I used combofix and now I can't open control panel, windows explorer etc.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
OK don't chastise me I know I shouldn't have done it, but I ran Combofix and now I can't open my computer or programs fold etc. it says no such interface supported. Everything else works fine like I was able to use Firefox to open this topic. I should also add that even though it won't let me double click and open folders on my desktop it will allow me to left click and open them. The funny part is the bug I was trying to get rid of with Combofix is still there lol.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:45:50 PM, on 7/29/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Users\Gerald\AppData\Local\Strongvault Online Backup\SMessaging.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\FrostWire\FrostWire.exe
C:\Program Files\GoforFiles\GoforFiles.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Gerald\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [SMessaging] "C:\Users\Gerald\AppData\Local\Strongvault Online Backup\SMessaging.exe"
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_140ABE3333ADE709A64324D9FD0AD745] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [KodakHomeCenter] "C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 7455 bytes

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2
Run by Gerald at 20:10:05 on 2013-07-29
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3326.1654 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Users\Gerald\AppData\Local\Strongvault Online Backup\SMessaging.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\FrostWire\FrostWire.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\GoforFiles\GFFUpdater.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [GoogleChromeAutoLaunch_140ABE3333ADE709A64324D9FD0AD745] "c:\program files\google\chrome\application\chrome.exe" --no-startup-window
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "c:\program files\amd avt\bin\kdbsync.exe" aml
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TrueImageMonitor.exe] "c:\program files\acronis\trueimagehome\TrueImageMonitor.exe"
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [SMessaging] "c:\users\gerald\appdata\local\strongvault online backup\SMessaging.exe"
mRun: [ThreatFire] c:\program files\threatfire\TFTray.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [EKStatusMonitor] c:\program files\kodak\aio\statusmonitor\EKStatusMonitor.exe
dRunOnce: [KodakHomeCenter] "c:\program files\kodak\aio\center\AiOHomeCenter.exe"
StartupFolder: c:\users\gerald\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
TCP: NameServer = 192.168.10.1
TCP: Interfaces\{48904133-F1BB-4A20-9598-D82436CADCD4} : DHCPNameServer = 192.168.10.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\gerald\appdata\roaming\mozilla\firefox\profiles\9lth5zh6.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\drivers\fltsrv.sys [2013-3-2 80416]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2013-4-25 51984]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2013-4-25 59664]
R0 vididr;Acronis Virtual Disk;c:\windows\system32\drivers\vididr.sys [2013-3-2 126880]
R0 vidsflt67;Acronis Disk Storage Filter (67);c:\windows\system32\drivers\vsflt67.sys [2013-3-2 86496]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2013-3-2 3459024]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-11-16 291840]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files\kodak\aio\statusmonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688]
R2 syncagentsrv;Acronis Sync Agent Service;c:\program files\common files\acronis\syncagent\syncagentsrv.exe [2012-6-28 5915352]
R2 ThreatFire;ThreatFire;c:\program files\threatfire\tfservice.exe service --> c:\program files\threatfire\TFService.exe service [?]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2013-2-12 93072]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2013-3-2 234752]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2012-12-23 37944]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-2-23 86544]
R3 cpuz135;cpuz135;c:\program files\cpuid\pc wizard 2012\pcwiz_x32.sys [2013-3-8 24880]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-5-20 30576]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 rtl819xp;Realtek RTL8190/RTL8192E 802.11n Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\rtl819xp.sys [2010-2-1 557088]
R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2013-4-25 33552]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe [2012-1-5 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-7-12 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-7-12 49664]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-12-23 1343400]
.
=============== Created Last 30 ================
.
2013-07-29 04:24:34 -------- d-----w- c:\users\gerald\appdata\roaming\GoforFiles
2013-07-29 04:24:34 -------- d-----w- c:\program files\GoforFiles
2013-07-29 04:07:44 -------- d-----w- c:\program files\Gambana
2013-07-29 03:54:35 -------- d-----w- c:\users\gerald\appdata\roaming\GetRightToGo
2013-07-28 10:06:09 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0aed9d6a-895e-463f-9921-daa1cdf21871}\offreg.dll
2013-07-28 10:04:26 7143960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0aed9d6a-895e-463f-9921-daa1cdf21871}\mpengine.dll
2013-07-28 01:54:06 -------- d-----w- c:\programdata\PMS
2013-07-28 01:53:52 -------- d-----w- c:\program files\PS3 Media Server
2013-07-27 20:45:03 -------- d-sh--w- C:\$RECYCLE.BIN
2013-07-27 20:06:40 256000 ----a-w- c:\windows\PEV.exe
2013-07-27 20:06:40 208896 ----a-w- c:\windows\MBR.exe
2013-07-27 20:06:39 98816 ----a-w- c:\windows\sed.exe
2013-07-25 19:58:02 -------- d-----w- c:\program files\LogiaGames
2013-07-25 15:03:26 -------- d-----w- c:\users\gerald\appdata\local\DownloadTerms
2013-07-22 22:13:24 -------- d-----w- c:\users\gerald\appdata\local\PopCap Games
2013-07-22 21:47:05 -------- d-----w- c:\programdata\PopCap Games
2013-07-20 20:38:28 -------- d-----w- c:\program files\Belarc
2013-07-18 02:34:55 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-15 17:54:01 -------- d-----w- c:\program files\common files\ATI Technologies
2013-07-12 21:12:40 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-12 21:12:40 247808 ----a-w- c:\windows\system32\schannel.dll
2013-07-12 21:12:40 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-07-12 21:12:40 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-07-11 07:52:54 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-07-11 07:47:44 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-07-10 05:02:39 -------- d-----w- c:\windows\pt-BR
2013-07-10 05:02:22 -------- d-----w- c:\windows\system32\drivers\umdf\pt-BR
2013-07-10 05:02:22 -------- d-----w- c:\windows\system32\drivers\pt-BR
2013-07-10 05:02:17 -------- d-----w- c:\windows\system32\wbem\pt-BR
2013-07-10 05:02:06 -------- d-----w- c:\windows\ro-RO
2013-07-10 05:02:00 -------- d-----w- c:\windows\system32\wbem\ro-RO
2013-07-10 05:02:00 -------- d-----w- c:\windows\system32\drivers\ro-RO
2013-07-10 05:01:45 -------- d-----w- c:\windows\de-DE
2013-07-10 05:01:27 -------- d-----w- c:\windows\system32\0407
2013-07-10 05:01:25 -------- d-----w- c:\windows\system32\drivers\umdf\de-DE
2013-07-10 05:01:25 -------- d-----w- c:\windows\system32\drivers\de-DE
2013-07-10 05:01:22 -------- d-----w- c:\windows\system32\de
2013-07-10 05:01:19 -------- d-----w- c:\windows\system32\wbem\de-DE
2013-07-10 05:01:06 -------- d-----w- c:\windows\system32\drivers\bg-BG
2013-07-10 05:01:06 -------- d-----w- c:\windows\bg-BG
2013-07-10 05:00:56 -------- d-----w- c:\windows\system32\wbem\bg-BG
2013-07-10 05:00:38 -------- d-----w- c:\windows\tr-TR
2013-07-10 05:00:18 -------- d-----w- c:\windows\system32\XPSViewer
2013-07-10 05:00:17 -------- d-----w- c:\windows\system32\tr
2013-07-10 05:00:17 -------- d-----w- c:\windows\system32\drivers\umdf\tr-TR
2013-07-10 05:00:17 -------- d-----w- c:\windows\system32\drivers\tr-TR
2013-07-10 05:00:09 -------- d-----w- c:\windows\system32\wbem\tr-TR
2013-07-10 04:59:52 -------- d-----w- c:\windows\system32\drivers\th-TH
2013-07-10 04:59:51 -------- d-----w- c:\windows\system32\wbem\th-TH
2013-07-10 04:59:41 -------- d-----w- c:\windows\th-TH
2013-07-10 04:21:49 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\pt-br\LXKPTPRC.DLL.mui
2013-07-10 03:58:40 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\de-de\LXKPTPRC.DLL.mui
2013-07-10 03:42:20 3584 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\tr-tr\LXKPTPRC.DLL.mui
2013-07-10 03:29:23 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-10 03:00:09 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-07-10 02:18:40 -------- d-----w- c:\windows\system32\MRT
2013-07-10 02:15:09 509440 ----a-w- c:\windows\system32\qedit.dll
2013-07-10 02:14:58 680960 ----a-w- c:\program files\windows defender\MpSvc.dll
2013-07-10 02:14:58 392704 ----a-w- c:\program files\windows defender\MpClient.dll
2013-07-10 02:14:58 224768 ----a-w- c:\program files\windows defender\MpCommu.dll
2013-07-10 02:14:55 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-07-10 02:14:55 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-10 02:14:47 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2013-07-10 02:14:47 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2013-07-10 02:14:47 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2013-07-10 02:14:47 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2013-07-07 02:44:16 -------- d-----w- c:\users\gerald\appdata\local\Razer
2013-07-06 21:25:10 -------- d-----w- c:\program files\Steam
.
==================== Find3M ====================
.
2013-07-27 18:22:22 196 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-18 02:34:43 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-18 02:34:43 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-15 19:07:28 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-15 19:07:28 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-10 03:29:23 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-05-13 19:24:59 0 ----a-w- c:\windows\ativpsrm.bin
2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll
2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-02 09:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 20:11:57.03 ===============

