slow computer

View previous topic View next topic Go down

slow computer

Post by Denny978 on 14th July 2012, 1:51 am

not sure if i have a virus or whats going on

OTL logfile created on: 7/13/2012 9:11:54 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\chuck\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 0.06 Gb Available Physical Memory | 2.85% Memory free
3.93 Gb Paging File | 0.99 Gb Available in Paging File | 25.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.02 Gb Total Space | 233.05 Gb Free Space | 81.48% Space Free | Partition Type: NTFS

Computer Name: DELL | User Name: chuck | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/13 21:07:49 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\chuck\Downloads\OTL.com
PRC - [2012/02/23 08:45:40 | 000,307,824 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/09/06 13:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 11:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 13:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/02/01 06:54:46 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2011/02/01 06:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/14 03:49:08 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:17:37 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/14 03:17:04 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/14 03:16:51 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/05/11 04:03:14 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/11 03:47:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/11 03:46:28 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 03:46:20 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 03:46:16 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 03:46:15 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 03:46:02 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/08/18 11:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2010/11/20 08:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2012/07/12 23:40:35 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/14 13:40:08 | 000,828,032 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Users\chuck\AppData\Local\Temp\0273051342224513mcinst.exe -- (0273051342224513mcinstcleanup) McAfee Application Installer Cleanup (0273051342224513)
SRV - [2012/06/11 17:59:44 | 000,335,888 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/11/12 12:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/02/01 06:54:46 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2011/02/01 06:54:42 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2010/12/01 22:01:35 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/01 21:44:59 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/09/18 06:54:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/12/02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009/12/02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/12/02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009/12/02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/07/30 23:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 22:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 08:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2008/10/28 18:15:56 | 001,041,920 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WlanGZG.sys -- (XG762_VS)
DRV:64bit: - [2008/10/28 18:15:54 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ZDCNDIS6a64.sys -- (ZDCNDIS6a64)
DRV:64bit: - [2006/11/01 14:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/03/19 02:40:30 | 000,021,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/10/28 18:15:54 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ZDCNDIS6a64.sys -- (ZDCNDIS6a64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes\{D08E3EC3-5DD5-4494-818D-92CC706D0E54}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{ED81AA0F-3DC6-406D-A2EE-68F5F64A1FD1}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{9EFB2E13-DE1A-08EA-7F86-B2205C95E779}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Guffins.com/Plugin: C:\Program Files (x86)\Guffins\bar\1.bin\NPu4Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/08/21 09:07:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/08/21 09:07:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\u4ffxtbr@Guffins.com: C:\Program Files (x86)\Guffins\bar\1.bin [2012/07/13 19:49:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/13 16:34:00 | 000,000,000 | ---D | M]

[2011/03/19 14:05:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\chuck\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U21 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\Guffins\bar\1.bin\NPu4Stub.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Playfin Games Toolbar) - {6905e4b1-afef-4444-85a9-ecb16c048784} - C:\Program Files (x86)\playfingamestoolbar\vmntemplateX.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Drop Down Deals\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Playfin Games Toolbar) - {6905e4b1-afef-4444-85a9-ecb16c048784} - C:\Program Files (x86)\playfingamestoolbar\vmntemplateX.dll ()
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
F3:64bit: - HKCU WinNT: Load - (C:\Users\chuck\LOCALS~1\Temp\msfugc.exe) - File not found
F3 - HKCU WinNT: Load - (C:\Users\chuck\LOCALS~1\Temp\msfugc.exe) - File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} [You must be registered and logged in to see this link.] (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27D6A7A4-B36B-4FD7-8F32-D5E2DC9AAF07}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E4F0D15-078E-4510-9A95-28EF12AD0819}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCDF9AA7-1EC6-4448-AC18-2D3E70591A08}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ZyXEL G-220v3 Wireless USB Adapter Utility.lnk - C:\Program Files (x86)\ZyXEL G-220v3 Wireless USB Adapter Utility\ZyXEL G-220v3.exe - (ZyXEL Communications Corp.)
MsConfig:64bit - StartUpFolder: C:^Users^chuck^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe - (Stardock Corporation)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Dell DataSafe Online - hkey= - key= - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
MsConfig:64bit - StartUpReg: Desktop Disc Tool - hkey= - key= - c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
MsConfig:64bit - StartUpReg: Guffins Browser Plugin Loader - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Hetukey - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: HotKeysCmds - hkey= - key= - C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: IAStorIcon - hkey= - key= - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: IgfxTray - hkey= - key= - C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: InstallIQUpdater - hkey= - key= - C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
MsConfig:64bit - StartUpReg: Jenkat Arcade - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Jenkat Games Arcade - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
MsConfig:64bit - StartUpReg: mcui_exe - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Microsoft Default Manager - hkey= - key= - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Monitor - hkey= - key= - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
MsConfig:64bit - StartUpReg: MRT - hkey= - key= - C:\Windows\SysNative\MRT.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Persistence - hkey= - key= - C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: swg - hkey= - key= - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - StartUpReg: VERIZONDM - hkey= - key= - C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
MsConfig:64bit - StartUpReg: Verizon_McciTrayApp - hkey= - key= - C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/13 20:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/13 20:24:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/13 16:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/13 16:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/13 15:23:59 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\Malwarebytes
[2012/07/13 15:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/13 15:10:02 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Local\Real
[2012/07/13 15:08:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/07/13 15:08:41 | 000,198,864 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012/07/13 15:08:28 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012/07/13 15:08:28 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012/07/13 15:08:26 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/07/13 15:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/07/13 15:08:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/07/13 15:06:54 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\Real
[2012/07/13 15:06:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/07/13 15:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/07/13 14:57:39 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/07/13 03:03:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MpEngineStore
[2012/07/12 23:40:58 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/12 23:36:58 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/12 23:35:49 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/12 23:34:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/12 23:34:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/06/28 11:55:06 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
[2012/06/28 11:53:34 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/06/28 11:51:50 | 000,000,000 | ---D | C] -- C:\ProgramData\529C50840001AFDC0000205BB4EB2367
[2012/06/27 18:14:13 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\Help
[2012/06/27 18:10:25 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\Ms_dir_
[2012/06/27 18:10:17 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\Xeferu
[2012/06/27 18:10:17 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\Vaypex
[2012/06/27 18:10:17 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\Oxtaap
[2012/06/27 18:09:38 | 000,000,000 | ---D | C] -- C:\Users\chuck\AppData\Roaming\TeamViewer
[2012/06/21 10:41:09 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/21 10:41:09 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/21 10:41:09 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/21 10:41:00 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/21 10:41:00 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/21 10:41:00 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/21 10:40:43 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/21 10:40:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/20 12:48:24 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/20 12:48:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/06/14 11:08:53 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/14 11:08:51 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 14th July 2012, 2:03 am


========== Files - Modified Within 30 Days ==========

[2012/07/13 20:47:34 | 000,062,114 | ---- | M] () -- C:\Users\chuck\Documents\cc_20120713_204728.reg
[2012/07/13 20:44:39 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 20:44:39 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/13 20:42:54 | 000,727,374 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/13 20:42:54 | 000,624,606 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/13 20:42:54 | 000,106,724 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/13 20:37:37 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/13 20:37:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/13 20:37:05 | 1583,075,328 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/13 20:24:19 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/13 19:33:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/13 19:29:43 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/13 16:40:36 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/13 15:09:22 | 000,001,270 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/07/13 15:08:41 | 000,198,864 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012/07/13 15:08:28 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012/07/13 15:08:28 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012/07/13 15:08:26 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/07/13 15:06:45 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/07/13 15:06:45 | 000,002,245 | ---- | M] () -- C:\Users\chuck\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/13 03:26:24 | 000,271,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/13 03:06:23 | 000,000,206 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2012/07/12 23:40:10 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/12 23:40:09 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012/07/13 20:47:31 | 000,062,114 | ---- | C] () -- C:\Users\chuck\Documents\cc_20120713_204728.reg
[2012/07/13 20:38:11 | 000,232,960 | ---- | C] () -- C:\Windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\U\00000008.@
[2012/07/13 20:24:19 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/13 20:06:26 | 000,095,744 | ---- | C] () -- C:\Windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\U\80000032.@
[2012/07/13 16:40:36 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/13 15:09:22 | 000,001,270 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/07/13 15:06:45 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/07/13 15:06:45 | 000,002,245 | ---- | C] () -- C:\Users\chuck\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/13 03:06:22 | 000,000,206 | ---- | C] () -- C:\Windows\SysNative\MRT.INI
[2012/06/28 10:29:41 | 000,080,896 | ---- | C] () -- C:\Windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\U\80000064.@
[2012/06/28 10:29:41 | 000,000,804 | ---- | C] () -- C:\Windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\L\00000004.@
[2012/06/28 10:29:36 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\U\80000000.@
[2012/06/28 10:29:30 | 000,001,632 | ---- | C] () -- C:\Windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\U\000000cb.@
[2012/06/28 10:29:28 | 000,002,048 | ---- | C] () -- C:\Windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\U\00000004.@
[2012/06/20 12:48:26 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/01/11 11:13:53 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\@
[2012/01/11 11:13:53 | 000,002,048 | -HS- | C] () -- C:\Users\chuck\AppData\Local\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\@
[2012/01/08 18:17:10 | 000,009,642 | -HS- | C] () -- C:\Users\chuck\AppData\Local\084c31m26umegt2s4ynu2m
[2012/01/08 18:17:10 | 000,009,642 | -HS- | C] () -- C:\ProgramData\084c31m26umegt2s4ynu2m
[2012/01/04 19:36:21 | 000,000,000 | ---- | C] () -- C:\Users\chuck\AppData\Local\{B0682A2D-C568-4778-900B-F1278A56C13C}
[2012/01/04 13:37:28 | 000,000,000 | ---- | C] () -- C:\Users\chuck\AppData\Local\{FD55D9A2-E40A-4A27-918B-A21E555C54E8}
[2011/12/17 22:29:40 | 000,010,346 | -HS- | C] () -- C:\Users\chuck\AppData\Local\xo8x5qmj6u110s2ue2f85
[2011/12/17 22:29:40 | 000,010,346 | -HS- | C] () -- C:\ProgramData\xo8x5qmj6u110s2ue2f85
[2011/09/14 13:27:58 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2011/07/27 21:51:48 | 000,072,080 | ---- | C] () -- C:\Users\chuck\g2mdlhlpx.exe
[2011/04/24 22:28:17 | 000,009,944 | -HS- | C] () -- C:\Users\chuck\AppData\Local\83528t05c8s0j6powv61
[2011/04/24 22:28:17 | 000,009,944 | -HS- | C] () -- C:\ProgramData\83528t05c8s0j6powv61
[2011/03/14 16:01:58 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/01 23:12:46 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/03/10 05:21:44 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/03/10 05:21:44 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/03/10 05:21:44 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/03/10 05:21:44 | 001,049,072 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2010/11/20 08:17:13 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/03/10 05:21:44 | 001,049,072 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/03/10 05:21:44 | 001,049,072 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/03/10 05:21:44 | 001,049,072 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/03/10 05:21:44 | 001,049,072 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.exe /md5 >

