Used windows defender offline now windows won't start

Page 4 of 12 FirstFirst ... 23456 ... LastLast

  1. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #31

    It could be fixed . Cottonball is going to help you with this . Follow his instructions and you will be working in no time .
      My Computer
    Quote Quote

  3. empresssoul
    Posts : 58
    windows 7 64 bit
    Thread Starter
       New #32

    ok thanks so much for your help Vista King
      My Computer
    Quote Quote

  4. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #33

    You're welcome .
      My Computer
    Quote Quote

  6. empresssoul
    Posts : 58
    windows 7 64 bit
    Thread Starter
       New #34

    :) :) :)
    Last edited by empresssoul; 29 Apr 2013 at 19:51.
      My Computer
    Quote Quote

  7. empresssoul
    Posts : 58
    windows 7 64 bit
    Thread Starter
       New #35

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2013
    Ran by SYSTEM on 29-04-2013 20:31:03
    Running from I:\
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 9
    Boot Mode: Recovery
    The current controlset is ControlSet001
    ==================== Registry (Whitelisted) ==================
    HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8306208 2009-10-20] (Realtek Semiconductor)
    HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
    HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [207845 2011-05-30] ()
    Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
    HKLM-x32\...\Run: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe" [x]
    HKLM-x32\...\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [240112 2010-11-25] (Sonic Solutions)
    HKLM-x32\...\Run: [Qwest Personal Digital Vault] "C:\Program Files (x86)\CenturyLink Personal Digital Vault\QwestPersonalDigitalVault.exe" /m [x]
    HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
    HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [x]
    HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
    HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
    HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [514544 2010-11-17] ()
    HKLM-x32\...\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
    HKLM-x32\...\Run: [CenturyLinkTouchPointAgent] "C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe" /autostart [x]
    HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [38112 2012-12-18] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [885760 2011-05-30] ()
    HKU\Empress\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
    HKU\Gore Family\...\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 545" [239488 2011-04-25] (SEIKO EPSON CORPORATION)
    HKU\Gore Family\...\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000001" /M "WorkForce 545" [239488 2011-04-25] (SEIKO EPSON CORPORATION)
    HKU\Gore Family\...\Run: [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000002" /M "WorkForce 545" [239488 2011-04-25] (SEIKO EPSON CORPORATION)
    HKU\Gore Family\...\Run: [EPLTarget\P0000000000000003] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000003" /M "WorkForce 545" [239488 2011-04-25] (SEIKO EPSON CORPORATION)
    HKU\Gore Family\...\Run: [EPLTarget\P0000000000000004] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000004" /M "WorkForce 545" [239488 2011-04-25] (SEIKO EPSON CORPORATION)
    HKU\Gore Family\...\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [x]
    AppInit_DLLs: [0 ] ()
    ==================== Services (Whitelisted) =================
    S2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
    S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
    S2 MCLIENT; "C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe" /s "MCLIENT" /m "C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\diMaster.dll" /prefetch:1 [x]
    S2 NAV; "C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\20.3.0.36\diMaster.dll" /prefetch:1 [x]
    S2 NCO; "C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe" /s "NCO" /m "C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\diMaster.dll" /prefetch:1 [x]
    ==================== Drivers (Whitelisted) ====================
    S3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
    S1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\Definitions\BASHDefs\20130322.001_7bd\BHDrvx64.sys [x]
    S1 ccSet_MCLIENT; \SystemRoot\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [x]
    S1 ccSet_NAV; \SystemRoot\system32\drivers\NAVx64\1403000.024\ccSetx64.sys [x]
    S1 ccSet_NST; \SystemRoot\system32\drivers\NSTx64\7DD03000.01A\ccSetx64.sys [x]
    S1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [x]
    S3 EraserUtilDrv11220; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [x]
    S3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
    S1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\Definitions\IPSDefs\20130329.001\IDSvia64.sys [x]
    S1 MpKsl24555c48; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B4296E7-F77C-40A4-9C64-A74F682338EF}\MpKsl24555c48.sys [x]
    S1 MpKsl83e79362; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B4296E7-F77C-40A4-9C64-A74F682338EF}\MpKsl83e79362.sys [x]
    S1 MpKsled119a6c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B4296E7-F77C-40A4-9C64-A74F682338EF}\MpKsled119a6c.sys [x]
    S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\Definitions\VirusDefs\20130329.016\ENG64.SYS [x]
    S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\Definitions\VirusDefs\20130329.016\EX64.SYS [x]
    S1 ojhzvyns; \??\C:\Windows\system32\drivers\ojhzvyns.sys [x]
    S3 SRTSP; \SystemRoot\system32\drivers\NAVx64\1403000.024\SRTSP64.SYS [x]
    S1 SRTSPX; \SystemRoot\system32\drivers\NAVx64\1403000.024\SRTSPX64.SYS [x]
    S0 SymDS; system32\drivers\NAVx64\1403000.024\SYMDS64.SYS [x]
    S0 SymEFA; system32\drivers\NAVx64\1403000.024\SYMEFA64.SYS [x]
    S3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [x]
    S1 SymIRON; \SystemRoot\system32\drivers\NAVx64\1403000.024\Ironx64.SYS [x]
    S1 SymNetS; \SystemRoot\system32\drivers\NAVx64\1403000.024\SYMNETS.SYS [x]
    S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]
    ==================== NetSvcs (Whitelisted) ===================
      My Computer
    Quote Quote

