Inactive Confused

[Khansahb]

Recently I had my computer cleaned by using the steps given by this forum, but I'm still noticing problems with my computer. I'm still getting tons of errors in the event viewer logs, and the lag in loading pages is still there. And also, picture and video quality has deteriorated noticeably. Beyond this some other odd things have been happening like the airplane mode button on my keyboard no longer works and sometimes the computer either doesn't respond to the mouse scroll or click or it responds very slowly. When I ran my regular antivirus scan (Avast) and antimalware scan (Malwarebytes) it turned up nothing so I tried running another anti-malware scan, Superanti-spyware, that turned up the following:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/11/2013 at 02:01 PM

Application Version : 5.6.1020

Core Rules Database Version : 10682
Trace Rules Database Version: 8494

Scan type : Complete Scan
Total Scan Time : 00:23:42

Operating System Information
65 Edition 64-bit (Build 6.02.9200)
UAC Off - Administrator

Memory items scanned : 420
Memory threats detected : 0
Registry items scanned : 68489
Registry threats detected : 0
File items scanned : 48810
File threats detected : 305

Trojan.Agent/Gen-Autoit
C:\REMOTE-SERVICE\CMD\CACLS.EXE
C:\REMOTE-SERVICE\CMD\FIRSTRUN.EXE

Adware.Tracking Cookie
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.cindyclips.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.mlnadvertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
nakedsecurity.sophos.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nakedsecurity.sophos.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nakedsecurity.sophos.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nakedsecurity.sophos.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sitestats.ets.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.martiniadnetwork.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pcworldcommunication.122.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imp.bid.ace.advertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediamatters.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eset.122.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyeviewads.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
pulse-analytics-beacon.reutersmedia.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.zanox.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.prd.inpwrd.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atlanticmedia.122.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tourismqld.122.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.netspiderads2.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.netspiderads3.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
timesofindia.indiatimes.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.care2.112.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaconverter.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaconverter.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaconverter.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediaconverter.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediaconverter.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediaconverter.org [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackalyzer.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revenuemantra.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gntbcstglobal.112.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.network.realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaite.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaite.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
videos.mediaite.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
videos.mediaite.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
videos.mediaite.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.tune.pk [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mtvn.112.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trinitymirror.112.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.network.realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.network.realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.adotube.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.microsoftsto.112.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
livetracker.voanews.eu [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
uac.advertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.msnbc.112.2o7.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackoff.us [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackoff.us [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackoff.us [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\NABEEL AHMAD KHAN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

I had used Super anti spyware some time ago and this same trojan was detected then as well except that then there was only one entry. How can I be sure that it was removed this time and what should I do to address the problems I have been noticing with my computer?

 

[Broni]

Trojan.Agent/Gen-Autoit
C:\REMOTE-SERVICE\CMD\CACLS.EXE
C:\REMOTE-SERVICE\CMD\FIRSTRUN.EXE

Most likely false positives.
You can upload both files here: https://www.virustotal.com/en/

The other findings are just cookies.
Most security programs (as well as myself) don't even bother with cookies as they're harmless so there is no issue here.

I'm still getting tons of errors in the event viewer logs

Every computer has some errors listed so unless we're investigating some particular issue there is no reason to dig through Event Viewer.

the lag in loading pages is still there. And also, picture and video quality has deteriorated noticeably

What browser?
How about other browsers?

 

[Khansahb]

I can't seem to find those two files on my computer.

Yes I noticed that the rest were cookies so I wasn't as concerned about those.

Well, the only reason I was concerned is because of how many errors (over 1700) I saw in the event viewer.

The problems with lag and picture quality seem to be affecting my computer across the board. Even pictures that I have on my computer (ie: not on the internet) are showing up blurrier than before. The primary browser I use is Google Chrome, but I've noticed the same issue on Internet Explorer.

 

[Khansahb]

If those two were false positives, could removing them have damaged my computer?

 

[Broni]

No. Those are not Windows files.

Please download VEW and save it to your Desktop: http://images.malwareremoval.com/vino/VEW.exe

Double-click VEW.exe then under Select log to query, select:
Application
System

Under Select type to list, select:
Critical (Vista only)
Error

Click the radio button for Number of events
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

In Notepad, click Edit > Select all then Edit > Copy
Reply to this post, click in the reply window and press Ctrl+V on your keyboard to paste the log.