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >
[2012/07/13 20:58:12 | 000,000,006 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
[2012/07/13 15:10:17 | 000,000,000 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\First Run
[2012/07/13 20:57:57 | 000,002,066 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Local State
[2012/07/13 20:53:59 | 004,620,272 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
[2012/07/13 20:54:00 | 001,453,025 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2
[2012/07/13 20:58:12 | 000,228,744 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom_new
[2012/07/13 20:54:00 | 000,134,408 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist
[2012/07/13 20:57:41 | 000,000,000 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist_new
[2012/07/13 20:53:58 | 002,322,224 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Download
[2012/07/13 20:54:00 | 000,016,720 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist
[2012/07/13 20:57:41 | 000,000,000 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist_new
[2012/07/13 20:58:12 | 000,000,140 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Safe Browsing Download_new
[2012/07/13 20:55:03 | 000,000,055 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Service State
[2012/07/13 20:50:35 | 000,053,248 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Archived History
[2012/07/13 19:59:06 | 000,001,017 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
[2012/07/13 19:59:06 | 000,001,017 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
[2012/07/13 20:58:12 | 000,047,104 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cookies
[2012/07/13 20:57:57 | 000,009,065 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Current Session
[2012/07/13 20:57:57 | 000,008,666 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
[2012/07/13 20:22:56 | 000,007,168 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies
[2012/07/13 20:52:42 | 000,020,480 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Favicons
[2012/07/13 20:57:57 | 000,086,016 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\History
[2012/07/13 20:55:46 | 000,057,344 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-07
[2012/07/13 20:57:57 | 000,000,586 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
[2012/07/13 20:55:13 | 000,282,641 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Last Session
[2012/07/13 20:55:21 | 000,118,195 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[2012/07/13 15:13:15 | 000,012,288 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Login Data
[2012/07/13 20:50:35 | 000,003,072 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
[2012/07/13 20:58:12 | 000,043,222 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Preferences
[2012/07/13 20:23:27 | 000,013,312 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
[2012/07/13 20:45:38 | 000,012,288 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Shortcuts
[2012/07/13 20:50:35 | 000,020,480 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Top Sites
[2012/07/13 20:55:22 | 000,131,072 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Visited Links
[2012/07/13 20:55:33 | 000,075,776 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Web Data
[2012/07/13 20:58:12 | 000,045,056 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
[2012/07/13 20:58:12 | 000,270,336 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
[2012/07/13 20:55:21 | 001,056,768 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
[2012/07/13 20:55:21 | 004,202,496 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
[2012/07/13 20:50:37 | 000,147,746 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
[2012/07/13 20:50:40 | 000,028,693 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
[2012/07/13 20:50:41 | 000,016,927 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
[2012/07/13 20:50:47 | 000,067,497 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
[2012/07/13 20:50:56 | 000,032,634 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
[2012/07/13 20:50:59 | 000,025,979 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
[2012/07/13 20:51:09 | 000,016,506 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
[2012/07/13 20:51:09 | 000,033,673 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
[2012/07/13 20:51:09 | 000,055,229 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
[2012/07/13 20:51:20 | 000,018,440 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b
[2012/07/13 20:51:20 | 000,016,738 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
[2012/07/13 20:51:23 | 000,063,028 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
[2012/07/13 20:52:00 | 000,017,026 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
[2012/07/13 20:52:01 | 000,037,541 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
[2012/07/13 20:52:04 | 000,034,734 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
[2012/07/13 20:52:06 | 000,194,611 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
[2012/07/13 20:52:06 | 000,030,879 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
[2012/07/13 20:55:36 | 000,024,107 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
[2012/07/13 20:50:37 | 000,524,656 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Cache\index
[2012/07/13 20:22:56 | 000,007,168 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
[2012/07/13 15:18:07 | 000,003,524 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\128.png
[2012/07/13 15:18:07 | 000,000,745 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\manifest.json
[2012/07/13 15:18:07 | 000,000,401 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar\messages.json
[2012/07/13 15:18:07 | 000,000,427 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg\messages.json
[2012/07/13 15:18:07 | 000,000,250 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca\messages.json
[2012/07/13 15:18:07 | 000,000,255 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs\messages.json
[2012/07/13 15:18:07 | 000,000,242 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da\messages.json
[2012/07/13 15:18:07 | 000,000,226 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de\messages.json
[2012/07/13 15:18:07 | 000,000,475 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el\messages.json
[2012/07/13 15:18:07 | 000,000,227 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en\messages.json
[2012/07/13 15:18:07 | 000,000,240 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es\messages.json
[2012/07/13 15:18:07 | 000,000,222 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi\messages.json
[2012/07/13 15:18:07 | 000,000,236 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil\messages.json
[2012/07/13 15:18:07 | 000,000,249 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr\messages.json
[2012/07/13 15:18:07 | 000,000,419 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he\messages.json
[2012/07/13 15:18:07 | 000,000,408 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi\messages.json
[2012/07/13 15:18:07 | 000,000,220 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr\messages.json
[2012/07/13 15:18:07 | 000,000,253 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu\messages.json
[2012/07/13 15:18:07 | 000,000,231 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id\messages.json
[2012/07/13 15:18:07 | 000,000,224 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it\messages.json
[2012/07/13 15:18:07 | 000,000,349 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja\messages.json
[2012/07/13 15:18:07 | 000,000,323 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko\messages.json
[2012/07/13 15:18:07 | 000,000,266 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt\messages.json
[2012/07/13 15:18:07 | 000,000,245 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv\messages.json
[2012/07/13 15:18:07 | 000,000,225 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl\messages.json
[2012/07/13 15:18:03 | 000,000,216 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no\messages.json
[2012/07/13 15:18:07 | 000,000,274 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl\messages.json
[2012/07/13 15:18:07 | 000,000,237 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR\messages.json
[2012/07/13 15:18:07 | 000,000,236 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT\messages.json
[2012/07/13 15:18:07 | 000,000,248 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro\messages.json
[2012/07/13 15:18:07 | 000,000,394 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru\messages.json
[2012/07/13 15:18:07 | 000,000,241 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk\messages.json
[2012/07/13 15:18:07 | 000,000,245 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl\messages.json
[2012/07/13 15:18:07 | 000,000,437 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr\messages.json
[2012/07/13 15:18:07 | 000,000,238 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv\messages.json
[2012/07/13 15:18:07 | 000,000,365 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th\messages.json
[2012/07/13 15:18:07 | 000,000,255 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr\messages.json
[2012/07/13 15:18:07 | 000,000,442 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk\messages.json
[2012/07/13 15:18:07 | 000,000,310 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi\messages.json
[2012/07/13 15:18:07 | 000,000,257 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN\messages.json
[2012/07/13 15:18:07 | 000,000,269 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW\messages.json
[2012/07/13 15:10:42 | 000,006,856 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\128.png
[2012/07/13 15:10:42 | 000,000,749 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\16.png
[2012/07/13 15:10:42 | 000,001,946 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\32.png
[2012/07/13 15:10:42 | 000,002,184 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\48.png
[2012/07/13 15:10:42 | 000,000,826 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\manifest.json
[2012/07/13 15:10:42 | 000,000,423 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\ar\messages.json
[2012/07/13 15:10:42 | 000,000,515 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\bg\messages.json
[2012/07/13 15:10:42 | 000,000,330 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\ca\messages.json
[2012/07/13 15:10:42 | 000,000,355 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\cs\messages.json
[2012/07/13 15:10:42 | 000,000,328 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\da\messages.json
[2012/07/13 15:10:42 | 000,000,307 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\de\messages.json
[2012/07/13 15:10:43 | 000,000,569 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\el\messages.json
[2012/07/13 15:10:43 | 000,000,314 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\en\messages.json
[2012/07/13 15:10:43 | 000,000,314 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\en_GB\messages.json
[2012/07/13 15:10:43 | 000,000,314 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\en_US\messages.json
[2012/07/13 15:10:43 | 000,000,340 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\es\messages.json
[2012/07/13 15:10:43 | 000,000,341 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\es_419\messages.json
[2012/07/13 15:10:43 | 000,000,314 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\et\messages.json
[2012/07/13 15:10:43 | 000,000,305 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\fi\messages.json
[2012/07/13 15:10:43 | 000,000,337 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\fil\messages.json
[2012/07/13 15:10:43 | 000,000,329 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\fr\messages.json
[2012/07/13 15:10:43 | 000,000,471 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\he\messages.json
[2012/07/13 15:10:43 | 000,000,326 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\hi\messages.json
[2012/07/13 15:10:43 | 000,000,340 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\hr\messages.json
[2012/07/13 15:10:43 | 000,000,336 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\hu\messages.json
[2012/07/13 15:10:43 | 000,000,319 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\id\messages.json
[2012/07/13 15:10:43 | 000,000,324 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\it\messages.json
[2012/07/13 15:10:43 | 000,000,388 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\ja\messages.json
[2012/07/13 15:10:43 | 000,000,380 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\ko\messages.json
[2012/07/13 15:10:43 | 000,000,359 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\lt\messages.json
[2012/07/13 15:10:43 | 000,000,360 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\lv\messages.json
[2012/07/13 15:10:43 | 000,000,323 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\nl\messages.json
[2012/07/13 15:10:37 | 000,000,300 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\no\messages.json
[2012/07/13 15:10:43 | 000,000,336 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\pl\messages.json
[2012/07/13 15:10:43 | 000,000,332 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\pt_BR\messages.json
[2012/07/13 15:10:43 | 000,000,331 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\pt_PT\messages.json
[2012/07/13 15:10:43 | 000,000,332 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\ro\messages.json
[2012/07/13 15:10:43 | 000,000,471 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\ru\messages.json
[2012/07/13 15:10:43 | 000,000,338 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\sk\messages.json
[2012/07/13 15:10:43 | 000,000,329 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\sl\messages.json
[2012/07/13 15:10:43 | 000,000,483 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\sr\messages.json
[2012/07/13 15:10:43 | 000,000,333 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\sv\messages.json
[2012/07/13 15:10:43 | 000,000,472 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\th\messages.json
[2012/07/13 15:10:43 | 000,000,330 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\tr\messages.json
[2012/07/13 15:10:43 | 000,000,501 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\uk\messages.json
[2012/07/13 15:10:43 | 000,000,363 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\vi\messages.json
[2012/07/13 15:10:43 | 000,000,346 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\zh_CN\messages.json
[2012/07/13 15:10:43 | 000,000,346 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\_locales\zh_TW\messages.json
[2012/07/13 15:10:23 | 000,000,226 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\background.html
[2012/07/13 15:10:23 | 000,003,879 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\contentscript.js
[2012/07/13 15:10:24 | 000,000,640 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\manifest.json
[2012/07/13 15:18:14 | 000,005,920 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\128.png
[2012/07/13 15:18:14 | 000,000,755 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\manifest.json
[2012/07/13 15:18:14 | 000,000,556 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar\messages.json
[2012/07/13 15:18:14 | 000,000,492 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg\messages.json
[2012/07/13 15:18:14 | 000,000,262 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca\messages.json
[2012/07/13 15:18:14 | 000,000,289 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs\messages.json
[2012/07/13 15:18:14 | 000,000,240 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da\messages.json
[2012/07/13 15:18:14 | 000,000,239 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de\messages.json
[2012/07/13 15:18:14 | 000,000,624 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el\messages.json
[2012/07/13 15:18:14 | 000,000,215 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en\messages.json
[2012/07/13 15:18:14 | 000,000,281 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es\messages.json
[2012/07/13 15:18:14 | 000,000,284 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi\messages.json
[2012/07/13 15:18:14 | 000,000,234 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil\messages.json
[2012/07/13 15:18:14 | 000,000,272 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr\messages.json
[2012/07/13 15:18:14 | 000,000,391 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi\messages.json
[2012/07/13 15:18:14 | 000,000,246 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr\messages.json
[2012/07/13 15:18:14 | 000,000,234 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\messages.json
[2012/07/13 15:18:14 | 000,000,242 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id\messages.json
[2012/07/13 15:18:14 | 000,000,260 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it\messages.json
[2012/07/13 15:18:14 | 000,000,364 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja\messages.json
[2012/07/13 15:18:14 | 000,000,328 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko\messages.json
[2012/07/13 15:18:14 | 000,000,269 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt\messages.json
[2012/07/13 15:18:14 | 000,000,262 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv\messages.json
[2012/07/13 15:18:14 | 000,000,232 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl\messages.json
[2012/07/13 15:18:11 | 000,000,210 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no\messages.json
[2012/07/13 15:18:14 | 000,000,292 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl\messages.json
[2012/07/13 15:18:14 | 000,000,230 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR\messages.json
[2012/07/13 15:18:14 | 000,000,231 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT\messages.json
[2012/07/13 15:18:14 | 000,000,281 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro\messages.json
[2012/07/13 15:18:14 | 000,000,482 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru\messages.json
[2012/07/13 15:18:11 | 000,000,210 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se\messages.json
[2012/07/13 15:18:14 | 000,000,238 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk\messages.json
[2012/07/13 15:18:14 | 000,000,249 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl\messages.json
[2012/07/13 15:18:14 | 000,000,511 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr\messages.json
[2012/07/13 15:18:14 | 000,000,471 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th\messages.json
[2012/07/13 15:18:14 | 000,000,250 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr\messages.json
[2012/07/13 15:18:14 | 000,000,536 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk\messages.json
[2012/07/13 15:18:14 | 000,000,257 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi\messages.json
[2012/07/13 15:18:14 | 000,000,339 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN\messages.json
[2012/07/13 15:18:14 | 000,000,321 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW\messages.json
[1 C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp files -> C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp -> ]
[2012/07/13 15:10:19 | 000,000,000 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\Custom.css
[2012/07/13 15:18:21 | 000,080,040 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\DECODED_IMAGES
[2012/07/13 15:18:21 | 000,014,329 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\DECODED_MESSAGE_CATALOGS
[1 C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\*.tmp files -> C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\*.tmp -> ]
[2012/07/13 15:18:24 | 000,005,369 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\128.png
[2012/07/13 15:18:24 | 000,000,496 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\16.png
[2012/07/13 15:18:24 | 000,001,143 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\32.png
[2012/07/13 15:18:24 | 000,001,858 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\48.png
[2012/07/13 15:18:24 | 000,000,790 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\manifest.json
[2012/07/13 15:18:24 | 000,000,423 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\ar\messages.json
[2012/07/13 15:18:24 | 000,000,515 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\bg\messages.json
[2012/07/13 15:18:24 | 000,000,330 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\ca\messages.json
[2012/07/13 15:18:24 | 000,000,355 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\cs\messages.json
[2012/07/13 15:18:24 | 000,000,328 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\da\messages.json
[2012/07/13 15:18:24 | 000,000,307 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\de\messages.json
[2012/07/13 15:18:24 | 000,000,569 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\el\messages.json
[2012/07/13 15:18:24 | 000,000,314 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\en\messages.json
[2012/07/13 15:18:24 | 000,000,314 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\en_GB\messages.json
[2012/07/13 15:18:24 | 000,000,314 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\en_US\messages.json
[2012/07/13 15:18:24 | 000,000,340 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\es\messages.json
[2012/07/13 15:18:24 | 000,000,341 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\es_419\messages.json
[2012/07/13 15:18:24 | 000,000,314 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\et\messages.json
[2012/07/13 15:18:24 | 000,000,305 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\fi\messages.json
[2012/07/13 15:18:24 | 000,000,337 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\fil\messages.json
[2012/07/13 15:18:24 | 000,000,329 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\fr\messages.json
[2012/07/13 15:18:24 | 000,000,471 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\he\messages.json
[2012/07/13 15:18:24 | 000,000,326 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\hi\messages.json
[2012/07/13 15:18:24 | 000,000,340 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\hr\messages.json
[2012/07/13 15:18:24 | 000,000,336 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\hu\messages.json
[2012/07/13 15:18:24 | 000,000,319 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\id\messages.json
[2012/07/13 15:18:24 | 000,000,324 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\it\messages.json
[2012/07/13 15:18:24 | 000,000,388 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\ja\messages.json
[2012/07/13 15:18:24 | 000,000,380 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\ko\messages.json
[2012/07/13 15:18:24 | 000,000,359 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\lt\messages.json
[2012/07/13 15:18:24 | 000,000,360 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\lv\messages.json
[2012/07/13 15:18:24 | 000,000,323 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\nl\messages.json
[2012/07/13 15:18:19 | 000,000,300 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\no\messages.json
[2012/07/13 15:18:24 | 000,000,336 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\pl\messages.json
[2012/07/13 15:18:24 | 000,000,332 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\pt_BR\messages.json
[2012/07/13 15:18:24 | 000,000,331 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\pt_PT\messages.json
[2012/07/13 15:18:24 | 000,000,332 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\ro\messages.json
[2012/07/13 15:18:24 | 000,000,471 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\ru\messages.json
[2012/07/13 15:18:24 | 000,000,338 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\sk\messages.json
[2012/07/13 15:18:24 | 000,000,329 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\sl\messages.json
[2012/07/13 15:18:24 | 000,000,483 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\sr\messages.json
[2012/07/13 15:18:24 | 000,000,333 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\sv\messages.json
[2012/07/13 15:18:24 | 000,000,472 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\th\messages.json
[2012/07/13 15:18:24 | 000,000,330 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\tr\messages.json
[2012/07/13 15:18:24 | 000,000,501 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\uk\messages.json
[2012/07/13 15:18:24 | 000,000,363 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\vi\messages.json
[2012/07/13 15:18:24 | 000,000,346 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\zh_CN\messages.json
[2012/07/13 15:18:24 | 000,000,346 | ---- | M] () -- C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_3193\CRX_INSTALL\_locales\zh_TW\messages.json

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 14th July 2012, 2:04 am


< %USERPROFILE%\AppData\Local\ /s >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\Application Data /s >

< %PROGRAMFILES%\*. >
[2012/01/09 01:13:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/03/19 14:05:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ask.com
[2011/08/21 09:07:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bing Bar Installer
[2010/12/01 21:44:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
[2012/07/13 20:48:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/08/21 09:06:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Coupons
[2011/03/19 09:43:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Deer Drive
[2011/03/24 20:43:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell
[2012/07/13 20:37:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell DataSafe Local Backup
[2010/12/01 21:46:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dell DataSafe Online
[2011/03/14 11:22:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Drop Down Deals
[2011/03/19 13:01:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2012/07/13 15:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2011/10/11 19:40:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Guffins
[2011/10/11 19:39:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GuffinsEI
[2011/08/25 13:47:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2011/08/25 13:48:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Photo Creations
[2011/03/14 19:54:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hunting Unlimited 2010
[2011/03/14 19:52:39 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/12/01 21:43:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/06/14 03:42:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/12/25 14:15:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LeapFrog
[2012/07/13 20:24:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/01/15 16:31:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MapsGalaxy_39EI
[2012/07/13 20:19:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee
[2010/12/01 21:53:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/03/14 16:01:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2010/12/01 21:46:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2011/03/14 16:01:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/08/22 08:49:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/12/01 21:54:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/12/01 21:55:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Sync Framework
[2011/03/10 13:17:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/08/21 09:07:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar
[2012/07/13 20:03:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Norton PC Checkup
[2011/08/23 21:36:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Drivers HeadQuarters
[2012/07/13 20:17:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Play Pickle
[2011/03/14 11:22:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\playfingamestoolbar
[2012/07/13 16:34:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Real
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/12/01 21:57:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2012/01/09 01:17:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ShopAtHome
[2010/12/01 21:57:34 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/09/14 15:29:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\The Learning Company
[2011/03/15 17:32:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ultimate Duck Hunting
[2009/07/14 00:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/01/09 01:36:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Verizon
[2011/03/09 16:45:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VERIZONDM
[2011/12/18 21:55:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\W3i
[2009/07/14 01:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2010/12/01 21:56:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/12/01 21:53:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/12/18 21:59:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2011/07/11 20:35:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/07/11 20:35:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/07/11 20:35:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/07/11 20:35:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/03/19 09:52:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!
[2011/03/09 17:02:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ZyXEL G-220v3 Wireless USB Adapter Utility

< %appdata%\*.* >

< MD5 for: AFD.SYS >
[2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\SysNative\drivers\afd.sys
[2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011/12/28 00:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2011/04/24 22:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[2009/07/13 19:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2011/12/28 00:01:12 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=CCA39961E76B491DDF44B1E90FC8971D -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[2010/11/20 05:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/04/24 22:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011/12/27 23:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys
[2011/04/24 23:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[2011/04/24 22:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\SysWOW64\cryptsvc.dll
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 09:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 00:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\SysNative\cryptsvc.dll
[2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/04/24 00:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009/07/13 21:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/13 21:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 08:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 01:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012/04/24 01:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012/04/24 01:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012/04/24 00:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\SysNative\dnsrslvr.dll
[2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsrslvr.dll
[2009/07/13 21:40:32 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=676108C4E3AA6F6B34633748BD0BEBD9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsrslvr.dll
[2011/03/03 02:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=85CF424C74A1D5EC33533E1DBFF9920A -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsrslvr.dll
[2011/03/03 02:12:55 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=B2205BAEAE4C178ABEB1B149751FC2B9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsrslvr.dll
[2010/11/20 09:26:07 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=CD55F5355D8F55D44C9F4ED875705BD6 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsrslvr.dll
[2011/03/03 02:23:37 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=D8065FA366D28746EE3D75F08ED6B2FE -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsrslvr.dll

< MD5 for: ES.DLL >
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\SysNative\es.dll
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[2012/03/10 05:20:45 | 000,008,176 | ---- | M] () MD5=BA58F133CF44478EC912EC46ABE9AF47 -- C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\Locales\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\SysWOW64\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll

< MD5 for: EXPLORER.EXE >
[2010/12/01 23:22:49 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/12/01 23:23:19 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/12/01 23:22:49 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2010/12/01 23:23:03 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/12/01 23:23:19 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/12/01 23:23:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/12/01 23:23:19 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/12/01 23:23:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/12/01 23:23:19 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/12/01 23:22:49 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/12/01 23:23:03 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/12/01 23:22:49 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\SysNative\ipnathlp.dll
[2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\ipnathlp.dll

< MD5 for: NETBT.SYS >
[2010/11/20 05:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\SysNative\drivers\netbt.sys
[2010/11/20 05:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys
[2009/07/13 19:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys

< MD5 for: NETMAN.DLL >
[2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\SysNative\netman.dll
[2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll

< MD5 for: QMGR.DLL >
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/13 21:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: RPCSS.DLL >
[2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[2009/07/13 21:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=7266972E86890E2B30C0C322E906B027 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=014A9CB92514E27C0107614DF764BC06 -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 01:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 13:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 09:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 02:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/12/01 23:23:22 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012/03/30 06:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 01:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 07:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012/03/30 06:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/12/01 23:23:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/13 21:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 01:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 02:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 12:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/04/25 02:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 02:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 02:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 12:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 12:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: TDX.SYS >
[2009/07/13 19:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\SysNative\drivers\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[2009/07/13 21:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/12/01 23:23:19 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/12/01 23:23:19 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WMISVC.DLL >
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\SysNative\wbem\WMIsvc.dll
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7600.16385_none_fca7ad7710a22535\WMIsvc.dll
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_fed8c13f0d90a8cf\WMIsvc.dll

< MD5 for: WSCSVC.DLL >
[2010/12/21 02:09:08 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=34D280957E8681E4BD9492B3F1FC27B9 -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.20862_none_76d192b6e4d9ed67\wscsvc.dll
[2010/12/21 02:16:27 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=8F9F3969933C02DA96EB0F84576DB43E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16723_none_767435e5cb9af730\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\SysNative\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16385_none_76354f59cbc9dce8\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_78666321c8b86082\wscsvc.dll