  8. empresssoul
    Posts : 58
    windows 7 64 bit
    Thread Starter
       New #36

    ==================== One Month Created Files and Folders ========
    2013-04-29 20:30 - 2013-04-29 20:30 - 00000000 ____D C:\FRST
    2013-04-29 16:46 - 2013-04-29 16:48 - 00000000 ____D C:\Windows\System32\config\MYBACKUP
    2013-04-23 22:28 - 2013-04-24 20:09 - 00000000 ____D C:\Windows\Microsoft Antimalware
    2013-04-22 22:19 - 2013-04-24 20:09 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-04-22 07:03 - 2013-04-22 07:09 - 00000000 ____D C:\Users\Empress\My Documents\pic from flash drive
    2013-04-22 07:03 - 2013-04-22 07:09 - 00000000 ____D C:\Users\Empress\Documents\pic from flash drive
    2013-04-22 06:23 - 2013-04-22 06:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2013-04-22 06:23 - 2013-04-22 06:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
    2013-04-22 02:08 - 2013-04-22 02:08 - 00003552 ____N C:\bootsqm.dat
    2013-04-21 15:43 - 2013-04-21 15:43 - 00000406 ____A C:\Windows\System32\ioloBootDefrag.cfg
    2013-04-21 15:42 - 2013-04-21 17:38 - 00002225 ____A C:\Users\Empress\Desktop\System Mechanic.lnk
    2013-04-21 15:42 - 2013-04-21 15:42 - 00000234 ____A C:\Windows\Tasks\SidebarExecute.job
    2013-04-21 15:42 - 2013-03-17 22:59 - 00057584 ____A (iolo technologies, LLC) C:\Windows\System32\iolobtdfg.exe
    2013-04-21 15:42 - 2013-03-17 22:58 - 00026184 ____A (iolo technologies, LLC) C:\Windows\System32\smrgdf.exe
    2013-04-21 15:42 - 2013-03-17 22:43 - 02155688 ____A (iolo technologies, LLC) C:\Windows\System32\Incinerator64.dll
    2013-04-21 15:42 - 2013-03-17 22:43 - 02097472 ____A (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
    2013-04-21 15:42 - 2013-03-17 22:36 - 00082160 ____A (Raxco Software, Inc.) C:\Windows\System32\Drivers\PDFsFilter.sys
    2013-04-21 15:42 - 2013-03-17 22:36 - 00069000 ____A (Microsoft Corporation) C:\Windows\System32\offreg.dll
    2013-04-21 15:42 - 2013-03-17 22:36 - 00056200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
    2013-04-21 15:40 - 2013-04-21 15:47 - 00000000 ____D C:\Users\Empress\Application Data\iolo
    2013-04-21 15:40 - 2013-04-21 15:47 - 00000000 ____D C:\Users\Empress\AppData\Roaming\iolo
    2013-04-21 15:40 - 2013-04-21 15:40 - 00000000 ____D C:\iolo
    2013-04-21 15:40 - 2013-03-17 23:15 - 31443776 ____A (iolo technologies, LLC ) C:\Users\Empress\My Documents\SystemMechanic.exe
    2013-04-21 15:40 - 2013-03-17 23:15 - 31443776 ____A (iolo technologies, LLC ) C:\Users\Empress\Documents\SystemMechanic.exe
    2013-04-21 15:40 - 2013-03-17 22:36 - 00030752 ____A (EldoS Corporation) C:\Windows\System32\Drivers\ElRawDsk.sys
    2013-04-21 15:25 - 2013-04-21 19:54 - 00000000 ____D C:ProgramData\iolo
    2013-04-21 15:25 - 2013-04-21 19:54 - 00000000 ____D C:ProgramData\Application Data\iolo
    2013-04-21 15:25 - 2013-04-21 17:29 - 00000000 ____D C:\Program Files (x86)\iolo
    2013-04-21 15:25 - 2013-04-21 15:25 - 00074703 ____A C:\Windows\SysWOW64\mfc45.dat
    2013-04-21 09:13 - 2013-04-21 09:13 - 00000129 ____A C:\Windows\System32\MRT.INI
    2013-04-21 09:08 - 2013-04-21 09:08 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-04-21 09:08 - 2013-04-21 09:08 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-04-21 09:08 - 2013-04-21 09:08 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-04-21 09:08 - 2013-04-21 09:08 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-04-21 09:08 - 2013-04-21 09:08 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-04-21 09:08 - 2013-04-21 09:08 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
    2013-04-21 09:08 - 2013-04-21 09:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
    2013-04-21 09:08 - 2013-04-21 09:08 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2013-04-21 09:08 - 2013-04-21 09:08 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
    2013-04-21 09:08 - 2013-04-21 09:08 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-04-21 09:08 - 2013-04-21 09:08 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-04-21 09:07 - 2013-04-21 09:11 - 00007043 ____A C:\Windows\IE10_main.log
    2013-04-18 19:12 - 2013-04-18 19:12 - 00004697 ____A C:\Users\Empress\My Documents\Gore,_Karla_2_25_13_FHS.txt
    2013-04-18 19:12 - 2013-04-18 19:12 - 00004697 ____A C:\Users\Empress\Documents\Gore,_Karla_2_25_13_FHS.txt
    2013-04-18 17:42 - 2013-02-28 22:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-04-18 17:42 - 2013-02-15 01:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
    2013-04-18 17:42 - 2013-02-15 01:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
    2013-04-18 17:42 - 2013-02-15 01:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
    2013-04-18 17:42 - 2013-02-14 23:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2013-04-18 17:42 - 2013-02-14 23:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2013-04-18 17:42 - 2013-02-14 22:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
    2013-04-18 17:41 - 2013-01-24 01:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
    2013-04-10 20:10 - 2013-04-10 20:10 - 00000000 ____D C:\Users\Empress\Application Data\Casual Box
    2013-04-10 20:10 - 2013-04-10 20:10 - 00000000 ____D C:\Users\Empress\AppData\Roaming\Casual Box
    2013-04-10 18:56 - 2013-04-10 18:56 - 02033827 ____A C:\Users\Empress\Downloads\Windows6.1-KB2506014-x64.msu
    2013-04-10 18:56 - 2013-04-10 18:56 - 01528184 ____A (Microsoft Corporation) C:\Users\Empress\Downloads\GenuineCheck.exe
    2013-04-10 18:56 - 2013-04-10 18:56 - 00000000 ____D C:ProgramData\Windows Genuine Advantage
    2013-04-10 18:56 - 2013-04-10 18:56 - 00000000 ____D C:ProgramData\Application Data\Windows Genuine Advantage
    2013-04-05 20:32 - 2013-04-05 20:42 - 00000000 ____D C:ProgramData\OrganicCoffee
    2013-04-05 20:32 - 2013-04-05 20:42 - 00000000 ____D C:ProgramData\Application Data\OrganicCoffee
    2013-04-02 19:13 - 2013-04-02 22:13 - 00000000 ____D C:\Users\Empress\My Documents\The Deadly Device
    2013-04-02 19:13 - 2013-04-02 22:13 - 00000000 ____D C:\Users\Empress\Documents\The Deadly Device
    2013-04-02 17:23 - 2013-04-02 17:23 - 00000000 ____D C:\Program Files\Microsoft Windows Performance Toolkit
    2013-04-02 17:22 - 2013-04-02 17:22 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
    2013-04-02 17:20 - 2013-04-02 17:20 - 00000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
    2013-04-02 17:20 - 2013-04-02 17:20 - 00000000 ____D C:\Program Files\Application Verifier (x64)
    2013-04-02 17:20 - 2013-04-02 17:20 - 00000000 ____D C:\Program Files (x86)\Application Verifier
    2013-04-02 17:17 - 2013-04-02 17:17 - 00000000 ____D C:\Windows\symbols
    2013-04-02 17:17 - 2013-04-02 17:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
    2013-04-02 17:09 - 2013-04-02 17:09 - 00000000 ____D C:\Program Files\Microsoft SDKs
      My Computer
    Quote Quote

  10. empresssoul
    Posts : 58
    windows 7 64 bit
    Thread Starter
       New #37

