windows 7 says I need administrators permission

Page 2 of 21 FirstFirst 123412 ... LastLast

  1. Bonnie Jean
    Posts : 123
    Windows 7 Home 64 bit
    Thread Starter
       New #11

    Have done what everyone has suggested no change


    I updated my Malwarebytes and ran it and found nothing this time.
    I removed the 2 suggested items and then went through everything on the uninstall page and looked up everything that I didn't recognize and even found a couple programs for peer to peer sharing which I have never even considered doing!
    I rebooted and checked if I could burn dvd videos and I did click run as administrator (which I never did in the past) but it refused. I then checked internet and I still have to work my way around things to get to most pages and I still can not go from the start scan now for the online scanner that was first suggested. A blank page comes up. If someone could click that and then send me the url it goes to maybe I can get it to run that way.
    Many years ago I did a partial reformat. I don't remember how but while some things were left on like the operating system none of the programs stayed on and lots of files were gone. I don't even know if it can be done on pc's now or how I did it but do you think I will need to do that? I do have an external harddrive 3Tetrabyte that I can move folders out but will that just move whatever is doing this to the pc?
    I am truly sorry I am so unable to fix things now. It seems that while the extra search tool bar is gone now with all the removals but up above my google search bar where there was just the URL bar I now have something that shows what is on any open windows? Not a big problem but I watch tv on the pc and my screen keeps getting smaller with extra tool bars. But will be happy if you can help with the need administrator problem and my hard to use internet. Thank you very much for the help I have been getting.
      My Computer
    Quote Quote

  3. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #12

    Lets try this


    Reset DNS and Internet Settings

    Copy and paste the code below into Notepad. To open Notepad, click on . Inside type notepad and then press <ENTER> button .

    Code:
    
@Echo off
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
cls
echo Script finished.
pause
del %0
    In Notepad, click File and then Save. Type reset.bat inside file name section . Change Save as Type to All Files, and then save the file to your desktop. After the file is saved, right click on the RESET.bat choose . Once it's finished running, restart your computer. Check to see if your Internet connection is restored.
      My Computer
    Quote Quote

  4. Bonnie Jean
    Posts : 123
    Windows 7 Home 64 bit
    Thread Starter
       New #13

    Hello, I did exactly what you said Vista King and when I clicked as run as administrator the file went in and was accepted and I went out and rebooted. Nothing has changed. Since yesterday I haven't been able to log into facebook (hate that site but only way to keep in touch with Grandchildren in America). Everytime I try it says Facebook is not responding. I still get no normal response to pages when I open internet I have to click on my homepage icon and then go from there.

    In the past if I ran into a problem I could set a restore point. But Now I can only go back 1 day! Isn't there a way that I could go back 2 weeks? Would that help or would I get all the junk in that I just took out?
      My Computer
    Quote Quote

  6. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #14

    Doing a windows restore will bring back to that date and if you had junk during that time it will be back .
      My Computer
    Quote Quote

  7. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #15

    Lets see if you could run the tool below

    Farbar Recovery Scan Tool




    64-Bit Version OS Farbar Recovery Scan Tool x64

    • Drag the FRST64.exe from your Downloads folder onto your Desktop
    • Right click on FRST64.exe and choose
    • When the tool opens click Yes on the disclaimer window .
    • Press Scan button.


    FRST will let you know when the scan is complete and has written the FRST.txt to file

       Note
    The first time Farbar Recovery Scan Tool is run, it makes also another log Addition.txt


    Please copy and paste both logs in your reply.(FRST.txt and Addition.txt)
      My Computer
    Quote Quote