< >

< >

< End of report >

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 14th July 2012, 2:05 am

OTL Extras logfile created on: 7/13/2012 9:11:54 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\chuck\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.97 Gb Total Physical Memory | 0.06 Gb Available Physical Memory | 2.85% Memory free
3.93 Gb Paging File | 0.99 Gb Available in Paging File | 25.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.02 Gb Total Space | 233.05 Gb Free Space | 81.48% Space Free | Partition Type: NTFS

Computer Name: DELL | User Name: chuck | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AB4DB8C-4123-45DC-B896-C67990F76DA4}" = HP Deskjet 1050 J410 series Product Improvement Study
"{4268BF51-DFDF-4178-8B8D-5D5752FCAA58}" = HP Deskjet 1050 J410 series Basic Device Software
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Drop Down Deals 1.10.01
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29DFAB41-7D73-4E92-9329-FB1ECBD2EF83}" = ZyXEL G-220v3 Wireless USB Adapter Utility
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{623B8278-8CAD-45C1-B844-58B687C07805}" = Bing Bar Platform
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6916E491-8BBF-4E8A-AFAD-D01307C059E5}" = Vz In Home Agent
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80813829-BE27-4799-8BC7-2F75A7B6CB50}" = IHA_MessageCenter
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}" = InstallIQ Updater
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{992C016C-CA8F-4D13-ABAB-D24A481C102B}" = LeapFrog Leapster2 Plugin
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9ED06229-1F1B-4AE2-970D-5F731E8C8C35}" = Hunting Unlimited 2010
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D547A594-AA85-4B92-80EB-47B371B98C68}" = Verizon Download Manager
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9D59E62-845F-49A2-8B75-DDB00661673C}" = LeapFrog Connect
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Deer Drive" = Deer Drive 1.51T
"Dell Dock" = Dell Dock
"Dreamship Tales" = Dreamship Tales
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"Guffinsbar Uninstall" = Guffins
"HP Photo Creations" = HP Photo Creations
"Leapster2Plugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Play Pickle" = Play Pickle
"playfingamestoolbar" = Playfin Games Toolbar
"RealPlayer 15.0" = RealPlayer
"Ultimate Duck Hunting" = Ultimate Duck Hunting (remove only)
"UPCShell" = LeapFrog Connect
"Verizon Help and Support" = Verizon Help and Support Tool
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/12/2012 1:58:03 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x73e0 Faulting application
start time: 0x01cd5ff34d15db80 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 8ac98a82-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 1:58:04 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x7020 Faulting application
start time: 0x01cd5ff34d47d866 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: 8b004a28-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 1:58:48 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x71ec Faulting application
start time: 0x01cd5ff367938bed Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: a544d98e-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 1:59:05 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x7130 Faulting application
start time: 0x01cd5ff371999754 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: af4ae4f5-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 1:59:05 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x6b98 Faulting application
start time: 0x01cd5ff371d2b85b Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: af8405fc-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 1:59:49 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x7018 Faulting application
start time: 0x01cd5ff38c19a921 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: c9caf6c2-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 2:00:06 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x718c Faulting application
start time: 0x01cd5ff396189068 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: d3cc3f69-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 2:00:06 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x6c0c Faulting application
start time: 0x01cd5ff3965b36f0 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: d40ee5f1-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 2:00:50 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x730c Faulting application
start time: 0x01cd5ff3b09d64f5 Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: ee4eb296-cbe6-11e1-acda-b8ac6fde9bbc

Error - 7/12/2012 2:01:07 AM | Computer Name = DELL | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe, version: 6.1.7600.16385, time
stamp: 0x4a5bc100 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x7542c9f1 Faulting process id: 0x7110 Faulting application
start time: 0x01cd5ff3ba99eadc Faulting application path: C:\Windows\SysWOW64\svchost.exe
Faulting
module path: unknown Report Id: f84b387c-cbe6-11e1-acda-b8ac6fde9bbc

[ Dell Events ]
Error - 4/30/2011 7:38:31 AM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/8/2011 1:21:51 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/8/2011 1:21:51 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/15/2011 9:14:55 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/15/2011 9:14:55 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/23/2011 8:52:51 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/23/2011 8:52:51 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/30/2011 9:33:49 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 5/30/2011 9:33:49 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

Error - 9/4/2011 8:32:08 PM | Computer Name = DELL | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.

[ Media Center Events ]
Error - 3/23/2012 9:05:58 AM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 9:05:58 AM - Error connecting to the internet. 9:05:58 AM - Unable
to contact server..

Error - 3/23/2012 9:06:06 AM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 9:06:03 AM - Error connecting to the internet. 9:06:03 AM - Unable
to contact server..

Error - 3/23/2012 10:06:13 AM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 10:06:13 AM - Error connecting to the internet. 10:06:13 AM - Unable
to contact server..

Error - 3/23/2012 10:06:20 AM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 10:06:18 AM - Error connecting to the internet. 10:06:18 AM - Unable
to contact server..

Error - 3/23/2012 8:05:17 PM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 8:05:11 PM - Error connecting to the internet. 8:05:11 PM - Unable
to contact server..

Error - 3/24/2012 8:41:24 PM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 8:41:19 PM - Error connecting to the internet. 8:41:19 PM - Unable
to contact server..

Error - 3/25/2012 8:37:05 AM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 8:37:05 AM - Error connecting to the internet. 8:37:05 AM - Unable
to contact server..

Error - 3/25/2012 8:37:16 AM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 8:37:10 AM - Error connecting to the internet. 8:37:10 AM - Unable
to contact server..

Error - 3/25/2012 9:38:36 AM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 9:38:36 AM - Error connecting to the internet. 9:38:36 AM - Unable
to contact server..

Error - 3/25/2012 9:39:04 AM | Computer Name = DELL | Source = MCUpdate | ID = 0
Description = 9:38:42 AM - Error connecting to the internet. 9:38:42 AM - Unable
to contact server..

[ System Events ]
Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 1/5/2012 11:24:15 AM | Computer Name = DELL | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068


< End of report >

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 14th July 2012, 10:37 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
Are there any other symptoms besides the slowness?


SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from [You must be registered and logged in to see this link.]
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Download DDS from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.] and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control [You must be registered and logged in to see this link.].Then post your DDS logs. (DDS.txt and Attach.txt )

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 14th July 2012, 10:56 pm

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code:
:OTL

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PPC&o=102944&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=6L&apn_dtid=YYYYYYYYUS&apn_uid=4305F1DD-4BCB-4E12-BEE6-D1D21229EF6E&apn_sauid=A80C36D7-8208-4DC7-8446-11484C342F05
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_enUS423
IE - HKCU\..\SearchScopes\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YJxdm093YYus&ptb=C6967EE9-5E5B-4FE9-8548-79D2D54A9428&psa=&ind=2011101119&ptnrS=YJxdm093YYus&si=1579&st=sb&n=77def7bf&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{9EFB2E13-DE1A-08EA-7F86-B2205C95E779}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z018&form=ZGAIDF

:folders
C:\Program Files (x86)\playfingamestoolbar
C:\Program Files (x86)\Ask.com

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 16th July 2012, 1:55 am

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 07/15/2012 at 09:41 PM

Application Version : 5.5.1012

Core Rules Database Version : 8902
Trace Rules Database Version: 6714

Scan type : Complete Scan
Total Scan Time : 01:14:07

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 480
Memory threats detected : 0
Registry items scanned : 64356
Registry threats detected : 141
File items scanned : 143396
File threats detected : 74

Adware.Tracking Cookie
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\UXVIH6NX.txt [ /revsci.net ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\MM30BG8Z.txt [ /at.atwola.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\VHEPZW27.txt [ /casalemedia.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\0X0IWTBI.txt [ /tribalfusion.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\V9Y3UJWS.txt [ /www.googleadservices.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\7YM1BWTS.txt [ /collective-media.net ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\BS4KZ4V3.txt [ /c.atdmt.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\2S844S4C.txt [ /ad.yieldmanager.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\5XDOE7ZN.txt [ /atdmt.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\R425TEA4.txt [ /media6degrees.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\1ZYE1U6G.txt [ /apmebf.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\RJN7F1YD.txt [ /statcounter.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\S1G23C01.txt [ /doubleclick.net ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\N0UL11G5.txt [ /kontera.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\15SQRDOF.txt [ /ru4.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\WU5RCGT3.txt [ /ads.saymedia.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\14KUKIU7.txt [ /adbrite.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\S1YVPRCV.txt [ /mediaplex.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\9GOKPWZS.txt [ /invitemedia.com ]
C:\Users\chuck\AppData\Roaming\Microsoft\Windows\Cookies\Q3JU6723.txt [ /bea.px.invitemedia.com ]
C:\USERS\CHUCK\Cookies\MM30BG8Z.txt [ Cookie:chuck@at.atwola.com/ ]
C:\USERS\CHUCK\Cookies\VHEPZW27.txt [ Cookie:chuck@casalemedia.com/ ]
C:\USERS\CHUCK\Cookies\V9Y3UJWS.txt [ Cookie:chuck@[You must be registered and logged in to see this link.] ]
C:\USERS\CHUCK\Cookies\7YM1BWTS.txt [ Cookie:chuck@collective-media.net/ ]
C:\USERS\CHUCK\Cookies\BS4KZ4V3.txt [ Cookie:chuck@c.atdmt.com/ ]
C:\USERS\CHUCK\Cookies\5XDOE7ZN.txt [ Cookie:chuck@atdmt.com/ ]
C:\USERS\CHUCK\Cookies\R425TEA4.txt [ Cookie:chuck@media6degrees.com/ ]
C:\USERS\CHUCK\Cookies\1ZYE1U6G.txt [ Cookie:chuck@apmebf.com/ ]
C:\USERS\CHUCK\Cookies\RJN7F1YD.txt [ Cookie:chuck@statcounter.com/ ]
C:\USERS\CHUCK\Cookies\S1G23C01.txt [ Cookie:chuck@doubleclick.net/ ]
C:\USERS\CHUCK\Cookies\15SQRDOF.txt [ Cookie:chuck@ru4.com/ ]
C:\USERS\CHUCK\Cookies\WU5RCGT3.txt [ Cookie:chuck@ads.saymedia.com/ ]
C:\USERS\CHUCK\Cookies\9GOKPWZS.txt [ Cookie:chuck@invitemedia.com/ ]
C:\USERS\CHUCK\Cookies\Q3JU6723.txt [ Cookie:chuck@bea.px.invitemedia.com/ ]
.doubleclick.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adknowledge.com [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adknowledge.com [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adknowledge.com [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adknowledge.com [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\CHUCK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cloud.bannergadgets.com [ C:\USERS\CHUCK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3UD3QKKA ]
core.saymedia.com [ C:\USERS\CHUCK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3UD3QKKA ]
cdn.tremormedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
core.insightexpressai.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
img-cdn.mediaplex.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
inline.admedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
media.mtvnservices.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
media3.onsugar.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
media4.onsugar.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
painlesstraffic.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
videocdn.pgoamedia.com [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]
[You must be registered and logged in to see this link.] [ C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\62QDF4XY ]

PUP.MyWebSearch/FunWebProducts
(x86) HKU\S-1-5-21-3097163939-3449498774-1803402471-1000\SOFTWARE\FunWebProducts
(x64) HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
(x64) HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
(x64) HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib
(x64) HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
(x64) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
(x64) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
(x64) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib
(x64) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
(x64) HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
(x64) HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid32
(x64) HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib
(x64) HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib#Version
(x64) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
(x64) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32
(x64) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib
(x64) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib#Version
(x64) HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
(x64) HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32
(x64) HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib
(x64) HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib#Version
(x64) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
(x64) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32
(x64) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib
(x64) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib#Version
(x64) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
(x64) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32
(x64) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib
(x64) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib#Version
(x64) HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
(x64) HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
(x64) HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
(x64) HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
(x64) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
(x64) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
(x64) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
(x64) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
(x64) HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
(x64) HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid32
(x64) HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib
(x64) HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib#Version
(x64) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
(x64) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32
(x64) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib
(x64) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib#Version
(x64) HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
(x64) HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
(x64) HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib
(x64) HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib#Version
(x64) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
(x64) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
(x64) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib
(x64) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib#Version
(x64) HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
(x64) HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
(x64) HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
(x64) HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
(x64) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
(x64) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
(x64) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
(x64) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
(x64) HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
(x64) HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32
(x64) HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib
(x64) HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib#Version
(x64) HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
(x64) HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid32
(x64) HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib
(x64) HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib#Version
(x64) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
(x64) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
(x64) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
(x64) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
(x64) HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
(x64) HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x64) HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x64) HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x64) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
(x64) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x64) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x64) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x64) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
(x64) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x64) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x64) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x64) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
(x64) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x64) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x64) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x64) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
(x64) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32
(x64) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib
(x64) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib#Version
(x64) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
(x64) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32
(x64) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib
(x64) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib#Version
(x64) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
(x64) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid32
(x64) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib
(x64) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib#Version
(x64) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
(x64) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32
(x64) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib
(x64) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib#Version
(x64) HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
(x64) HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
(x64) HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
(x64) HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
(x64) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
(x64) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32
(x64) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib
(x64) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib#Version
(x64) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
(x64) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32
(x64) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib
(x64) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib#Version
(x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
(x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32
(x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib
(x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib#Version
(x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
(x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32
(x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib
(x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib#Version
(x64) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
(x64) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
(x64) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
(x64) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
(x64) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
(x64) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
(x64) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
(x64) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
(x64) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
(x64) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32
(x64) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib
(x64) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib#Version
(x64) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
(x64) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32
(x64) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib
(x64) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib#Version

Adware.Gamevance
C:\Program Files (x86)\PLAY PICKLE\ars.cfg
C:\Program Files (x86)\PLAY PICKLE\icon.ico
C:\Program Files (x86)\PLAY PICKLE
C:\USERS\CHUCK\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\TEXTLINKS@PLPICKLE.COM\COMPONENTS\PPTLF.DLL

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 16th July 2012, 2:49 am

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
[You must be registered and logged in to see this link.]

Database version: v2012.07.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
chuck :: DELL [administrator]

Protection: Disabled

7/15/2012 9:59:31 PM
mbam-log-2012-07-15 (21-59-31).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 344536
Time elapsed: 45 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 55
HKCR\CLSID\{ae71ca5e-f67d-4507-8ee3-2c64c79131fe} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{7c75f6ab-5fb4-4ab2-ac5c-8a9ae211553e} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{44A28C79-727D-40AD-9B8C-287DBC2F6151} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1b3f043d-1afc-4bc1-8c5e-6dc54ead3ae1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{7832de29-0904-406c-ad68-e0d5c3c3a4ea} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{543822E6-2CB0-414A-BEF5-55F894118BB4} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{b52a4484-ab18-44d5-bb8e-5631573fe90f} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{442d3d85-b938-4ff8-9c15-027405dea3ec} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{18e5fe5f-481d-4991-b833-ca21803d5e7d} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{6BDBEE40-391D-44E5-9D40-8035CC2BB6EC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{8013018c-73f4-4642-b2d1-9d83c2aafbc2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ac480fbe-24ab-4372-9a32-02ab0bae8b6b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{96507BD3-61F8-43AF-8317-172AEB2452E0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.HTMLPanel.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.HTMLPanel (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8013018C-73F4-4642-B2D1-9D83C2AAFBC2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1D69E858-32D5-4888-A395-579C8124112B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D69E858-32D5-4888-A395-579C8124112B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{a6405ec8-0e8a-49af-978e-f7fac946950b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8ef6e3a3-2c8d-4cd3-8fa3-8e901d8efa90} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{20FA25EB-486C-4B69-8E2D-169FD142B2FB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1f28c606-9536-4078-b89f-143b5c01571c} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{dad15d1b-6e60-4312-b1db-0590a1c6858e} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{3f6160fe-2ebc-45d6-b1b7-12687d267036} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{42C9A11F-B1EA-4120-B83B-523175034327} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DAD15D1B-6E60-4312-B1DB-0590A1C6858E} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{47b3f06e-cec0-4670-ae2f-033f46ea5177} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.Radio.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.Radio (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{71a84035-08ad-4964-b6e9-9ffc06390057} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{49a32f81-0ba1-4b43-856c-9a61425e5bf1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{0b070b7b-5574-4735-b4aa-0543df03fdfa} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{0C501912-C553-46A2-A9A5-363879580516} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49A32F81-0BA1-4B43-856C-9A61425E5BF1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{006bff73-d6b8-4cc0-a982-1e041d625b08} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{a7ae7537-9c87-4f9c-a494-84fa5ad092f0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{78B00903-4404-4282-BB23-E27CB8DD6C2A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{006BFF73-D6B8-4CC0-A982-1E041D625B08} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{224469fc-d32a-423e-90c3-0f69ef5724b8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Guffins.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 29
C:\Program Files (x86)\Guffins\bar\1.bin\NPu4Stub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\T8RES.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4auxstb.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4brstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4datact.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4dlghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4dyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4feedmg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4highin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4html.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4htmlmu.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4httpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4idle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4ieovr.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4impipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4medint.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4mlbtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4msg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4Plugin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4radio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4regfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4regiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4script.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4skin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4skplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4tpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Guffins\bar\1.bin\u4uabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\chuck\AppData\Local\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\n (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Users\chuck\AppData\LocalLow\GuffinsEI\Installr\Cache\067B4AB7.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.