    ==================== One Month Modified Files and Folders =======
    2013-04-29 20:30 - 2013-04-29 20:30 - 00000000 ____D C:\FRST
    2013-04-29 16:48 - 2013-04-29 16:46 - 00000000 ____D C:\Windows\System32\config\MYBACKUP
    2013-04-24 20:09 - 2013-04-23 22:28 - 00000000 ____D C:\Windows\Microsoft Antimalware
    2013-04-24 20:09 - 2013-04-22 22:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-04-24 20:09 - 2013-03-16 22:56 - 00000000 ____D C:\users\DefaultAppPool.IIS APPPOOL.000
    2013-04-24 20:09 - 2012-05-02 11:48 - 00000000 ____D C:\users\Gore Family
    2013-04-24 20:09 - 2011-10-19 10:38 - 00000000 ____D C:\users\Empress
    2013-04-24 20:09 - 2011-09-20 22:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2013-04-24 20:09 - 2011-09-20 22:49 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
    2013-04-24 20:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
    2013-04-24 20:09 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2013-04-23 18:01 - 2011-09-20 23:06 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
    2013-04-23 18:01 - 2011-09-20 23:06 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
    2013-04-23 18:01 - 2011-09-20 23:06 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
    2013-04-23 18:01 - 2011-09-20 23:06 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
    2013-04-23 18:01 - 2011-09-20 23:06 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
    2013-04-23 18:01 - 2011-09-20 23:06 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
    2013-04-22 22:18 - 2011-09-20 22:32 - 01413614 ____A C:\Windows\WindowsUpdate.log
    2013-04-22 22:05 - 2011-12-04 20:12 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-04-22 22:05 - 2011-12-04 20:12 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-04-22 21:36 - 2013-02-24 15:14 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-04-22 20:39 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\tracing
    2013-04-22 07:28 - 2012-02-23 18:19 - 00000000 ____D C:\Users\Empress\Application Data\AlawarEntertainment
    2013-04-22 07:28 - 2012-02-23 18:19 - 00000000 ____D C:\Users\Empress\AppData\Roaming\AlawarEntertainment
    2013-04-22 07:28 - 2009-07-13 23:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-04-22 07:28 - 2009-07-13 23:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-04-22 07:19 - 2012-07-14 22:21 - 00000000 ____D C:\Windows\Minidump
    2013-04-22 07:19 - 2012-06-20 16:21 - 00065536 ____A C:\Windows\System32\Ikeext.etl
    2013-04-22 07:19 - 2011-09-21 00:04 - 00318121 ____N C:\Windows\Minidump\042213-39312-01.dmp
    2013-04-22 07:19 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-04-22 07:19 - 2009-07-13 23:51 - 00090858 ____A C:\Windows\setupact.log
    2013-04-22 07:09 - 2013-04-22 07:03 - 00000000 ____D C:\Users\Empress\My Documents\pic from flash drive
    2013-04-22 07:09 - 2013-04-22 07:03 - 00000000 ____D C:\Users\Empress\Documents\pic from flash drive
    2013-04-22 06:54 - 2009-07-14 00:13 - 00823940 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-04-22 06:24 - 2011-12-14 14:37 - 00001945 ____A C:\Windows\epplauncher.mif
    2013-04-22 06:23 - 2013-04-22 06:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
    2013-04-22 06:23 - 2013-04-22 06:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
    2013-04-22 02:08 - 2013-04-22 02:08 - 00003552 ____N C:\bootsqm.dat
    2013-04-21 19:54 - 2013-04-21 15:25 - 00000000 ____D C:ProgramData\iolo
    2013-04-21 19:54 - 2013-04-21 15:25 - 00000000 ____D C:ProgramData\Application Data\iolo