  8. Bonnie Jean
    Posts : 123
    Windows 7 Home 64 bit
    Thread Starter
       New #16

    scans way to long to put in even one will send in parts


    1st attachment first part
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
    Ran by Bonnie (administrator) on 03-07-2013 10:55:28
    Running from C:\Users\Bonnie\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal
    Code:
    ==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Creative Technology Ltd.) C:\Windows\V0530Mon.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
() C:\ProgramData\Boxtools\Toolbox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
() C:\Users\Bonnie\Documents\BOOKS\FRST64 (2).exe
(Farbar) C:\Users\Bonnie\Desktop\FRST64 (2).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-01-17] (Google Inc.)
HKCU\...\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun [514048 2010-12-15] ()
HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {20bed068-b2bd-11e1-bece-001fc69fac15} - E:\setup.exe
HKLM-x32\...\Run: [V0530Mon.exe] C:\Windows\V0530Mon.exe [28672 2008-02-18] (Creative Technology Ltd.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-09-08] (Apple Inc.)
HKLM-x32\...\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [619008 2010-05-25] (Nikon Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript [887432 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [x]
HKLM-x32\...\Run: [BrowserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Pro\BrowserPlugInHelper.exe [x]
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray [32736 2013-05-28] (Panda Security, S.L.)
HKLM-x32\...\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe" [235072 2013-04-11] (Visicom Media Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Mysearchdial Search=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
URLSearchHook: (No Name) - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} -  No File
URLSearchHook: (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} -  No File
URLSearchHook: (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
HKLM SearchScopes: DefaultScope {5E6EEDC0-0194-6648-A418-47AE707EA8C2} URL = Mysearchdial Search=
SearchScopes: HKLM - {21AE2F9F-462D-4A5A-ADE1-56C2705D4AE3} URL = http://www.amazon.co.uk/s/ref=azs_os...s={searchTerms}
SearchScopes: HKLM - {5E6EEDC0-0194-6648-A418-47AE707EA8C2} URL = Mysearchdial Search=
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = {searchTerms - Search results - Wikipedia, the free encyclopedia}
HKLM-x32 SearchScopes: DefaultScope {53BC1669-4315-6969-AF51-64C10517CE4A} URL = Mysearchdial Search=
SearchScopes: HKLM-x32 - {21AE2F9F-462D-4A5A-ADE1-56C2705D4AE3} URL = http://www.amazon.co.uk/s/ref=azs_os...s={searchTerms}
SearchScopes: HKLM-x32 - {3165C43C-EC1F-86F8-9C7D-680FEC016429} URL = {searchTerms - Search-results Search}
SearchScopes: HKLM-x32 - {53BC1669-4315-6969-AF51-64C10517CE4A} URL = Mysearchdial Search=
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Searchya Search
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = {searchTerms - Search results - Wikipedia, the free encyclopedia}
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Mysearchdial Search=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Mysearchdial Search=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = {searchTerms} - Babylon Yahoo! Search Results
SearchScopes: HKCU - {21AE2F9F-462D-4A5A-ADE1-56C2705D4AE3} URL = http://www.amazon.co.uk/s/ref=azs_os...s={searchTerms}
SearchScopes: HKCU - {3165C43C-EC1F-86F8-9C7D-680FEC016429} URL = {searchTerms} - Google-
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = Funmoods Search
SearchScopes: HKCU - {990FD295-EFD6-4FED-A86B-8DA4B1DB89A2} URL = Search - {searchTerms}
SearchScopes: HKCU - {B1131951-FE5D-4381-9E45-298D8A78D261} URL = {searchTerms - Search results}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = {searchTerms} - Yahoo! Search Results
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: SelectionLinks - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll (SelectionLinks)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - No Name - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - SimilarWeb - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll (SimilarGroup)
Toolbar: HKLM-x32 - No Name - !{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/ge...sh/swflash.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pu...sh/swflash.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044} http://webbkamera01.amal.se/activex/AMC.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72D89664-68A4-46DD-BFCB-8C427F5A1772}: [NameServer]8.8.8.8
Chrome: 
=======
CHR Extension: (SearchYa Spead Dial) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppomckgmefcejhfhfghdigjioaeejkd\3.0.3.1_0
CHR Extension: (MixiDj Chrome Toolbar) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0_0
CHR Extension: (Cath Kidston) - C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndlpkmaeinmnbiadacenijnhlolneopm\3_0
==================== Services (Whitelisted) =================
S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-02-25] (CyberLink)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-21] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-06-21] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-21] ()
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140768 2013-05-28] (Panda Security, S.L.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [37344 2013-05-28] (Panda Security, S.L.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]
S2 DefaultTabUpdate; "C:\Users\Bonnie\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe" [x]
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [x]
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" [x]
==================== Drivers (Whitelisted) ====================
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-21] (AnchorFree Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [91368 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [122088 2013-05-29] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [109288 2013-05-29] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [114920 2013-05-29] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95464 2013-05-29] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69864 2013-05-29] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [119016 2013-05-29] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [305896 2013-05-29] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [118504 2013-05-29] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [114920 2013-05-29] (Panda Security, S.L.)
      My Computer
    Quote Quote