(end)

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 16th July 2012, 3:10 am

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by chuck at 23:00:00 on 2012-07-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2013.735 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.9.24\SymcPCCULaunchSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = [You must be registered and logged in to see this link.]
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit=userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Playfin Games Toolbar: {6905e4b1-afef-4444-85a9-ecb16c048784} - C:\Program Files (x86)\playfingamestoolbar\vmntemplateX.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Drop Down Deals\YontooIEClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Playfin Games Toolbar: {6905e4b1-afef-4444-85a9-ecb16c048784} - C:\Program Files (x86)\playfingamestoolbar\vmntemplateX.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
TB: Guffins: {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - C:\Program Files (x86)\Guffins\bar\1.bin\u4bar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "C:\Users\chuck\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: []
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - [You must be registered and logged in to see this link.]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{27D6A7A4-B36B-4FD7-8F32-D5E2DC9AAF07} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{27D6A7A4-B36B-4FD7-8F32-D5E2DC9AAF07}\650593E403 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{27D6A7A4-B36B-4FD7-8F32-D5E2DC9AAF07}\8344733433 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7E4F0D15-078E-4510-9A95-28EF12AD0819} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FCDF9AA7-1EC6-4448-AC18-2D3E70591A08} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Playfin Games Toolbar: {6905e4b1-afef-4444-85a9-ecb16c048784} - C:\Program Files (x86)\playfingamestoolbar\vmntemplateX.dll
BHO-X64: Playfin Games Toolbar - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Drop Down Deals\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB-X64: Playfin Games Toolbar: {6905e4b1-afef-4444-85a9-ecb16c048784} - C:\Program Files (x86)\playfingamestoolbar\vmntemplateX.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll
TB-X64: Guffins: {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - C:\Program Files (x86)\Guffins\bar\1.bin\u4bar.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [(Default)]
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-1 13336]
R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2010-10-13 335888]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-3-9 517632]
R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.9.24\SymcPCCULaunchSvc.exe [2011-3-20 123320]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-1 1692480]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [2011-2-1 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [2011-2-1 185640]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
S2 0033441342287416mcinstcleanup;McAfee Application Installer Cleanup (0033441342287416);C:\Users\chuck\AppData\Local\Temp\003344~1.EXE -cleanup -nolog --> C:\Users\chuck\AppData\Local\Temp\003344~1.EXE -cleanup -nolog [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-15 136176]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-14 655944]
S2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe [2011-3-20 126392]
S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-18 169312]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-20 250056]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-15 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 XG762_VS;ZyXEL 802.11g XG762 1211 Vista Driver;C:\Windows\system32\DRIVERS\WlanGZG.sys --> C:\Windows\system32\DRIVERS\WlanGZG.sys [?]
S3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;C:\Windows\System32\ZDCNDIS6a64.sys [2011-3-9 41280]
.
=============== Created Last 30 ================
.
2012-07-16 00:22:09 -------- d-----w- C:\Users\chuck\AppData\Roaming\SUPERAntiSpyware.com
2012-07-16 00:22:01 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-07-16 00:22:01 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-07-14 16:29:02 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-14 16:04:36 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C4262C98-234D-4BF2-A9EE-9D524658FA2A}\offreg.dll
2012-07-14 15:33:00 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C4262C98-234D-4BF2-A9EE-9D524658FA2A}\mpengine.dll
2012-07-14 15:32:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-07-14 15:32:11 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-14 15:32:10 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-07-14 15:32:10 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-07-14 15:32:09 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2012-07-14 15:32:09 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2012-07-14 15:32:09 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-07-14 15:25:00 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-07-14 15:24:51 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-07-14 15:24:41 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-07-14 15:24:41 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-07-14 15:16:43 -------- d-----w- C:\Windows\pss
2012-07-14 00:24:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-13 20:40:35 -------- d-----w- C:\Program Files\CCleaner
2012-07-13 19:23:59 -------- d-----w- C:\Users\chuck\AppData\Roaming\Malwarebytes
2012-07-13 19:23:34 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-13 19:10:02 -------- d-----w- C:\Users\chuck\AppData\Local\Real
2012-06-28 15:51:50 -------- d-----w- C:\ProgramData\529C50840001AFDC0000205BB4EB2367
2012-06-27 22:10:25 -------- d-----w- C:\Users\chuck\AppData\Roaming\Ms_dir_
2012-06-27 22:10:17 -------- d-----w- C:\Users\chuck\AppData\Roaming\Xeferu
2012-06-27 22:10:17 -------- d-----w- C:\Users\chuck\AppData\Roaming\Vaypex
2012-06-27 22:10:17 -------- d-----w- C:\Users\chuck\AppData\Roaming\Oxtaap
2012-06-27 22:09:38 -------- d-----w- C:\Users\chuck\AppData\Roaming\TeamViewer
2012-06-20 17:33:49 9822920 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-06-20 16:48:24 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-07-14 16:33:27 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-20 03:45:41 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-04-20 03:16:44 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 23:09:04.80 ===============

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 16th July 2012, 3:14 am


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/8/2011 9:13:08 PM
System Uptime: 7/15/2012 10:51:38 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 018D1Y
Processor: Intel(R) Celeron(R) CPU 450 @ 2.20GHz | CPU 1 | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 230.903 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP111: 7/2/2012 9:45:38 AM - Windows Backup
RP112: 7/10/2012 12:00:04 AM - Scheduled Checkpoint
RP113: 7/13/2012 3:00:21 AM - Windows Update
RP114: 7/13/2012 4:27:16 PM - Restore Operation
RP115: 7/13/2012 8:48:01 PM - Removed Java(TM) 6 Update 21
RP116: 7/13/2012 8:48:58 PM - Removed Java(TM) 6 Update 21 (64-bit)
RP117: 7/13/2012 9:14:35 PM - OTL Restore Point - 7/13/2012 9:14:32 PM
RP118: 7/14/2012 11:02:41 AM - Restore Operation
RP119: 7/14/2012 11:23:59 AM - Windows Update
RP120: 7/14/2012 11:29:56 AM - Windows Backup
RP121: 7/14/2012 11:32:25 AM - Windows Update
RP123: 7/14/2012 12:11:27 PM - Windows Defender Checkpoint
RP124: 7/14/2012 12:24:36 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 8.0
Adobe Reader 9.5.0
Adobe Shockwave Player 11.5
Ask Toolbar
Bing Bar
Bing Bar Platform
Bing Rewards Client Installer
Coupon Printer for Windows
Deer Drive 1.51T
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Getting Started Guide
Dreamship Tales
Driver Detective
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Guffins
HP Deskjet 1050 J410 series Help
HP Photo Creations
HP Update
HPDiagnosticAlert
Hunting Unlimited 2010
IHA_MessageCenter
InstallIQ Updater
Intel(R) Control Center
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 21
Jenkat Games Arcade
Junk Mail filter update
LeapFrog Connect
LeapFrog Leapster2 Plugin
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
Norton PC Checkup
Playfin Games Toolbar
Realtek High Definition Audio Driver
Roxio Burn
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Skype Toolbars
Skype™ 4.2
Ultimate Duck Hunting (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
Verizon Download Manager
Verizon Help and Support Tool
Vz In Home Agent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Yahoo! Software Update
Yahoo! Toolbar
ZyXEL G-220v3 Wireless USB Adapter Utility
.
==== Event Viewer Messages From Past Week ========
.
7/9/2012 6:24:51 AM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766} as /. The error: "5" Happened while starting this command: "c:\PROGRA~1\mcafee.com\agent\mcagent.exe" -Embedding
7/9/2012 2:56:33 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {B1DBD568-80B2-43FA-AE07-76FB23AA4650}. The error: "5" Happened while starting this command: "C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe" -Embedding
7/15/2012 5:48:12 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 8 time(s).
7/15/2012 3:49:16 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 7 time(s).
7/15/2012 10:54:05 PM, Error: Service Control Manager [7001] - The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: The system cannot find the file specified.
7/15/2012 10:54:05 PM, Error: Service Control Manager [7000] - The MBAMProtector service failed to start due to the following error: The system cannot find the file specified.
7/15/2012 10:53:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
7/15/2012 10:52:15 PM, Error: Service Control Manager [7034] - The McAfee Application Installer Cleanup (0033441342287416) service terminated unexpectedly. It has done this 1 time(s).
7/15/2012 10:51:56 PM, Error: Service Control Manager [7024] - The Common Client Job Manager Service service terminated with service-specific error %%-1.
7/15/2012 1:47:25 AM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 6 time(s).
7/15/2012 1:47:25 AM, Error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 3 time(s).
7/14/2012 9:46:37 PM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 4 time(s).
7/14/2012 7:47:55 PM, Error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 3 time(s).
7/14/2012 7:47:55 PM, Error: Service Control Manager [7034] - The Network Location Awareness service terminated unexpectedly. It has done this 3 time(s).
7/14/2012 7:47:55 PM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 3 time(s).
7/14/2012 5:54:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error: An instance of the service is already running.
7/14/2012 5:49:41 PM, Error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 2 time(s).
7/14/2012 5:49:41 PM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/14/2012 5:49:41 PM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
7/14/2012 5:49:41 PM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
7/14/2012 3:50:46 PM, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/14/2012 3:50:46 PM, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
7/14/2012 3:50:46 PM, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/14/2012 3:50:46 PM, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/14/2012 11:48:00 PM, Error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 5 time(s).
7/14/2012 11:47:55 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {B2B3C70A-B20F-40B7-90C5-EA7E946C16E0}. The error: "1450" Happened while starting this command: C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe -Embedding
7/14/2012 11:19:10 AM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
7/14/2012 1:47:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/14/2012 1:47:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/14/2012 1:47:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/14/2012 1:47:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/14/2012 1:46:47 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6
7/14/2012 1:46:43 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
7/14/2012 1:44:30 PM, Error: Service Control Manager [7024] - The McAfee McShield service terminated with service-specific error The cluster network interface already exists..
7/14/2012 1:14:19 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/14/2012 1:04:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
7/13/2012 8:37:16 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.
7/13/2012 8:21:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
7/13/2012 8:07:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}
7/13/2012 3:52:40 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 3:52:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/13/2012 3:52:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/13/2012 3:52:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mfehidk mfenlfk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
7/13/2012 3:52:17 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 3:52:17 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 3:52:17 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/13/2012 3:52:16 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/13/2012 2:59:30 PM, Error: Service Control Manager [7000] - The MRESP50a64 NDIS Protocol Driver service failed to start due to the following error: The system cannot find the file specified.
7/13/2012 11:26:57 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
7/13/2012 11:26:57 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
7/13/2012 11:26:47 PM, Error: Service Control Manager [7034] - The McAfee Application Installer Cleanup (0273051342224513) service terminated unexpectedly. It has done this 1 time(s).
7/13/2012 11:26:25 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
7/13/2012 11:26:25 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
7/13/2012 11:26:25 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
7/13/2012 11:10:57 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
7/13/2012 10:18:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
7/13/2012 10:18:35 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/13/2012 10:18:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/13/2012 10:18:03 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/13/2012 10:18:03 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
7/12/2012 9:41:43 PM, Error: XG762_VS [5003] - ZyXEL G-220v3 Wireless USB Adapter #2 : Could not find a network adapter.
7/12/2012 9:39:06 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
7/12/2012 10:54:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/10/2012 7:11:05 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 16th July 2012, 3:20 am

========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9bd172ba-3f40-4303-bca1-0484b5ba2a7b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9EFB2E13-DE1A-08EA-7F86-B2205C95E779}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9EFB2E13-DE1A-08EA-7F86-B2205C95E779}\ not found.
Error: Unable to interpret <:folders > in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.53.1 log created on 07152012_232013

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 16th July 2012, 10:10 pm

I strongly recommend that you remove Ask from your computer because it;

•Promotes its toolbars on sites targeted to kids.

•Promotes its toolbars through ads that appear to be part of other companies' sites.

•Promotes its toolbars through other companies' spyware.

•Installs without any disclosure whatsoever and without any consent whatsoever.

•Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.

•Makes confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

See [You must be registered and logged in to see this link.] for more info.

If you choose to follow my recommendation then please go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

AskBarDis or anything related to Ask

Then please find and delete this folder in bold (if present):
C:\Program Files\AskBarDis. or anything related to Ask.
*****************************************************
I would also advise you to uninstall these programs because they are malicious.
C:\Program Files (x86)\Guffins
C:\Program Files (x86)\playfingamestoolbar
*************************************************
Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First [You must be registered and logged in to see this link.]

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the [You must be registered and logged in to see this link.].

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download [You must be registered and logged in to see this link.] and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: [You must be registered and logged in to see this link.] adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
*********************************************************
Download Combofix from any of the links below, and save it to your DESKTOP.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [You must be registered and logged in to see this link.] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 22nd July 2012, 1:17 am

i try to uninstall guffins and it give me an error message cant find the module it says
also i tyr and run the java verify program and it just closes my browser and nothing happens . so i moved on to the combo fix