    2013-04-21 19:52 - 2011-09-21 00:04 - 00318065 ____N C:\Windows\Minidump\042113-36535-01.dmp
    2013-04-21 17:48 - 2012-05-02 11:59 - 00000000 ____D C:\Users\Gore Family\Local Settings\CrashDumps
    2013-04-21 17:48 - 2012-05-02 11:59 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\CrashDumps
    2013-04-21 17:48 - 2012-05-02 11:59 - 00000000 ____D C:\Users\Gore Family\AppData\Local\CrashDumps
    2013-04-21 17:48 - 2012-04-24 21:31 - 00000000 ____D C:\Users\Empress\Local Settings\Application Data\{860F103E-3745-46E1-A683-28A4761BC61E}
    2013-04-21 17:48 - 2012-04-24 21:31 - 00000000 ____D C:\Users\Empress\Local Settings\{860F103E-3745-46E1-A683-28A4761BC61E}
    2013-04-21 17:48 - 2012-04-24 21:31 - 00000000 ____D C:\Users\Empress\AppData\Local\{860F103E-3745-46E1-A683-28A4761BC61E}
    2013-04-21 17:48 - 2011-11-25 12:46 - 00000000 ____D C:\Users\Empress\Incomplete
    2013-04-21 17:48 - 2011-11-25 12:45 - 00000000 ____D C:\Users\Empress\Application Data\MP3Rocket
    2013-04-21 17:48 - 2011-11-25 12:45 - 00000000 ____D C:\Users\Empress\AppData\Roaming\MP3Rocket
    2013-04-21 17:48 - 2011-11-11 17:19 - 00000000 ____D C:\Users\Empress\Local Settings\CrashDumps
    2013-04-21 17:48 - 2011-11-11 17:19 - 00000000 ____D C:\Users\Empress\Local Settings\Application Data\CrashDumps
    2013-04-21 17:48 - 2011-11-11 17:19 - 00000000 ____D C:\Users\Empress\AppData\Local\CrashDumps
    2013-04-21 17:38 - 2013-04-21 15:42 - 00002225 ____A C:\Users\Empress\Desktop\System Mechanic.lnk
    2013-04-21 17:33 - 2010-11-20 22:47 - 01162490 ____A C:\Windows\PFRO.log
    2013-04-21 17:29 - 2013-04-21 15:25 - 00000000 ____D C:\Program Files (x86)\iolo
    2013-04-21 17:26 - 2011-10-25 17:16 - 00000000 ____D C:ProgramData\Norton
    2013-04-21 17:26 - 2011-10-25 17:16 - 00000000 ____D C:ProgramData\Application Data\Norton
    2013-04-21 16:40 - 2009-07-13 23:54 - 00000392 ___SH C:ProgramData\Desktop\desktop.ini
    2013-04-21 16:32 - 2009-07-14 00:08 - 00032644 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2013-04-21 15:47 - 2013-04-21 15:40 - 00000000 ____D C:\Users\Empress\Application Data\iolo
    2013-04-21 15:47 - 2013-04-21 15:40 - 00000000 ____D C:\Users\Empress\AppData\Roaming\iolo
    2013-04-21 15:46 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\Offline Web Pages
    2013-04-21 15:43 - 2013-04-21 15:43 - 00000406 ____A C:\Windows\System32\ioloBootDefrag.cfg
    2013-04-21 15:42 - 2013-04-21 15:42 - 00000234 ____A C:\Windows\Tasks\SidebarExecute.job
    2013-04-21 15:40 - 2013-04-21 15:40 - 00000000 ____D C:\iolo
    2013-04-21 15:25 - 2013-04-21 15:25 - 00074703 ____A C:\Windows\SysWOW64\mfc45.dat
    2013-04-21 09:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2013-04-21 09:13 - 2013-04-21 09:13 - 00000129 ____A C:\Windows\System32\MRT.INI
    2013-04-21 09:11 - 2013-04-21 09:07 - 00007043 ____A C:\Windows\IE10_main.log
    2013-04-21 09:08 - 2013-04-21 09:08 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-04-21 09:08 - 2013-04-21 09:08 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-04-21 09:08 - 2013-04-21 09:08 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-04-21 09:08 - 2013-04-21 09:08 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-04-21 09:08 - 2013-04-21 09:08 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-04-21 09:08 - 2013-04-21 09:08 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
    2013-04-21 09:08 - 2013-04-21 09:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
    2013-04-21 09:08 - 2013-04-21 09:08 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
      My Computer
    Quote Quote