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/22/2012 9:50:18 PM
System Uptime: 7/27/2013 3:44:48 PM (53 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA69GM-S2H
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4800+ | Socket M2 | 2500/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 381.301 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (FAT32) - 596 GiB total, 120.589 GiB free.
G: is CDROM ()
H: is Removable
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: SD/MMC card
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_KODAK&PROD______SD#MMC_CARD&REV_1.00#7&158B37C3&0&SLA4964&0#
Manufacturer: KODAK
Name: H:\
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_KODAK&PROD______SD#MMC_CARD&REV_1.00#7&158B37C3&0&SLA4964&0#
Service: WUDFRd
.
==== System Restore Points ===================
.
RP144: 7/27/2013 3:00:17 AM - Windows Update
RP145: 7/27/2013 3:35:09 PM - Windows Update
RP146: 7/28/2013 3:00:23 AM - Windows Update
RP147: 7/29/2013 3:00:22 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
Acronis True Image Home 2012
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Age of Empires III: Complete Collection
Age of Empires Online
aioprnt
aioscnnr
Alchemy Mahjong 1.0.0.0
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Belarc Advisor 8.3
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CDBurnerXP
center
Command & Conquer 3
Command & Conquer™ 3: Kane's Wrath
Company of Heroes
Company of Heroes (New Steam Version)
Company of Heroes: Opposing Fronts
Company of Heroes: Tales of Valor
DownloadTerms
essentials
FileASSASSIN
Flash Player Pro V5.4
FrostWire 4.21.8
GoforFiles
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
iTunes
Java 7 Update 25
Java Auto Updater
Java(TM) 6 Update 24
Kodak AIO Printer
KODAK AiO Software
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Corporation
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft LifeCam
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
ocr
ooVoo
PC Wizard 2012.2.11
PreReq
PrintProjects
PS3 Media Server
Recuva
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype™ 6.3
Steam
ThreatFire
TI Connect 1.6
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 1.1.5
Windows Doctor 2.0
Windows Live ID Sign-in Assistant
WinRAR 4.20 (32-bit)
Wisdom-soft ScreenHunter 6.0 Free
Yahoo! Messenger
zebNet® Firefox Backup 2012 3.4.12
.
==== Event Viewer Messages From Past Week ========
.
7/29/2013 9:52:47 AM, Error: Microsoft-Windows-WMPNSS-Service [14324] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(WindowsMediaPlayer) encountered error '0x80004002'. If possible, reinstall Windows Media Player.
7/28/2013 9:55:33 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
7/28/2013 3:00:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
7/27/2013 6:54:00 PM, Error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/27/2013 3:47:07 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147467262.
7/27/2013 3:46:53 PM, Error: Service Control Manager [7022] - The MSCamSvc service hung on starting.
7/27/2013 3:42:28 PM, Error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 3:42:16 PM, Error: Service Control Manager [7043] - The Acronis Scheduler2 Service service did not shut down properly after receiving a preshutdown control.
7/27/2013 11:21:30 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
7/27/2013 11:21:00 AM, Error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:21:00 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/27/2013 11:21:00 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/27/2013 11:20:54 AM, Error: Service Control Manager [7034] - The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:54 AM, Error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
7/27/2013 11:20:53 AM, Error: Service Control Manager [7034] - The MSCamSvc service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:53 AM, Error: Service Control Manager [7034] - The Kodak AiO Network Discovery Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:53 AM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:53 AM, Error: Service Control Manager [7034] - The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:53 AM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:53 AM, Error: Service Control Manager [7034] - The Acronis Scheduler2 Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:53 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/27/2013 11:20:53 AM, Error: Service Control Manager [7031] - The Acronis Nonstop Backup Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/27/2013 11:20:52 AM, Error: Service Control Manager [7034] - The StarWind AE Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:52 AM, Error: Service Control Manager [7034] - The Kodak AiO Status Monitor Service service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:52 AM, Error: Service Control Manager [7034] - The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s).
7/27/2013 11:20:52 AM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/27/2013 11:20:52 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/27/2013 11:20:52 AM, Error: Service Control Manager [7031] - The Acronis Sync Agent Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
7/27/2013 1:35:36 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/26/2013 6:28:29 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000116 (0x879c23a8, 0x91c1c86e, 0x00000000, 0x00000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072613-19983-01.
7/26/2013 1:46:41 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
7/26/2013 1:46:41 PM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/26/2013 1:46:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
7/23/2013 8:00:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AMD External Events Utility service to connect.
7/23/2013 8:00:50 AM, Error: Service Control Manager [7000] - The AMD External Events Utility service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/22/2013 12:48:57 PM, Error: Service Control Manager [7034] - The ThreatFire service terminated unexpectedly. It has done this 2 time(s).
.
==== End Of File ===========================
 

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
I'm going to attach the file because the page froze on me twice while trying to post it to this reply.
 

Attachments

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
OK I know I'm supposed to be patient, but this issue is making my computer increasingly harder to use. Also I started this issue on another computer help site and it's been up for over a week now with (like this site) no reply, so I'm starting to get worried. Did I place this thread in the right category? Am I missing some info? Is this issue even resolvable? Any info would be better than none, thanks ahead of time for any and all help.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Hi and welcome.

Sorry for the delay.

Why did you run Combofix?

Have you tried restoring the computer to July 27, 2013.
 

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
I ran Combofix to rid myself of what I believe might be some sort of redirect virus that other programs were unable to find. I can't restore because I can't access my control panel or any programs in it right now.:confused:
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
 

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-08-2013 01
Ran by Gerald (administrator) on 02-08-2013 13:46:15
Running from C:\Users\Gerald\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(http://www.goforfiles.com/) C:\Program Files\GoforFiles\GFFUpdater.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(PC Tools) C:\Program Files\ThreatFire\TFService.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
(Stronghold Online Backup) C:\Users\Gerald\AppData\Local\Strongvault Online Backup\SMessaging.exe
(PC Tools) C:\Program Files\ThreatFire\TFTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LifeCam] - C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [AMD AVT] - C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-18] (Apple Inc.)
HKLM\...\Run: [TrueImageMonitor.exe] - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [5955088 2012-06-28] (Acronis)
HKLM\...\Run: [AcronisTimounterMonitor] - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [1171336 2012-06-28] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [403144 2012-06-28] (Acronis)
HKLM\...\Run: [EKIJ5000StatusMonitor] - C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2804224 2012-10-08] (Eastman Kodak Company)
HKLM\...\Run: [SMessaging] - C:\Users\Gerald\AppData\Local\Strongvault Online Backup\SMessaging.exe [31664 2012-04-04] (Stronghold Online Backup)
HKLM\...\Run: [ThreatFire] - C:\Program Files\ThreatFire\TFTray.exe [378128 2010-01-14] (PC Tools)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [EKStatusMonitor] - C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-02-12] (TomTom)
HKCU\...\Run: [GoogleChromeAutoLaunch_140ABE3333ADE709A64324D9FD0AD745] - C:\Program Files\Google\Chrome\Application\chrome.exe [846288 2013-07-24] (Google Inc.)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1807272 2013-07-26] (Valve Corporation)
Startup: C:\Users\Gerald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = http://go.findrsearch.com/search/web?q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=1244&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=7200246312374554&q={searchTerms}
SearchScopes: HKCU - {04046B59-25DB-4605-A199-B03D8CBED79E} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289847&CUI=UN32373126201903416&UM=2&SSPV=SSPV_AB_IE_1
SearchScopes: HKCU - {12CC4C15-086C-4132-878C-3FE9946814C8} URL = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10266&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGX&apn_dtid=^YYYYYY^YY^US&apn_uid=6b28f0b7-6318-4bca-a2d4-51fd67ef9da3&apn_sauid=D02B86CF-3351-42CA-92BB-D2CE3554F933
SearchScopes: HKCU - {5BB0F17E-5190-4CF0-9C13-E25B0EB5BDD4} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407956&p={searchTerms}
SearchScopes: HKCU - {71588120-FC17-4463-B07D-2C71FE6E057B} URL = http://go.findrsearch.com/search/web?q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=1244&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=7200246312374554&q={searchTerms}
Toolbar: HKCU -No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKCU -No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - No File
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1

FireFox:
========
FF ProfilePath: C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\searchplugins\findr.xml
FF SearchPlugin: C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\searchplugins\visualbee.xml
FF Extension: No Name - C:\Users\Gerald\AppData\Roaming\Mozilla\Extensions\[email protected]
FF Extension: SpeedAnalysis.com - C:\Users\Gerald\AppData\Roaming\Mozilla\Extensions\[email protected]
FF Extension: No Name - C:\Users\Gerald\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
FF Extension: Yahoo! Toolbar - C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: firefox - C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\Extensions\[email protected]
FF Extension: gmailnoads - C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\Extensions\[email protected]
FF Extension: imgflashblocker - C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\Extensions\[email protected]
FF Extension: translator - C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\Extensions\[email protected]
FF Extension: No Name - C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: No Name - C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\9lth5zh6.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi
FF Extension: DownloadTerms - C:\Program Files\Mozilla Firefox\extensions\[email protected]
FF Extension: Unit Layers - C:\Program Files\Mozilla Firefox\extensions\[email protected]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/", "hxxp://www.searchlatin.com/", "hxxp://search.conduit.com/?ctid=CT3298572&SearchSource=48&CUI=UN10849660181324822&UM=2", "hxxp://search.conduit.com/?ctid=CT3289847&SearchSource=48&CUI=UN42053390853074294&UM=2&sspv=TB_CH2", ""
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Tampermonkey) - C:\Users\Gerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.3.3487_0
CHR Extension: (AdBlock) - C:\Users\Gerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\Gerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe\1.0.8_0
CHR Extension: (Speed Test Analysis) - C:\Users\Gerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb\1.0.0.4_0
CHR Extension: (WhiteSmoke New) - C:\Users\Gerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.16.70.501_0
CHR Extension: (CnC TA Script Collection) - C:\Users\Gerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhpmdclklpgfcpoiomjofgfagenmgeo\1.2.8.45_0
CHR HKLM\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Gerald\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.24.0.crx
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx
CHR HKLM\...\Chrome\Extension: [kckgnnipheglejoddfhekdjpbdbinhmb] - C:\Users\Gerald\AppData\Roaming\SpeedTestAnalysis\speedtestanalysis.crx
CHR HKLM\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Gerald\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [821048 2012-06-28] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3459024 2013-03-02] (Acronis)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-11-16] (Advanced Micro Devices, Inc.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [5915352 2012-06-28] (Acronis)
R2 ThreatFire; C:\Program Files\ThreatFire\TFService.exe [70928 2010-01-14] (PC Tools)