ComboFix 12-07-20.02 - chuck 07/20/2012 15:51:05.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2013.641 [GMT -4:00]
Running from: c:\users\chuck\Documents\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Drop Down Deals
c:\program files (x86)\Drop Down Deals\YontooIEClient.dll
c:\programdata\084c31m26umegt2s4ynu2m
c:\programdata\Dell
c:\programdata\Dell\DCUninstall\remove.log
c:\programdata\Dell\DellDock\BaseCategories.xml
c:\programdata\Dell\DellDock\BaseDesktopExclusions.xml
c:\programdata\Dell\DellDock\BaseSettings.xml
c:\programdata\Dell\DellDock\Default.lang.xml
c:\programdata\Dell\DellDock\error_log.txt
c:\programdata\Dell\DellDock\images\aol_icon.jpg
c:\programdata\Dell\DellDock\images\ATT_32x32.JPG
c:\programdata\Dell\DellDock\images\cloud.png
c:\programdata\Dell\DellDock\images\Cozi.png
c:\programdata\Dell\DellDock\images\datasafe_32x32.jpg
c:\programdata\Dell\DellDock\images\DellSupport_32x32.jpg
c:\programdata\Dell\DellDock\images\DellSupportCenter_icon.jpg
c:\programdata\Dell\DellDock\images\dra.png
c:\programdata\Dell\DellDock\images\earthlink_icon.png
c:\programdata\Dell\DellDock\images\ebay_32x32.png
c:\programdata\Dell\DellDock\images\GDS_32x32.png
c:\programdata\Dell\DellDock\images\globe-32x32.png
c:\programdata\Dell\DellDock\images\McAfee_32x32.JPG
c:\programdata\Dell\DellDock\images\mycolors.png
c:\programdata\Dell\DellDock\images\netzero_icon.png
c:\programdata\Dell\DellDock\images\norton_32x32.PNG
c:\programdata\Dell\DellDock\images\pccilin_32x32.png
c:\programdata\Dell\DellDock\images\peoplepc.PNG
c:\programdata\Dell\DellDock\images\Sprint.ICO
c:\programdata\Dell\DellDock\images\syncables_32x32.jpg
c:\programdata\Dell\DellDock\images\THX_32x32.jpg
c:\programdata\Dell\DellDock\images\windows_logo.png
c:\programdata\Dell\DellDock\images\wt.PNG
c:\programdata\Dell\DellDock\images\yp_32x32.JPG
c:\programdata\Dell\DellDock\langmap.ini
c:\programdata\Dell\DellDock\Shortcuts\cozi.xml
c:\programdata\Dell\DellDock\Shortcuts\emailchat-livemgr.xml
c:\programdata\Dell\DellDock\Shortcuts\emailchat-outlookmail.xml
c:\programdata\Dell\DellDock\Shortcuts\emailchat-sightspeed.xml
c:\programdata\Dell\DellDock\Shortcuts\emailchat-skype.xml
c:\programdata\Dell\DellDock\Shortcuts\emailchat-winmail.xml
c:\programdata\Dell\DellDock\Shortcuts\EngXMLs.txt
c:\programdata\Dell\DellDock\Shortcuts\games-ddsgames.xml
c:\programdata\Dell\DellDock\Shortcuts\games-wtgames.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-datasafepctransfer.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-ddshelp.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-DellCustomize.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-dellsupportcenter.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-dellsupportcenter30.XML
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-hybrid.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-mediareduc.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-olsupport.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-ownermanual.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-pctuneup1.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-syncables.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-systemvideo.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-uninstaller.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-vistahelp.xml
c:\programdata\Dell\DellDock\Shortcuts\helpsupport-vistapctransfer.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-acm.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-aol.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-boxnet.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-DellMobileBroadband.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-Dellmobilemanager.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-DellNetworkAssistant.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-earthlink.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-ericssonmgr.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-internetexplorer.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-livewriter.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-netzero.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-peoplepc.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-remoteaccess.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-SprintSmartView32.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-SprintSmartView64.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-tiscali.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-vistaparentalcontrol.xml
c:\programdata\Dell\DellDock\Shortcuts\internet-yp.xml
c:\programdata\Dell\DellDock\Shortcuts\internetexplorer.xml
c:\programdata\Dell\DellDock\Shortcuts\music-adobesoundbooth.xml
c:\programdata\Dell\DellDock\Shortcuts\music-ddsmusic.xml
c:\programdata\Dell\DellDock\Shortcuts\music-idt32.xml
c:\programdata\Dell\DellDock\Shortcuts\music-idt64.xml
c:\programdata\Dell\DellDock\Shortcuts\music-sbaudigy.xml
c:\programdata\Dell\DellDock\Shortcuts\music-thx.xml
c:\programdata\Dell\DellDock\Shortcuts\music-vistamediaplayer.xml
c:\programdata\Dell\DellDock\Shortcuts\music-zingspot.xml
c:\programdata\Dell\DellDock\Shortcuts\office-cozical.xml
c:\programdata\Dell\DellDock\Shortcuts\office-ddsoffice.xml
c:\programdata\Dell\DellDock\Shortcuts\office-msexcel.xml
c:\programdata\Dell\DellDock\Shortcuts\office-msOO.xml
c:\programdata\Dell\DellDock\Shortcuts\office-mspowerpoint.xml
c:\programdata\Dell\DellDock\Shortcuts\office-msword.xml
c:\programdata\Dell\DellDock\Shortcuts\office-worksspreadsheet.xml
c:\programdata\Dell\DellDock\Shortcuts\office-worksword.xml
c:\programdata\Dell\DellDock\Shortcuts\photos-adobephotoshop.xml
c:\programdata\Dell\DellDock\Shortcuts\photos-adobephotoshop8.xml
c:\programdata\Dell\DellDock\Shortcuts\photos-livephoto.xml
c:\programdata\Dell\DellDock\Shortcuts\photos-vistaphotogallery.xml
c:\programdata\Dell\DellDock\Shortcuts\photos-webcamm08.xml
c:\programdata\Dell\DellDock\Shortcuts\photos-webcamm09.xml
c:\programdata\Dell\DellDock\Shortcuts\recyclebin.xml
c:\programdata\Dell\DellDock\Shortcuts\security-AbsoluteDataProtection32.xml
c:\programdata\Dell\DellDock\Shortcuts\security-boxnet.xml
c:\programdata\Dell\DellDock\Shortcuts\security-datalocal.xml
c:\programdata\Dell\DellDock\Shortcuts\security-datasafe.xml
c:\programdata\Dell\DellDock\Shortcuts\security-facialrecognition.xml
c:\programdata\Dell\DellDock\Shortcuts\security-failsafe.xml
c:\programdata\Dell\DellDock\Shortcuts\security-fingerprint.xml
c:\programdata\Dell\DellDock\Shortcuts\security-fingerprintm08.xml
c:\programdata\Dell\DellDock\Shortcuts\security-lojack.xml
c:\programdata\Dell\DellDock\Shortcuts\security-mcafee.xml
c:\programdata\Dell\DellDock\Shortcuts\security-norton2008.xml
c:\programdata\Dell\DellDock\Shortcuts\security-trendm.xml
c:\programdata\Dell\DellDock\Shortcuts\security-trendmicro.xml
c:\programdata\Dell\DellDock\Shortcuts\security-vistaparentalcontrol.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-adobepremiere.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-adobepremiere8.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-cinemanowxp.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-ddsmovies.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-roxio10.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-sightspeed.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-vistamediaplayer.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-vistamoviemaker.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-webcamm08.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-webcamm09.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-widi.xml
c:\programdata\Dell\DellDock\Shortcuts\videos-windowsmediacenter.xml
c:\programdata\Dell\DellDock\startup_log.txt
c:\programdata\Dell\DellDock\uninstaller.exe
c:\programdata\Dell\DellDock\uninstaller.xml
c:\users\chuck\AppData\Roaming\Dell
c:\users\chuck\AppData\Roaming\Dell\DellDock\DockContents.xml
c:\users\chuck\AppData\Roaming\Dell\DellDock\DockContentsBackup.xml
c:\users\chuck\AppData\Roaming\Help\coredb\storage
c:\users\chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
c:\users\chuck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk
c:\users\chuck\AppData\Roaming\Ms_dir_
c:\users\chuck\g2mdlhlpx.exe
c:\windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\@
c:\windows\Installer\{dc513f9c-d3f6-b1ed-dc6b-68d530343a26}\U\80000000.@
.
.
((((((((((((((((((((((((( Files Created from 2012-06-21 to 2012-07-21 )))))))))))))))))))))))))))))))
.
.
2012-07-20 20:48 . 2012-07-20 20:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-20 16:06 . 2012-07-20 16:06 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C4262C98-234D-4BF2-A9EE-9D524658FA2A}\offreg.dll
2012-07-16 03:20 . 2012-07-16 03:20 -------- d-----w- C:\_OTL
2012-07-16 00:22 . 2012-07-16 00:22 -------- d-----w- c:\users\chuck\AppData\Roaming\SUPERAntiSpyware.com
2012-07-16 00:22 . 2012-07-16 00:22 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-16 00:22 . 2012-07-16 00:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-07-14 16:29 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-14 15:33 . 2012-06-18 07:12 9013136 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C4262C98-234D-4BF2-A9EE-9D524658FA2A}\mpengine.dll
2012-07-14 15:32 . 2012-05-31 16:25 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-07-14 15:32 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-14 15:32 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-14 15:32 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-14 15:32 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-14 15:32 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-14 15:32 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-14 15:32 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-07-14 15:25 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-07-14 15:25 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-07-14 15:25 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-07-14 15:24 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-07-14 15:24 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-07-14 15:24 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-07-14 15:24 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-07-14 15:24 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-07-14 15:24 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-07-14 00:24 . 2012-07-16 01:58 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-13 20:40 . 2012-07-18 00:12 -------- d-----w- c:\program files\CCleaner
2012-07-13 19:23 . 2012-07-13 19:23 -------- d-----w- c:\users\chuck\AppData\Roaming\Malwarebytes
2012-07-13 19:23 . 2012-07-13 19:23 -------- d-----w- c:\programdata\Malwarebytes
2012-07-13 19:10 . 2012-07-13 19:10 -------- d-----w- c:\users\chuck\AppData\Local\Real
2012-07-13 19:08 . 2012-07-14 15:11 -------- d-----w- c:\program files (x86)\Real
2012-06-28 15:51 . 2012-07-13 07:06 -------- d-----w- c:\programdata\529C50840001AFDC0000205BB4EB2367
2012-06-27 22:10 . 2012-07-13 07:25 -------- d-----w- c:\users\chuck\AppData\Roaming\Xeferu
2012-06-27 22:10 . 2012-07-13 01:53 -------- d-----w- c:\users\chuck\AppData\Roaming\Oxtaap
2012-06-27 22:10 . 2012-06-27 22:10 -------- d-----w- c:\users\chuck\AppData\Roaming\Vaypex
2012-06-27 22:09 . 2012-07-13 07:05 -------- d-----w- c:\users\chuck\AppData\Roaming\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-14 16:33 . 2012-06-20 16:48 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-14 16:33 . 2011-12-25 18:21 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-14 16:33 . 2012-06-20 17:33 9822920 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-07-14 16:25 . 2011-07-10 23:42 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-05-15 04:01 . 2012-06-13 19:20 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 19:19 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 19:20 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-04 11:06 . 2012-06-13 19:10 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 19:08 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 19:10 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 19:10 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 19:21 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 19:21 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 19:21 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 19:21 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-14 15:08 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-14 15:08 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-14 15:08 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-14 15:08 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-14 15:08 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-14 15:08 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6905e4b1-afef-4444-85a9-ecb16c048784}]
2010-11-03 18:28 81920 ----a-w- c:\program files (x86)\playfingamestoolbar\vmntemplateX.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6905e4b1-afef-4444-85a9-ecb16c048784}"= "c:\program files (x86)\playfingamestoolbar\vmntemplateX.dll" [2010-11-03 81920]
.
[HKEY_CLASSES_ROOT\clsid\{6905e4b1-afef-4444-85a9-ecb16c048784}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-16 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-07 559616]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 0033441342287416mcinstcleanup;McAfee Application Installer Cleanup (0033441342287416);c:\users\chuck\AppData\Local\Temp\003344~1.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe [2009-08-24 126392]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-14 250056]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-10 1255736]
R3 XG762_VS;ZyXEL 802.11g XG762 1211 Vista Driver;c:\windows\system32\DRIVERS\WlanGZG.sys [2008-10-28 1041920]
R3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;c:\windows\system32\ZDCNDIS6a64.sys [2008-10-28 41280]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-06-11 335888]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2010-03-17 517632]
S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\SymcPCCULaunchSvc.exe [2011-10-07 123320]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe [2011-02-01 206120]
S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe [2011-02-01 185640]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-31 236544]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-03 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-03 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-03 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-03 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 16:33]
.
2012-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 00:42]
.
2012-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 00:42]
.
2012-07-21 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 91c00577-4e38-48ad-a3bb-04a564da01e5.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2012-07-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 98ff3b40-b21e-44c3-a8a8-5c3b444e75b9.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-Locked - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Jenkat Games Arcade - c:\users\chuck\AppData\Roaming\Jenkat\Jenkat Games Arcade\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.9.24\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Common Files\Java\Java Update\jusched.exe
c:\program files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\Windows Live\Toolbar\wltuser.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
.
**************************************************************************
.
Completion time: 2012-07-20 21:45:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-21 01:45
.
Pre-Run: 249,474,625,536 bytes free
Post-Run: 248,814,518,272 bytes free
.
- - End Of File - - 8A439403CED8F310AD4A3B794960F130

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 22nd July 2012, 1:59 am

* Go to Start > Run and type mrt.exe then press Enter on the keyboard).
* (Vista and Windows 7 users go to Start and type mrt.exe in the search box then press Enter on the keyboard.
* Click Next.
* Choose Full Scan and click Next.
* Once the scan is finished click View detailed results of the scan.

Look through the list and let me know if anything was found infected.
*********************************************************
Please download: [You must be registered and logged in to see this link.] to your Desktop.

  • Double Click the HijackThis icon, located on your Desktop.
  • By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
  • Accept the license agreement.
  • Click the Open the Misc Tools section button.
  • Click on the Open Uninstall Manager button.
  • Click on the Save list... button and specify where you would like to save this file. When you press Save button a Notepad will open with the contents of that file. Save the file to your desktop.
    Copy and paste this file in your next reply.

***********************************************
Please download [You must be registered and logged in to see this link.] ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 24th July 2012, 7:14 pm

Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 8.0
Adobe Reader 9.5.0
Adobe Shockwave Player 11.5
Bing Bar
Bing Bar Platform
Bing Rewards Client Installer
Coupon Printer for Windows
Deer Drive 1.51T
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Getting Started Guide
Dreamship Tales
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Guffins
HijackThis 2.0.2
HP Deskjet 1050 J410 series Help
HP Photo Creations
HP Update
HPDiagnosticAlert
Hunting Unlimited 2010
IHA_MessageCenter
InstallIQ Updater
Intel(R) Control Center
Intel(R) Rapid Storage Technology
Java(TM) 6 Update 21
Jenkat Games Arcade
Junk Mail filter update
LeapFrog Connect
LeapFrog Connect
LeapFrog Leapster2 Plugin
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
Norton PC Checkup
Playfin Games Toolbar
Realtek High Definition Audio Driver
Roxio Burn
Roxio Burn
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Skype Toolbars
Skype™ 4.2
Ultimate Duck Hunting (remove only)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
Verizon Download Manager
Verizon Help and Support Tool
Vz In Home Agent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Yahoo! Software Update
Yahoo! Toolbar
ZyXEL G-220v3 Wireless USB Adapter Utility


Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 24th July 2012, 7:22 pm

Delete An Uninstall Entry

•Start HijackThis

•Click on the Open the Misc Tools section

•Click on the Open Uninstall Manager button.

•Highlight the entry you want to remove.
•Click Guffins
and delete this entry.

Also, please run the aswMBR scan and post the log.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 24th July 2012, 7:44 pm

aswmbr doesnt seem to start at all

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 24th July 2012, 7:52 pm

i hit delete entry on guffins and it doesnt disapeer from the list in hijack

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 24th July 2012, 10:19 pm

Look for it on your C: drive and try deleting it.

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 24th July 2012, 11:01 pm

i do a search on c: drive and nothing comes up for guffins

heres the mbr log

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Inspiron 560
Logical Drives Mask: 0x0001000c

Kernel Drivers (total 178):
0x03001000 \SystemRoot\system32\ntoskrnl.exe
0x035E9000 \SystemRoot\system32\hal.dll
0x00BCF000 \SystemRoot\system32\kdcom.dll
0x00C3D000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C8C000 \SystemRoot\system32\PSHED.dll
0x00CA0000 \SystemRoot\system32\CLFS.SYS
0x00CFE000 \SystemRoot\system32\CI.dll
0x00E2C000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00ED0000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00EDF000 \SystemRoot\system32\drivers\ACPI.sys
0x00F36000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F3F000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F49000 \SystemRoot\system32\drivers\pci.sys
0x00F7C000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F89000 \SystemRoot\System32\drivers\partmgr.sys
0x00F9E000 \SystemRoot\system32\drivers\volmgr.sys
0x010D5000 \SystemRoot\System32\drivers\volmgrx.sys
0x01131000 \SystemRoot\System32\drivers\mountmgr.sys
0x0126F000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0138B000 \SystemRoot\system32\drivers\amdxata.sys
0x01396000 \SystemRoot\system32\drivers\fltmgr.sys
0x013E2000 \SystemRoot\system32\drivers\fileinfo.sys
0x01200000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01417000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0120C000 \SystemRoot\System32\Drivers\msrpc.sys
0x015BA000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0114B000 \SystemRoot\System32\Drivers\cng.sys
0x015D5000 \SystemRoot\System32\drivers\pcw.sys
0x015E6000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01636000 \SystemRoot\system32\drivers\ndis.sys
0x01729000 \SystemRoot\system32\drivers\NETIO.SYS
0x01789000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018BC000 \SystemRoot\System32\drivers\tcpip.sys
0x01ABF000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01B09000 \SystemRoot\system32\drivers\volsnap.sys
0x01B55000 \SystemRoot\System32\Drivers\spldr.sys
0x01B5D000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B97000 \SystemRoot\System32\Drivers\mup.sys
0x01BA9000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01BB2000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01800000 \SystemRoot\system32\DRIVERS\disk.sys
0x01816000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x02F99000 \SystemRoot\system32\drivers\cdrom.sys
0x02FC3000 \SystemRoot\System32\Drivers\Null.SYS
0x02FCC000 \SystemRoot\System32\Drivers\Beep.SYS
0x02FD3000 \SystemRoot\System32\drivers\vga.sys
0x02E00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x02E25000 \SystemRoot\System32\drivers\watchdog.sys
0x02E35000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02E3E000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02E47000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02E50000 \SystemRoot\System32\Drivers\Msfs.SYS
0x02FE1000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01854000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02FF2000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01876000 \SystemRoot\System32\DRIVERS\netbt.sys
0x01000000 \SystemRoot\system32\drivers\afd.sys
0x02E5B000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x01BEC000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x017B3000 \SystemRoot\system32\DRIVERS\pacer.sys
0x017D9000 \SystemRoot\system32\DRIVERS\netbios.sys
0x01600000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0161B000 \SystemRoot\system32\drivers\termdd.sys
0x01BF5000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x017E8000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x03899000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x038EA000 \SystemRoot\system32\drivers\nsiproxy.sys
0x038F6000 \SystemRoot\system32\drivers\mssmbios.sys
0x03901000 \SystemRoot\System32\drivers\discache.sys
0x03910000 \SystemRoot\System32\Drivers\dfsc.sys
0x0392E000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0393F000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x03965000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04A5D000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x0547C000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x05570000 \SystemRoot\System32\drivers\dxgmms1.sys
0x055B6000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04A00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x055C3000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x055D4000 \SystemRoot\system32\drivers\HDAudBus.sys
0x0397B000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x039B9000 \SystemRoot\system32\drivers\CompositeBus.sys
0x039C9000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x03800000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x03824000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x03830000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0385F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x039DF000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0387A000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x015F0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x01400000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x055F8000 \SystemRoot\system32\drivers\swenum.sys
0x01089000 \SystemRoot\system32\drivers\ks.sys
0x011BD000 \SystemRoot\system32\drivers\umbus.sys
0x03E35000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x03E8F000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x08C0C000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x03EA4000 \SystemRoot\system32\drivers\portcls.sys
0x03EE1000 \SystemRoot\system32\drivers\drmk.sys
0x08DF6000 \SystemRoot\system32\drivers\ksthunk.sys
0x03F03000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x03F2A000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02E66000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x03F38000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x03F4B000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x08DFC000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x03F68000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x03F76000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x08C00000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x03F8F000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x00080000 \SystemRoot\System32\win32k.sys
0x03F9D000 \SystemRoot\System32\drivers\Dxapi.sys
0x03FA9000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x03FB6000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004D0000 \SystemRoot\System32\TSDDD.dll
0x00630000 \SystemRoot\System32\cdd.dll
0x03FC4000 \SystemRoot\system32\drivers\luafv.sys
0x03FE7000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x03E00000 \SystemRoot\system32\drivers\WudfPf.sys
0x02F82000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x026D0000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02723000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02736000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02600000 \SystemRoot\system32\drivers\HTTP.sys
0x0274E000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0276C000 \SystemRoot\System32\drivers\mpsdrv.sys
0x02784000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x027B1000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x011CF000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x02CF1000 \SystemRoot\system32\drivers\peauth.sys
0x02D97000 \SystemRoot\System32\Drivers\secdrv.SYS
0x02C00000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x02DA2000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x02CB7000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x03E21000 \SystemRoot\System32\drivers\tcpipreg.sys
0x04654000 \SystemRoot\System32\DRIVERS\srv2.sys
0x046BD000 \SystemRoot\System32\DRIVERS\srv.sys
0x04755000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x04760000 \SystemRoot\System32\Drivers\fastfat.SYS
0x777C0000 \Windows\System32\ntdll.dll
0x47CC0000 \Windows\System32\smss.exe
0xFFAE0000 \Windows\System32\apisetschema.dll
0xFF020000 \Windows\System32\autochk.exe
0xFF9F0000 \Windows\System32\oleaut32.dll
0xFF7E0000 \Windows\System32\ole32.dll
0x776C0000 \Windows\System32\user32.dll
0x775A0000 \Windows\System32\kernel32.dll
0xFF7C0000 \Windows\System32\sechost.dll
0xFF7B0000 \Windows\System32\nsi.dll
0xFF550000 \Windows\System32\iertutil.dll
0xFF440000 \Windows\System32\msctf.dll
0xFF310000 \Windows\System32\rpcrt4.dll
0x77990000 \Windows\System32\psapi.dll
0xFF290000 \Windows\System32\difxapi.dll
0xFF210000 \Windows\System32\shlwapi.dll
0xFF170000 \Windows\System32\comdlg32.dll
0xFE3E0000 \Windows\System32\shell32.dll
0xFE340000 \Windows\System32\msvcrt.dll
0xFE320000 \Windows\System32\imagehlp.dll
0xFE1F0000 \Windows\System32\wininet.dll
0x77980000 \Windows\System32\normaliz.dll
0xFE180000 \Windows\System32\gdi32.dll
0xFE0E0000 \Windows\System32\clbcatq.dll
0xFE0D0000 \Windows\System32\lpk.dll
0xFE000000 \Windows\System32\usp10.dll
0xFDFD0000 \Windows\System32\imm32.dll
0xFDEF0000 \Windows\System32\advapi32.dll
0xFDD10000 \Windows\System32\setupapi.dll
0xFDB90000 \Windows\System32\urlmon.dll
0xFDB40000 \Windows\System32\ws2_32.dll
0xFDAE0000 \Windows\System32\Wldap32.dll
0xFDAA0000 \Windows\System32\wintrust.dll
0xFDA00000 \Windows\System32\comctl32.dll
0xFD9E0000 \Windows\System32\devobj.dll
0xFD870000 \Windows\System32\crypt32.dll
0xFD800000 \Windows\System32\KernelBase.dll
0xFD7C0000 \Windows\System32\cfgmgr32.dll
0xFD7B0000 \Windows\System32\msasn1.dll