 

[Khansahb]

When I tried to run it it gave me an error message: "Cannot find the C:\VEW.txt file. Do you want to create a new file."

 

[Broni]

Download DDS by sUBs from one of the following links. Save it to your desktop.

• • DDS.com
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explaination about the tool. No input is needed, the scan is running.
• Notepad will open with the results.
• Follow the instructions that pop up for posting the results.
• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

 

[Khansahb]

Here you go

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Nabeel Ahmad Khan at 17:37:57 on 2013-08-11
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3526.2659 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\windows\system32\dashost.exe
C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\windows\SysWOW64\notepad.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\SysWOW64\ctfmon.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://lenovo13.msn.com
BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29R1118G05R7:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Lenovo EasyCamera_Monitor] C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\NABEEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\windows\System32\RunDll32.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{C77FBA3B-5506-4A3E-978D-835E64A7E623} : DHCPNameServer = 192.168.1.1
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynLenovoGestureMgr] "C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-mPolicies-Explorer: NoDrives = dword:0
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\windows\System32\Drivers\aswRvrt.sys [2013-7-19 65336]
R0 aswVmm;aswVmm;C:\windows\System32\Drivers\aswVmm.sys [2013-7-19 189936]
R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2012-10-18 39008]
R1 aswSnx;aswSnx;C:\windows\System32\Drivers\aswSnx.sys [2013-7-19 1030952]
R1 aswSP;aswSP;C:\windows\System32\Drivers\aswSP.sys [2013-7-19 378944]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-23 143120]
R2 APXACC;AppEx Networks Accelerator LWF;C:\windows\System32\Drivers\appexDrv.sys [2012-10-18 199008]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\Drivers\aswFsBlk.sys [2013-7-19 33400]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\Drivers\aswMonFlt.sys [2013-7-19 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-7-19 46808]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2013-8-9 109352]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-6-17 230408]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2013-6-17 69640]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\Drivers\AtihdW86.sys [2012-9-21 98472]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\System32\Drivers\netr28x.sys [2013-4-15 2482960]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-10-18 690832]
R3 SmbDrv;SmbDrv;C:\windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-1-29 28400]
R3 SPUVCbv;SPUVCb Driver Service;C:\windows\System32\Drivers\SPUVCBv_x64.sys [2012-8-11 1070712]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\Drivers\usbfilter.sys [2012-10-18 57000]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2012-10-18 315536]
S3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-6-24 23552]
S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2012-10-18 102376]
S4 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-9-21 239616]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-9-11 361984]
.
=============== Created Last 30 ================
.
2013-08-11 18:47:09--------d-----w-C:\Users\Nabeel Ahmad Khan\AppData\Local\SugarSync
2013-08-11 17:37:06--------d-----w-C:\Users\Nabeel Ahmad Khan\AppData\Roaming\SUPERAntiSpyware.com
2013-08-11 17:36:11--------d-----w-C:\ProgramData\SUPERAntiSpyware.com
2013-08-11 17:36:11--------d-----w-C:\Program Files\SUPERAntiSpyware
2013-08-08 03:57:50261808----a-w-C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10213.bin