==================== Drivers (Whitelisted) ====================

S3 cpuz135; C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys [24880 2012-08-11] (CPUID)
R3 rtl819xp; C:\Windows\System32\DRIVERS\rtl819xp.sys [557088 2010-02-01] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-03-02] (Duplex Secure Ltd.)
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [775232 2013-03-02] (Acronis)
R0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [51984 2010-01-14] (PC Tools)
R3 TfNetMon; C:\Windows\system32\drivers\TfNetMon.sys [33552 2010-01-14] (PC Tools)
R0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [59664 2010-01-14] (PC Tools)
S3 TIEHDUSB; C:\Windows\System32\drivers\tiehdusb.sys [49536 2004-02-04] (Texas Instruments Incorporated)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [126880 2013-03-02] (Acronis)
R0 vidsflt67; C:\Windows\System32\DRIVERS\vsflt67.sys [86496 2013-03-02] (Acronis)
U3 aev47a1c; C:\Windows\System32\Drivers\aev47a1c.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Gerald\AppData\Local\Temp\catchme.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 WinRing0_1_2_0; \??\C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-02 13:45 - 2013-08-02 13:45 - 00000000 ____D C:\FRST
2013-08-02 13:44 - 2013-08-02 13:44 - 01222124 _____ (Farbar) C:\Users\Gerald\Desktop\FRST.exe
2013-08-02 13:35 - 2013-08-02 13:35 - 00000056 _____ C:\Windows\setupact.log
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 _____ C:\Windows\setuperr.log
2013-08-02 13:34 - 2013-08-02 13:34 - 00000708 _____ C:\Windows\PFRO.log
2013-08-02 09:14 - 2013-08-02 13:34 - 00033720 _____ C:\Windows\WindowsUpdate.log
2013-08-01 21:53 - 2013-08-01 22:02 - 108913032 _____ C:\Users\Gerald\Downloads\InstallTheTreasuresOfMysteryIsland.exe
2013-08-01 18:29 - 2013-08-01 18:29 - 00016701 _____ C:\Users\Gerald\Desktop\dds.txt
2013-07-30 21:59 - 2013-07-30 21:59 - 00001071 _____ C:\Users\Public\Desktop\Yahoo! Messenger India.lnk
2013-07-30 21:57 - 2013-07-30 21:57 - 00441672 _____ (Yahoo! Inc.) C:\Users\Gerald\Downloads\msgr11in.exe
2013-07-29 20:12 - 2013-08-01 18:29 - 00016421 _____ C:\Users\Gerald\Desktop\attach.txt
2013-07-29 20:09 - 2013-07-29 20:09 - 01023969 _____ C:\Users\Gerald\Desktop\ark.txt
2013-07-29 19:47 - 2013-07-29 19:47 - 00377856 _____ C:\Users\Gerald\Desktop\0ogfrgx6.exe
2013-07-29 19:45 - 2013-07-29 19:46 - 00007456 _____ C:\Users\Gerald\Desktop\hijackthis.log
2013-07-29 19:42 - 2013-07-29 19:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gerald\Desktop\HijackThis.exe
2013-07-28 21:24 - 2013-07-28 21:26 - 00001827 _____ C:\Users\Public\Desktop\GoforFiles.lnk
2013-07-28 21:24 - 2013-07-28 21:26 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\GoforFiles
2013-07-28 21:24 - 2013-07-28 21:26 - 00000000 ____D C:\Program Files\GoforFiles
2013-07-28 21:20 - 2013-07-28 21:20 - 05276296 _____ (http://www.goforfiles.com/) C:\Users\Gerald\Downloads\free_full_version_alchemy_game_downloader_us_99028.exe
2013-07-28 21:07 - 2013-07-28 21:07 - 00002087 _____ C:\Users\Public\Desktop\Alchemy Mahjong.lnk
2013-07-28 21:07 - 2013-07-28 21:07 - 00000000 ____D C:\Program Files\Gambana
2013-07-28 20:55 - 2013-07-28 20:56 - 13702615 _____ (Gambana ) C:\Users\Gerald\Desktop\alchemy_mahjong.exe
2013-07-28 20:54 - 2013-07-28 20:57 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\GetRightToGo
2013-07-28 20:54 - 2013-07-28 20:54 - 00368256 _____ (RegNow.com) C:\Users\Gerald\Downloads\Download_alchemy_mahjong.exe
2013-07-28 20:52 - 2013-07-28 20:52 - 11957720 _____ C:\Users\Gerald\Downloads\setup-ziggygames.exe
2013-07-28 13:45 - 2013-07-28 13:45 - 35265091 _____ C:\Users\Gerald\Downloads\pms-setup-windows-1.82.0(1).exe
2013-07-27 18:54 - 2013-07-27 18:55 - 00000000 ____D C:\ProgramData\PMS
2013-07-27 18:53 - 2013-07-28 13:51 - 00000000 ____D C:\Program Files\PS3 Media Server
2013-07-27 18:52 - 2013-07-27 18:52 - 35265091 _____ C:\Users\Gerald\Downloads\pms-setup-windows-1.82.0.exe
2013-07-27 17:46 - 2013-07-27 17:46 - 00688992 ____R (Swearware) C:\Users\Gerald\Desktop\dds.com
2013-07-27 16:22 - 2013-07-27 16:22 - 01117096 _____ (AirInstaller Inc.) C:\Users\Gerald\Downloads\FPP_Setup.exe
2013-07-27 13:44 - 2013-07-27 13:44 - 00016306 _____ C:\ComboFix.txt
2013-07-27 13:06 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-27 13:06 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-27 13:06 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-27 13:06 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-27 13:06 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-27 13:06 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-27 13:06 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-27 13:06 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-27 13:01 - 2013-07-27 13:45 - 00000000 ____D C:\Qoobox
2013-07-27 13:00 - 2013-07-27 13:38 - 00000000 ____D C:\Windows\erdnt
2013-07-27 13:00 - 2013-07-27 13:00 - 05095176 ____R (Swearware) C:\Users\Gerald\Downloads\ComboFix.exe
2013-07-27 11:46 - 2013-07-27 11:46 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Gerald\Downloads\tdsskiller.exe
2013-07-27 11:32 - 2013-07-27 11:32 - 00584600 _____ C:\Users\Gerald\Downloads\cbsidlm-tr1_13-MagicDisc-SEO-10383679.exe
2013-07-27 11:20 - 2013-07-27 11:22 - 00036727 _____ C:\AdwCleaner[S2].txt
2013-07-27 11:19 - 2013-07-27 11:19 - 00036193 _____ C:\AdwCleaner[R2].txt
2013-07-27 11:17 - 2013-07-27 11:17 - 00666633 _____ C:\Users\Gerald\Downloads\AdwCleaner.exe
2013-07-26 17:22 - 2013-07-26 17:22 - 00002130 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-25 20:57 - 2013-07-25 20:57 - 00523824 _____ C:\Users\Gerald\Downloads\FlightSim_RocketFuelInstaller.exe
2013-07-25 18:16 - 2013-07-25 18:16 - 00002074 _____ C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2013-07-25 18:12 - 2013-07-25 18:12 - 00002005 _____ C:\Users\Public\Desktop\Get CleanPrint.lnk
2013-07-25 18:03 - 2013-07-25 18:03 - 10003416 _____ (Eastman Kodak Company) C:\Users\Gerald\Downloads\aio_install.exe
2013-07-25 13:08 - 2013-07-25 13:08 - 00836832 _____ C:\Users\Gerald\Downloads\DJ Mixer Rage Setup%CH_51f1860613fff537512856_.exe
2013-07-25 13:05 - 2013-07-25 13:05 - 00836832 _____ C:\Users\Gerald\Downloads\DJ Mixer Rage Setup%CH_51f18549ee35b622575211_.exe
2013-07-25 12:58 - 2013-07-25 12:58 - 00000000 ____D C:\Program Files\LogiaGames
2013-07-25 12:27 - 2013-07-25 12:27 - 00523800 _____ C:\Users\Gerald\Downloads\MixxxDJ_RocketFuelInstaller.exe
2013-07-25 08:22 - 2013-07-25 08:22 - 00801360 _____ C:\Users\Gerald\Downloads\Babylon10_setup.exe
2013-07-25 08:03 - 2013-07-25 08:04 - 00000000 ____D C:\Users\Gerald\AppData\Local\DownloadTerms
2013-07-25 07:59 - 2013-07-25 08:00 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\Audacity
2013-07-25 07:58 - 2013-07-25 07:58 - 00523768 _____ C:\Users\Gerald\Downloads\Audacity_RocketFuelInstaller.exe
2013-07-24 15:13 - 2013-07-24 15:13 - 00523792 _____ C:\Users\Gerald\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe
2013-07-24 15:12 - 2013-07-24 15:12 - 00523792 _____ C:\Users\Gerald\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2013-07-24 15:09 - 2013-07-24 15:09 - 00523776 _____ C:\Users\Gerald\Downloads\qBittorrent_RocketFuelInstaller (1).exe
2013-07-24 15:08 - 2013-07-24 15:08 - 00523776 _____ C:\Users\Gerald\Downloads\qBittorrent_RocketFuelInstaller.exe
2013-07-24 13:38 - 2013-07-24 13:38 - 00530528 _____ C:\Users\Gerald\Downloads\GoPlayer (3).exe
2013-07-23 14:41 - 2013-07-23 14:41 - 00000215 _____ C:\Users\Gerald\Desktop\Company of Heroes Tales of Valor.url
2013-07-23 14:41 - 2013-07-23 14:41 - 00000214 _____ C:\Users\Gerald\Desktop\Company of Heroes.url
2013-07-23 14:41 - 2013-07-23 14:41 - 00000214 _____ C:\Users\Gerald\Desktop\Company of Heroes Opposing Fronts.url
2013-07-23 13:11 - 2013-07-23 13:11 - 00530528 _____ C:\Users\Gerald\Downloads\GoPlayer (2).exe
2013-07-23 13:10 - 2013-07-23 13:10 - 00530528 _____ C:\Users\Gerald\Downloads\GoPlayer.exe
2013-07-23 13:10 - 2013-07-23 13:10 - 00530528 _____ C:\Users\Gerald\Downloads\GoPlayer (1).exe
2013-07-23 07:56 - 2013-07-23 07:56 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(5).exe