  10. Bonnie Jean
    Posts : 123
    Windows 7 Home 64 bit
    Thread Starter
       New #17

    1st attachment part 2


    Code:
    R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [246504 2013-05-29] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106216 2013-05-29] (Panda Security, S.L.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [168680 2013-05-28] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [122088 2013-05-28] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [205544 2013-05-28] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124648 2013-05-28] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [137448 2013-05-29] (Panda Security, S.L.)
S3 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [105704 2013-05-28] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [58808 2013-04-29] (Panda Security, S.L.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TdsNordecr; C:\Windows\System32\DRIVERS\nordecr.sys [28672 2007-10-30] (Todos Data System AB)
R3 V0530Dev; C:\Windows\System32\DRIVERS\V0530Vid.sys [319488 2009-12-14] (Creative Technology Ltd.)
S0 AVGIDSHA; system32\DRIVERS\avgidsha.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 5F62E6CFD4FEA8D19110BDEB423BF510
C:\Windows\System32\DRIVERS\atikmpag.sys D93655EC3CA48FCBFFD9D4E6DF63737F
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\drivers\amd_sata.sys 352476C98EF3952563A14F767491BBA9
C:\Windows\System32\drivers\amd_xata.sys F4805C309FE48D6939147FE5CCDB1AD4
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys DBB487D09F56C674430AC454FD8BCAB9
C:\Windows\system32\drivers\avgtpx64.sys 4C05242DC361A217223E9B8EC2B3A76B
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys AAFCB52FE0037207FB6FBEA070D25EFE
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dc3d.sys 7AF9DAC504FBD047CBC3E64AE52C92BF
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hssdrv6.sys 26B05FFD8FB5E70EB501A610E3425341
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 91ED47813243B455E2D81115A8255F0E
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 7EFB9333E4ECCE6AE4AE9D777D9E553E
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28x.sys 2EED549279D7FBD10B846B5397573967
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NNSAlpc.sys 37B93643A2A003EE25308DDF4EAF8C54
C:\Windows\System32\DRIVERS\NNSHttp.sys B0FA8C7F0451145C1BDB79484FEC3586
C:\Windows\System32\DRIVERS\NNSHttps.sys 1E599DA97D1A09F54969430AAA106BFA
C:\Windows\System32\DRIVERS\NNSIds.sys 98BDEC322082187674F9764B6C3D3F37
C:\Windows\System32\DRIVERS\NNSPicc.sys 148616C45CC9AB911049CBC8E2B705E9
C:\Windows\System32\DRIVERS\NNSPihsw.sys 47E510F2699F745581184DBBA24D2148
C:\Windows\System32\DRIVERS\NNSPop3.sys 6CD7D0B3F8F1C1B0CC8D5EA700C16DA5
C:\Windows\System32\DRIVERS\NNSProt.sys 6D94915B8EB8FF01664C4170D3AAC994
C:\Windows\System32\DRIVERS\NNSPrv.sys 8CDCAD81FB4C3CAA95A6D5F1F189AF4D
C:\Windows\System32\DRIVERS\NNSSmtp.sys 22F8E36B153CD61B5FB2A9FE63D0561A
C:\Windows\System32\DRIVERS\NNSStrm.sys 64734FB9136A009E15E01125D11A893A
C:\Windows\System32\DRIVERS\NNSTlsc.sys FA76C90C664963BE96E243E109415717
C:\Windows\System32\drivers\npf.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PSINAflt.sys E06E067B3CAAE10512286984EE02291C
      My Computer
    Quote Quote

  11. Bonnie Jean
    Posts : 123
    Windows 7 Home 64 bit
    Thread Starter
       New #18

    1st attachment part 3


    Code:
    C:\Windows\System32\DRIVERS\PSINFile.sys C7CC887F2CC0AAAED0CD4987DCD043F3
C:\Windows\System32\DRIVERS\psinknc.sys E0C9EED33E08DCFA5014672F64BE8710
C:\Windows\System32\DRIVERS\PSINProc.sys 73F0EE716AC461A401F9971FBA2C7F52
C:\Windows\System32\DRIVERS\PSINProt.sys 23DF78ABB48AA697EC6BC87452247598
C:\Windows\System32\DRIVERS\PSINReg.sys 9AAEAD6F389D00D298FBD5968A9A0954
C:\Windows\System32\DRIVERS\PSKMAD.sys D6C6BAE38CFEDCF3F7E046A5A72528FD
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys E50CFB92986DCAB49DE93788FD695813
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys C6CC9297BD53E5229653303E556AA539
C:\Windows\System32\DRIVERS\Sftplaylh.sys 390AA7BC52CEE43F6790CDEA1E776703
C:\Windows\System32\DRIVERS\Sftredirlh.sys 617E29A0B0A2807466560D4C4E338D3E
C:\Windows\System32\DRIVERS\Sftvollh.sys 8F571F016FA1976F445147E9E6C8AE9B
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys F9BE29D5E097F03F81D3CD12B794CB66
C:\Windows\System32\DRIVERS\taphss.sys B70DF208E97536CA9F29289E609F5B16
C:\Windows\System32\DRIVERS\taphss6.sys 83C57F165F0216E5CE40D7E4E00DC76D
C:\Windows\System32\drivers\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\DRIVERS\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nordecr.sys 86D1B3662EC12F2FEAD9CC6F58EF36F6
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\system32\drivers\usbfilter.sys 573D192E268F0C5B486B7E96F661E538
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\DRIVERS\V0530Vid.sys 81838071C71E93EB38194514C6580F82
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========
2013-07-03 10:51 - 2013-07-03 10:51 - 01933556 ____A (Farbar) C:\Users\Bonnie\Desktop\FRST64 (2).exe
2013-07-03 08:22 - 2013-07-03 08:23 - 00000279 ____A C:\Users\Bonnie\Documents\reset.bat
2013-07-03 08:09 - 2013-07-03 08:25 - 00000168 ____A C:\Windows\setupact.log
2013-07-03 08:09 - 2013-07-03 08:09 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 08:09 - 2013-04-29 09:17 - 00058808 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\PSKMAD.sys
2013-07-02 14:14 - 2013-07-02 14:14 - 00000000 ____D C:\Users\Bonnie\Documents\screenshots
      My Computer
    Quote Quote