Processes (total 53):
0 System Idle Process
4 System
284 C:\Windows\System32\smss.exe
428 csrss.exe
480 C:\Windows\System32\wininit.exe
492 csrss.exe
540 C:\Windows\System32\winlogon.exe
584 C:\Windows\System32\services.exe
592 C:\Windows\System32\lsass.exe
600 C:\Windows\System32\lsm.exe
704 C:\Windows\System32\svchost.exe
772 C:\Windows\System32\svchost.exe
820 C:\Windows\System32\svchost.exe
948 C:\Windows\System32\svchost.exe
988 C:\Windows\System32\svchost.exe
436 C:\Windows\System32\svchost.exe
724 C:\Program Files\Dell\DellDock\DockLogin.exe
412 C:\Windows\System32\svchost.exe
1156 C:\Windows\System32\spoolsv.exe
1184 C:\Windows\System32\svchost.exe
1272 C:\Program Files\SUPERAntiSpyware\SASCore64.exe
1316 C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
1408 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
1436 C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
1476 C:\Program Files\Common Files\Motive\McciCMService.exe
1596 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1836 C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
1864 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
1888 C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
1936 C:\Windows\System32\svchost.exe
2012 C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
2112 C:\Windows\System32\svchost.exe
2148 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2612 C:\Windows\System32\taskhost.exe
2628 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
2696 C:\Windows\System32\dwm.exe
2708 C:\Windows\explorer.exe
2576 C:\Windows\System32\svchost.exe
2736 C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
2880 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
2872 C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
3788 C:\Windows\System32\SearchIndexer.exe
4040 C:\Windows\System32\taskeng.exe
3564 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1580 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
4056 C:\Windows\System32\svchost.exe
1140 C:\Program Files (x86)\Internet Explorer\iexplore.exe
2352 C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
1548 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
2204 dllhost.exe
2788 dllhost.exe
3904 C:\Users\chuck\Documents\MBRCheck.exe
3208 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`04600000 (NTFS)
\\.\Q: --> error 5

PhysicalDrive0 Model Number: ST3320418AS, Rev: CC46

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 MBR Code Faked!
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 25th July 2012, 1:30 am

Please try your search engine. I think this is how it's done in Windows 7. Click start and type in guffins. It should show you if it's there or not.

Let's try to run this:

We need to fix the infection found with aswMBR now


  • Double click aswMBR.exe to run it like before
  • Once the scan finishes click Fix to remove the infection as illustrated below





  • Once the scan finishes click Save log to save the log to your Desktop



  • Copy and paste the contents of aswMBR.txt back here for review

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 25th July 2012, 10:10 am

aswMbr wont start

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 25th July 2012, 10:35 pm


  • Download [You must be registered and logged in to see this link.] and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

  • If an infected file is detected, the default action will be Cure, click on Continue.

  • If a suspicious file is detected, the default action will be Skip, click on Continue.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..
********************************************************
Please try running aswMBR.exe again. Did you try right-clicking to start it? If it doesn't start try running it in Safe mode.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 26th July 2012, 2:17 am