  11. empresssoul
    Posts : 58
    windows 7 64 bit
    Thread Starter
       New #38

    2013-04-21 09:08 - 2013-04-21 09:08 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
    2013-04-21 09:08 - 2013-04-21 09:08 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-04-21 09:08 - 2013-04-21 09:08 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-04-21 09:08 - 2013-04-21 09:08 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
    2013-04-21 09:08 - 2013-04-21 09:08 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-04-19 02:20 - 2009-07-13 23:45 - 00322280 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-04-19 02:17 - 2011-10-25 20:34 - 00000000 ____D C:\Users\Empress\Application Data\SoftGrid Client
    2013-04-19 02:17 - 2011-10-25 20:34 - 00000000 ____D C:\Users\Empress\AppData\Roaming\SoftGrid Client
    2013-04-18 19:12 - 2013-04-18 19:12 - 00004697 ____A C:\Users\Empress\My Documents\Gore,_Karla_2_25_13_FHS.txt
    2013-04-18 19:12 - 2013-04-18 19:12 - 00004697 ____A C:\Users\Empress\Documents\Gore,_Karla_2_25_13_FHS.txt
    2013-04-16 20:26 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\NDF
    2013-04-16 18:30 - 2011-09-20 22:45 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
    2013-04-13 21:41 - 2011-10-25 21:57 - 00000000 ____D C:\Program Files (x86)\WildGames
    2013-04-13 21:41 - 2011-09-20 22:45 - 00000000 ____D C:ProgramData\WildTangent
    2013-04-13 21:41 - 2011-09-20 22:45 - 00000000 ____D C:ProgramData\Application Data\WildTangent
    2013-04-10 20:10 - 2013-04-10 20:10 - 00000000 ____D C:\Users\Empress\Application Data\Casual Box
    2013-04-10 20:10 - 2013-04-10 20:10 - 00000000 ____D C:\Users\Empress\AppData\Roaming\Casual Box
    2013-04-10 19:28 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
    2013-04-10 19:06 - 2011-12-04 22:26 - 00002185 ____A C:ProgramData\Desktop\Google Chrome.lnk
    2013-04-10 19:06 - 2011-12-04 22:26 - 00002185 ____A C:\Users\Public\Desktop\Google Chrome.lnk
    2013-04-10 18:56 - 2013-04-10 18:56 - 02033827 ____A C:\Users\Empress\Downloads\Windows6.1-KB2506014-x64.msu
    2013-04-10 18:56 - 2013-04-10 18:56 - 01528184 ____A (Microsoft Corporation) C:\Users\Empress\Downloads\GenuineCheck.exe
    2013-04-10 18:56 - 2013-04-10 18:56 - 00000000 ____D C:ProgramData\Windows Genuine Advantage
    2013-04-10 18:56 - 2013-04-10 18:56 - 00000000 ____D C:ProgramData\Application Data\Windows Genuine Advantage
    2013-04-09 18:09 - 2011-09-20 22:42 - 00000000 ____D C:\Intel
    2013-04-07 08:08 - 2012-03-06 16:18 - 00000000 ____D C:\Users\Empress\Application Data\Happy Artist Studio
    2013-04-07 08:08 - 2012-03-06 16:18 - 00000000 ____D C:\Users\Empress\AppData\Roaming\Happy Artist Studio
    2013-04-05 20:42 - 2013-04-05 20:32 - 00000000 ____D C:ProgramData\OrganicCoffee
    2013-04-05 20:42 - 2013-04-05 20:32 - 00000000 ____D C:ProgramData\Application Data\OrganicCoffee
    2013-04-03 18:13 - 2012-11-13 20:27 - 00000000 ____D C:\Users\Gore Family\Local Settings\The Weather Channel
    2013-04-03 18:13 - 2012-11-13 20:27 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\The Weather Channel
    2013-04-03 18:13 - 2012-11-13 20:27 - 00000000 ____D C:\Users\Gore Family\AppData\Local\The Weather Channel
    2013-04-03 18:13 - 2012-06-13 19:38 - 00000000 ____D C:\Users\Gore Family\Application Data\WildTangent
    2013-04-03 18:13 - 2012-06-13 19:38 - 00000000 ____D C:\Users\Gore Family\AppData\Roaming\WildTangent
    2013-04-03 18:13 - 2012-06-09 16:22 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\{80E49840-FEC9-4009-B2F2-83DD9B68A990}
    2013-04-03 18:13 - 2012-06-09 16:22 - 00000000 ____D C:\Users\Gore Family\Local Settings\{80E49840-FEC9-4009-B2F2-83DD9B68A990}
    2013-04-03 18:13 - 2012-06-09 16:22 - 00000000 ____D C:\Users\Gore Family\AppData\Local\{80E49840-FEC9-4009-B2F2-83DD9B68A990}
    2013-04-03 18:13 - 2012-06-03 19:44 - 00000000 ____D C:\Users\Gore Family\Local Settings\ArcadeCandy
    2013-04-03 18:13 - 2012-06-03 19:44 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\ArcadeCandy
    2013-04-03 18:13 - 2012-06-03 19:44 - 00000000 ____D C:\Users\Gore Family\AppData\Local\ArcadeCandy
    2013-04-03 18:13 - 2012-05-21 23:09 - 00000000 ____D C:\Users\Gore Family\Local Settings\Dell Edoc Viewer
    2013-04-03 18:13 - 2012-05-21 23:09 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\Dell Edoc Viewer
    2013-04-03 18:13 - 2012-05-21 23:09 - 00000000 ____D C:\Users\Gore Family\AppData\Local\Dell Edoc Viewer
    2013-04-03 18:13 - 2012-05-21 20:57 - 00000000 ____D C:\Users\Gore Family\Local Settings\Seven Zip
    2013-04-03 18:13 - 2012-05-21 20:57 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\Seven Zip
    2013-04-03 18:13 - 2012-05-21 20:57 - 00000000 ____D C:\Users\Gore Family\AppData\Local\Seven Zip
    2013-04-03 18:13 - 2012-05-18 14:32 - 00000000 ____D C:\Users\Gore Family\Local Settings\Unity
    2013-04-03 18:13 - 2012-05-18 14:32 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\Unity
    2013-04-03 18:13 - 2012-05-18 14:32 - 00000000 ____D C:\Users\Gore Family\AppData\Local\Unity
    2013-04-03 18:13 - 2012-05-17 01:53 - 00000000 ____D C:\Users\Gore Family\Local Settings\Microsoft Help
    2013-04-03 18:13 - 2012-05-17 01:53 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\Microsoft Help
    2013-04-03 18:13 - 2012-05-17 01:53 - 00000000 ____D C:\Users\Gore Family\AppData\Local\Microsoft Help
    2013-04-03 18:13 - 2012-05-17 00:29 - 00000000 ____D C:\Users\Gore Family\Application Data\Skype
    2013-04-03 18:13 - 2012-05-17 00:29 - 00000000 ____D C:\Users\Gore Family\AppData\Roaming\Skype
    2013-04-03 18:13 - 2012-05-02 11:48 - 00000000 ___RD C:\Users\Gore Family\Desktop\Play Games
    2013-04-03 18:12 - 2012-06-09 16:22 - 00000000 ____D C:\Users\Gore Family\Application Data\Stamps.com Internet Postage
    2013-04-03 18:12 - 2012-06-09 16:22 - 00000000 ____D C:\Users\Gore Family\AppData\Roaming\Stamps.com Internet Postage
    2013-04-03 18:12 - 2012-06-03 19:53 - 00000000 ____D C:\Users\Gore Family\Application Data\Mozilla
    2013-04-03 18:12 - 2012-06-03 19:53 - 00000000 ____D C:\Users\Gore Family\AppData\Roaming\Mozilla
    2013-04-03 18:12 - 2012-05-21 22:08 - 00000000 ____D C:\Users\Gore Family\My Documents\Fax
    2013-04-03 18:12 - 2012-05-21 22:08 - 00000000 ____D C:\Users\Gore Family\Documents\Fax
    2013-04-03 18:12 - 2012-05-17 01:46 - 00000000 ____D C:\Users\Gore Family\Application Data\SoftGrid Client
    2013-04-03 18:12 - 2012-05-17 01:46 - 00000000 ____D C:\Users\Gore Family\AppData\Roaming\SoftGrid Client
    2013-04-03 18:12 - 2012-05-02 11:49 - 00000000 ____D C:\Users\Gore Family\Application Data\Adobe
    2013-04-03 18:12 - 2012-05-02 11:49 - 00000000 ____D C:\Users\Gore Family\AppData\Roaming\Adobe
    2013-04-03 18:11 - 2012-06-13 18:27 - 00000000 ____D C:\Users\Gore Family\Local Settings\Microsoft Games
    2013-04-03 18:11 - 2012-06-13 18:27 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\Microsoft Games
    2013-04-03 18:11 - 2012-06-13 18:27 - 00000000 ____D C:\Users\Gore Family\AppData\Local\Microsoft Games
      My Computer
    Quote Quote

  12. empresssoul
    Posts : 58
    windows 7 64 bit
    Thread Starter
       New #39

    2013-04-03 18:11 - 2012-05-02 11:49 - 00000000 ____D C:\Users\Gore Family\Local Settings\Google
    2013-04-03 18:11 - 2012-05-02 11:49 - 00000000 ____D C:\Users\Gore Family\Local Settings\Application Data\Google
    2013-04-03 18:11 - 2012-05-02 11:49 - 00000000 ____D C:\Users\Gore Family\AppData\Local\Google
    2013-04-02 22:13 - 2013-04-02 19:13 - 00000000 ____D C:\Users\Empress\My Documents\The Deadly Device
    2013-04-02 22:13 - 2013-04-02 19:13 - 00000000 ____D C:\Users\Empress\Documents\The Deadly Device
    2013-04-02 17:28 - 2009-07-13 22:20 - 00000000 ___SD C:ProgramData\Microsoft
    2013-04-02 17:28 - 2009-07-13 22:20 - 00000000 ___SD C:ProgramData\Application Data\Microsoft
    2013-04-02 17:23 - 2013-04-02 17:23 - 00000000 ____D C:\Program Files\Microsoft Windows Performance Toolkit
    2013-04-02 17:22 - 2013-04-02 17:22 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
    2013-04-02 17:20 - 2013-04-02 17:20 - 00000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
    2013-04-02 17:20 - 2013-04-02 17:20 - 00000000 ____D C:\Program Files\Application Verifier (x64)
    2013-04-02 17:20 - 2013-04-02 17:20 - 00000000 ____D C:\Program Files (x86)\Application Verifier
    2013-04-02 17:17 - 2013-04-02 17:17 - 00000000 ____D C:\Windows\symbols
    2013-04-02 17:17 - 2013-04-02 17:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
    2013-04-02 17:09 - 2013-04-02 17:09 - 00000000 ____D C:\Program Files\Microsoft SDKs
    2013-04-02 17:09 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2013-04-02 05:34 - 2010-11-20 22:27 - 00282744 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
    2013-04-01 18:58 - 2011-12-04 18:12 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-04-01 18:48 - 2013-03-19 21:03 - 70490256 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MRT.exe
    2013-03-31 10:08 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
    Other Malware:
    ===========
    C:\Windows\svchost.exe
    ATTENTION ====> Check for partition/boot infection.
    ==================== Known DLLs (Whitelisted) ================