  12. Bonnie Jean
    Posts : 123
    Windows 7 Home 64 bit
    Thread Starter
       New #19

    1st attachment part 4


    Code:
    2013-07-01 22:19 - 2013-07-01 22:19 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2013-07-01 22:12 - 2013-07-01 22:12 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Babylon
2013-07-01 22:12 - 2013-07-01 22:12 - 00000000 ____D C:\ProgramData\Babylon
2013-07-01 21:31 - 2013-07-01 22:19 - 00000000 ____D C:\ProgramData\HitmanPro
2013-07-01 21:28 - 2013-07-02 21:29 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\DefaultTab
2013-07-01 21:28 - 2013-07-01 22:32 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\mysearchdial
2013-07-01 21:28 - 2013-07-01 22:13 - 09833328 ____A (SurfRight B.V.) C:\Users\Bonnie\Downloads\HitmanPro_x64.exe
2013-07-01 21:28 - 2013-07-01 22:03 - 00423709 ____A C:\Users\Bonnie\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-07-01 21:28 - 2013-07-01 21:28 - 00000258 _RASH C:\Users\Bonnie\ntuser.pol
2013-07-01 15:00 - 2013-07-01 15:01 - 00001110 ____A C:\AdwCleaner[R4].txt
2013-07-01 14:58 - 2013-07-01 14:58 - 00002255 ____A C:\AdwCleaner[S2].txt
2013-07-01 14:57 - 2013-07-01 14:57 - 00002171 ____A C:\AdwCleaner[R3].txt
2013-07-01 10:31 - 2013-07-01 10:31 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{BB18BDE3-E0F0-43F0-AB50-5C1CE8354E2A}
2013-07-01 08:46 - 2013-07-01 08:46 - 00000000 ____A C:\autoexec.bat
2013-07-01 08:45 - 2013-07-01 08:45 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-01 08:43 - 2013-07-01 10:06 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
2013-07-01 08:28 - 2013-07-01 08:29 - 00002111 ____A C:\AdwCleaner[R2].txt
2013-06-30 20:32 - 2013-06-30 20:32 - 00032285 ____A C:\AdwCleaner[S1].txt
2013-06-30 20:32 - 2013-06-30 20:32 - 00000217 ____A C:\Windows\DeleteOnReboot.bat
2013-06-30 18:20 - 2013-06-30 18:20 - 00000000 ____D C:\FRST
2013-06-30 18:14 - 2013-06-30 18:15 - 00091231 ____A C:\AdwCleaner[R1].txt
2013-06-30 17:44 - 2013-06-30 17:44 - 00156674 ____A C:\Users\Bonnie\Desktop\Favorites.eml
2013-06-30 15:12 - 2013-06-30 15:12 - 00000000 ____D C:\Users\Bonnie\Documents\crafts
2013-06-25 21:56 - 2013-06-25 21:56 - 00053095 ____A C:\Users\Bonnie\Documents\Avsändarens namn och postnr.odt
2013-06-25 13:20 - 2013-06-25 13:20 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Nero
2013-06-25 13:15 - 2013-06-25 15:28 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Seagate
2013-06-25 13:15 - 2013-06-25 15:28 - 00000000 ____D C:\ProgramData\Seagate
2013-06-25 13:09 - 2013-06-25 13:09 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Leadertech
2013-06-21 03:07 - 2013-06-21 03:07 - 00046792 ____A (AnchorFree Inc.) C:\Windows\System32\Drivers\hssdrv6.sys
2013-06-20 14:54 - 2013-06-20 14:54 - 00000000 ____D C:\Program Files (x86)\pandasecuritytb
2013-06-20 10:58 - 2013-06-12 21:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-20 10:58 - 2013-06-12 21:43 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-20 10:58 - 2013-06-12 21:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-20 10:58 - 2013-06-12 21:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-20 10:57 - 2013-06-20 10:58 - 00004802 ____A C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-18 09:11 - 2013-06-18 09:11 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{8BD25E63-3FFE-4E1B-902B-F7586C4DC2F0}
2013-06-17 21:11 - 2013-06-17 21:11 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{1FDF0789-6BB1-40D0-9CCA-776E519BD228}
2013-06-17 08:35 - 2013-06-17 08:36 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{150F9A7A-B594-454A-8109-B728C0458E7B}
2013-06-15 22:31 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 22:31 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 22:31 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 22:31 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 22:31 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 22:31 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 22:31 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 22:31 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 22:31 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 22:31 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 22:31 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 22:31 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 13:50 - 2013-06-15 13:50 - 00001060 ____A C:\Users\Public\Desktop\BurnAware Free.lnk
2013-06-13 13:11 - 2013-06-13 13:11 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{575E405B-D657-452F-A5EA-3AC11F8AFEA9}
2013-06-12 23:41 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 23:41 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 23:41 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 23:41 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 23:41 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 23:41 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 23:41 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 23:41 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 23:41 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 23:41 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 23:41 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 23:41 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 23:41 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 23:41 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 23:41 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 23:41 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 23:41 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 23:41 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 23:41 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 21:57 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 21:57 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 21:57 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 21:56 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 21:56 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 21:56 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 21:56 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 21:55 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 21:55 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 21:55 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 21:55 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 21:55 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 21:55 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 21:55 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 21:55 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 21:55 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 21:55 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 21:55 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 21:55 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-12 15:38 - 2013-06-12 15:38 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{C0C4894A-34C2-4FEF-8F89-2941875DC787}