22:12:45.0022 1336 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
22:12:45.0381 1336 ============================================================
22:12:45.0381 1336 Current date / time: 2012/07/25 22:12:45.0381
22:12:45.0381 1336 SystemInfo:
22:12:45.0396 1336
22:12:45.0396 1336 OS Version: 6.1.7601 ServicePack: 1.0
22:12:45.0396 1336 Product type: Workstation
22:12:45.0396 1336 ComputerName: DELL
22:12:45.0396 1336 UserName: chuck
22:12:45.0396 1336 Windows directory: C:\Windows
22:12:45.0396 1336 System windows directory: C:\Windows
22:12:45.0396 1336 Running under WOW64
22:12:45.0396 1336 Processor architecture: Intel x64
22:12:45.0396 1336 Number of processors: 1
22:12:45.0396 1336 Page size: 0x1000
22:12:45.0396 1336 Boot type: Safe boot with network
22:12:45.0396 1336 ============================================================
22:12:46.0223 1336 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:12:46.0223 1336 ============================================================
22:12:46.0223 1336 \Device\Harddisk0\DR0:
22:12:46.0223 1336 MBR partitions:
22:12:46.0223 1336 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x180F000
22:12:46.0223 1336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1823000, BlocksNum 0x23C0B000
22:12:46.0223 1336 ============================================================
22:12:46.0239 1336 C: <-> \Device\Harddisk0\DR0\Partition1
22:12:46.0239 1336 ============================================================
22:12:46.0239 1336 Initialize success
22:12:46.0239 1336 ============================================================
22:12:54.0273 1852 ============================================================
22:12:54.0273 1852 Scan started
22:12:54.0273 1852 Mode: Manual;
22:12:54.0273 1852 ============================================================
22:12:54.0772 1852 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:12:54.0772 1852 !SASCORE - ok
22:12:54.0881 1852 0033441342287416mcinstcleanup - ok
22:12:54.0975 1852 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:12:54.0975 1852 1394ohci - ok
22:12:55.0022 1852 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:12:55.0022 1852 ACPI - ok
22:12:55.0053 1852 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:12:55.0053 1852 AcpiPmi - ok
22:12:55.0193 1852 AdobeActiveFileMonitor8.0 (765fe0463e711e5a68ac7b69538ed922) c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
22:12:55.0193 1852 AdobeActiveFileMonitor8.0 - ok
22:12:55.0287 1852 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:12:55.0287 1852 AdobeFlashPlayerUpdateSvc - ok
22:12:55.0349 1852 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:12:55.0349 1852 adp94xx - ok
22:12:55.0396 1852 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:12:55.0396 1852 adpahci - ok
22:12:55.0412 1852 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:12:55.0412 1852 adpu320 - ok
22:12:55.0458 1852 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:12:55.0458 1852 AeLookupSvc - ok
22:12:55.0536 1852 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:12:55.0552 1852 AFD - ok
22:12:55.0583 1852 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:12:55.0583 1852 agp440 - ok
22:12:55.0614 1852 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:12:55.0614 1852 ALG - ok
22:12:55.0646 1852 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:12:55.0646 1852 aliide - ok
22:12:55.0661 1852 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:12:55.0661 1852 amdide - ok
22:12:55.0692 1852 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:12:55.0692 1852 AmdK8 - ok
22:12:55.0708 1852 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:12:55.0708 1852 AmdPPM - ok
22:12:55.0739 1852 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:12:55.0739 1852 amdsata - ok
22:12:55.0786 1852 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:12:55.0802 1852 amdsbs - ok
22:12:55.0817 1852 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:12:55.0817 1852 amdxata - ok
22:12:55.0864 1852 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:12:55.0864 1852 AppID - ok
22:12:55.0895 1852 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:12:55.0895 1852 AppIDSvc - ok
22:12:55.0942 1852 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:12:55.0942 1852 Appinfo - ok
22:12:56.0004 1852 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:12:56.0020 1852 arc - ok
22:12:56.0036 1852 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:12:56.0036 1852 arcsas - ok
22:12:56.0067 1852 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:12:56.0067 1852 AsyncMac - ok
22:12:56.0114 1852 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:12:56.0114 1852 atapi - ok
22:12:56.0176 1852 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:12:56.0192 1852 AudioEndpointBuilder - ok
22:12:56.0207 1852 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:12:56.0207 1852 AudioSrv - ok
22:12:56.0254 1852 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:12:56.0254 1852 AxInstSV - ok
22:12:56.0316 1852 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:12:56.0332 1852 b06bdrv - ok
22:12:56.0363 1852 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:12:56.0363 1852 b57nd60a - ok
22:12:56.0426 1852 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:12:56.0426 1852 BDESVC - ok
22:12:56.0441 1852 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:12:56.0441 1852 Beep - ok
22:12:56.0519 1852 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
22:12:56.0535 1852 BFE - ok
22:12:56.0582 1852 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
22:12:56.0800 1852 BITS - ok
22:12:56.0862 1852 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:12:56.0862 1852 blbdrive - ok
22:12:56.0909 1852 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:12:56.0909 1852 bowser - ok
22:12:56.0940 1852 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:12:56.0940 1852 BrFiltLo - ok
22:12:56.0956 1852 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:12:56.0956 1852 BrFiltUp - ok
22:12:57.0003 1852 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
22:12:57.0003 1852 BridgeMP - ok
22:12:57.0034 1852 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:12:57.0050 1852 Browser - ok
22:12:57.0065 1852 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:12:57.0065 1852 Brserid - ok
22:12:57.0081 1852 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:12:57.0081 1852 BrSerWdm - ok
22:12:57.0112 1852 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:12:57.0112 1852 BrUsbMdm - ok
22:12:57.0143 1852 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:12:57.0143 1852 BrUsbSer - ok
22:12:57.0159 1852 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:12:57.0159 1852 BTHMODEM - ok
22:12:57.0206 1852 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:12:57.0206 1852 bthserv - ok
22:12:57.0237 1852 catchme - ok
22:12:57.0268 1852 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:12:57.0268 1852 cdfs - ok
22:12:57.0315 1852 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
22:12:57.0315 1852 cdrom - ok
22:12:57.0518 1852 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:12:57.0518 1852 CertPropSvc - ok
22:12:57.0564 1852 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:12:57.0564 1852 circlass - ok
22:12:57.0596 1852 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:12:57.0611 1852 CLFS - ok
22:12:57.0674 1852 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:12:57.0674 1852 clr_optimization_v2.0.50727_32 - ok
22:12:57.0720 1852 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:12:57.0736 1852 clr_optimization_v2.0.50727_64 - ok
22:12:57.0798 1852 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:12:57.0861 1852 clr_optimization_v4.0.30319_32 - ok
22:12:57.0908 1852 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:12:57.0908 1852 clr_optimization_v4.0.30319_64 - ok
22:12:57.0970 1852 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:12:57.0970 1852 CmBatt - ok
22:12:58.0001 1852 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:12:58.0001 1852 cmdide - ok
22:12:58.0032 1852 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:12:58.0048 1852 CNG - ok
22:12:58.0079 1852 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:12:58.0079 1852 Compbatt - ok
22:12:58.0126 1852 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:12:58.0126 1852 CompositeBus - ok
22:12:58.0142 1852 COMSysApp - ok
22:12:58.0173 1852 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:12:58.0173 1852 crcdisk - ok
22:12:58.0235 1852 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:12:58.0251 1852 CryptSvc - ok
22:12:58.0329 1852 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:12:58.0329 1852 cvhsvc - ok
22:12:58.0391 1852 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:12:58.0407 1852 DcomLaunch - ok
22:12:58.0422 1852 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:12:58.0438 1852 defragsvc - ok
22:12:58.0485 1852 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:12:58.0485 1852 DfsC - ok
22:12:58.0547 1852 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:12:58.0547 1852 Dhcp - ok
22:12:58.0578 1852 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:12:58.0578 1852 discache - ok
22:12:58.0625 1852 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:12:58.0625 1852 Disk - ok
22:12:58.0672 1852 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:12:58.0672 1852 Dnscache - ok
22:12:58.0750 1852 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
22:12:58.0750 1852 DockLoginService - ok
22:12:58.0797 1852 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:12:58.0797 1852 dot3svc - ok
22:12:58.0844 1852 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:12:58.0844 1852 DPS - ok
22:12:58.0875 1852 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:12:58.0875 1852 drmkaud - ok
22:12:58.0937 1852 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:12:58.0953 1852 DXGKrnl - ok
22:12:59.0000 1852 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:12:59.0000 1852 EapHost - ok
22:12:59.0171 1852 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:12:59.0234 1852 ebdrv - ok
22:12:59.0296 1852 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:12:59.0296 1852 EFS - ok
22:12:59.0374 1852 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:12:59.0390 1852 ehRecvr - ok
22:12:59.0405 1852 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:12:59.0405 1852 ehSched - ok
22:12:59.0468 1852 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:12:59.0468 1852 elxstor - ok
22:12:59.0514 1852 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:12:59.0514 1852 ErrDev - ok
22:12:59.0561 1852 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:12:59.0561 1852 EventSystem - ok
22:12:59.0608 1852 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:12:59.0608 1852 exfat - ok
22:12:59.0639 1852 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:12:59.0639 1852 fastfat - ok
22:12:59.0702 1852 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:12:59.0717 1852 Fax - ok
22:12:59.0733 1852 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:12:59.0733 1852 fdc - ok
22:12:59.0780 1852 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:12:59.0780 1852 fdPHost - ok
22:12:59.0811 1852 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:12:59.0811 1852 FDResPub - ok
22:12:59.0842 1852 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:12:59.0842 1852 FileInfo - ok
22:12:59.0873 1852 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:12:59.0873 1852 Filetrace - ok
22:12:59.0951 1852 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:12:59.0967 1852 FLEXnet Licensing Service - ok
22:12:59.0998 1852 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:12:59.0998 1852 flpydisk - ok
22:13:00.0045 1852 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:13:00.0060 1852 FltMgr - ok
22:13:00.0123 1852 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:13:00.0154 1852 FontCache - ok
22:13:00.0216 1852 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:13:00.0232 1852 FontCache3.0.0.0 - ok
22:13:00.0263 1852 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:13:00.0263 1852 FsDepends - ok
22:13:00.0310 1852 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:13:00.0310 1852 Fs_Rec - ok
22:13:00.0357 1852 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:13:00.0372 1852 fvevol - ok
22:13:00.0388 1852 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:13:00.0388 1852 gagp30kx - ok
22:13:00.0450 1852 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
22:13:00.0450 1852 GoToAssist - ok
22:13:00.0513 1852 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:13:00.0528 1852 gpsvc - ok
22:13:00.0606 1852 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:13:00.0606 1852 gupdate - ok
22:13:00.0622 1852 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:13:00.0622 1852 gupdatem - ok
22:13:00.0700 1852 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:13:00.0700 1852 gusvc - ok
22:13:00.0731 1852 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:13:00.0731 1852 hcw85cir - ok
22:13:00.0762 1852 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:13:00.0778 1852 HDAudBus - ok
22:13:00.0794 1852 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:13:00.0794 1852 HidBatt - ok
22:13:00.0809 1852 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:13:00.0809 1852 HidBth - ok
22:13:00.0825 1852 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:13:00.0825 1852 HidIr - ok
22:13:00.0872 1852 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
22:13:00.0872 1852 hidserv - ok
22:13:00.0934 1852 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:13:00.0934 1852 HidUsb - ok
22:13:00.0965 1852 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:13:00.0965 1852 hkmsvc - ok
22:13:01.0012 1852 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:13:01.0028 1852 HomeGroupListener - ok
22:13:01.0059 1852 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:13:01.0059 1852 HomeGroupProvider - ok
22:13:01.0090 1852 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:13:01.0106 1852 HpSAMD - ok
22:13:01.0184 1852 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:13:01.0184 1852 HTTP - ok
22:13:01.0230 1852 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:13:01.0230 1852 hwpolicy - ok
22:13:01.0277 1852 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:13:01.0277 1852 i8042prt - ok
22:13:01.0324 1852 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
22:13:01.0340 1852 iaStor - ok
22:13:01.0402 1852 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:13:01.0402 1852 IAStorDataMgrSvc - ok
22:13:01.0464 1852 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:13:01.0480 1852 iaStorV - ok
22:13:01.0558 1852 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:13:01.0574 1852 idsvc - ok
22:13:01.0979 1852 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:13:02.0166 1852 igfx - ok
22:13:02.0322 1852 IHA_MessageCenter (5cab9d1ab5c9384d28dff89dbe7a72bb) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
22:13:02.0322 1852 IHA_MessageCenter - ok
22:13:02.0400 1852 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:13:02.0400 1852 iirsp - ok
22:13:02.0463 1852 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:13:02.0478 1852 IKEEXT - ok
22:13:02.0572 1852 IntcAzAudAddService (492cd3a94913d753b4591cd9e29ec843) C:\Windows\system32\drivers\RTKVHD64.sys
22:13:02.0634 1852 IntcAzAudAddService - ok
22:13:02.0712 1852 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
22:13:02.0712 1852 IntcHdmiAddService - ok
22:13:02.0744 1852 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:13:02.0744 1852 intelide - ok
22:13:02.0790 1852 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:13:02.0790 1852 intelppm - ok
22:13:02.0822 1852 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:13:02.0822 1852 IPBusEnum - ok
22:13:02.0868 1852 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:13:02.0868 1852 IpFilterDriver - ok
22:13:02.0900 1852 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
22:13:02.0915 1852 iphlpsvc - ok
22:13:02.0946 1852 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:13:02.0946 1852 IPMIDRV - ok
22:13:02.0962 1852 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:13:02.0978 1852 IPNAT - ok
22:13:03.0009 1852 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:13:03.0009 1852 IRENUM - ok
22:13:03.0024 1852 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:13:03.0024 1852 isapnp - ok
22:13:03.0056 1852 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:13:03.0071 1852 iScsiPrt - ok
22:13:03.0118 1852 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:13:03.0118 1852 kbdclass - ok
22:13:03.0134 1852 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
22:13:03.0134 1852 kbdhid - ok
22:13:03.0165 1852 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:13:03.0165 1852 KeyIso - ok
22:13:03.0196 1852 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:13:03.0196 1852 KSecDD - ok
22:13:03.0212 1852 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:13:03.0227 1852 KSecPkg - ok
22:13:03.0258 1852 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:13:03.0258 1852 ksthunk - ok
22:13:03.0290 1852 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:13:03.0305 1852 KtmRm - ok
22:13:03.0352 1852 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
22:13:03.0352 1852 LanmanServer - ok
22:13:03.0399 1852 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:13:03.0399 1852 LanmanWorkstation - ok
22:13:03.0680 1852 LeapFrog Connect Device Service (3c879d04bb6466e2853c3155b635cc45) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
22:13:03.0789 1852 LeapFrog Connect Device Service - ok
22:13:03.0914 1852 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:13:03.0914 1852 lltdio - ok
22:13:03.0945 1852 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:13:03.0945 1852 lltdsvc - ok
22:13:03.0976 1852 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:13:03.0976 1852 lmhosts - ok
22:13:04.0007 1852 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:13:04.0007 1852 LSI_FC - ok
22:13:04.0038 1852 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:13:04.0038 1852 LSI_SAS - ok
22:13:04.0054 1852 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:13:04.0054 1852 LSI_SAS2 - ok
22:13:04.0085 1852 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:13:04.0085 1852 LSI_SCSI - ok
22:13:04.0132 1852 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:13:04.0132 1852 luafv - ok
22:13:04.0148 1852 MBAMProtector - ok
22:13:04.0241 1852 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:13:04.0241 1852 MBAMService - ok
22:13:04.0304 1852 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
22:13:04.0304 1852 McciCMService - ok
22:13:04.0382 1852 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
22:13:04.0413 1852 McciCMService64 - ok
22:13:04.0506 1852 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:13:04.0506 1852 Mcx2Svc - ok
22:13:04.0538 1852 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:13:04.0538 1852 megasas - ok
22:13:04.0569 1852 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:13:04.0584 1852 MegaSR - ok
22:13:04.0616 1852 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:13:04.0616 1852 MMCSS - ok
22:13:04.0647 1852 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:13:04.0647 1852 Modem - ok
22:13:04.0678 1852 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:13:04.0678 1852 monitor - ok
22:13:04.0725 1852 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:13:04.0725 1852 mouclass - ok
22:13:04.0756 1852 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:13:04.0756 1852 mouhid - ok
22:13:04.0803 1852 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:13:04.0803 1852 mountmgr - ok
22:13:04.0834 1852 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:13:04.0834 1852 mpio - ok
22:13:04.0865 1852 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:13:04.0865 1852 mpsdrv - ok
22:13:04.0928 1852 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
22:13:04.0943 1852 MpsSvc - ok
22:13:04.0990 1852 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
22:13:05.0006 1852 MREMP50 - ok
22:13:05.0021 1852 MREMP50a64 - ok
22:13:05.0037 1852 MREMPR5 - ok
22:13:05.0052 1852 MRENDIS5 - ok
22:13:05.0068 1852 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
22:13:05.0068 1852 MRESP50 - ok
22:13:05.0084 1852 MRESP50a64 - ok
22:13:05.0115 1852 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:13:05.0115 1852 MRxDAV - ok
22:13:05.0162 1852 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:13:05.0162 1852 mrxsmb - ok
22:13:05.0208 1852 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:13:05.0208 1852 mrxsmb10 - ok
22:13:05.0224 1852 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:13:05.0240 1852 mrxsmb20 - ok
22:13:05.0302 1852 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:13:05.0302 1852 msahci - ok
22:13:05.0349 1852 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:13:05.0349 1852 msdsm - ok
22:13:05.0364 1852 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:13:05.0380 1852 MSDTC - ok
22:13:05.0427 1852 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:13:05.0427 1852 Msfs - ok
22:13:05.0442 1852 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:13:05.0442 1852 mshidkmdf - ok
22:13:05.0458 1852 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:13:05.0458 1852 msisadrv - ok
22:13:05.0505 1852 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:13:05.0505 1852 MSiSCSI - ok
22:13:05.0520 1852 msiserver - ok
22:13:05.0552 1852 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:13:05.0552 1852 MSKSSRV - ok
22:13:05.0567 1852 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:13:05.0567 1852 MSPCLOCK - ok
22:13:05.0583 1852 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:13:05.0583 1852 MSPQM - ok
22:13:05.0630 1852 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:13:05.0645 1852 MsRPC - ok
22:13:05.0676 1852 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:13:05.0676 1852 mssmbios - ok
22:13:05.0708 1852 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:13:05.0708 1852 MSTEE - ok
22:13:05.0723 1852 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:13:05.0723 1852 MTConfig - ok
22:13:05.0754 1852 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:13:05.0754 1852 Mup - ok
22:13:05.0786 1852 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:13:05.0801 1852 napagent - ok
22:13:05.0848 1852 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:13:05.0848 1852 NativeWifiP - ok
22:13:05.0895 1852 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:13:05.0910 1852 NDIS - ok
22:13:05.0942 1852 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:13:05.0942 1852 NdisCap - ok
22:13:05.0973 1852 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:13:05.0973 1852 NdisTapi - ok
22:13:06.0004 1852 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:13:06.0004 1852 Ndisuio - ok
22:13:06.0051 1852 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:13:06.0051 1852 NdisWan - ok
22:13:06.0098 1852 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:13:06.0098 1852 NDProxy - ok
22:13:06.0129 1852 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:13:06.0129 1852 NetBIOS - ok
22:13:06.0144 1852 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:13:06.0144 1852 NetBT - ok
22:13:06.0176 1852 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:13:06.0191 1852 Netlogon - ok
22:13:06.0222 1852 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:13:06.0238 1852 Netman - ok
22:13:06.0285 1852 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:13:06.0285 1852 netprofm - ok
22:13:06.0347 1852 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:13:06.0363 1852 NetTcpPortSharing - ok
22:13:06.0378 1852 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:13:06.0394 1852 nfrd960 - ok
22:13:06.0441 1852 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:13:06.0441 1852 NlaSvc - ok
22:13:06.0503 1852 Norton PC Checkup Application Launcher - ok
22:13:06.0519 1852 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:13:06.0519 1852 Npfs - ok
22:13:06.0550 1852 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:13:06.0550 1852 nsi - ok
22:13:06.0566 1852 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:13:06.0566 1852 nsiproxy - ok
22:13:06.0675 1852 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:13:06.0706 1852 Ntfs - ok
22:13:06.0800 1852 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:13:06.0800 1852 Null - ok
22:13:06.0831 1852 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:13:06.0831 1852 nvraid - ok
22:13:06.0862 1852 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:13:06.0862 1852 nvstor - ok
22:13:06.0893 1852 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:13:06.0893 1852 nv_agp - ok
22:13:06.0924 1852 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:13:06.0924 1852 ohci1394 - ok
22:13:06.0971 1852 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:13:06.0971 1852 ose - ok
22:13:07.0205 1852 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:13:07.0314 1852 osppsvc - ok
22:13:07.0424 1852 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:13:07.0424 1852 p2pimsvc - ok
22:13:07.0455 1852 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:13:07.0455 1852 p2psvc - ok
22:13:07.0502 1852 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:13:07.0502 1852 Parport - ok
22:13:07.0548 1852 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:13:07.0548 1852 partmgr - ok
22:13:07.0580 1852 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:13:07.0580 1852 PcaSvc - ok
22:13:07.0673 1852 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.9.24\ccSvcHst.exe
22:13:07.0673 1852 PCCUJobMgr - ok
22:13:07.0720 1852 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:13:07.0720 1852 pci - ok
22:13:07.0751 1852 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:13:07.0751 1852 pciide - ok
22:13:07.0782 1852 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:13:07.0782 1852 pcmcia - ok
22:13:07.0798 1852 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:13:07.0814 1852 pcw - ok
22:13:07.0845 1852 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:13:07.0860 1852 PEAUTH - ok
22:13:07.0938 1852 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:13:07.0954 1852 PerfHost - ok
22:13:08.0063 1852 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:13:08.0094 1852 pla - ok
22:13:08.0141 1852 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:13:08.0141 1852 PlugPlay - ok
22:13:08.0172 1852 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:13:08.0172 1852 PNRPAutoReg - ok
22:13:08.0188 1852 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:13:08.0204 1852 PNRPsvc - ok
22:13:08.0235 1852 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:13:08.0250 1852 PolicyAgent - ok
22:13:08.0266 1852 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:13:08.0266 1852 Power - ok
22:13:08.0328 1852 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:13:08.0328 1852 PptpMiniport - ok
22:13:08.0360 1852 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:13:08.0375 1852 Processor - ok
22:13:08.0406 1852 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:13:08.0422 1852 ProfSvc - ok
22:13:08.0453 1852 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:13:08.0453 1852 ProtectedStorage - ok
22:13:08.0500 1852 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:13:08.0500 1852 Psched - ok
22:13:08.0516 1852 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
22:13:08.0531 1852 PxHlpa64 - ok
22:13:08.0594 1852 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:13:08.0640 1852 ql2300 - ok
22:13:08.0718 1852 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:13:08.0718 1852 ql40xx - ok
22:13:08.0750 1852 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:13:08.0750 1852 QWAVE - ok
22:13:08.0781 1852 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:13:08.0781 1852 QWAVEdrv - ok
22:13:08.0796 1852 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:13:08.0796 1852 RasAcd - ok
22:13:08.0843 1852 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:13:08.0843 1852 RasAgileVpn - ok
22:13:08.0859 1852 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:13:08.0874 1852 RasAuto - ok
22:13:08.0906 1852 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:13:08.0906 1852 Rasl2tp - ok
22:13:08.0937 1852 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:13:08.0952 1852 RasMan - ok
22:13:08.0968 1852 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:13:08.0968 1852 RasPppoe - ok
22:13:08.0999 1852 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:13:08.0999 1852 RasSstp - ok
22:13:09.0030 1852 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:13:09.0030 1852 rdbss - ok
22:13:09.0062 1852 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:13:09.0062 1852 rdpbus - ok
22:13:09.0077 1852 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:13:09.0077 1852 RDPCDD - ok
22:13:09.0124 1852 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:13:09.0124 1852 RDPENCDD - ok
22:13:09.0140 1852 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:13:09.0155 1852 RDPREFMP - ok
22:13:09.0202 1852 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:13:09.0202 1852 RDPWD - ok
22:13:09.0264 1852 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:13:09.0264 1852 rdyboost - ok
22:13:09.0296 1852 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:13:09.0296 1852 RemoteAccess - ok
22:13:09.0327 1852 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:13:09.0327 1852 RemoteRegistry - ok
22:13:09.0358 1852 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:13:09.0358 1852 RpcEptMapper - ok
22:13:09.0374 1852 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:13:09.0389 1852 RpcLocator - ok
22:13:09.0436 1852 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:13:09.0436 1852 RpcSs - ok
22:13:09.0483 1852 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:13:09.0483 1852 rspndr - ok
22:13:09.0530 1852 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
22:13:09.0530 1852 RTL8167 - ok
22:13:09.0576 1852 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:13:09.0576 1852 SamSs - ok
22:13:09.0639 1852 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:13:09.0639 1852 SASDIFSV - ok
22:13:09.0654 1852 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:13:09.0654 1852 SASKUTIL - ok
22:13:09.0686 1852 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:13:09.0686 1852 sbp2port - ok
22:13:09.0717 1852 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:13:09.0732 1852 SCardSvr - ok
22:13:09.0748 1852 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:13:09.0764 1852 scfilter - ok
22:13:09.0826 1852 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:13:09.0857 1852 Schedule - ok
22:13:09.0888 1852 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:13:09.0888 1852 SCPolicySvc - ok
22:13:09.0920 1852 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:13:09.0920 1852 SDRSVC - ok
22:13:09.0998 1852 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:13:09.0998 1852 SeaPort - ok
22:13:10.0060 1852 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:13:10.0060 1852 secdrv - ok
22:13:10.0091 1852 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:13:10.0091 1852 seclogon - ok
22:13:10.0107 1852 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
22:13:10.0107 1852 SENS - ok
22:13:10.0138 1852 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:13:10.0138 1852 SensrSvc - ok
22:13:10.0154 1852 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:13:10.0154 1852 Serenum - ok
22:13:10.0185 1852 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:13:10.0185 1852 Serial - ok
22:13:10.0232 1852 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:13:10.0232 1852 sermouse - ok
22:13:10.0294 1852 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:13:10.0294 1852 SessionEnv - ok
22:13:10.0310 1852 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:13:10.0310 1852 sffdisk - ok
22:13:10.0434 1852 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:13:10.0434 1852 sffp_mmc - ok
22:13:10.0450 1852 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:13:10.0450 1852 sffp_sd - ok
22:13:10.0466 1852 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:13:10.0466 1852 sfloppy - ok
22:13:10.0528 1852 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys
22:13:10.0544 1852 Sftfs - ok
22:13:10.0606 1852 sftlist (bfdb58616ff5ea540a5f58301d50641e) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:13:10.0606 1852 sftlist - ok
22:13:10.0637 1852 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:13:10.0637 1852 Sftplay - ok
22:13:10.0653 1852 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:13:10.0668 1852 Sftredir - ok
22:13:10.0762 1852 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
22:13:10.0793 1852 SftService - ok
22:13:10.0856 1852 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys
22:13:10.0871 1852 Sftvol - ok
22:13:10.0918 1852 sftvsa (b94c3c4dca2093243c76ca218ede2a97) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:13:10.0918 1852 sftvsa - ok
22:13:10.0965 1852 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:13:10.0980 1852 SharedAccess - ok
22:13:11.0027 1852 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:13:11.0027 1852 ShellHWDetection - ok
22:13:11.0058 1852 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:13:11.0058 1852 SiSRaid2 - ok
22:13:11.0074 1852 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:13:11.0074 1852 SiSRaid4 - ok
22:13:11.0121 1852 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:13:11.0121 1852 Smb - ok
22:13:11.0168 1852 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:13:11.0168 1852 SNMPTRAP - ok
22:13:11.0183 1852 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:13:11.0183 1852 spldr - ok
22:13:11.0246 1852 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:13:11.0246 1852 Spooler - ok
22:13:11.0417 1852 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:13:11.0480 1852 sppsvc - ok
22:13:11.0542 1852 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:13:11.0542 1852 sppuinotify - ok
22:13:11.0589 1852 sprtsvc_verizondm - ok
22:13:11.0651 1852 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:13:11.0651 1852 srv - ok
22:13:11.0729 1852 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:13:11.0745 1852 srv2 - ok
22:13:11.0760 1852 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:13:11.0760 1852 srvnet - ok
22:13:11.0807 1852 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:13:11.0807 1852 SSDPSRV - ok
22:13:11.0823 1852 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:13:11.0823 1852 SstpSvc - ok
22:13:11.0854 1852 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:13:11.0870 1852 stexstor - ok
22:13:11.0916 1852 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:13:11.0916 1852 stisvc - ok
22:13:11.0963 1852 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:13:11.0963 1852 swenum - ok
22:13:11.0994 1852 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:13:12.0010 1852 swprv - ok
22:13:12.0104 1852 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:13:12.0150 1852 SysMain - ok
22:13:12.0244 1852 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:13:12.0244 1852 TabletInputService - ok
22:13:12.0275 1852 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:13:12.0275 1852 TapiSrv - ok
22:13:12.0306 1852 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:13:12.0306 1852 TBS - ok
22:13:12.0416 1852 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:13:12.0462 1852 Tcpip - ok
22:13:12.0603 1852 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:13:12.0618 1852 TCPIP6 - ok
22:13:12.0712 1852 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:13:12.0712 1852 tcpipreg - ok
22:13:12.0743 1852 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:13:12.0743 1852 TDPIPE - ok
22:13:12.0790 1852 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:13:12.0790 1852 TDTCP - ok
22:13:12.0837 1852 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:13:12.0837 1852 tdx - ok
22:13:12.0884 1852 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:13:12.0884 1852 TermDD - ok
22:13:12.0930 1852 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:13:12.0946 1852 TermService - ok
22:13:12.0993 1852 tgsrvc_verizondm - ok
22:13:13.0024 1852 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:13:13.0040 1852 Themes - ok
22:13:13.0055 1852 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:13:13.0055 1852 THREADORDER - ok
22:13:13.0086 1852 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:13:13.0086 1852 TrkWks - ok
22:13:13.0149 1852 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:13:13.0149 1852 TrustedInstaller - ok
22:13:13.0180 1852 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:13:13.0180 1852 tssecsrv - ok
22:13:13.0242 1852 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:13:13.0242 1852 TsUsbFlt - ok
22:13:13.0320 1852 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:13:13.0320 1852 tunnel - ok
22:13:13.0336 1852 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:13:13.0352 1852 uagp35 - ok
22:13:13.0383 1852 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:13:13.0383 1852 udfs - ok
22:13:13.0430 1852 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:13:13.0430 1852 UI0Detect - ok
22:13:13.0476 1852 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:13:13.0476 1852 uliagpkx - ok
22:13:13.0508 1852 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:13:13.0508 1852 umbus - ok
22:13:13.0539 1852 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:13:13.0539 1852 UmPass - ok
22:13:13.0570 1852 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:13:13.0570 1852 upnphost - ok
22:13:13.0601 1852 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:13:13.0601 1852 usbccgp - ok
22:13:13.0632 1852 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:13:13.0648 1852 usbcir - ok
22:13:13.0664 1852 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:13:13.0664 1852 usbehci - ok
22:13:13.0726 1852 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:13:13.0726 1852 usbhub - ok
22:13:13.0757 1852 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:13:13.0757 1852 usbohci - ok
22:13:13.0804 1852 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:13:13.0804 1852 usbprint - ok
22:13:13.0851 1852 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:13:13.0851 1852 usbscan - ok
22:13:13.0882 1852 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:13:13.0882 1852 USBSTOR - ok
22:13:13.0898 1852 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
22:13:13.0898 1852 usbuhci - ok
22:13:13.0929 1852 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:13:13.0929 1852 UxSms - ok
22:13:13.0976 1852 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:13:13.0976 1852 VaultSvc - ok
22:13:14.0007 1852 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:13:14.0007 1852 vdrvroot - ok
22:13:14.0069 1852 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:13:14.0069 1852 vds - ok
22:13:14.0116 1852 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:13:14.0116 1852 vga - ok
22:13:14.0132 1852 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:13:14.0132 1852 VgaSave - ok
22:13:14.0163 1852 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:13:14.0163 1852 vhdmp - ok
22:13:14.0194 1852 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:13:14.0194 1852 viaide - ok
22:13:14.0210 1852 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:13:14.0210 1852 volmgr - ok
22:13:14.0256 1852 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:13:14.0272 1852 volmgrx - ok
22:13:14.0319 1852 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:13:14.0319 1852 volsnap - ok
22:13:14.0350 1852 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:13:14.0350 1852 vsmraid - ok
22:13:14.0444 1852 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:13:14.0475 1852 VSS - ok
22:13:14.0553 1852 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:13:14.0553 1852 vwifibus - ok
22:13:14.0584 1852 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:13:14.0600 1852 W32Time - ok
22:13:14.0631 1852 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:13:14.0631 1852 WacomPen - ok
22:13:14.0678 1852 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:13:14.0678 1852 WANARP - ok
22:13:14.0693 1852 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:13:14.0693 1852 Wanarpv6 - ok
22:13:14.0771 1852 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:13:14.0802 1852 WatAdminSvc - ok
22:13:14.0880 1852 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:13:14.0927 1852 wbengine - ok
22:13:15.0005 1852 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:13:15.0005 1852 WbioSrvc - ok
22:13:15.0068 1852 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:13:15.0068 1852 wcncsvc - ok
22:13:15.0083 1852 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:13:15.0083 1852 WcsPlugInService - ok
22:13:15.0114 1852 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:13:15.0114 1852 Wd - ok
22:13:15.0161 1852 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:13:15.0161 1852 Wdf01000 - ok
22:13:15.0177 1852 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:13:15.0192 1852 WdiServiceHost - ok
22:13:15.0192 1852 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:13:15.0208 1852 WdiSystemHost - ok
22:13:15.0255 1852 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:13:15.0255 1852 WebClient - ok
22:13:15.0302 1852 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:13:15.0302 1852 Wecsvc - ok
22:13:15.0333 1852 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:13:15.0333 1852 wercplsupport - ok
22:13:15.0364 1852 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:13:15.0364 1852 WerSvc - ok
22:13:15.0426 1852 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:13:15.0426 1852 WfpLwf - ok
22:13:15.0473 1852 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
22:13:15.0473 1852 WimFltr - ok
22:13:15.0489 1852 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:13:15.0489 1852 WIMMount - ok
22:13:15.0504 1852 WinDefend - ok
22:13:15.0536 1852 WinHttpAutoProxySvc - ok
22:13:15.0582 1852 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:13:15.0598 1852 Winmgmt - ok
22:13:15.0692 1852 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:13:15.0723 1852 WinRM - ok
22:13:15.0832 1852 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:13:15.0832 1852 WinUsb - ok
22:13:15.0879 1852 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:13:15.0894 1852 Wlansvc - ok
22:13:15.0926 1852 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:13:15.0926 1852 WmiAcpi - ok
22:13:15.0988 1852 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:13:15.0988 1852 wmiApSrv - ok
22:13:16.0019 1852 WMPNetworkSvc - ok
22:13:16.0035 1852 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:13:16.0035 1852 WPCSvc - ok
22:13:16.0082 1852 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:13:16.0082 1852 WPDBusEnum - ok
22:13:16.0113 1852 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:13:16.0113 1852 ws2ifsl - ok
22:13:16.0128 1852 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
22:13:16.0128 1852 wscsvc - ok
22:13:16.0144 1852 WSearch - ok
22:13:16.0238 1852 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:13:16.0300 1852 wuauserv - ok
22:13:16.0378 1852 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:13:16.0378 1852 WudfPf - ok
22:13:16.0409 1852 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:13:16.0409 1852 WUDFRd - ok
22:13:16.0456 1852 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:13:16.0456 1852 wudfsvc - ok
22:13:16.0487 1852 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:13:16.0503 1852 WwanSvc - ok
22:13:16.0581 1852 XG762_VS (aec505976ef01bbd8f57cba912f39259) C:\Windows\system32\DRIVERS\WlanGZG.sys
22:13:16.0596 1852 XG762_VS - ok
22:13:16.0674 1852 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
22:13:16.0674 1852 YahooAUService - ok
22:13:16.0752 1852 ZDCNDIS6a64 (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\ZDCNDIS6a64.sys
22:13:16.0752 1852 ZDCNDIS6a64 - ok
22:13:16.0799 1852 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
22:13:16.0830 1852 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
22:13:16.0830 1852 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
22:13:16.0862 1852 Boot (0x1200) (baea33671fa1b8b6b3385f056c5b97ec) \Device\Harddisk0\DR0\Partition0
22:13:16.0877 1852 \Device\Harddisk0\DR0\Partition0 - ok
22:13:16.0893 1852 Boot (0x1200) (53f2995d4ab53a1ac591792a4044b1d6) \Device\Harddisk0\DR0\Partition1
22:13:16.0893 1852 \Device\Harddisk0\DR0\Partition1 - ok
22:13:16.0893 1852 ============================================================
22:13:16.0893 1852 Scan finished
22:13:16.0893 1852 ============================================================
22:13:16.0924 1804 Detected object count: 1
22:13:16.0924 1804 Actual detected object count: 1
22:13:57.0859 1804 \Device\Harddisk0\DR0\# - copied to quarantine
22:13:57.0859 1804 \Device\Harddisk0\DR0 - copied to quarantine
22:13:57.0937 1804 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
22:13:57.0937 1804 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
22:13:57.0937 1804 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
22:13:57.0937 1804 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
22:13:57.0937 1804 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
22:13:57.0937 1804 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
22:13:57.0937 1804 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
22:13:57.0952 1804 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
22:13:57.0952 1804 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
22:13:57.0952 1804 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
22:13:57.0952 1804 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
22:13:57.0952 1804 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
22:13:57.0983 1804 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
22:13:57.0983 1804 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
22:13:57.0999 1804 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
22:13:57.0999 1804 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
22:13:58.0030 1804 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
22:13:58.0249 1804 \Device\Harddisk0\DR0\TDLFS\sant64 - copied to quarantine
22:13:58.0264 1804 \Device\Harddisk0\DR0\TDLFS\time.txt - copied to quarantine
22:13:58.0280 1804 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
22:13:58.0280 1804 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
22:13:58.0280 1804 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
22:13:58.0311 1804 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
22:13:58.0327 1804 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
22:13:58.0327 1804 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
22:13:58.0467 1804 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
22:13:58.0467 1804 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
22:13:58.0514 1804 \Device\Harddisk0\DR0 - ok
22:13:58.0607 1804 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
22:14:12.0335 1364 Deinitialize success