    ==================== Bamital & volsnap Check =================
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    TDL4: custom:26000022 <===== ATTENTION!
    ==================== EXE ASSOCIATION =====================
    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK
    ==================== Restore Points =========================
    Restore point made on: 2013-04-22 02:14:56
    Restore point made on: 2013-04-22 22:18:37
    ==================== Memory info ===========================
    Percentage of memory in use: 11%
    Total physical RAM: 6108.98 MB
    Available physical RAM: 5405.83 MB
    Total Pagefile: 6107.18 MB
    Available Pagefile: 5384.5 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.88 MB
    ==================== Drives ================================
    Drive c: (OS) (Fixed) (Total:916.66 GB) (Free:845 GB) NTFS (Disk=0 Partition=3)
    Drive e: (RECOVERY) (Fixed) (Total:14.81 GB) (Free:6.32 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
    ATTENTION: Malware custom entry on BCD on drive e: detected.
    Drive i: (TRAVELDRIVE) (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT (Disk=1 Partition=1)
    Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 931 GB 0 B
    Disk 1 Online 980 MB 0 B
    Disk 2 No Media 0 B 0 B
    Disk 3 No Media 0 B 0 B
    Disk 4 No Media 0 B 0 B
    Disk 5 No Media 0 B 0 B
    Partitions of Disk 0:
    ===============
    Disk ID: C2BE9B9D
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 OEM 39 MB 31 KB
    Partition 2 Primary 14 GB 40 MB
    Partition 3 Primary 916 GB 14 GB
    ==================================================================================
    Disk: 0
    Partition 1
    Type : DE
    Hidden: Yes
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 8 FAT Partition 39 MB Healthy Hidden
    =========================================================
    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 E RECOVERY NTFS Partition 14 GB Healthy
    =========================================================
    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C OS NTFS Partition 916 GB Healthy
    =========================================================
    Partitions of Disk 1:
    ===============
    Disk ID: 4AA4F131
    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 979 MB 16 KB
    ==================================================================================
    Disk: 1
    Partition 1
    Type : 06
    Hidden: No
    Active: Yes
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 I TRAVELDRIVE FAT Removable 979 MB Healthy
    =========================================================
    ============================== MBR & Partition Table ==================
    ====================================================================
    Disk: 0 (MBR Code: Windows Vista) (Size: 932 GB) (Disk ID: C2BE9B9D)
    Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
    Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=917 GB) - (Type=07 NTFS)
    ====================================================================
    Disk: 1 (Size: 980 MB) (Disk ID: 4AA4F131)
    Partition 1: (Active) - (Size=980 MB) - (Type=06)

    Last Boot: 2013-03-30 23:16
    ==================== End Of Log ============================
      My Computer
    Quote Quote

  13. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #40

    Open notepad Click on type notepad inside Search programs and files press <enter> . Inside notepad type in what is below and Save it on the flashdrive as fixlist.txt

    Code:
    start
C:\Windows\svchost.exe
TDL4: custom:26000022 <===== ATTENTION!
end
    Run FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Reboot the PC
      My Computer
    Quote Quote

 
Page 4 of 12 FirstFirst ... 23456 ... LastLast

  Related Discussions
How to Use Windows Defender Offline The former Microsoft Standalone System Sweeper (MSSS) BETA has been rebranded and available as Windows Defender Offline now. Windows Defender Offline is a free standalone, bootable malware and virus remover from Microsoft that performs an offline scan...
I used windows defender offline to remove the Trojan alureon virus and now my computer will not start up. as it is attempting to start, blue screen will flash and the loop will start over.
From reading another thread, I found out that I needed to run frst64.exe. This seems to be a common problem but not a simple solution. I have no idea how to create the fixlist.txt file. frst.txt log attached I also searched for services.exe and search.txt log attached. I need to know how...
hello, i read another similar but not sure what will apply in my case.... After being notified my computer was infected I followed the suggestion to use Windows Defender Offline to remove the trojan. Once completed, and having cleaned the trojan, the computer would not reboot. It has a black...
I'm trying to download and install windows defender offline to a flash drive for use on another computer. During the 4-step process, I get error 0007-8004DD1D "error formatting drive" when it tries to format the flash drive. I have tried several time using different flash drives. I manually...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 04:44.
Find Us