2013-07-22 15:13 - 2013-07-22 15:13 - 00000000 ____D C:\Users\Gerald\AppData\Local\PopCap Games
2013-07-22 15:10 - 2013-07-22 15:10 - 01517376 _____ C:\Users\Gerald\Downloads\wrar420.exe
2013-07-22 15:10 - 2013-07-22 15:10 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\WinRAR
2013-07-22 15:10 - 2013-07-22 15:10 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-22 15:10 - 2013-07-22 15:10 - 00000000 ____D C:\Program Files\WinRAR
2013-07-22 14:54 - 2013-07-22 15:01 - 130124561 _____ C:\Users\Gerald\Downloads\Bejeweled 3.rar
2013-07-22 14:47 - 2013-07-22 14:49 - 00000000 ____D C:\ProgramData\PopCap Games
2013-07-22 12:46 - 2013-07-22 12:47 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(4).exe
2013-07-22 12:39 - 2013-07-22 12:39 - 00487162 _____ C:\Users\Gerald\Downloads\mb_bios_ga-ma69gm-s2h_f7e.exe
2013-07-22 12:39 - 2009-11-30 22:21 - 00000021 _____ C:\Users\Gerald\Downloads\autoexec.bat
2013-07-22 12:39 - 2009-11-17 22:50 - 00524288 _____ C:\Users\Gerald\Downloads\MA69GS2H.F7e
2013-07-22 12:39 - 2008-08-28 00:16 - 00026351 _____ C:\Users\Gerald\Downloads\FLASHSPI.EXE
2013-07-20 13:59 - 2013-07-20 13:59 - 00034340 _____ C:\Users\Gerald\Desktop\DxDiag.txt
2013-07-20 13:56 - 2013-07-20 13:56 - 00090995 _____ C:\Users\Gerald\Desktop\Belarc Advisor Computer Profile.htm
2013-07-20 13:38 - 2013-07-20 13:38 - 00002030 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2013-07-20 13:38 - 2013-07-20 13:38 - 00000000 ____D C:\Program Files\Belarc
2013-07-20 13:35 - 2013-07-20 13:35 - 03332168 _____ C:\Users\Gerald\Downloads\advisorinstaller.exe
2013-07-17 19:35 - 2013-07-17 19:34 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-17 19:34 - 2013-07-17 19:34 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-17 19:32 - 2013-07-17 19:32 - 00903080 _____ (Oracle Corporation) C:\Users\Gerald\Downloads\jxpiinstall.exe
2013-07-16 12:33 - 2013-07-16 12:33 - 00000216 _____ C:\Users\Gerald\Desktop\Company of Heroes (New Steam Version).url
2013-07-15 10:54 - 2013-07-15 10:54 - 00000000 ____D C:\ProgramData\ATI
2013-07-15 10:54 - 2013-07-15 10:54 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-07-15 10:50 - 2013-07-15 10:50 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(3).exe
2013-07-15 10:39 - 2013-07-15 10:40 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(2).exe
2013-07-12 14:30 - 2013-07-12 14:30 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(1).exe
2013-07-12 14:23 - 2013-07-12 14:23 - 01352435 _____ C:\Users\Gerald\Downloads\setup_magicdisc.exe
2013-07-12 14:16 - 2012-08-23 07:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-07-12 14:16 - 2012-08-23 07:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-07-12 14:16 - 2012-08-23 07:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-07-12 14:16 - 2012-08-23 07:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-12 14:16 - 2012-08-23 07:10 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-12 14:16 - 2012-08-23 06:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-07-12 14:16 - 2012-08-23 06:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-07-12 14:16 - 2012-08-23 06:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-07-12 14:16 - 2012-08-23 06:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-07-12 14:16 - 2012-08-23 06:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-12 14:16 - 2012-08-23 04:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-07-12 14:16 - 2012-08-23 04:32 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-07-12 14:16 - 2012-08-23 04:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-12 14:16 - 2012-08-23 04:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-07-12 14:16 - 2012-08-23 03:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-07-12 14:16 - 2012-08-23 03:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-07-12 14:16 - 2012-08-23 01:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-12 14:15 - 2013-07-15 12:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 14:12 - 2012-08-24 10:05 - 00136560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-07-12 14:12 - 2012-08-24 10:02 - 00369856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-07-12 14:12 - 2012-08-24 09:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-07-12 14:12 - 2012-08-24 09:56 - 01039360 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-07-11 00:52 - 2013-04-17 00:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-11 00:47 - 2013-04-09 16:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-09 22:13 - 2013-07-25 18:27 - 00707408 _____ C:\Windows\system32\prfh0416.dat
2013-07-09 22:13 - 2013-07-25 18:27 - 00650756 _____ C:\Windows\system32\perfh01F.dat
2013-07-09 22:13 - 2013-07-25 18:27 - 00144244 _____ C:\Windows\system32\prfc0416.dat
2013-07-09 22:13 - 2013-07-25 18:27 - 00136664 _____ C:\Windows\system32\perfc01F.dat
2013-07-09 22:13 - 2013-07-09 21:33 - 00323154 _____ C:\Windows\system32\prfi0416.dat
2013-07-09 22:13 - 2013-07-09 21:33 - 00038536 _____ C:\Windows\system32\prfd0416.dat
2013-07-09 22:13 - 2013-07-09 20:48 - 00285034 _____ C:\Windows\system32\perfi01F.dat
2013-07-09 22:13 - 2013-07-09 20:48 - 00037160 _____ C:\Windows\system32\perfd01F.dat
2013-07-09 22:02 - 2013-07-11 03:23 - 00000000 ____D C:\Windows\system32\Drivers\pt-BR
2013-07-09 22:02 - 2013-07-09 22:02 - 00000000 ____D C:\Windows\system32\Drivers\ro-RO
2013-07-09 22:02 - 2013-07-09 22:02 - 00000000 ____D C:\Windows\ro-RO
2013-07-09 22:02 - 2013-07-09 22:02 - 00000000 ____D C:\Windows\pt-BR
2013-07-09 22:01 - 2013-07-12 14:18 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\system32\Drivers\bg-BG
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\system32\de
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\system32\0407
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\de-DE
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\bg-BG
2013-07-09 22:00 - 2013-07-11 03:23 - 00000000 ____D C:\Windows\system32\Drivers\tr-TR
2013-07-09 22:00 - 2013-07-09 22:02 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-09 22:00 - 2013-07-09 22:00 - 00000000 ____D C:\Windows\tr-TR
2013-07-09 22:00 - 2013-07-09 22:00 - 00000000 ____D C:\Windows\system32\tr
2013-07-09 21:59 - 2013-07-09 21:59 - 00000000 ____D C:\Windows\th-TH
2013-07-09 21:59 - 2013-07-09 21:59 - 00000000 ____D C:\Windows\system32\Drivers\th-TH
2013-07-09 20:30 - 2013-07-09 20:30 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-09 20:30 - 2013-07-09 20:30 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-09 20:30 - 2013-07-09 20:30 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-09 20:30 - 2013-07-09 20:30 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00745472 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-09 20:30 - 2013-07-09 20:30 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00242200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-09 20:30 - 2013-07-09 20:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-09 20:29 - 2013-07-09 20:29 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-09 20:00 - 2012-05-04 02:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-07-09 19:18 - 2013-07-09 19:21 - 00000000 ____D C:\Windows\system32\MRT
2013-07-09 19:15 - 2013-06-03 21:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-09 19:14 - 2013-06-04 20:05 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-09 19:14 - 2013-05-05 21:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-06 19:53 - 2013-07-06 19:53 - 00000000 ____D C:\Users\Gerald\Documents\Razer
2013-07-06 19:44 - 2013-07-06 19:44 - 00000000 ____D C:\Users\Gerald\AppData\Local\Razer
2013-07-06 19:43 - 2013-07-06 21:16 - 00000000 ____D C:\ProgramData\Razer
2013-07-06 19:43 - 2013-07-06 21:16 - 00000000 ____D C:\Program Files\Razer
2013-07-06 19:38 - 2013-07-06 19:39 - 00000000 ____D C:\Users\Gerald\Downloads\Download
2013-07-06 19:38 - 2013-07-06 19:38 - 00942928 _____ C:\Users\Gerald\Downloads\Razer_Game_Booster_downloader.exe
2013-07-06 14:25 - 2013-08-02 13:37 - 00000000 ____D C:\Program Files\Steam
2013-07-06 14:25 - 2013-07-06 14:25 - 00000835 _____ C:\Users\Public\Desktop\Steam.lnk
2013-07-06 14:23 - 2013-07-06 14:23 - 01669632 _____ C:\Users\Gerald\Downloads\SteamInstall.msi