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 26th July 2012, 2:24 am

got it to work
swMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-25 22:19:42
-----------------------------
22:19:42.365 OS Version: Windows x64 6.1.7601 Service Pack 1
22:19:42.365 Number of processors: 1 586 0x1601
22:19:42.365 ComputerName: DELL UserName:
22:19:46.889 Initialize success
22:20:39.523 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:20:39.523 Disk 0 Vendor: ST332041 CC46 Size: 305245MB BusType: 3
22:20:39.539 Disk 0 MBR read successfully
22:20:39.554 Disk 0 MBR scan
22:20:39.554 Disk 0 Windows VISTA default MBR code
22:20:39.554 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
22:20:39.570 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12318 MB offset 81920
22:20:39.586 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 292886 MB offset 25309184
22:20:39.601 Disk 0 scanning C:\Windows\system32\drivers
22:20:45.420 Service scanning
22:20:59.975 Modules scanning
22:20:59.975 Disk 0 trace - called modules:
22:21:00.022 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:21:00.022 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003247790]
22:21:00.537 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800185c050]
22:21:00.537 Scan finished successfully
22:21:25.263 Disk 0 MBR has been saved successfully to "C:\Users\chuck\Documents\MBR.dat"
22:21:25.278 The log file has been saved successfully to "C:\Users\chuck\Documents\aswMBR log.txt"



Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 26th July 2012, 7:38 pm

That's great. Now we can continue to see what's left over.

Download Security Check by screen317 from one of the following links and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
*******************************************************
Please download [You must be registered and logged in to see this link.] and Save it to your desktop.

  • Double click it to start the tool.Vista and Windows7 run as administrator.
  • Click Scan.
  • Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 26th July 2012, 9:18 pm

Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware version 1.62.0.1300
HijackThis 2.0.2
JavaFX 2.1.1
Java(TM) 6 Update 21
Java(TM) 7 Update 5
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 26th July 2012, 9:21 pm

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 22 Stepping 1, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 9.0.8112.16421
Mozilla Firefox 14.0.1 (en-US)
.
C:\ [Fixed-NTFS] .. ( Total:286 Go - Free:235 Go )
D:\ [CD_Rom]
Q:\ [Fixed-NTFS] .. ( Total:0 Go - Free:0 Go )
.
Scan : 17:20.43
Path : C:\Users\chuck\Downloads\Rooter.exe
User : chuck ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ ???:?????? (276)
______ ???:?????? (428)
______ ???:?????? (464)
______ ???:?????? (476)
______ ???:?????? (532)
______ ???:?????? (560)
______ ???:?????? (568)
______ ???:?????? (576)
______ ???:?????? (688)
______ ???:?????? (756)
______ ???:?????? (808)
______ ???:?????? (924)
______ ???:?????? (976)
______ ???:?????? (384)
______ C:\Program Files\Dell\DellDock\DockLogin.exe (460)
______ ???:?????? (652)
______ ???:?????? (1124)
______ ???:?????? (1160)
______ ???:?????? (1268)
______ ???:?????? (1304)
______ C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (1396)
______ C:\Program Files (x86)\Common Files\Motive\McciCMService.exe (1424)
______ ???:?????? (1476)
______ C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (1548)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (1772)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (1808)
______ C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe (1832)
______ ???:?????? (1892)
______ C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe (1952)
______ ???:?????? (1228)
______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (1940)
______ ???:?????? (2504)
______ ???:?????? (2572)
______ ???:?????? (2588)
______ C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (2640)
______ ???:?????? (2772)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (2780)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (2796)
______ C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (2944)
______ ???:?????? (3324)
______ ???:?????? (3332)
______ ???:?????? (3340)
______ C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3744)
______ ???:?????? (3936)
______ C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (2892)
______ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (3236)
______ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (3108)
______ C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (4564)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (4876)
______ ???:?????? (4120)
______ ???:?????? (4764)
______ ???:?????? (2468)
______ ???:?????? (2208)
______ ???:?????? (620)
______ ???:?????? (4756)
______ C:\Users\chuck\Downloads\Rooter.exe (4804)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:41094144)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:41943040 | Length:12916359168)
\Device\Harddisk0\Partition3 (Start_Offset:12958302208 | Length:307113230336)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 91c00577-4e38-48ad-a3bb-04a564da01e5.job
C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 98ff3b40-b21e-44c3-a8a8-5c3b444e75b9.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 17:20.48
.
C:\Rooter$\Rooter_1.txt - (26/07/2012 | 17:20.48)

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 26th July 2012, 9:25 pm

not sure if ive removed ask.com all the way it keeps poping back up like in mozilla firefox which i just installed as an addon

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 26th July 2012, 10:00 pm

also i try to turn on windows security service but it says service cant be started

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 26th July 2012, 11:02 pm

Looking over your log it seems you don't have any antivirus software.

Before we continue download and install a free antivirus.

Remember to only install one antivirus!

1) [You must be registered and logged in to see this link.]
2) [You must be registered and logged in to see this link.]
3) [You must be registered and logged in to see this link.]
4) [You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.]
4-a) [You must be registered and logged in to see this link.]
5) [You must be registered and logged in to see this link.] (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) [You must be registered and logged in to see this link.]
7) [You must be registered and logged in to see this link.]

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.
***********************************************************
also i try to turn on windows security service but it says service cant be started
Did you try it this way?

click Start, right click My Computer and click manage. answer the Elevation prompt, if asked. Double click Services and Applications on the left and single click Services. look for Security Center. click Start. hopefully you wont get an error. right click Security Center in services where it says startup type, choose automatic
*************************************************************
I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
[You must be registered and logged in to see this link.]
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 27th July 2012, 10:18 am

C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\Drop Down Deals\YontooIEClient.dll.vir Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmasco.R trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\25.07.2012_22.12.45\mbr0000\tdlfs0000\tsk0011.dta Win32/Olmasco.Q trojan cleaned by deleting - quarantined
C:\Users\chuck\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@plpickle.com\chrome\pptextlinks.jar Win32/Adware.Gamevance.Gen application deleted - quarantined

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 27th July 2012, 7:31 pm

How's your computer working now? Any other issues?

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 27th July 2012, 8:17 pm

running pretty good cant seem to get rid of ask.com search window in mozilla. i would like it to be google. ive tried changing it in internet options and searching for ask anywhere on my computer.

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 27th July 2012, 8:35 pm

just tryed rebooting it was super slow restarting. I went to msconfig just to see if i could change start up to fix that a little and i see guffins broswer plugin loader...I did get hijackthis to remove guffins once i ran tdsskiller so i thought that was gone. also tired to get mcafee off here i see that in start up to

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 27th July 2012, 10:55 pm

StartupLite

Download [You must be registered and logged in to see this link.] to your Desktop.
Doubleclick StartupLite.exe to launch the program.
Ensure the Disable box is checked.
Click Continue.
A pop up message will tell you the unecessary startup items in your list have been disabled and ask you to restart your computer.
Re-start your computer.
**************************************************
Try this to remove McAfee.

McAfee Consumer Products Removal Tool - Use on McAfee, AOL distributions of McAfee, CA distributions of McAfee - [You must be registered and logged in to see this link.](MCPR.exe)

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Denny978 on 28th July 2012, 12:44 am

the mcafee link says article not found

Denny978
Intermediate
Intermediate

Posts Posts : 133
Joined Joined : 2009-02-03
OS OS : windows xp
Points Points : 30367
# Likes # Likes : 0

View user profile

Back to top Go down

Re: slow computer

Post by Superdave on 28th July 2012, 1:01 am

Sorry, it's been some time since I used that one. Please try this one.
BTW, the guffins is probable an add-on. You know you can disable it in your browser but I'm not sure if you can delete it.


Download the [You must be registered and logged in to see this link.] to your Desktop.

Using McAfee Consumer Product Removal tool:

* Double click the MCPR.exe
* A Command Line window will be displayed, and then close automatically.
* Wait for a second Command Line window to be displayed.

Note: Do not double-click MCPR.exe again, you may have to wait up to 1 minute for the next window to appear.

* After the second window appears, the program will begin the cleanup.
* Observe the installation, which could take several minutes. The following message will be displayed in the Command Line window: The machine must reboot to complete the un-installation. Reboot now? [y.n]
* Press Y on the keyboard.
* Wait for the computer to restart.
* All McAfee products are now removed from your computer.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83221
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum