micro Devices, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version:  - )
LG Burning Tool (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.5218a - CyberLink Corp.)
LG Burning Tool (Version: 6.2.5218a - CyberLink Corp.) Hidden
LG CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
LG CyberLink LabelPrint (Version: 2.5.3624 - CyberLink Corp.) Hidden
LG CyberLink Media Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2808 - CyberLink Corp.)
LG CyberLink Media Suite (Version: 8.0.2808 - CyberLink Corp.) Hidden
LG CyberLink PowerBackup (HKLM\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
LG CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718 - CyberLink Corp.)
LG CyberLink YouCam (Version: 2.0.3718 - CyberLink Corp.) Hidden
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Olympus Digital Wave Player (HKLM\...\{FB91E774-867B-4567-ACE7-8144EF036068}) (Version:  - )
ph (Version: 1.0.0 - Your Company Name) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_5 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.2.14014_5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Super-Charger (HKLM\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.006 - MSI)
TeraCopy 2.3 beta 2 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Users\SheWolf\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{1383A31C-26AC-4d88-91F1-EEAD77D81FA6}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\MP3Writer.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\SheWolf\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Users\SheWolf\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{382C9F93-9BA4-4FC6-88DC-AD52F5812FF8}\localserver32 -> "C:\Users\SheWolf\AppData\Roaming\Smilebox\OzDesktopImporter.exe" No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\MP4Splitter.ax No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\CoreAAC.ax No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{597CAA70-72AA-11CF-831E-524153480000}\localserver32 -> C:\PROGRA~1\MACROM~1\FLASHM~1\Flash.exe No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\MP4Splitter.ax No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Conduit\Community Alerts\Alert.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\CoreAAC.ax No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\SheWolf\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{919AB5F1-1C34-47a2-9C02-17128222C7CF}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\MP3Encoder.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Users\SheWolf\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\CoreAAC.ax No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{C42B23DF-334C-4AD0-9AB4-91FF53D04239}\localserver32 -> "C:\Users\SheWolf\AppData\Roaming\Smilebox\OzDesktopImporter.exe" No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Users\SheWolf\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\MP4Splitter.ax No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Smilebox\MP4Splitter.ax No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SheWolf\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-931832994-1781046335-47412457-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\SheWolf\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
 
==================== Restore Points  =========================
 
10-09-2014 13:21:15 Installed Olympus Digital Wave Player
11-09-2014 21:58:24 Windows Update
12-09-2014 21:02:44 Removed Apple Mobile Device Support
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0EDB873C-C4B3-4F8A-BC2F-50DA71EBBF4C} - System32\Tasks\{9C6C8167-B9B2-488E-86E3-01EA60657DE8} => Chrome.exe 
Task: {15475044-323B-4050-B4BE-18AF9638F1EE} - System32\Tasks\{238CEA3F-87F8-4D49-BEFC-0D105E1FC386} => Chrome.exe 
Task: {19B53A95-A71B-44C7-B32A-9D436A854B83} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-931832994-1781046335-47412457-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {23AE0D05-1E65-42FD-8D60-38E6B18A8C48} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-931832994-1781046335-47412457-1000UA => C:\Users\SheWolf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-03] (Facebook Inc.)
Task: {3715A88F-0425-438E-A6DC-6DE5461F6E7D} - System32\Tasks\{691919CD-26D6-4A61-989B-1A5615C0DCC6} => Chrome.exe 
Task: {3EDD617C-0628-4F35-B2CE-31F6F8342858} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {4632DAA1-85E3-427E-9677-9DFCA7200E26} - System32\Tasks\Google Updater and Installer => C:\Users\SheWolf\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4B2913D9-F07F-48A8-BE70-2C0A573F5EEF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-931832994-1781046335-47412457-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {55865800-F5BD-471C-B753-E464BE90A7D3} - System32\Tasks\{474E535C-DFB6-447A-8432-20C59FB84352} => C:\Program Files\iTunes\iTunes.exe [2014-07-08] (Apple Inc.)
Task: {5B7C7DB3-B134-451E-BAF8-432F6ADB86C8} - System32\Tasks\{937701E4-6359-4538-A15C-3D346FA0B8D2} => C:\Program Files\iTunes\iTunes.exe [2014-07-08] (Apple Inc.)
Task: {5C8F7D3F-0A0E-49F7-83CC-DDF311E7A28D} - System32\Tasks\Application Starter - 8882161c434ab0fd43dca37f474f4351 => C:\Program Files\Innovative Solutions\DriverMax\innostp.exe
Task: {5DBE86F7-01FC-4A66-9526-F4676A8BB1D4} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-931832994-1781046335-47412457-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {654D163F-2666-461F-83C4-6B151F355089} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6ECFAD46-0AC6-4F5D-B66D-9C0F7EB5ED32} - System32\Tasks\Divx online update program => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13] ()
Task: {7C9EBBF7-C56A-435E-A0B9-20DBE00E1B0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: {869911BE-ED49-4410-9227-F3B2FD0B50F2} - System32\Tasks\AdobeAAMUpdater-1.0-SheWolf-PC-SheWolf => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {8DABDAF9-66EB-4CD6-A742-EF30CC11F05A} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-931832994-1781046335-47412457-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {9732B6DB-3340-4969-A8A4-BC01B279946B} - System32\Tasks\{29FCBFBD-E536-4913-8DF0-11634C113152} => Chrome.exe 
Task: {97917E90-0507-4582-8E88-E294EE561196} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-931832994-1781046335-47412457-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9C29A7CA-DB83-43D6-877C-60D2B93AEA44} - System32\Tasks\{A920BE7D-AAAF-4C70-A0E4-2981B14406D8} => Chrome.exe 
Task: {A73E22A2-DA0F-44E3-B486-517EBC15378B} - System32\Tasks\{97DBFB83-0736-4FEA-A8A5-8AF2C11B035E} => Chrome.exe 
Task: {BF7BEB71-D04F-4849-BB06-5B6C28A14732} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-931832994-1781046335-47412457-1000Core => C:\Users\SheWolf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-03] (Facebook Inc.)
Task: {BFA7D91A-1445-4CCD-86B8-8C7CD123051A} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\Update\realsched.exe
Task: {DC9CA0F1-5E10-4B42-A556-ABC7C1DCD0EF} - System32\Tasks\{C7F1C346-F918-4949-B39F-10CFDA87AF0D} => Chrome.exe 
Task: {DDFB0ECD-392B-4D49-BBE8-A74D3AFDA67A} - System32\Tasks\One-Click Tweak => C:\Program Files\Advanced PC Tweaker\OneClick.exe
Task: {E5ACAAA7-AC8E-454F-A9BE-4AEA2D618923} - System32\Tasks\{93A5B029-9EF9-4B1D-B640-7F68BDA1C6A5} => Chrome.exe 
Task: {ED6F39BA-C6DA-4508-9FCB-D77EEC98D62D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: {F7FDF6E1-E9FC-425E-B9F4-02D8803C461C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-931832994-1781046335-47412457-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Application Starter - 8882161c434ab0fd43dca37f474f4351.job => C:\Program Files\Innovative Solutions\DriverMax\innostp.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-931832994-1781046335-47412457-1000Core.job => C:\Users\SheWolf\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-931832994-1781046335-47412457-1000UA.job => C:\Users\SheWolf\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\One-Click Tweak.job => C:\Program Files\Advanced PC Tweaker\AdvancedPCTweaker.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-07-28 17:42 - 2011-07-28 17:42 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-07-28 17:55 - 2011-07-28 17:55 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00237384 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-09-10 02:43 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-10 02:43 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-10 02:43 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-10 02:43 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-10 02:43 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-10 02:43 - 2014-09-04 05:01 - 14891848 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:9E00596C
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : Windows is removing this device. (Code 21)
Resolution: Wait several seconds, and then press the F5 key to update the Device Manager view.
If that does not resolve the problem, restart your computer. 
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/16/2014 08:33:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/16/2014 08:32:45 AM) (Source: MSMQ) (EventID: 2170) (User: )
Description: Message Queuing failed to bind to port 1801. The port may already be bound to another process. Make sure that the port is free and try to start Message Queuing again. If this problem arises during setup, you must free the port and run setup again.
 
Error: (09/15/2014 08:33:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:24:39 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/15/2014 07:24:39 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/15/2014 07:24:39 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/15/2014 07:24:39 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (09/15/2014 07:24:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:24:34 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/15/2014 07:24:34 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
 
System errors:
=============
Error: (09/16/2014 08:32:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
pICVhkof
 
Error: (09/16/2014 08:32:39 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 08:45:44 PM on ‎2014/‎09/‎15 was unexpected.
 
Error: (09/15/2014 08:32:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
pICVhkof
 
Error: (09/15/2014 08:31:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 08:24:48 PM on ‎2014/‎09/‎15 was unexpected.
 