2013-07-24 18:13:37--------d-----w-C:\Users\Nabeel Ahmad Khan\AppData\Roaming\FileOpen
2013-07-24 18:13:37--------d-----w-C:\ProgramData\FileOpen
2013-07-24 18:12:4529704----a-w-C:\windows\System32\nitrolocalmon2.dll
2013-07-24 18:12:4517928----a-w-C:\windows\System32\nitrolocalui2.dll
2013-07-24 18:12:04--------d-----w-C:\Program Files\Common Files\Nitro
2013-07-24 18:12:00--------d-----w-C:\Program Files (x86)\Nitro
2013-07-24 18:12:00--------d-----w-C:\Program Files (x86)\Common Files\Nitro
2013-07-22 11:19:50--------d-----w-C:\Program Files (x86)\ESET
2013-07-21 19:44:43--------d-----w-C:\windows\ERUNT
2013-07-21 19:08:38--------d-sh--w-C:\$RECYCLE.BIN
2013-07-21 19:07:41--------d-----w-C:\Users\Nabeel Ahmad Khan\AppData\Local\temp
2013-07-21 18:00:39--------d-----w-C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-21 17:06:27--------d-----w-C:\Users\Nabeel Ahmad Khan\AppData\Roaming\Malwarebytes
2013-07-21 17:06:15--------d-----w-C:\ProgramData\Malwarebytes
2013-07-21 17:06:1325928----a-w-C:\windows\System32\drivers\mbam.sys
2013-07-21 17:06:13--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-19 21:54:16--------d-----w-C:\Users\Nabeel Ahmad Khan\AppData\Roaming\RoboForm
2013-07-19 21:52:12--------d-----w-C:\Program Files (x86)\Siber Systems
2013-07-19 21:51:0472016----a-w-C:\windows\System32\drivers\aswRdr2.sys
2013-07-19 21:50:5680816----a-w-C:\windows\System32\drivers\aswMonFlt.sys
2013-07-19 21:50:5665336----a-w-C:\windows\System32\drivers\aswRvrt.sys
2013-07-19 21:50:56189936----a-w-C:\windows\System32\drivers\aswVmm.sys
2013-07-19 21:50:561030952----a-w-C:\windows\System32\drivers\aswSnx.sys
2013-07-19 21:50:3041664----a-w-C:\windows\avastSS.scr
2013-07-18 20:32:33--------d-s---w-C:\windows\SysWow64\Microsoft
2013-07-18 20:32:29--------d-----w-C:\windows\System32\catroot2
2013-07-18 20:17:30--------d-----w-C:\windows\SysWow64\wbem\Performance
2013-07-18 20:13:46--------d-----w-C:\RegBackup
2013-07-14 09:53:30207968----a-w-C:\windows\System32\drivers\93319332.sys
.
==================== Find3M ====================
.
2013-06-27 22:04:5178200----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04:51693112----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2013-06-17 23:08:5669640----a-w-C:\windows\SysWow64\NLSSRV32.EXE
2013-06-16 22:41:31997632----a-w-C:\windows\System32\drivers\ndis.sys
2013-06-11 23:43:371767936----a-w-C:\windows\SysWow64\wininet.dll
2013-06-11 23:43:002877440----a-w-C:\windows\SysWow64\jscript9.dll
2013-06-11 23:26:202241024----a-w-C:\windows\System32\wininet.dll
2013-06-11 23:25:163958784----a-w-C:\windows\System32\jscript9.dll
2013-06-01 11:54:16194816----a-w-C:\windows\System32\drivers\sdbus.sys
2013-06-01 11:54:10125184----a-w-C:\windows\System32\drivers\dumpsd.sys
2013-06-01 11:34:212391280----a-w-C:\windows\explorer.exe
2013-06-01 11:33:132233600----a-w-C:\windows\System32\drivers\tcpip.sys
2013-06-01 11:29:35337152----a-w-C:\windows\System32\drivers\USBXHCI.SYS
2013-06-01 11:29:35213248----a-w-C:\windows\System32\drivers\UCX01000.SYS
2013-06-01 11:26:33327936----a-w-C:\windows\System32\drivers\volsnap.sys
2013-06-01 11:26:316987008----a-w-C:\windows\System32\ntoskrnl.exe
2013-06-01 10:24:462106176----a-w-C:\windows\SysWow64\explorer.exe
2013-06-01 09:25:52364544----a-w-C:\windows\SysWow64\XpsGdiConverter.dll
2013-06-01 09:25:0567584----a-w-C:\windows\SysWow64\samlib.dll
2013-06-01 09:25:03496640----a-w-C:\windows\SysWow64\qedit.dll
2013-06-01 09:24:19493056----a-w-C:\windows\SysWow64\mscms.dll
2013-06-01 09:24:09850944----a-w-C:\windows\SysWow64\mfasfsrcsnk.dll
2013-06-01 09:24:091453568----a-w-C:\windows\SysWow64\mfcore.dll
2013-06-01 09:23:461842176----a-w-C:\windows\SysWow64\dwmcore.dll
2013-06-01 09:23:06680960----a-w-C:\windows\System32\vds.exe
2013-06-01 09:22:4780896----a-w-C:\windows\System32\MbaeParserTask.exe
2013-06-01 09:22:33523264----a-w-C:\windows\System32\XpsGdiConverter.dll
2013-06-01 09:22:33446976----a-w-C:\windows\System32\wwansvc.dll