==================== One Month Modified Files and Folders =======

2013-08-02 13:45 - 2013-08-02 13:45 - 00000000 ____D C:\FRST
2013-08-02 13:44 - 2013-08-02 13:44 - 01222124 _____ (Farbar) C:\Users\Gerald\Desktop\FRST.exe
2013-08-02 13:43 - 2009-07-13 21:34 - 00021616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-02 13:43 - 2009-07-13 21:34 - 00021616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-02 13:40 - 2013-08-02 09:14 - 00033720 _____ C:\Windows\WindowsUpdate.log
2013-08-02 13:37 - 2013-07-06 14:25 - 00000000 ____D C:\Program Files\Steam
2013-08-02 13:35 - 2013-08-02 13:35 - 00000056 _____ C:\Windows\setupact.log
2013-08-02 13:35 - 2013-08-02 13:35 - 00000000 _____ C:\Windows\setuperr.log
2013-08-02 13:35 - 2012-12-26 13:14 - 00000000 ____D C:\ProgramData\Kodak
2013-08-02 13:35 - 2012-12-23 12:09 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-02 13:35 - 2009-07-13 21:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-02 13:34 - 2013-08-02 13:34 - 00000708 _____ C:\Windows\PFRO.log
2013-08-02 13:20 - 2012-12-23 12:09 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-02 13:06 - 2012-12-23 11:56 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-02 10:32 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-02 09:13 - 2012-12-23 12:40 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\uTorrent
2013-08-01 22:02 - 2013-08-01 21:53 - 108913032 _____ C:\Users\Gerald\Downloads\InstallTheTreasuresOfMysteryIsland.exe
2013-08-01 21:47 - 2013-01-12 12:39 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-08-01 18:29 - 2013-08-01 18:29 - 00016701 _____ C:\Users\Gerald\Desktop\dds.txt
2013-08-01 18:29 - 2013-07-29 20:12 - 00016421 _____ C:\Users\Gerald\Desktop\attach.txt
2013-07-31 14:25 - 2013-05-05 15:06 - 00002089 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-30 21:59 - 2013-07-30 21:59 - 00001071 _____ C:\Users\Public\Desktop\Yahoo! Messenger India.lnk
2013-07-30 21:57 - 2013-07-30 21:57 - 00441672 _____ (Yahoo! Inc.) C:\Users\Gerald\Downloads\msgr11in.exe
2013-07-29 20:57 - 2012-12-27 14:05 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\FrostWire
2013-07-29 20:56 - 2013-05-03 19:14 - 00000000 ____D C:\Windows\Minidump
2013-07-29 20:09 - 2013-07-29 20:09 - 01023969 _____ C:\Users\Gerald\Desktop\ark.txt
2013-07-29 19:47 - 2013-07-29 19:47 - 00377856 _____ C:\Users\Gerald\Desktop\0ogfrgx6.exe
2013-07-29 19:46 - 2013-07-29 19:45 - 00007456 _____ C:\Users\Gerald\Desktop\hijackthis.log
2013-07-29 19:42 - 2013-07-29 19:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Gerald\Desktop\HijackThis.exe
2013-07-28 21:26 - 2013-07-28 21:24 - 00001827 _____ C:\Users\Public\Desktop\GoforFiles.lnk
2013-07-28 21:26 - 2013-07-28 21:24 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\GoforFiles
2013-07-28 21:26 - 2013-07-28 21:24 - 00000000 ____D C:\Program Files\GoforFiles
2013-07-28 21:20 - 2013-07-28 21:20 - 05276296 _____ (http://www.goforfiles.com/) C:\Users\Gerald\Downloads\free_full_version_alchemy_game_downloader_us_99028.exe
2013-07-28 21:07 - 2013-07-28 21:07 - 00002087 _____ C:\Users\Public\Desktop\Alchemy Mahjong.lnk
2013-07-28 21:07 - 2013-07-28 21:07 - 00000000 ____D C:\Program Files\Gambana
2013-07-28 20:57 - 2013-07-28 20:54 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\GetRightToGo
2013-07-28 20:56 - 2013-07-28 20:55 - 13702615 _____ (Gambana ) C:\Users\Gerald\Desktop\alchemy_mahjong.exe
2013-07-28 20:54 - 2013-07-28 20:54 - 00368256 _____ (RegNow.com) C:\Users\Gerald\Downloads\Download_alchemy_mahjong.exe
2013-07-28 20:52 - 2013-07-28 20:52 - 11957720 _____ C:\Users\Gerald\Downloads\setup-ziggygames.exe
2013-07-28 13:51 - 2013-07-27 18:53 - 00000000 ____D C:\Program Files\PS3 Media Server
2013-07-28 13:45 - 2013-07-28 13:45 - 35265091 _____ C:\Users\Gerald\Downloads\pms-setup-windows-1.82.0(1).exe
2013-07-27 18:55 - 2013-07-27 18:54 - 00000000 ____D C:\ProgramData\PMS
2013-07-27 18:52 - 2013-07-27 18:52 - 35265091 _____ C:\Users\Gerald\Downloads\pms-setup-windows-1.82.0.exe
2013-07-27 17:46 - 2013-07-27 17:46 - 00688992 ____R (Swearware) C:\Users\Gerald\Desktop\dds.com
2013-07-27 16:28 - 2013-01-25 20:42 - 00001025 _____ C:\Users\Gerald\Desktop\Flash Player Pro.lnk
2013-07-27 16:28 - 2013-01-25 20:42 - 00000000 ____D C:\Program Files\Flash Player Pro
2013-07-27 16:22 - 2013-07-27 16:22 - 01117096 _____ (AirInstaller Inc.) C:\Users\Gerald\Downloads\FPP_Setup.exe
2013-07-27 13:45 - 2013-07-27 13:01 - 00000000 ____D C:\Qoobox
2013-07-27 13:44 - 2013-07-27 13:44 - 00016306 _____ C:\ComboFix.txt
2013-07-27 13:44 - 2009-07-13 19:37 - 00000000 ___RD C:\Users\Public
2013-07-27 13:38 - 2013-07-27 13:00 - 00000000 ____D C:\Windows\erdnt
2013-07-27 13:36 - 2009-07-13 19:04 - 00000215 _____ C:\Windows\system.ini
2013-07-27 13:05 - 2013-05-05 10:55 - 00000000 ____D C:\ProgramData\Avira
2013-07-27 13:00 - 2013-07-27 13:00 - 05095176 ____R (Swearware) C:\Users\Gerald\Downloads\ComboFix.exe
2013-07-27 11:46 - 2013-07-27 11:46 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Gerald\Downloads\tdsskiller.exe
2013-07-27 11:32 - 2013-07-27 11:32 - 00584600 _____ C:\Users\Gerald\Downloads\cbsidlm-tr1_13-MagicDisc-SEO-10383679.exe
2013-07-27 11:22 - 2013-07-27 11:20 - 00036727 _____ C:\AdwCleaner[S2].txt
2013-07-27 11:22 - 2013-05-04 17:16 - 00000196 _____ C:\Windows\DeleteOnReboot.bat
2013-07-27 11:19 - 2013-07-27 11:19 - 00036193 _____ C:\AdwCleaner[R2].txt
2013-07-27 11:17 - 2013-07-27 11:17 - 00666633 _____ C:\Users\Gerald\Downloads\AdwCleaner.exe
2013-07-26 17:22 - 2013-07-26 17:22 - 00002130 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-07-26 17:21 - 2012-12-23 12:09 - 00000000 ____D C:\Program Files\Google
2013-07-26 17:05 - 2009-07-13 21:52 - 00000000 ____D C:\Windows\Offline Web Pages
2013-07-25 20:57 - 2013-07-25 20:57 - 00523824 _____ C:\Users\Gerald\Downloads\FlightSim_RocketFuelInstaller.exe
2013-07-25 18:27 - 2013-07-09 22:13 - 00707408 _____ C:\Windows\system32\prfh0416.dat
2013-07-25 18:27 - 2013-07-09 22:13 - 00650756 _____ C:\Windows\system32\perfh01F.dat
2013-07-25 18:27 - 2013-07-09 22:13 - 00144244 _____ C:\Windows\system32\prfc0416.dat
2013-07-25 18:27 - 2013-07-09 22:13 - 00136664 _____ C:\Windows\system32\perfc01F.dat
2013-07-25 18:27 - 2012-12-22 22:52 - 02798872 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-25 18:16 - 2013-07-25 18:16 - 00002074 _____ C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2013-07-25 18:16 - 2012-12-26 13:25 - 00000000 ____D C:\Users\Gerald\AppData\Local\Eastman_Kodak_Company
2013-07-25 18:12 - 2013-07-25 18:12 - 00002005 _____ C:\Users\Public\Desktop\Get CleanPrint.lnk
2013-07-25 18:11 - 2012-12-26 13:14 - 00000000 ____D C:\Windows\system32\kodak
2013-07-25 18:03 - 2013-07-25 18:03 - 10003416 _____ (Eastman Kodak Company) C:\Users\Gerald\Downloads\aio_install.exe
2013-07-25 13:08 - 2013-07-25 13:08 - 00836832 _____ C:\Users\Gerald\Downloads\DJ Mixer Rage Setup%CH_51f1860613fff537512856_.exe
2013-07-25 13:05 - 2013-07-25 13:05 - 00836832 _____ C:\Users\Gerald\Downloads\DJ Mixer Rage Setup%CH_51f18549ee35b622575211_.exe
2013-07-25 12:59 - 2013-02-23 00:32 - 00000000 ____D C:\Users\Gerald\AppData\Local\CRE
2013-07-25 12:58 - 2013-07-25 12:58 - 00000000 ____D C:\Program Files\LogiaGames
2013-07-25 12:27 - 2013-07-25 12:27 - 00523800 _____ C:\Users\Gerald\Downloads\MixxxDJ_RocketFuelInstaller.exe
2013-07-25 08:22 - 2013-07-25 08:22 - 00801360 _____ C:\Users\Gerald\Downloads\Babylon10_setup.exe
2013-07-25 08:04 - 2013-07-25 08:03 - 00000000 ____D C:\Users\Gerald\AppData\Local\DownloadTerms
2013-07-25 08:00 - 2013-07-25 07:59 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\Audacity
2013-07-25 07:58 - 2013-07-25 07:58 - 00523768 _____ C:\Users\Gerald\Downloads\Audacity_RocketFuelInstaller.exe
2013-07-24 15:13 - 2013-07-24 15:13 - 00523792 _____ C:\Users\Gerald\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe
2013-07-24 15:12 - 2013-07-24 15:12 - 00523792 _____ C:\Users\Gerald\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2013-07-24 15:09 - 2013-07-24 15:09 - 00523776 _____ C:\Users\Gerald\Downloads\qBittorrent_RocketFuelInstaller (1).exe
2013-07-24 15:08 - 2013-07-24 15:08 - 00523776 _____ C:\Users\Gerald\Downloads\qBittorrent_RocketFuelInstaller.exe
2013-07-24 13:38 - 2013-07-24 13:38 - 00530528 _____ C:\Users\Gerald\Downloads\GoPlayer (3).exe
2013-07-24 08:10 - 2013-01-19 16:42 - 00000000 ____D C:\Users\Gerald\Desktop\Games
2013-07-23 14:41 - 2013-07-23 14:41 - 00000215 _____ C:\Users\Gerald\Desktop\Company of Heroes Tales of Valor.url
2013-07-23 14:41 - 2013-07-23 14:41 - 00000214 _____ C:\Users\Gerald\Desktop\Company of Heroes.url
2013-07-23 14:41 - 2013-07-23 14:41 - 00000214 _____ C:\Users\Gerald\Desktop\Company of Heroes Opposing Fronts.url
2013-07-23 13:11 - 2013-07-23 13:11 - 00530528 _____ C:\Users\Gerald\Downloads\GoPlayer (2).exe
2013-07-23 13:10 - 2013-07-23 13:10 - 00530528 _____ C:\Users\Gerald\Downloads\GoPlayer.exe
2013-07-23 13:10 - 2013-07-23 13:10 - 00530528 _____ C:\Users\Gerald\Downloads\GoPlayer (1).exe
2013-07-23 07:56 - 2013-07-23 07:56 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(5).exe
2013-07-22 15:13 - 2013-07-22 15:13 - 00000000 ____D C:\Users\Gerald\AppData\Local\PopCap Games
2013-07-22 15:10 - 2013-07-22 15:10 - 01517376 _____ C:\Users\Gerald\Downloads\wrar420.exe
2013-07-22 15:10 - 2013-07-22 15:10 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\WinRAR
2013-07-22 15:10 - 2013-07-22 15:10 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-07-22 15:10 - 2013-07-22 15:10 - 00000000 ____D C:\Program Files\WinRAR
2013-07-22 15:01 - 2013-07-22 14:54 - 130124561 _____ C:\Users\Gerald\Downloads\Bejeweled 3.rar
2013-07-22 14:49 - 2013-07-22 14:47 - 00000000 ____D C:\ProgramData\PopCap Games
2013-07-22 12:47 - 2013-07-22 12:46 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(4).exe
2013-07-22 12:39 - 2013-07-22 12:39 - 00487162 _____ C:\Users\Gerald\Downloads\mb_bios_ga-ma69gm-s2h_f7e.exe
2013-07-21 19:48 - 2012-12-27 14:09 - 00000000 ____D C:\Users\Gerald\Desktop\Movies
2013-07-21 14:32 - 2012-12-24 13:16 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\vlc
2013-07-20 13:59 - 2013-07-20 13:59 - 00034340 _____ C:\Users\Gerald\Desktop\DxDiag.txt
2013-07-20 13:56 - 2013-07-20 13:56 - 00090995 _____ C:\Users\Gerald\Desktop\Belarc Advisor Computer Profile.htm
2013-07-20 13:38 - 2013-07-20 13:38 - 00002030 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2013-07-20 13:38 - 2013-07-20 13:38 - 00000000 ____D C:\Program Files\Belarc
2013-07-20 13:35 - 2013-07-20 13:35 - 03332168 _____ C:\Users\Gerald\Downloads\advisorinstaller.exe
2013-07-17 19:34 - 2013-07-17 19:35 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-17 19:34 - 2013-07-17 19:34 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-17 19:34 - 2013-06-23 09:56 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-17 19:34 - 2013-06-23 09:56 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-17 19:34 - 2013-01-10 11:11 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-17 19:34 - 2012-12-27 14:04 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-17 19:32 - 2013-07-17 19:32 - 00903080 _____ (Oracle Corporation) C:\Users\Gerald\Downloads\jxpiinstall.exe
2013-07-16 12:33 - 2013-07-16 12:33 - 00000216 _____ C:\Users\Gerald\Desktop\Company of Heroes (New Steam Version).url
2013-07-15 12:11 - 2013-01-24 10:17 - 00000000 ____D C:\Users\Gerald\AppData\Local\Adobe
2013-07-15 12:07 - 2012-12-23 11:56 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-15 12:07 - 2012-12-23 11:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-15 12:02 - 2013-07-12 14:15 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-15 10:54 - 2013-07-15 10:54 - 00000000 ____D C:\ProgramData\ATI
2013-07-15 10:54 - 2013-07-15 10:54 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-07-15 10:54 - 2012-12-23 11:53 - 00000000 ____D C:\Users\Gerald\AppData\Roaming\ATI
2013-07-15 10:54 - 2012-12-23 11:53 - 00000000 ____D C:\Users\Gerald\AppData\Local\ATI
2013-07-15 10:53 - 2013-05-13 11:52 - 00000000 ____D C:\Program Files\ATI Technologies
2013-07-15 10:52 - 2012-12-23 11:52 - 00000000 ____D C:\ProgramData\AMD
2013-07-15 10:50 - 2013-07-15 10:50 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(3).exe
2013-07-15 10:40 - 2013-07-15 10:39 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(2).exe
2013-07-12 16:23 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\rescache
2013-07-12 15:23 - 2012-12-22 22:30 - 00000000 ____D C:\Windows\Panther
2013-07-12 14:30 - 2013-07-12 14:30 - 107523552 _____ (Advanced Micro Devices, Inc.) C:\Users\Gerald\Downloads\13-1-legacy_vista_win7_win8_32_dd_ccc(1).exe
2013-07-12 14:23 - 2013-07-12 14:23 - 01352435 _____ C:\Users\Gerald\Downloads\setup_magicdisc.exe
2013-07-12 14:23 - 2013-06-03 17:48 - 00000000 ____D C:\Program Files\MagicDisc
2013-07-12 14:18 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-07-12 14:18 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-07-12 14:18 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\th-TH
2013-07-12 14:18 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\ro-RO
2013-07-12 14:18 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-07-12 14:18 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-12 14:18 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\bg-BG
2013-07-11 12:18 - 2012-12-27 14:05 - 00000000 ____D C:\Users\Gerald\FrostWire
2013-07-11 03:23 - 2013-07-09 22:02 - 00000000 ____D C:\Windows\system32\Drivers\pt-BR
2013-07-11 03:23 - 2013-07-09 22:00 - 00000000 ____D C:\Windows\system32\Drivers\tr-TR
2013-07-09 22:02 - 2013-07-09 22:02 - 00000000 ____D C:\Windows\system32\Drivers\ro-RO
2013-07-09 22:02 - 2013-07-09 22:02 - 00000000 ____D C:\Windows\ro-RO
2013-07-09 22:02 - 2013-07-09 22:02 - 00000000 ____D C:\Windows\pt-BR
2013-07-09 22:02 - 2013-07-09 22:00 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-09 22:02 - 2009-07-14 00:50 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-09 22:02 - 2009-07-13 21:56 - 00000000 ____D C:\Windows\system32\winrm
2013-07-09 22:02 - 2009-07-13 21:56 - 00000000 ____D C:\Windows\system32\WCN
2013-07-09 22:02 - 2009-07-13 21:56 - 00000000 ____D C:\Windows\system32\slmgr
2013-07-09 22:02 - 2009-07-13 21:56 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-07-09 22:02 - 2009-07-13 21:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-09 22:02 - 2009-07-13 21:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-09 22:02 - 2009-07-13 21:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-09 22:02 - 2009-07-13 21:52 - 00000000 ____D C:\Program Files\DVD Maker
2013-07-09 22:02 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\MUI
2013-07-09 22:02 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\com
2013-07-09 22:02 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\IME
2013-07-09 22:02 - 2009-07-13 19:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\system32\Drivers\bg-BG
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\system32\de
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\system32\0407
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\de-DE
2013-07-09 22:01 - 2013-07-09 22:01 - 00000000 ____D C:\Windows\bg-BG
2013-07-09 22:01 - 2009-07-13 21:56 - 00000000 ____D C:\Windows\DigitalLocker
2013-07-09 22:01 - 2009-07-13 21:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-07-09 22:00 - 2013-07-09 22:00 - 00000000 ____D C:\Windows\tr-TR
2013-07-09 22:00 - 2013-07-09 22:00 - 00000000 ____D C:\Windows\system32\tr
2013-07-09 21:59 - 2013-07-09 21:59 - 00000000 ____D C:\Windows\th-TH
2013-07-09 21:59 - 2013-07-09 21:59 - 00000000 ____D C:\Windows\system32\Drivers\th-TH
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-07-09 21:59 - 2009-07-13 19:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-07-09 21:33 - 2013-07-09 22:13 - 00323154 _____ C:\Windows\system32\prfi0416.dat
2013-07-09 21:33 - 2013-07-09 22:13 - 00038536 _____ C:\Windows\system32\prfd0416.dat
2013-07-09 20:48 - 2013-07-09 22:13 - 00285034 _____ C:\Windows\system32\perfi01F.dat
2013-07-09 20:48 - 2013-07-09 22:13 - 00037160 _____ C:\Windows\system32\perfd01F.dat
2013-07-09 20:30 - 2013-07-09 20:30 - 14329856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 13760512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-09 20:30 - 2013-07-09 20:30 - 02046976 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-09 20:30 - 2013-07-09 20:30 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-09 20:30 - 2013-07-09 20:30 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00745472 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-09 20:30 - 2013-07-09 20:30 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00242200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-09 20:30 - 2013-07-09 20:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-09 20:30 - 2013-07-09 20:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-09 20:30 - 2013-07-09 20:30 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-09 20:29 - 2013-07-09 20:29 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-09 20:29 - 2013-07-09 20:29 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-09 19:53 - 2009-07-13 21:33 - 00422040 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-09 19:21 - 2013-07-09 19:18 - 00000000 ____D C:\Windows\system32\MRT
2013-07-09 19:21 - 2013-02-20 19:59 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-09 19:18 - 2012-12-22 23:24 - 75733144 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-06 21:16 - 2013-07-06 19:43 - 00000000 ____D C:\ProgramData\Razer
2013-07-06 21:16 - 2013-07-06 19:43 - 00000000 ____D C:\Program Files\Razer
2013-07-06 19:53 - 2013-07-06 19:53 - 00000000 ____D C:\Users\Gerald\Documents\Razer
2013-07-06 19:44 - 2013-07-06 19:44 - 00000000 ____D C:\Users\Gerald\AppData\Local\Razer
2013-07-06 19:39 - 2013-07-06 19:38 - 00000000 ____D C:\Users\Gerald\Downloads\Download
2013-07-06 19:38 - 2013-07-06 19:38 - 00942928 _____ C:\Users\Gerald\Downloads\Razer_Game_Booster_downloader.exe
2013-07-06 14:25 - 2013-07-06 14:25 - 00000835 _____ C:\Users\Public\Desktop\Steam.lnk
2013-07-06 14:25 - 2012-12-22 22:50 - 00000000 ____D C:\Users\Gerald
2013-07-06 14:23 - 2013-07-06 14:23 - 01669632 _____ C:\Users\Gerald\Downloads\SteamInstall.msi