2013-06-11 18:24 - 2013-06-11 18:27 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{EB6D64EE-43A9-4189-93EF-DAB6DC94574B}
2013-06-11 16:08 - 2013-06-11 16:08 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{03DB7770-FF54-4558-BE81-C8EBF8221008}
2013-06-11 16:04 - 2013-06-11 16:04 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{831EA40F-ADB7-4C43-A7EE-EA3C8D386939}
2013-06-09 13:55 - 2013-06-09 13:55 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{190AE3B8-E897-4FE2-B2E5-9B8C85183AAE}
2013-06-09 12:11 - 2013-06-09 12:11 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-09 10:11 - 2013-06-09 10:11 - 00856240 ____A C:\Users\Bonnie\AppData\Local\census.cache
2013-06-09 10:11 - 2013-06-09 10:11 - 00115462 ____A C:\Users\Bonnie\AppData\Local\ars.cache
2013-06-09 09:56 - 2013-06-09 09:56 - 00000036 ____A C:\Users\Bonnie\AppData\Local\housecall.guid.cache
2013-06-08 10:26 - 2013-06-08 10:27 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{B3AAA821-608A-4FE9-8F3F-7B52B66D6BAE}
==================== One Month Modified Files and Folders =======
2013-07-03 10:54 - 2012-07-22 09:52 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-03 10:53 - 2012-01-19 13:58 - 00000000 ____D C:\Users\Bonnie\Documents\BOOKS
2013-07-03 10:51 - 2013-07-03 10:51 - 01933556 ____A (Farbar) C:\Users\Bonnie\Desktop\FRST64 (2).exe
2013-07-03 10:49 - 2012-01-18 00:12 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Mipony
2013-07-03 10:43 - 2012-01-17 21:45 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Skype
2013-07-03 08:55 - 2012-10-11 16:06 - 00000000 ____D C:\ProgramData\Boxtools
2013-07-03 08:33 - 2009-07-14 06:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-03 08:33 - 2009-07-14 06:45 - 00024608 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-03 08:28 - 2012-01-17 16:40 - 01766489 ____A C:\Windows\WindowsUpdate.log
2013-07-03 08:26 - 2012-11-14 11:18 - 00000000 ____D C:\ProgramData\Panda Security URL Filtering
2013-07-03 08:26 - 2012-01-19 14:16 - 00000668 ____A C:\Users\Bonnie\AppData\Roaming\vso_ts_preview.xml
2013-07-03 08:26 - 2012-01-19 14:16 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Vso
2013-07-03 08:25 - 2013-07-03 08:09 - 00000168 ____A C:\Windows\setupact.log
2013-07-03 08:25 - 2013-05-19 22:38 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-03 08:25 - 2011-11-24 10:31 - 00000000 ____D C:\ProgramData\PDFC
2013-07-03 08:23 - 2013-07-03 08:22 - 00000279 ____A C:\Users\Bonnie\Documents\reset.bat
2013-07-03 08:09 - 2013-07-03 08:09 - 00000000 ____A C:\Windows\setuperr.log
2013-07-02 22:03 - 2013-04-18 15:09 - 00000000 ____D C:\Users\Bonnie\Desktop\tags
2013-07-02 21:56 - 2012-01-30 14:40 - 00000000 ____D C:\Users\Bonnie\Documents\My PSP Files
2013-07-02 21:38 - 2011-02-11 19:00 - 00000000 ____D C:\Windows\Panther
2013-07-02 21:37 - 2012-05-09 17:03 - 00000000 ____D C:\Windows\Minidump
2013-07-02 21:37 - 2012-01-18 00:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-02 21:37 - 2012-01-17 21:44 - 00000000 ____D C:\Users\Bonnie\AppData\Local\CrashDumps
2013-07-02 21:29 - 2013-07-01 21:28 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\DefaultTab
2013-07-02 17:43 - 2012-01-20 17:50 - 00000000 ____D C:\Users\Bonnie\Documents\Mipony
2013-07-02 14:31 - 2012-03-08 15:33 - 00000000 ____D C:\Program Files (x86)\FreeTime
2013-07-02 14:27 - 2012-02-04 12:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-02 14:14 - 2013-07-02 14:14 - 00000000 ____D C:\Users\Bonnie\Documents\screenshots
2013-07-02 14:10 - 2013-04-03 14:24 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\GoforFiles
2013-07-02 13:55 - 2013-05-11 20:03 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-07-01 23:11 - 2012-04-07 15:27 - 00001367 ____A C:\Users\Bonnie\AppData\Roaming\burnaware.ini
2013-07-01 22:32 - 2013-07-01 21:28 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\mysearchdial
2013-07-01 22:19 - 2013-07-01 22:19 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2013-07-01 22:19 - 2013-07-01 21:31 - 00000000 ____D C:\ProgramData\HitmanPro
2013-07-01 22:13 - 2013-07-01 21:28 - 09833328 ____A (SurfRight B.V.) C:\Users\Bonnie\Downloads\HitmanPro_x64.exe
2013-07-01 22:12 - 2013-07-01 22:12 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Babylon
2013-07-01 22:12 - 2013-07-01 22:12 - 00000000 ____D C:\ProgramData\Babylon
2013-07-01 22:03 - 2013-07-01 21:28 - 00423709 ____A C:\Users\Bonnie\AppData\Local\mysearchdial_speedial_v9.0.2.crx
2013-07-01 21:28 - 2013-07-01 21:28 - 00000258 _RASH C:\Users\Bonnie\ntuser.pol
2013-07-01 21:28 - 2012-01-17 16:41 - 00000000 ____D C:\users\Bonnie
2013-07-01 21:28 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2013-07-01 15:03 - 2012-01-17 22:05 - 00000000 ____D C:\Users\Bonnie\AppData\Local\Google
2013-07-01 15:01 - 2013-07-01 15:00 - 00001110 ____A C:\AdwCleaner[R4].txt
2013-07-01 14:58 - 2013-07-01 14:58 - 00002255 ____A C:\AdwCleaner[S2].txt
2013-07-01 14:57 - 2013-07-01 14:57 - 00002171 ____A C:\AdwCleaner[R3].txt
2013-07-01 10:31 - 2013-07-01 10:31 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{BB18BDE3-E0F0-43F0-AB50-5C1CE8354E2A}
2013-07-01 10:06 - 2013-07-01 08:43 - 00000000 ____D C:\Windows\BCD5545077AC4347B24F654B1189F8D4.TMP
      My Computer
    Quote Quote

  13. Bonnie Jean
    Posts : 123
    Windows 7 Home 64 bit
    Thread Starter
       New #20

    1st attachment part 5


    Code:
    01 08:46 - 00000000 ____A C:\autoexec.bat
2013-07-01 08:45 - 2013-07-01 08:45 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-01 08:30 - 2009-07-14 07:13 - 00779724 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-01 08:29 - 2013-07-01 08:28 - 00002111 ____A C:\AdwCleaner[R2].txt
2013-06-30 22:33 - 2011-02-11 19:15 - 00765192 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-30 20:34 - 2013-05-15 21:59 - 00006448 ____A C:\ProgramData\NanoRepository.bin
2013-06-30 20:32 - 2013-06-30 20:32 - 00032285 ____A C:\AdwCleaner[S1].txt
2013-06-30 20:32 - 2013-06-30 20:32 - 00000217 ____A C:\Windows\DeleteOnReboot.bat
2013-06-30 18:48 - 2012-01-18 13:00 - 00053760 ____A C:\Users\Bonnie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-30 18:20 - 2013-06-30 18:20 - 00000000 ____D C:\FRST
2013-06-30 18:15 - 2013-06-30 18:14 - 00091231 ____A C:\AdwCleaner[R1].txt
2013-06-30 17:44 - 2013-06-30 17:44 - 00156674 ____A C:\Users\Bonnie\Desktop\Favorites.eml
2013-06-30 15:12 - 2013-06-30 15:12 - 00000000 ____D C:\Users\Bonnie\Documents\crafts
2013-06-30 14:50 - 2013-05-24 15:12 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\KastorAllVideoDownloader
2013-06-27 23:38 - 2013-05-15 21:59 - 00006448 ____A C:\ProgramData\NanoRepository.bin.bak
2013-06-27 21:14 - 2012-01-17 16:52 - 00000000 ____D C:\ProgramData\Recovery
2013-06-26 20:36 - 2012-12-11 10:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-26 20:36 - 2012-01-17 21:45 - 00000000 ____D C:\ProgramData\Skype
2013-06-25 22:57 - 2012-02-11 23:40 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\SoftGrid Client
2013-06-25 21:56 - 2013-06-25 21:56 - 00053095 ____A C:\Users\Bonnie\Documents\Avsändarens namn och postnr.odt
2013-06-25 15:28 - 2013-06-25 13:15 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Seagate
2013-06-25 15:28 - 2013-06-25 13:15 - 00000000 ____D C:\ProgramData\Seagate
2013-06-25 15:13 - 2013-04-30 08:43 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-06-25 13:20 - 2013-06-25 13:20 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Nero
2013-06-25 13:09 - 2013-06-25 13:09 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Leadertech
2013-06-24 15:49 - 2012-10-18 13:57 - 00000000 ____D C:\Users\Bonnie\Documents\My Kindle Content
2013-06-21 03:07 - 2013-06-21 03:07 - 00046792 ____A (AnchorFree Inc.) C:\Windows\System32\Drivers\hssdrv6.sys
2013-06-20 16:20 - 2009-07-14 06:45 - 00640400 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-20 15:36 - 2012-01-17 16:47 - 00223736 ____A C:\Users\Bonnie\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-20 14:54 - 2013-06-20 14:54 - 00000000 ____D C:\Program Files (x86)\pandasecuritytb
2013-06-20 10:58 - 2013-06-20 10:57 - 00004802 ____A C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-20 10:58 - 2012-07-03 17:12 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-18 09:11 - 2013-06-18 09:11 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{8BD25E63-3FFE-4E1B-902B-F7586C4DC2F0}
2013-06-17 21:11 - 2013-06-17 21:11 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{1FDF0789-6BB1-40D0-9CCA-776E519BD228}
2013-06-17 15:01 - 2013-03-27 16:20 - 00000000 ____D C:\Users\Bonnie\AppData\Roaming\Free YouTube to MP3 Converter Studio
2013-06-17 14:30 - 2012-01-20 14:30 - 00000000 ____D C:\Users\Bonnie\Documents\ConvertXtoDVD
2013-06-17 11:11 - 2012-01-24 11:46 - 00000000 ____D C:\Users\Bonnie\Documents\Cat help for Yahoo
2013-06-17 08:36 - 2013-06-17 08:35 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{150F9A7A-B594-454A-8109-B728C0458E7B}
2013-06-15 13:50 - 2013-06-15 13:50 - 00001060 ____A C:\Users\Public\Desktop\BurnAware Free.lnk
2013-06-15 13:50 - 2012-04-07 15:25 - 00000000 ____D C:\Program Files (x86)\BurnAware Free
2013-06-13 13:11 - 2013-06-13 13:11 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{575E405B-D657-452F-A5EA-3AC11F8AFEA9}