2013-06-01 09:22:09190976----a-w-C:\windows\System32\vdsutil.dll
2013-06-01 09:21:39729600----a-w-C:\windows\System32\samsrv.dll
2013-06-01 09:21:39106496----a-w-C:\windows\System32\samlib.dll
2013-06-01 09:21:34595968----a-w-C:\windows\System32\qedit.dll
2013-06-01 09:20:45583168----a-w-C:\windows\System32\mscms.dll
2013-06-01 09:20:341527808----a-w-C:\windows\System32\mfcore.dll
2013-06-01 09:20:341048576----a-w-C:\windows\System32\mfasfsrcsnk.dll
2013-06-01 09:20:042219520----a-w-C:\windows\System32\dwmcore.dll
2013-06-01 09:19:58207872----a-w-C:\windows\System32\DeviceSetupManager.dll
2013-06-01 09:19:42785408----a-w-C:\windows\System32\audiosrv.dll
2013-06-01 03:08:5737632----a-w-C:\windows\System32\drivers\BthAvrcpTg.sys
2013-05-30 23:14:234036096----a-w-C:\windows\System32\win32k.sys
2013-05-24 22:09:201403296----a-w-C:\windows\System32\winload.efi
2013-05-24 22:09:201271584----a-w-C:\windows\System32\winload.exe
2013-05-24 22:09:201217352----a-w-C:\windows\System32\winresume.efi
2013-05-24 22:09:201093904----a-w-C:\windows\System32\winresume.exe
2013-05-23 23:01:461300992----a-w-C:\windows\System32\gdi32.dll
2013-05-23 22:27:051022464----a-w-C:\windows\SysWow64\gdi32.dll
2013-05-15 22:37:0344032----a-w-C:\windows\SysWow64\UXInit.dll
2013-05-15 22:35:4953760----a-w-C:\windows\System32\UXInit.dll
2013-05-15 22:35:47144384----a-w-C:\windows\System32\tssdisai.dll
2013-05-15 02:25:59888320----a-w-C:\windows\System32\autochk.exe
2013-05-15 02:25:44542208----a-w-C:\windows\System32\untfs.dll
2013-05-15 02:24:10793088----a-w-C:\windows\SysWow64\autochk.exe
2013-05-15 02:24:01482816----a-w-C:\windows\SysWow64\untfs.dll
2013-05-14 13:14:012706432----a-w-C:\windows\System32\mshtml.tlb
2013-05-14 09:23:312706432----a-w-C:\windows\SysWow64\mshtml.tlb
.
============= FINISH: 17:38:15.19 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 6/23/2013 1:53:04 AM
System Uptime: 8/11/2013 2:22:03 PM (3 hours ago)
.
Motherboard: LENOVO | | Lenovo IdeaPad S405
Processor: AMD A6-4455M APU with Radeon(tm) HD Graphics | Socket FT1 | 2100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 418 GiB total, 383.476 GiB free.
D: is FIXED (NTFS) - 25 GiB total, 24.869 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP11: 7/24/2013 12:59:50 PM - OTL Restore Point - 7/24/2013 12:59:50 PM
RP12: 8/2/2013 6:36:13 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Amazon Browser App
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Quick Stream
AMD VISION Engine Control Center
avast! EasyPass
avast! Free Antivirus
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Dolby Advanced Audio v2
Energy Management
Google Chrome
Google Update Helper
HitmanPro 3.7
HP Deskjet 3510 series Basic Device Software
HP Deskjet 3510 series Help
HP FWUpdateEDO2
HP Photo Creations
HP Update
HPDiagnosticAlert
Intel AppUp(SM) center
Intelligent Touchpad
Lenovo EasyCamera
Lenovo OneKey Recovery
Lenovo Photos
Lenovo YouCam
Lenovo_Wireless_Driver
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Office
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Nitro Pro 8
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Shared C Run-time for x64
SugarSync Manager
SUPERAntiSpyware
Synaptics Pointing Device Driver
UserGuide
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
.
==== Event Viewer Messages From Past Week ========
.
8/11/2013 2:22:07 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
8/11/2013 2:21:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
8/11/2013 2:21:39 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
8/11/2013 2:05:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {7022A3B3-D004-4F52-AF11-E9E987FEE25F}
8/11/2013 2:05:04 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
8/11/2013 2:04:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
8/11/2013 2:03:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
8/11/2013 2:03:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
.
==== End Of File ===========================