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-02 00:04

==================== End Of Log ============================
 

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-08-2013 01
Ran by Gerald at 2013-08-02 13:49:01
Running from C:\Users\Gerald\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

µTorrent (Version: 2.2.1)
Acronis True Image Home 2012 (Version: 15.0.7133)
Adobe AIR (Version: 3.6.0.6090)
Adobe Download Assistant (Version: 1.2.5)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Age of Empires III: Complete Collection (Version: 1.0.0000.1)
Age of Empires Online (Version: 1.0.0000.1)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 5.7.5.30)
aioscnnr (Version: 7.6.13.10)
Alchemy Mahjong 1.0.0.0
AMD Accelerated Video Transcoding (Version: 12.5.100.20704)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116)
AMD APP SDK Runtime (Version: 10.0.937.2)
AMD Catalyst Install Manager (Version: 8.0.877.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0704.122.388)
AMD Fuel (Version: 2012.1116.1515.27190)
AMD Media Foundation Decoders (Version: 1.0.70704.0230)
AMD Media Foundation Decoders (Version: 1.0.71116.1554)
AMD VISION Engine Control Center (Version: 2012.1116.1515.27190)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Belarc Advisor 8.3 (Version: 8.3.2.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0704.122.388)
Catalyst Control Center Graphics Previews Common (Version: 2012.1116.1515.27190)
Catalyst Control Center InstallProxy (Version: 2012.1116.1515.27190)
Catalyst Control Center Localization All (Version: 2012.0704.122.388)
Catalyst Control Center Localization All (Version: 2012.1116.1515.27190)
CCC Help Chinese Standard (Version: 2012.0704.0121.388)
CCC Help Chinese Standard (Version: 2012.1116.1514.27190)
CCC Help Chinese Traditional (Version: 2012.0704.0121.388)
CCC Help Chinese Traditional (Version: 2012.1116.1514.27190)
CCC Help Czech (Version: 2012.0704.0121.388)
CCC Help Czech (Version: 2012.1116.1514.27190)
CCC Help Danish (Version: 2012.0704.0121.388)
CCC Help Danish (Version: 2012.1116.1514.27190)
CCC Help Dutch (Version: 2012.0704.0121.388)
CCC Help Dutch (Version: 2012.1116.1514.27190)
CCC Help English (Version: 2012.0704.0121.388)
CCC Help English (Version: 2012.1116.1514.27190)
CCC Help Finnish (Version: 2012.0704.0121.388)
CCC Help Finnish (Version: 2012.1116.1514.27190)
CCC Help French (Version: 2012.0704.0121.388)
CCC Help French (Version: 2012.1116.1514.27190)
CCC Help German (Version: 2012.0704.0121.388)
CCC Help German (Version: 2012.1116.1514.27190)
CCC Help Greek (Version: 2012.0704.0121.388)
CCC Help Greek (Version: 2012.1116.1514.27190)
CCC Help Hungarian (Version: 2012.0704.0121.388)
CCC Help Hungarian (Version: 2012.1116.1514.27190)
CCC Help Italian (Version: 2012.0704.0121.388)
CCC Help Italian (Version: 2012.1116.1514.27190)
CCC Help Japanese (Version: 2012.0704.0121.388)
CCC Help Japanese (Version: 2012.1116.1514.27190)
CCC Help Korean (Version: 2012.0704.0121.388)
CCC Help Korean (Version: 2012.1116.1514.27190)
CCC Help Norwegian (Version: 2012.0704.0121.388)
CCC Help Norwegian (Version: 2012.1116.1514.27190)
CCC Help Polish (Version: 2012.0704.0121.388)
CCC Help Polish (Version: 2012.1116.1514.27190)
CCC Help Portuguese (Version: 2012.0704.0121.388)
CCC Help Portuguese (Version: 2012.1116.1514.27190)
CCC Help Russian (Version: 2012.0704.0121.388)
CCC Help Russian (Version: 2012.1116.1514.27190)
CCC Help Spanish (Version: 2012.0704.0121.388)
CCC Help Spanish (Version: 2012.1116.1514.27190)
CCC Help Swedish (Version: 2012.0704.0121.388)
CCC Help Swedish (Version: 2012.1116.1514.27190)
CCC Help Thai (Version: 2012.0704.0121.388)
CCC Help Thai (Version: 2012.1116.1514.27190)
CCC Help Turkish (Version: 2012.0704.0121.388)
CCC Help Turkish (Version: 2012.1116.1514.27190)
ccc-utility (Version: 2012.1116.1515.27190)
CCleaner (Version: 4.03)
CDBurnerXP (Version: 4.5.1.3868)
center (Version: 7.7.2.0)
Command & Conquer 3 (Version: 1.00.0000)
Command & Conquer™ 3: Kane's Wrath (Version: 1.00.0000)
Company of Heroes (New Steam Version)
Company of Heroes: Opposing Fronts
Company of Heroes: Tales of Valor
DownloadTerms (HKCU Version: 1.0)
essentials (Version: 7.7.2.0)
FileASSASSIN (Version: 1.06)
Flash Player Pro V5.4
FrostWire 4.21.8 (Version: 4.21.8.0)
GoforFiles (HKCU Version: 1.9.1)
Google Chrome (Version: 28.0.1500.95)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
iTunes (Version: 11.0.2.25)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 24 (Version: 6.0.240)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (Version: 7.7.6.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 22.0 (x86 en-US) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
ocr (Version: 6.2.3.50)
ooVoo (Version: 3.5.8022)
PC Wizard 2012.2.11
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.9282)
PS3 Media Server (Version: 1.82.0)
Recuva (Version: 1.47)
Skype™ 6.3 (Version: 6.3.105)
Steam (Version: 1.0.0.0)
ThreatFire
TI Connect 1.6 (Version: 1.6)
TomTom HOME (Version: 2.9.4)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 1.1.5 (Version: 1.1.5)
Windows Doctor 2.0
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
Wisdom-soft ScreenHunter 6.0 Free
Yahoo! Messenger
zebNet® Firefox Backup 2012 3.4.12 (Version: 3.4.12)


==================== Restore Points =========================

29-07-2013 10:00:22 Windows Update
30-07-2013 10:00:20 Windows Update
31-07-2013 10:00:21 Windows Update
01-08-2013 10:00:19 Windows Update
02-08-2013 10:00:34 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:04 - 2013-07-27 13:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00AACEB0-A978-4947-AC25-36CEDC549DDA} - System32\Tasks\SoftUpdateVerify => C:\Users\Gerald\AppData\Local\Temp\SoftUpdater.exe No File
Task: {0E668CAC-A286-4C25-A5AD-9DEF492A0969} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe No File
Task: {13EFEE9E-767D-4151-A664-E857FB3403D4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2038586861-1761157868-1978578930-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe No File
Task: {27A226DD-18EE-4E06-949B-32213A87C52A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15] (Adobe Systems Incorporated)
Task: {4417D9D3-1B6F-41AB-A716-553A430D18FB} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe No File
Task: {4BE9B7AF-3951-4976-9468-01BAC3C803AA} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe No File
Task: {52372AD4-1D70-4EB6-B390-E7CBA0040A4F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {712F0652-225C-4C8A-BF0A-6C606EBC5C11} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {80810A9D-9C05-44A2-9E92-2A9AF97CFB3D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2038586861-1761157868-1978578930-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe No File
Task: {8141737F-CFE7-40C8-9FDA-8EC4BD508CD3} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe No File
Task: {929D6D2C-58DF-4A19-A413-9AABE7CD56A2} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe [2013-07-28] (http://www.goforfiles.com/)
Task: {99B19CAB-DCC5-4304-9D25-9BE4BF849654} - System32\Tasks\Test TimeTrigger => C:\Users\Gerald\AppData\Local\Temp\Runner.exe No File
Task: {9DAA32FE-5FF3-4DD2-BDC5-DB860C466BDC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {B825B58B-7BA5-47D7-B20C-A4E4FF0C7026} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)
Task: {C23CD638-EED2-4BFF-9842-6F8E8B2E8C63} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-23] (Google Inc.)
Task: {E0BE39B3-C6A0-4540-970E-4F89F0E6F94A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-23] (Google Inc.)
Task: {E963B6CB-CD06-4C6A-86ED-FEB785C947D1} - System32\Tasks\Freemium1ClickMaint => C:\Program Files\Covus Freemium\Free System Utilities\1Click.exe No File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2013 01:35:15 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 102.10.168.192.in-addr.arpa. PTR Gerald-PC.local.

Error: (08/02/2013 01:35:15 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.10.102:5353 19 102.10.168.192.in-addr.arpa. PTR Gerald-PC-2.local.

Error: (08/02/2013 00:35:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028

Error: (08/02/2013 00:35:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028

Error: (08/02/2013 00:35:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/02/2013 00:35:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (08/02/2013 00:35:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (08/02/2013 00:35:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2013 09:46:07 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 102.10.168.192.in-addr.arpa. PTR Gerald-PC.local.

Error: (08/01/2013 09:46:07 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.10.102:5353 19 102.10.168.192.in-addr.arpa. PTR Gerald-PC-2.local.


System errors:
=============
Error: (08/02/2013 01:39:23 PM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (08/02/2013 01:38:58 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004002

Error: (08/02/2013 01:37:36 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004002

Error: (08/02/2013 01:37:33 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147467262.

Error: (08/02/2013 01:36:54 PM) (Source: Service Control Manager) (User: )
Description: The MSCamSvc service hung on starting.

Error: (08/02/2013 00:56:51 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2013 00:56:47 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2013 00:56:44 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2013 00:56:41 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (08/02/2013 00:56:38 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-08-02 13:20:17.046
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 12:53:07.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 12:45:02.843
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 12:14:48.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 11:50:00.016
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 11:36:43.944
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 11:00:04.651
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 10:41:29.779
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 09:47:06.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-02 09:38:48.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ThreatFire\TFWAH.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 3326.49 MB
Available physical RAM: 2070.97 MB
Total Pagefile: 6651.27 MB
Available Pagefile: 5043.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:378.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (MY BOOK) (Fixed) (Total:596.02 GB) (Free:120.59 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E1C18A44)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: 8602B827)
Partition 2: (Active) - (Size=596 GB) - (Type=OF Extended)

==================== End Of Log ============================
 

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
Farbar Service Scanner Version: 26-07-2013
Ran by Gerald (administrator) on 02-08-2013 at 14:10:43
Running from "C:\Users\Gerald\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
There is a bad block in the disk.

Please download Listparts to a flash drive.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\ListParts.exe (for x64 bit version type e:\ListParts64.exe) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Put check mark on List BCD.
  • Press Scan button.
  • It will make a log (Result.txt) in the flash drive. Please copy and paste it to your reply.
 

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
ListParts by Farbar Version: 10-05-2013
Ran by SYSTEM (administrator) on 02-08-2013 at 18:31:23
Windows 7 (X86)
Running From: G:\
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 9%
Total physical RAM: 4094.49 MB
Available physical RAM: 3709.38 MB
Total Pagefile: 4092.77 MB
Available Pagefile: 3700.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.54 MB

======================= Partitions =========================

2 Drive c: () (Fixed) (Total:931.51 GB) (Free:378.21 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
5 Drive f: (MY BOOK) (Fixed) (Total:596.02 GB) (Free:120.59 GB) FAT32
6 Drive g: (HP V125W) (Removable) (Total:30.08 GB) (Free:7.16 GB) FAT32
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 596 GB 7168 KB
Disk 2 Online 30 GB 0 B

Partitions of Disk 0:
===============

Disk ID: E1C18A44

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 31 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Disk ID: 8602B827

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 0 Extended 596 GB 8032 KB
Partition 1 Logical 596 GB 8064 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F MY BOOK FAT32 Partition 596 GB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Disk ID: 04030201

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 30 GB 5108 KB

======================================================================================================

Disk: 2
Partition 1
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G HP V125W FAT32 Removable 30 GB Healthy

======================================================================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: E1C18A44
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==============================
Partitions of Disk 1:
===============
Disk ID: 8602B827
Partition 2: (Active) - (Size=596 GB) - (Type=OF Extended)

==============================
Partitions of Disk 2:
===============
Disk ID: 04030201
Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)


Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {3bfd77a7-4acb-11e2-bc9b-d1672d1d7324}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {3bfd77a5-4acb-11e2-bc9b-d1672d1d7324}
device ramdisk=[C:]\Recovery\3bfd77a5-4acb-11e2-bc9b-d1672d1d7324\Winre.wim,{3bfd77a6-4acb-11e2-bc9b-d1672d1d7324}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\3bfd77a5-4acb-11e2-bc9b-d1672d1d7324\Winre.wim,{3bfd77a6-4acb-11e2-bc9b-d1672d1d7324}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {3bfd77a7-4acb-11e2-bc9b-d1672d1d7324}
nx OptIn

Windows Boot Loader
-------------------
identifier {current}
device ramdisk=[C:]\Recovery\3bfd77a9-4acb-11e2-bc9b-d1672d1d7324\Winre.wim,{3bfd77aa-4acb-11e2-bc9b-d1672d1d7324}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\3bfd77a9-4acb-11e2-bc9b-d1672d1d7324\Winre.wim,{3bfd77aa-4acb-11e2-bc9b-d1672d1d7324}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {3bfd77a7-4acb-11e2-bc9b-d1672d1d7324}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {3bfd77a6-4acb-11e2-bc9b-d1672d1d7324}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\3bfd77a5-4acb-11e2-bc9b-d1672d1d7324\boot.sdi

Device options
--------------
identifier {3bfd77aa-4acb-11e2-bc9b-d1672d1d7324}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\3bfd77a9-4acb-11e2-bc9b-d1672d1d7324\boot.sdi


****** End Of Log ******
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Lets check the disk.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Click on Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
  • Select Command Prompt
  • In the command window type the following command and press Enter:
    CHKDSK C: /R​
  • It should take a while.
Let me know the outcome.
 

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
OK here's what happened when I did that. When I go to command prompt and input CHKDSK/R, it tells me The type of file system is NTFS. Cannot lock current drive. Windows cannot run disk checking on this volume because it is write protected.
After it told me that for shits and grins I went to the C: prompt and inputted the same thing and it told me. The type of file system is NTFS. Cannot lock current drive.Check disk cannot be run because volume is in use by another process. CHKDSK may run if this volume is dismounted first. ALL OPENED HANDLES TO THIS VOLUME WOULD THEN BE INVALID. Would you like to force a dismount? (Y/N)
I didn't do anything at that point of course except come back here and give you the low down.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Dismount the drive. If that wont work, we will need to create a recovery CD, unless you have an install CD

Press Ctrl+Alt+Delete. Are you able to reach the task Manager. If you do, select the Applications tab and click on New Task. Type recdisc and click OK. That should start the creation of a recovery CD. You will need a blank CD to burn.:

Booting with the Install CD or the recovery CD will be such as entering the System Recovery Options, where you can run CHKDSK. Include the volume letter such as CHKDSK C: /R.

Let me know the outcome.
 

hellno187

Thread Starter
Joined
Jul 31, 2008
Messages
14
I dismounted ran CHKDSK/R and when it made it to 3 of 4 and got to about 20746 of 33400 of that file it froze. I kept it running for like an hour at 20746 of 33400 with no change. In fact I say about 20746 to 33400, but I know 20746 is the exact number because I watched it on and off for 45 minutes or so to see if there was any change. However I only dismounted and ran that scan once I haven't tried again.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top