Error: (09/15/2014 07:25:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (09/15/2014 07:25:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
 
Error: (09/15/2014 07:24:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (09/15/2014 07:24:39 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (09/15/2014 07:24:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
pICVhkof
 
Error: (09/15/2014 07:23:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 06:37:33 PM on ‎2014/‎09/‎15 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (09/16/2014 08:33:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/16/2014 08:32:45 AM) (Source: MSMQ) (EventID: 2170) (User: )
Description: 
 
Error: (09/15/2014 08:33:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:24:39 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/15/2014 07:24:39 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/15/2014 07:24:39 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/15/2014 07:24:39 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (09/15/2014 07:24:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:24:34 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
Error: (09/15/2014 07:24:34 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
 
==================== Memory info =========================== 
 
Processor: AMD A4-3400 APU with Radeon™ HD Graphics
Percentage of memory in use: 87%
Total physical RAM: 1526.7 MB
Available physical RAM: 198.16 MB
Total Pagefile: 3053.4 MB
Available Pagefile: 1126.88 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.14 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:168.08 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 63D4E540)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


BC AdBot (Login to Remove)

 


m

#2 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 16 September 2014 - 09:33 AM


HELP ASAP PLS: PC HOPLESSLY CRASHING & LAGGING: SEE BODY 4 MORE

#3 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:08:34 PM

Posted 16 September 2014 - 09:46 AM

Hi Lee,

 

Welcome to the Malware Removal section of the forum. I know that having a computer with problems can be very frustrating but I will do my best to help you fixing the issue.

Sometimes this can be a long process, it's very important that you stay with me and follow all my instructions to the letter until I declare your machine is clean.

I have compiled a list of guidelines you must take in consideration so that the helping process goes smooth for you and for me:

  • Please perform all steps in the order they are listed in each set of instructions
  • Don't install/uninstall any software or run any other cleaning tools besides the ones I ask you to use
    • Running other programs can interfere with the tools we use and have unpredicted results. Also I need to know what is going on with your machine at any time
  • If possible avoid using the computer for other tasks until we finish the cleaning process
    • The reason for this is because it can make the malware infection worst and more difficult to clean. Some malware can download updates from the internet when you use the computer
  • Please don't attach your logs instead Copy & Paste the information to your post unless specifically instructed to do so
  • Please read every post completely before doing anything if you have some doubts or questions please ask before continuing

IMPORTANT: At BleepingComputer we do our best to help you solving the problem but sometimes things don't go as planned. To be safe than sorry you should Backup your important data to a safe place, anywhere except on the computer with problems.

The all fixing process need to be executed from a user account with Administrator privileges also some of the tasks need to be executed in Safe Mode, you should save or print the instructions for use when you don't have access to the forum.



«»«»«»

 

 

I need some time to check the longs and I will be back with instructions for you shortly if the storm we have now allow me to continue working...

 

 


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#4 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 16 September 2014 - 09:51 AM

Thank u very much!
On phone so lets pray PC lets us do what we need to.

#5 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:08:34 PM

Posted 16 September 2014 - 12:11 PM

Hi Lee,

I checked your logs and prepared a fix for you, but first a warning...
 

!!! P2P Warning !!!

I notice there are signs of some P2P (Peer-to-Peer) File Sharing Programs on your computer.

The P2P technology can be used for legit downloads but many people use them to download stuff like music, movies, games and other software with cracks/keygens that is illegal and violate the intellectual property rights.
This kind of downloads it's proven to be a major source of problems because its very common they include Virus, Trojans and all kinds of malware that can damage your computer and should be avoided at all cost if you want to keep your system safe and you away from lawsuits. It is pretty much certain that if you continue to use P2P programs, you will get infected again.

Most users don't know that if your P2P program is not configured correctly or the program have some security flaw, your computer may also be sharing more files than you realize! BleepingComputer does not recommend using such programs and I strongly advise you to remove them. The choice is yours but if you decide to keep this program(s) please do not use them until we finish the cleaning process.


Please uninstall the following Peer-to-Peer program(s): uTorrent.


Step 1 - FRST Fix

!!! WARNING !!! The following fix is only relevant for this system and no other, running the script on another computer will not work and may cause problems...

 

  • Attached File  fixlist.TXT   7KB   4 downloads
  • Download the file above and save it to the Desktop as fixlist.txt
    (It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work!)
  • Execute FRST/FRST64 right click on the icon FRST.gif and choose Run as Administrator. Make sure all other windows are closed.
    FRST_Fix.png
  • Press the Fix button just once and Wait. After the fix the system needs to restart if the tool does not request it please Restart the computer.
  • The tool will make a log (Fixlog.txt) on the same location as FRST/FRST64 please post it in your next reply.

Step 2 - Scan with aswMBR

  • Download aswMBR from here or here and save the file to the Desktop.
  • Double click the aswMBR.exe file to run it.
    (On Windows Vista and above right click the icon and choose Run as Administrator, accept the security warning)
  • If you see the following prompt, click Yes:
    msgbox.png
    aswMBR_Start.png
  • If it asks you if you want to download the latest virus definitions, click Yes
  • Click the "Scan" button to start the scan
    aswMBR_QuickScan.png
  • On completion of the scan click Save log and save the file aswMBR.txt to your Desktop.
    WARNING: Don't click on the buttons FixMBR and Fix unless instructed to do so.
  • Open the log aswMBR.txt and post the full contents of the file in your next reply.

Step 3 - AdwCleaner Scan and Remove

Download AdwCleaner from here to the Desktop <--- Make sure you download a fresh copy because there is a new version of the program


  • Close all open windows and browsers
  • Right click on the AdwCleaner_Icon.gif icon and choose Run as Administrator to execute the program
    (When the Tool opens for the first time you have to accept the Terms of use - click J'accepte/I Agree)
    AdwCleaner_Clean.png
  • Click the Scan button and wait for the scan to finish, only then the Clean button becomes active
  • Click the Clean button and wait, once done it may ask to reboot, allow it.
  • On reboot a log will be presented please copy/paste that in your next reply. The report is saved to C:\AdwCleaner\AdwCleaner[S0].txt

 

Things I would like to see in your next reply:

  • The Fixlog.txt log
  • The aswMBR.txt log
  • AdwCleaner log AdwCleaner[S0].txt
  • Please tell me how is the computer now?

 


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#6 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 16 September 2014 - 03:17 PM

Hi 

 

thanks so much.

 

lol. Like when you sick and go to a doctor - suddenly everything is ok again?! 

 

After seeing your first email, I decided to remove UTorrent and since then (hold thumbs), pc working just fine again!!?

 

I'll still do all you have advised though as want to clean it up once and for all so I dont land up here again.

 

Thanks.

 

Will start now:)



#7 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 16 September 2014 - 03:39 PM

Ok - 1:

 

Ran Farber twice now and although saved this log with fixlist.txt - on fix it cant complete as doesnt recognise as together.

 

I'll move off desktop to hard drive as seems thats where Farber is landing itself.?



#8 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:08:34 PM

Posted 17 September 2014 - 08:53 AM

Hi,

 

Sorry I forget to alert you that FRST.exe should be moved from C:\Users\SheWolf\Downloads folder to the Desktop, then save the file fixlist.txt on the Desktop also.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#9 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 17 September 2014 - 03:14 PM

Thanks - I figured that out:)

 

Unfortunately, it will not fix it - many attempts later as does not recognise at both txt files are in the same destination.

 

I tried to put both on desktop as well as all in one folder on desktop, but nada.

 

xxx

 

PS. Since I took the initiative to remove UTorrent everything has been 'perfect' again.


Edited by XSheWolfX, 17 September 2014 - 03:15 PM.


#10 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:08:34 PM

Posted 17 September 2014 - 03:17 PM

Hi,

 

Can you describe precisely what happens when you run FRST and you click on the Fix button? Or if you find it difficult to explain can you post a screenshot?

 

 

Do you have a flash drive in case we need to run the fix in a different way?


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#11 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 17 September 2014 - 03:40 PM

Ok...

 

I started from scratch with link downloads and it finally took.

 

I just hope this is what you need:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by SheWolf (administrator) on SHEWOLF-PC on 17-09-2014 22:31:38
Running from C:\Users\SheWolf\Desktop
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(MSI) C:\Program Files\MSI\Super-Charger\ChargeService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(MSI) C:\Program Files\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Farbar) C:\Users\SheWolf\Desktop\FRST (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [LGODDFU] => C:\Program Files\lg_fwupdate\lgfw.exe [27760 2014-08-28] (Bitleader)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-28] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Super-Charger] => C:\Program Files\MSI\Super-Charger\Super-Charger.exe [502288 2012-01-03] (MSI)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6318696 2011-12-12] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 2.lnk
ShortcutTarget: Device Detector 2.lnk -> C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS Corporation.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://za.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x023396747185CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-za
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\SheWolf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-18]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.chrome/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> 67A1453A75DD2E15828FF371AC1E671B0A69DEAF7C5D34E65445823C2F1E546F
CHR DefaultSearchURL: Default -> CC7D0481327C2AE66A6B03DD98411E9A13E58FEA0C2B80C6073C66632FB1566F
CHR Plugin: (Shockwave Flash) - C:\Users\SheWolf\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Users\SheWolf\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR CustomProfile: C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-29]
CHR Extension: (Google Search) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-29]
CHR Extension: (Music Television Online) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\dimbohlgicfjfehdempmibdbboppdhal [2013-09-02]
CHR Extension: (Skype Click to Call) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-29]
CHR Extension: (Google Wallet) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5 video) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-10-02]
CHR Extension: (Gmail) - C:\Users\SheWolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-29]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-09-22] (Adobe Systems) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 MSI_SuperCharger; C:\Program Files\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-14] (Microsoft Corporation)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2010-11-20] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files\MSI\Super-Charger\NTIOLib.sys [7680 2009-12-30] (MSI) [File not signed]
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-17 22:31 - 2014-09-17 22:31 - 00014543 _____ () C:\Users\SheWolf\Desktop\FRST.txt
2014-09-17 22:31 - 2014-09-17 22:31 - 00007172 _____ () C:\Users\SheWolf\Desktop\fixlist.TXT
2014-09-16 22:55 - 2014-09-16 22:55 - 01684266 _____ () C:\Windows\PFRO.log
2014-09-16 22:55 - 2014-09-16 22:55 - 00000056 _____ () C:\Windows\setupact.log
2014-09-16 22:40 - 2014-09-16 22:40 - 01097728 _____ (Farbar) C:\Users\SheWolf\Downloads\FRST (3).exe
2014-09-16 22:29 - 2014-09-16 22:29 - 01097728 _____ (Farbar) C:\Users\SheWolf\Desktop\FRST (1).exe
2014-09-16 09:08 - 2014-09-17 22:31 - 00000000 ___DC () C:\FRST
2014-09-12 00:20 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 00:20 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 00:20 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 00:20 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 00:20 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 00:20 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 00:20 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 00:20 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 00:20 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 00:20 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 00:20 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 00:20 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 00:20 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 00:20 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 00:20 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 00:20 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 00:20 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 00:20 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 00:20 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 00:20 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 00:20 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 00:20 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 00:20 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 00:20 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 00:20 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 00:20 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 00:20 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 00:20 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 00:20 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 00:20 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 00:19 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 22:20 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 22:20 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 22:17 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 22:16 - 2014-09-05 03:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 22:16 - 2014-09-05 03:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 22:16 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 16:39 - 2014-09-10 16:39 - 00000000 ____D () C:\Users\SheWolf\Documents\Digital Wave Player
2014-09-10 15:22 - 2014-09-10 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Olympus Digital Wave Player
2014-09-10 15:22 - 2003-12-15 19:44 - 00073728 _____ (OLYMPUS CORPORATION) C:\Windows\system32\VNUSB.dll
2014-09-10 15:22 - 2003-06-13 17:49 - 00073728 _____ (OLYMPUS OPTICAL CO.,LTD.) C:\Windows\system32\DW90USB.DLL
2014-09-10 15:19 - 2014-09-17 01:49 - 00000000 ___DC () C:\Program Files\Olympus
2014-09-09 14:12 - 2014-09-16 16:58 - 00000000 ____D () C:\Users\SheWolf\Desktop\Oscar 2
2014-09-08 20:55 - 2014-09-08 22:18 - 00003236 _____ () C:\Users\SheWolf\Documents\Lee_Wolf_Oscar_1_preverdict_export.aup
2014-09-08 20:55 - 2014-09-08 20:55 - 00004258 _____ () C:\Users\SheWolf\Documents\Lee_Wolf_Oscar_1_preverdict_export.aup.bak
2014-09-06 13:53 - 2014-09-06 13:53 - 00000958 _____ () C:\Users\SheWolf\Documents\Dropbox - Shortcut.lnk
2014-09-03 22:12 - 2014-09-03 23:27 - 00000000 ____D () C:\Users\SheWolf\Downloads\True Detective Season 1 COMPLETE 720p HDTV x264 [MKV,AC3,5.1] Ehhhh
2014-09-02 21:54 - 2014-09-03 07:59 - 00000000 ____D () C:\Users\SheWolf\Downloads\VA - SuperBomb_Pack 2
2014-09-02 00:02 - 2014-09-10 07:44 - 00000000 ____D () C:\Users\SheWolf\Downloads\VA - SuperBomb_Pack 1
2014-09-01 15:12 - 2014-09-01 15:12 - 00033938 _____ () C:\Users\SheWolf\Desktop\download.htm
2014-08-28 22:54 - 2014-08-28 22:54 - 00000000 ___DC () C:\Program Files\ESET
2014-08-28 22:37 - 2014-09-10 02:43 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 22:37 - 2014-08-28 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 22:29 - 2014-09-17 21:34 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 22:29 - 2014-09-16 22:55 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 17:39 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2014-08-28 17:39 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2014-08-28 17:39 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2014-08-28 17:39 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2014-08-28 17:39 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2014-08-28 17:39 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2014-08-28 15:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-28 13:44 - 2014-08-28 13:44 - 00000000 ____D () C:\Windows\system32\msmq
2014-08-28 13:44 - 2014-08-28 13:44 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-08-28 13:43 - 2014-08-28 13:43 - 00000000 ___DC () C:\inetpub
2014-08-28 13:38 - 2014-08-28 13:39 - 00000000 ___DC () C:\Temp
2014-08-27 23:45 - 2014-08-28 13:51 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 23:45 - 2014-08-27 23:45 - 00001016 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 23:44 - 2014-08-27 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 23:44 - 2014-08-27 23:44 - 00000000 ___DC () C:\Program Files\Malwarebytes Anti-Malware
2014-08-27 23:44 - 2014-08-27 23:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 23:44 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-27 23:44 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-27 23:44 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-27 23:07 - 2014-09-03 08:13 - 00000895 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-27 23:06 - 2014-08-27 23:06 - 00000000 ___DC () C:\Program Files\AVG
2014-08-27 22:51 - 2014-08-27 22:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SheWolf\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 21:39 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:39 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-25 23:32 - 2014-08-25 23:32 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 22:45 - 2014-09-04 23:45 - 00000000 ___DC () C:\AdwCleaner
2014-08-24 22:00 - 2014-08-31 00:23 - 00034437 _____ () C:\Users\SheWolf\Downloads\Result.txt
2014-08-24 09:28 - 2014-08-24 09:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-22 22:52 - 2014-08-22 22:52 - 00002842 _____ () C:\Windows\system32\lic2.xml3550
2014-08-21 23:29 - 2014-08-21 23:29 - 00001137 _____ () C:\Users\SheWolf\Desktop\Pictures - Shortcut.lnk
2014-08-21 22:37 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-20 21:36 - 2014-08-05 09:20 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-20 19:26 - 2014-08-21 22:26 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\QuickScan
2014-08-19 11:28 - 2014-08-19 11:28 - 00000000 ___DC () C:\Program Files\MSECache
2014-08-19 06:16 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 06:16 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 06:16 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 06:16 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 06:16 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 06:16 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 06:16 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 06:15 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 06:15 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-17 22:32 - 2014-09-17 22:31 - 00014543 _____ () C:\Users\SheWolf\Desktop\FRST.txt
2014-09-17 22:31 - 2014-09-17 22:31 - 00007172 _____ () C:\Users\SheWolf\Desktop\fixlist.TXT
2014-09-17 22:31 - 2014-09-16 09:08 - 00000000 ___DC () C:\FRST
2014-09-17 22:31 - 2013-09-08 18:37 - 00000000 ____D () C:\Users\SheWolf\Documents\Outlook Files
2014-09-17 22:21 - 2013-08-18 13:39 - 00885760 ___SH () C:\Users\SheWolf\Desktop\Thumbs.db
2014-09-17 21:34 - 2014-08-28 22:29 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 20:38 - 2013-11-03 20:33 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-931832994-1781046335-47412457-1000UA.job
2014-09-17 20:38 - 2013-11-03 20:33 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-931832994-1781046335-47412457-1000Core.job
2014-09-17 18:51 - 2012-08-01 23:52 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-17 16:02 - 2012-08-29 05:17 - 01769379 _____ () C:\Windows\WindowsUpdate.log
2014-09-17 14:00 - 2012-09-01 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-17 02:00 - 2012-09-04 15:32 - 00000000 ____D () C:\Users\SheWolf\AppData\Local\Adobe
2014-09-17 01:51 - 2014-08-17 18:03 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-17 01:51 - 2014-08-07 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-17 01:51 - 2014-08-07 23:19 - 00000000 ___DC () C:\Program Files\iTunes
2014-09-17 01:51 - 2013-06-12 18:27 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\TeraCopy
2014-09-17 01:51 - 2012-08-29 11:08 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\vlc
2014-09-17 01:51 - 2012-08-01 23:39 - 00000000 ___HD () C:\SuperChargerProfile
2014-09-17 01:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-09-17 01:49 - 2014-09-10 15:19 - 00000000 ___DC () C:\Program Files\Olympus
2014-09-17 01:49 - 2012-08-29 13:48 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\Skype
2014-09-17 01:49 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-09-17 01:48 - 2014-08-07 23:19 - 00000000 ___DC () C:\Program Files\iPod
2014-09-17 01:48 - 2012-10-23 00:11 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-09-16 23:02 - 2009-07-14 06:34 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 23:02 - 2009-07-14 06:34 - 00029136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-16 23:00 - 2012-08-01 23:33 - 00000337 _____ () C:\Windows\lgfwup.ini
2014-09-16 23:00 - 2012-08-01 23:33 - 00000000 ____D () C:\Program Files\lg_fwupdate
2014-09-16 22:55 - 2014-09-16 22:55 - 01684266 _____ () C:\Windows\PFRO.log
2014-09-16 22:55 - 2014-09-16 22:55 - 00000056 _____ () C:\Windows\setupact.log
2014-09-16 22:55 - 2014-08-28 22:29 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 22:55 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-16 22:40 - 2014-09-16 22:40 - 01097728 _____ (Farbar) C:\Users\SheWolf\Downloads\FRST (3).exe
2014-09-16 22:29 - 2014-09-16 22:29 - 01097728 _____ (Farbar) C:\Users\SheWolf\Desktop\FRST (1).exe
2014-09-16 17:04 - 2012-09-09 02:11 - 00000000 ___RD () C:\Users\SheWolf\Downloads\Download Shortcuts
2014-09-16 16:58 - 2014-09-09 14:12 - 00000000 ____D () C:\Users\SheWolf\Desktop\Oscar 2
2014-09-16 16:58 - 2010-11-20 23:01 - 00834556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-16 16:40 - 2014-08-13 15:42 - 00000000 ____D () C:\Windows\Minidump
2014-09-16 15:53 - 2012-08-01 23:25 - 00000000 ____D () C:\Users\SheWolf
2014-09-12 07:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-12 07:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-12 00:19 - 2013-08-15 03:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 00:06 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-12 00:06 - 2012-09-01 21:46 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 00:02 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-09-10 16:39 - 2014-09-10 16:39 - 00000000 ____D () C:\Users\SheWolf\Documents\Digital Wave Player
2014-09-10 15:23 - 2014-09-10 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Olympus Digital Wave Player
2014-09-10 15:22 - 2012-08-01 23:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-10 07:44 - 2014-09-02 00:02 - 00000000 ____D () C:\Users\SheWolf\Downloads\VA - SuperBomb_Pack 1
2014-09-10 02:43 - 2014-08-28 22:37 - 00002089 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-09 17:08 - 2013-10-25 19:46 - 00000000 ____D () C:\Users\SheWolf\Documents\Clients
2014-09-09 14:13 - 2013-11-19 02:53 - 00000000 ____D () C:\Users\SheWolf\Documents\Progam
2014-09-08 22:18 - 2014-09-08 20:55 - 00003236 _____ () C:\Users\SheWolf\Documents\Lee_Wolf_Oscar_1_preverdict_export.aup
2014-09-08 20:55 - 2014-09-08 20:55 - 00004258 _____ () C:\Users\SheWolf\Documents\Lee_Wolf_Oscar_1_preverdict_export.aup.bak
2014-09-06 13:57 - 2013-02-27 10:44 - 00000000 ___RD () C:\Users\SheWolf\Dropbox
2014-09-06 13:53 - 2014-09-06 13:53 - 00000958 _____ () C:\Users\SheWolf\Documents\Dropbox - Shortcut.lnk
2014-09-05 03:52 - 2014-09-11 22:16 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 03:47 - 2014-09-11 22:16 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 23:45 - 2014-08-25 22:45 - 00000000 ___DC () C:\AdwCleaner
2014-09-03 23:27 - 2014-09-03 22:12 - 00000000 ____D () C:\Users\SheWolf\Downloads\True Detective Season 1 COMPLETE 720p HDTV x264 [MKV,AC3,5.1] Ehhhh
2014-09-03 08:13 - 2014-08-27 23:07 - 00000895 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-09-03 08:13 - 2014-04-01 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-09-03 07:59 - 2014-09-02 21:54 - 00000000 ____D () C:\Users\SheWolf\Downloads\VA - SuperBomb_Pack 2
2014-09-01 15:12 - 2014-09-01 15:12 - 00033938 _____ () C:\Users\SheWolf\Desktop\download.htm
2014-08-31 00:23 - 2014-08-24 22:00 - 00034437 _____ () C:\Users\SheWolf\Downloads\Result.txt
2014-08-29 03:21 - 2013-02-27 10:40 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\Dropbox
2014-08-28 22:54 - 2014-08-28 22:54 - 00000000 ___DC () C:\Program Files\ESET
2014-08-28 22:37 - 2014-08-28 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 22:37 - 2012-11-19 15:14 - 00000000 ____D () C:\Program Files\Google
2014-08-28 22:20 - 2012-08-02 00:16 - 00000000 ____D () C:\Users\SheWolf\AppData\Local\Google
2014-08-28 13:51 - 2014-08-27 23:45 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 13:44 - 2014-08-28 13:44 - 00000000 ____D () C:\Windows\system32\msmq
2014-08-28 13:44 - 2014-08-28 13:44 - 00000000 ____D () C:\Windows\system32\BestPractices
2014-08-28 13:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-28 13:43 - 2014-08-28 13:43 - 00000000 ___DC () C:\inetpub
2014-08-28 13:39 - 2014-08-28 13:38 - 00000000 ___DC () C:\Temp
2014-08-28 13:39 - 2012-08-01 23:33 - 00016384 _____ (BitLeader) C:\Windows\system32\lgfwunis.exe
2014-08-27 23:45 - 2014-08-27 23:45 - 00001016 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 23:45 - 2014-08-27 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 23:44 - 2014-08-27 23:44 - 00000000 ___DC () C:\Program Files\Malwarebytes Anti-Malware
2014-08-27 23:44 - 2014-08-27 23:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 23:08 - 2013-09-25 20:45 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-27 23:07 - 2012-08-29 01:08 - 00000000 __HDC () C:\$AVG
2014-08-27 23:06 - 2014-08-27 23:06 - 00000000 ___DC () C:\Program Files\AVG
2014-08-27 22:56 - 2014-08-27 22:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\SheWolf\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 22:05 - 2009-07-14 06:33 - 03793312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-25 23:32 - 2014-08-25 23:32 - 00000000 ____D () C:\Windows\ERUNT
2014-08-25 22:49 - 2012-08-01 23:27 - 00001102 _____ () C:\Users\SheWolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-25 22:38 - 2009-07-14 04:04 - 00000678 _____ () C:\Windows\win.ini
2014-08-24 09:28 - 2014-08-24 09:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-24 09:28 - 2012-08-29 13:48 - 00000000 ____D () C:\ProgramData\Skype
2014-08-23 03:46 - 2014-08-27 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-08-27 21:39 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 22:52 - 2014-08-22 22:52 - 00002842 _____ () C:\Windows\system32\lic2.xml3550
2014-08-22 17:38 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-21 23:29 - 2014-08-21 23:29 - 00001137 _____ () C:\Users\SheWolf\Desktop\Pictures - Shortcut.lnk
2014-08-21 22:26 - 2014-08-20 19:26 - 00000000 ____D () C:\Users\SheWolf\AppData\Roaming\QuickScan
2014-08-19 19:39 - 2014-09-12 00:20 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 11:42 - 2014-06-17 17:53 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-19 11:32 - 2012-09-01 21:19 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 11:28 - 2014-08-19 11:28 - 00000000 ___DC () C:\Program Files\MSECache
2014-08-19 00:26 - 2014-09-12 00:20 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:08 - 2014-09-12 00:20 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 23:57 - 2014-09-12 00:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 23:57 - 2014-09-12 00:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 23:46 - 2014-09-12 00:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 23:45 - 2014-09-12 00:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 23:44 - 2014-09-12 00:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-12 00:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-12 00:20 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 23:39 - 2014-09-12 00:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 23:39 - 2014-09-12 00:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 23:37 - 2014-09-12 00:20 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 23:36 - 2014-09-12 00:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 23:36 - 2014-09-12 00:20 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:35 - 2014-09-12 00:20 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 23:30 - 2014-09-12 00:20 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:27 - 2014-09-12 00:20 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:22 - 2014-09-12 00:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-12 00:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:17 - 2014-09-12 00:20 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:17 - 2014-09-12 00:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:15 - 2014-09-12 00:20 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:09 - 2014-09-12 00:20 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:08 - 2014-09-12 00:20 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:08 - 2014-09-12 00:20 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:07 - 2014-09-12 00:20 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 22:46 - 2014-09-12 00:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 22:38 - 2014-09-12 00:20 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:36 - 2014-09-12 00:20 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-16 18:11
 