 

[Broni]

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

 

[Khansahb]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-08-2013 02
Ran by Nabeel Ahmad Khan (administrator) on 11-08-2013 17:46:09
Running from C:\Users\Nabeel Ahmad Khan\Downloads
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\windows\SysWOW64\NLSSRV32.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\windows\SysWOW64\NOTEPAD.EXE
(Microsoft Corporation) C:\windows\SysWOW64\NOTEPAD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-26] (Synaptics)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-10-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-10-18] (Lenovo(beijing) Limited)
HKCU\...\Run: [HP Deskjet 3510 series (NET)] - C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [96056 2013-07-19] (Siber Systems)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5622512 2013-05-14] (SUPERAntiSpyware.com)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Lenovo EasyCamera_Monitor] - C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe [267128 2012-06-04] ()
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
Startup: C:\Users\Nabeel Ahmad Khan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {4EFC54C3-720C-4655-BCF7-742CDBD2606D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {4EFC54C3-720C-4655-BCF7-742CDBD2606D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {4EFC54C3-720C-4655-BCF7-742CDBD2606D} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! EasyPass Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
BHO-x32: avast! EasyPass Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (Google Docs) - C:\Users\NABEEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\NABEEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\NABEEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\NABEEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Online Security) - C:\Users\NABEEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Gmail) - C:\Users\NABEEL~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-11] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-08-09] (SurfRight B.V.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-06-17] (Nitro PDF Software)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-19] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-19] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-16] (Advanced Micro Devices)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [28400 2013-01-29] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1070712 2012-08-11] (Sunplus)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-11 17:45 - 2013-08-11 17:45 - 01575246 _____ (Farbar) C:\Users\Nabeel Ahmad Khan\Downloads\FRST64.exe
2013-08-11 17:38 - 2013-08-11 17:38 - 00015936 _____ C:\Users\Nabeel Ahmad Khan\Desktop\dds.txt
2013-08-11 17:38 - 2013-08-11 17:38 - 00004663 _____ C:\Users\Nabeel Ahmad Khan\Desktop\attach.txt
2013-08-11 17:35 - 2013-08-11 17:35 - 00688992 ____R (Swearware) C:\Users\Nabeel Ahmad Khan\Downloads\dds.com
2013-08-11 17:22 - 2013-08-11 17:22 - 00061440 _____ ( ) C:\Users\Nabeel Ahmad Khan\Desktop\VEW.exe
2013-08-11 14:51 - 2013-08-11 14:51 - 00006502 _____ C:\Users\Nabeel Ahmad Khan\Documents\HitmanPro_20130811_1451.log
2013-08-11 14:47 - 2013-08-11 14:47 - 00000000 ____D C:\Users\NABEEL~1\AppData\Local\SugarSync
2013-08-11 13:37 - 2013-08-11 13:37 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\SUPERAntiSpyware.com
2013-08-11 13:36 - 2013-08-11 13:37 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-08-11 13:36 - 2013-08-11 13:36 - 00001819 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2013-08-11 13:36 - 2013-08-11 13:36 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-08-11 12:41 - 2013-08-11 12:42 - 26946208 _____ (SUPERAntiSpyware) C:\Users\Nabeel Ahmad Khan\Desktop\SUPERAntiSpywarePro.exe
2013-08-09 06:34 - 2013-08-11 14:59 - 00001908 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-08-09 06:32 - 2013-08-11 14:59 - 09853928 _____ (SurfRight B.V.) C:\Users\Nabeel Ahmad Khan\Downloads\HitmanPro_x64.exe
2013-08-09 06:30 - 2013-08-09 06:30 - 00584600 _____ C:\Users\Nabeel Ahmad Khan\Downloads\cbsidlm-tr1_14-HitmanPro_3_64bit-SEO-75110395.exe
2013-08-09 06:14 - 2013-08-09 06:14 - 00016064 _____ C:\Users\Nabeel Ahmad Khan\Documents\HitmanPro_20130809_0614.log
2013-07-24 14:13 - 2013-07-24 14:13 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\FileOpen
2013-07-24 14:13 - 2013-07-24 14:13 - 00000000 ____D C:\ProgramData\FileOpen
2013-07-24 14:12 - 2013-07-24 14:12 - 00001973 _____ C:\Users\Public\Desktop\Nitro Pro 8.lnk
2013-07-24 14:12 - 2013-07-24 14:12 - 00000000 ____D C:\Program Files\Common Files\Nitro
2013-07-24 14:12 - 2013-07-24 14:12 - 00000000 ____D C:\Program Files (x86)\Nitro
2013-07-24 14:12 - 2013-06-17 19:08 - 00029704 _____ (Nitro PDF Software) C:\windows\system32\nitrolocalmon2.dll
2013-07-24 14:12 - 2013-06-17 19:08 - 00017928 _____ (Nitro PDF Software) C:\windows\system32\nitrolocalui2.dll
2013-07-24 14:09 - 2013-07-24 14:09 - 00009886 _____ C:\Users\Nabeel Ahmad Khan\Downloads\Trinity College - Undergraduates University Health Plans, Inc..htm
2013-07-24 14:09 - 2013-07-24 14:09 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\Downloads\Trinity College - Undergraduates University Health Plans, Inc._files
2013-07-22 07:19 - 2013-07-22 07:19 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-21 15:44 - 2013-07-21 15:44 - 00000000 ____D C:\windows\ERUNT
2013-07-21 14:47 - 2013-07-21 15:03 - 00000000 ____D C:\windows\erdnt
2013-07-21 14:00 - 2013-07-21 14:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-21 13:06 - 2013-07-21 13:06 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-21 13:06 - 2013-07-21 13:06 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\Malwarebytes
2013-07-21 13:06 - 2013-07-21 13:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-21 13:06 - 2013-07-21 13:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-21 13:06 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2013-07-21 13:03 - 2013-07-21 13:04 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nabeel Ahmad Khan\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00000568 _____ C:\Users\Nabeel Ahmad Khan\Documents\log3.log
2013-07-21 03:42 - 2013-07-21 03:42 - 00452830 _____ C:\Users\Nabeel Ahmad Khan\Downloads\pe386.wmv
2013-07-19 17:54 - 2013-07-19 17:54 - 00003514 _____ C:\windows\System32\Tasks\Run RoboForm TaskBar Icon
2013-07-19 17:54 - 2013-07-19 17:54 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\RoboForm
2013-07-19 17:52 - 2013-07-19 17:52 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\Documents\My Avast EasyPass Data
2013-07-19 17:52 - 2013-07-19 17:52 - 00000000 ____D C:\ProgramData\RoboForm
2013-07-19 17:52 - 2013-07-19 17:52 - 00000000 ____D C:\Program Files (x86)\Siber Systems
2013-07-19 17:51 - 2013-07-19 17:51 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-19 17:51 - 2013-07-19 17:51 - 00001933 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-19 17:51 - 2013-05-09 04:59 - 00072016 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-07-19 17:51 - 2013-05-09 04:59 - 00064288 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-07-19 17:51 - 2013-05-09 04:59 - 00033400 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-07-19 17:50 - 2013-07-21 15:42 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-19 17:50 - 2013-07-19 17:51 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-19 17:50 - 2013-07-19 17:51 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-19 17:50 - 2013-05-09 04:59 - 00080816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-07-19 17:50 - 2013-05-09 04:59 - 00065336 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-07-19 17:50 - 2013-05-09 04:58 - 00041664 _____ (AVAST Software) C:\windows\avastSS.scr
2013-07-18 16:24 - 2013-07-31 21:42 - 00005546 _____ C:\windows\PFRO.log
2013-07-18 16:17 - 2013-07-18 16:19 - 00848230 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-07-18 16:15 - 2013-07-18 16:24 - 00181064 _____ (Sysinternals) C:\windows\PSEXESVC.EXE
2013-07-18 16:14 - 2013-07-18 16:14 - 00000207 _____ C:\windows\tweaking.com-regbackup-IDEA-PC-Microsoft-Windows-8-(64-bit).dat
2013-07-18 16:13 - 2013-07-18 16:13 - 00000000 ____D C:\RegBackup
2013-07-18 15:30 - 2013-07-18 15:31 - 00004394 _____ C:\Users\Nabeel Ahmad Khan\Documents\cc_20130718_153056.reg
2013-07-18 15:24 - 2013-08-11 17:05 - 01617345 _____ C:\windows\WindowsUpdate.log
2013-07-18 07:58 - 2013-06-16 18:41 - 00997632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2013-07-18 07:58 - 2013-06-01 07:54 - 00194816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-07-18 07:58 - 2013-06-01 07:54 - 00125184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-07-18 07:58 - 2013-06-01 07:34 - 02391280 _____ (Microsoft Corporation) C:\windows\explorer.exe
2013-07-18 07:58 - 2013-06-01 07:33 - 02233600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-07-18 07:58 - 2013-06-01 07:29 - 00337152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2013-07-18 07:58 - 2013-06-01 07:29 - 00213248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2013-07-18 07:58 - 2013-06-01 07:26 - 06987008 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-07-18 07:58 - 2013-06-01 07:26 - 00327936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2013-07-18 07:58 - 2013-06-01 06:24 - 02106176 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2013-07-18 07:58 - 2013-06-01 05:25 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2013-07-18 07:58 - 2013-06-01 05:25 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2013-07-18 07:58 - 2013-06-01 05:24 - 01453568 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2013-07-18 07:58 - 2013-06-01 05:24 - 00850944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2013-07-18 07:58 - 2013-06-01 05:24 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2013-07-18 07:58 - 2013-06-01 05:23 - 01842176 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2013-07-18 07:58 - 2013-06-01 05:23 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2013-07-18 07:58 - 2013-06-01 05:22 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2013-07-18 07:58 - 2013-06-01 05:22 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-07-18 07:58 - 2013-06-01 05:22 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
2013-07-18 07:58 - 2013-06-01 05:22 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2013-07-18 07:58 - 2013-06-01 05:21 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2013-07-18 07:58 - 2013-06-01 05:21 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2013-07-18 07:58 - 2013-06-01 05:20 - 02219520 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2013-07-18 07:58 - 2013-06-01 05:20 - 01527808 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2013-07-18 07:58 - 2013-06-01 05:20 - 01048576 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2013-07-18 07:58 - 2013-06-01 05:20 - 00583168 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2013-07-18 07:58 - 2013-06-01 05:19 - 00785408 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2013-07-18 07:58 - 2013-06-01 05:19 - 00207872 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupManager.dll
2013-07-18 07:58 - 2013-05-31 23:08 - 00037632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthAvrcpTg.sys
2013-07-18 07:58 - 2013-05-24 18:09 - 01403296 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2013-07-18 07:58 - 2013-05-24 18:09 - 01271584 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2013-07-18 07:58 - 2013-05-24 18:09 - 01217352 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2013-07-18 07:58 - 2013-05-24 18:09 - 01093904 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2013-07-18 07:58 - 2013-05-19 20:08 - 00386642 _____ C:\windows\system32\ApnDatabase.xml
2013-07-16 20:16 - 2013-07-16 20:16 - 00000648 _____ C:\Users\Nabeel Ahmad Khan\Documents\log 2.log
2013-07-15 19:46 - 2013-07-15 19:47 - 02796214 _____ C:\Users\Nabeel Ahmad Khan\Downloads\BCert.zip
2013-07-14 20:56 - 2013-07-14 20:56 - 00000501 _____ C:\Users\Nabeel Ahmad Khan\Documents\log.log
2013-07-14 20:53 - 2013-07-14 20:57 - 00000169 _____ C:\Users\Nabeel Ahmad Khan\Documents\gasdg.txt
2013-07-14 20:45 - 2013-07-14 20:45 - 00000097 _____ C:\Users\Nabeel Ahmad Khan\Documents\fasdf.txt
2013-07-14 20:44 - 2013-07-18 15:20 - 00000000 ____D C:\windows\Minidump
2013-07-14 20:35 - 2013-07-14 20:35 - 00281088 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-14 05:53 - 2013-07-14 05:53 - 00207968 _____ (Kaspersky Lab, GERT) C:\windows\system32\Drivers\93319332.sys