2013-06-13 11:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 23:42 - 2012-01-18 17:58 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 21:54 - 2012-03-30 08:39 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 21:54 - 2011-11-24 10:25 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 21:48 - 2012-07-03 18:09 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-06-12 21:48 - 2012-07-03 18:09 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-12 21:47 - 2013-06-20 10:58 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-12 21:43 - 2013-06-20 10:58 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-12 21:43 - 2013-06-20 10:58 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-12 21:43 - 2013-06-20 10:58 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-12 15:38 - 2013-06-12 15:38 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{C0C4894A-34C2-4FEF-8F89-2941875DC787}
2013-06-11 18:27 - 2013-06-11 18:24 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{EB6D64EE-43A9-4189-93EF-DAB6DC94574B}
2013-06-11 16:12 - 2012-01-18 11:38 - 00000000 ____D C:\Users\Bonnie\AppData\Local\Windows Live
2013-06-11 16:08 - 2013-06-11 16:08 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{03DB7770-FF54-4558-BE81-C8EBF8221008}
2013-06-11 16:04 - 2013-06-11 16:04 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{831EA40F-ADB7-4C43-A7EE-EA3C8D386939}
2013-06-10 22:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-09 16:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-09 16:21 - 2013-05-02 10:21 - 00000000 ____D C:\Users\fbwuser\AppData\Roaming\Macromedia
2013-06-09 16:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-09 13:55 - 2013-06-09 13:55 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{190AE3B8-E897-4FE2-B2E5-9B8C85183AAE}
2013-06-09 12:11 - 2013-06-09 12:11 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-09 10:11 - 2013-06-09 10:11 - 00856240 ____A C:\Users\Bonnie\AppData\Local\census.cache
2013-06-09 10:11 - 2013-06-09 10:11 - 00115462 ____A C:\Users\Bonnie\AppData\Local\ars.cache
2013-06-09 09:56 - 2013-06-09 09:56 - 00000036 ____A C:\Users\Bonnie\AppData\Local\housecall.guid.cache
2013-06-08 16:08 - 2013-06-15 22:31 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 22:31 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 22:31 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 22:31 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 22:31 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 22:31 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 22:31 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 22:31 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 22:31 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 22:31 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 22:31 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 22:31 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 10:27 - 2013-06-08 10:26 - 00000000 ____D C:\Users\Bonnie\AppData\Local\{B3AAA821-608A-4FE9-8F3F-7B52B66D6BAE}
2013-06-04 15:45 - 2013-02-27 16:15 - 00000000 ____D C:\Users\Bonnie\Documents\Audio Books to stay on Hard Drive
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
extendedinput           Yes
default                 {current}
resumeobject            {74c4be10-3600-11e0-8ff1-0018716eb820}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
customactions           0x1000085000001
                        0x5400000f
custom:5400000f         {e3baf1a9-4163-11e1-895b-001fc69fac15}
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {e3baf1a9-4163-11e1-895b-001fc69fac15}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {74c4be10-3600-11e0-8ff1-0018716eb820}
nx                      OptIn
Windows Boot Loader
-------------------
identifier              {e3baf1a9-4163-11e1-895b-001fc69fac15}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{e3baf1aa-4163-11e1-895b-001fc69fac15}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{e3baf1aa-4163-11e1-895b-001fc69fac15}
systemroot              \windows
nx                      OptIn
winpe                   Yes
Resume from Hibernate
---------------------
identifier              {74c4be10-3600-11e0-8ff1-0018716eb820}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
RAM Defects
-----------
identifier              {badmemory}
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
Device options
--------------
identifier              {e3baf1aa-4163-11e1-895b-001fc69fac15}
description             Ramdisk Options
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
LastRegBack: 2013-07-03 09:02
==================== End Of Log ======================
      My Computer
    Quote Quote

 
Page 2 of 21 FirstFirst 123412 ... LastLast

  Related Discussions
My mom and stepdad forgot their passwords for Windows 7 logon so I can't use administrator account to reset the passwords they have no reset disk Windows recovery disk for Windows 7 computer. Can't open command prompt as administrator to enable hidden administrator in reset passwords. Help
2 administrators for one computer
in General Discussion

CAN YOU SET UP TWO ADMIN ON ONE COMPUTER? I HAVE WIN 7 HOME 64 BIT I NEED TO HAVE BOTH USERS AS ADMINISTRATORS. HOW AND CAN THIS BE DONE? I AM THE ONLY ONE ON THE COMPUTER BUT HAVE ONE USER AND ONE ADMINISTRATOR. :confused: THANKS
Administrators account name
in General Discussion

The administrators user account on my computer here is "Darrin" (my first name) however whenever I am doing anything behind the scenes, it only accepts the name "Dar" as a real user. "Darrin" is not found. I can't understand how to correct this. The user folder is "Darrin" C:\Users\Darrin. It...
Administrators account name
in General Discussion

I have changed my administrators account name to something else but, I am now trying to change another account (with administrators rights) to the name administrator. It will not let me because it say's that name is already taken. but I had changed that one??? thks:confused:
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 19:58.
Find Us