==================== End Of Log ============================


#12 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 17 September 2014 - 03:45 PM

I'm now carrying on with instructions :bubbles:



#13 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 17 September 2014 - 04:51 PM

After all...clicked on  FixMBR as instructed but ofcourse strictly following your suggestions, dident note to disable anti-virus and so nada happened there - as in AVG swiped it and here we are after another reboot.

 

If I need to re-run to fix please let me know.

 

For now, here is the log.

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-09-17 22:47:28
-----------------------------
22:47:28.260    OS Version: Windows 6.1.7601 Service Pack 1
22:47:28.260    Number of processors: 2 586 0x100
22:47:28.262    ComputerName: SHEWOLF-PC  UserName: SheWolf
22:47:51.895    Initialize success
22:47:52.259    VM: initialized successfully
22:47:52.352    VM: Amd CPU supported 
23:30:26.362    AVAST engine defs: 14091701
23:41:19.321    The log file has been saved successfully to "C:\Users\SheWolf\Desktop\aswMBR.txt"

Please let me know when /if I can continue with the rest for now



#14 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,932 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:08:34 PM

Posted 18 September 2014 - 10:15 AM

Hi Lee,
 
I need you to be very descriptive about any problem you are facing following my instructions because you are my eyes and hands in front of your computer.
Without all the information you can provide me it's very difficult to understand what is going on.
 
I finally understand what was the problem, AVG is detecting FRST as a thread and removing the program, please disable AVG before downloading and running FRST again. If you have difficulty properly disabling AVG, please refer to this link
 
With AVG disable repeat all the Steps from my post #5 and post the resulting logs.

 

And please read the instructions carefully because I specially recommend not to click the FixMBR button of aswMBR, also the log isn't complete!
 

WARNING: Don't click on the buttons FixMBR and Fix unless instructed to do so.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#15 XSheWolfX

XSheWolfX
  • Topic Starter

  • Members
  • 54 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Africa
  • Local time:10:34 PM

Posted 18 September 2014 - 12:58 PM

Hi,

 

Sure, thanks.

 

So you want me to do it again even though I sent you the final aswMBR scan log?

 

AVG only popped up when I clicked fix - apologies, I thought you said to fix if requested. It dident request as such, but the button was active.

 

Either way - the scan log done and no, was not fixed so please confirm:

 

To continue or redo?

 

xx


Edited by XSheWolfX, 18 September 2014 - 01:00 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users