==================== One Month Modified Files and Folders =======

2013-08-11 17:45 - 2013-08-11 17:45 - 01575246 _____ (Farbar) C:\Users\Nabeel Ahmad Khan\Downloads\FRST64.exe
2013-08-11 17:38 - 2013-08-11 17:38 - 00015936 _____ C:\Users\Nabeel Ahmad Khan\Desktop\dds.txt
2013-08-11 17:38 - 2013-08-11 17:38 - 00004663 _____ C:\Users\Nabeel Ahmad Khan\Desktop\attach.txt
2013-08-11 17:35 - 2013-08-11 17:35 - 00688992 ____R (Swearware) C:\Users\Nabeel Ahmad Khan\Downloads\dds.com
2013-08-11 17:24 - 2013-06-23 01:54 - 00000000 ____D C:\Users\NABEEL~1\AppData\Local\VirtualStore
2013-08-11 17:22 - 2013-08-11 17:22 - 00061440 _____ ( ) C:\Users\Nabeel Ahmad Khan\Desktop\VEW.exe
2013-08-11 17:15 - 2013-06-23 02:00 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-11 17:05 - 2013-07-18 15:24 - 01617345 _____ C:\windows\WindowsUpdate.log
2013-08-11 16:57 - 2012-07-26 03:28 - 00848230 _____ C:\windows\system32\PerfStringBackup.INI
2013-08-11 15:00 - 2012-07-26 04:12 - 00000000 ____D C:\windows\system32\sru
2013-08-11 14:59 - 2013-08-09 06:34 - 00001908 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-08-11 14:59 - 2013-08-09 06:32 - 09853928 _____ (SurfRight B.V.) C:\Users\Nabeel Ahmad Khan\Downloads\HitmanPro_x64.exe
2013-08-11 14:51 - 2013-08-11 14:51 - 00006502 _____ C:\Users\Nabeel Ahmad Khan\Documents\HitmanPro_20130811_1451.log
2013-08-11 14:47 - 2013-08-11 14:47 - 00000000 ____D C:\Users\NABEEL~1\AppData\Local\SugarSync
2013-08-11 14:46 - 2013-06-24 14:44 - 00000000 ____D C:\Users\NABEEL~1\AppData\Local\Tific
2013-08-11 14:23 - 2013-06-23 02:00 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-11 14:22 - 2012-07-26 03:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-11 14:02 - 2012-07-26 01:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-08-11 13:37 - 2013-08-11 13:37 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\SUPERAntiSpyware.com
2013-08-11 13:37 - 2013-08-11 13:36 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-08-11 13:36 - 2013-08-11 13:36 - 00001819 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2013-08-11 13:36 - 2013-08-11 13:36 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-08-11 12:42 - 2013-08-11 12:41 - 26946208 _____ (SUPERAntiSpyware) C:\Users\Nabeel Ahmad Khan\Desktop\SUPERAntiSpywarePro.exe
2013-08-09 06:34 - 2013-06-24 15:57 - 00000000 ____D C:\Program Files\HitmanPro
2013-08-09 06:30 - 2013-08-09 06:30 - 00584600 _____ C:\Users\Nabeel Ahmad Khan\Downloads\cbsidlm-tr1_14-HitmanPro_3_64bit-SEO-75110395.exe
2013-08-09 06:30 - 2012-07-26 04:12 - 00000000 ____D C:\windows\Resources
2013-08-09 06:14 - 2013-08-09 06:14 - 00016064 _____ C:\Users\Nabeel Ahmad Khan\Documents\HitmanPro_20130809_0614.log
2013-08-06 16:03 - 2012-07-26 04:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-07-31 21:42 - 2013-07-18 16:24 - 00005546 _____ C:\windows\PFRO.log
2013-07-31 18:19 - 2013-06-23 02:02 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-24 14:15 - 2013-06-24 16:19 - 00000562 _____ C:\Users\Nabeel Ahmad Khan\Documents\Technician Summary.txt
2013-07-24 14:13 - 2013-07-24 14:13 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\FileOpen
2013-07-24 14:13 - 2013-07-24 14:13 - 00000000 ____D C:\ProgramData\FileOpen
2013-07-24 14:12 - 2013-07-24 14:12 - 00001973 _____ C:\Users\Public\Desktop\Nitro Pro 8.lnk
2013-07-24 14:12 - 2013-07-24 14:12 - 00000000 ____D C:\Program Files\Common Files\Nitro
2013-07-24 14:12 - 2013-07-24 14:12 - 00000000 ____D C:\Program Files (x86)\Nitro
2013-07-24 14:09 - 2013-07-24 14:09 - 00009886 _____ C:\Users\Nabeel Ahmad Khan\Downloads\Trinity College - Undergraduates University Health Plans, Inc..htm
2013-07-24 14:09 - 2013-07-24 14:09 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\Downloads\Trinity College - Undergraduates University Health Plans, Inc._files
2013-07-24 13:59 - 2013-06-24 00:43 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\Downloaded Installations
2013-07-24 13:33 - 2012-07-26 04:12 - 00000000 ____D C:\windows\system32\NDF
2013-07-22 07:19 - 2013-07-22 07:19 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-21 15:44 - 2013-07-21 15:44 - 00000000 ____D C:\windows\ERUNT
2013-07-21 15:42 - 2013-07-19 17:50 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2013-07-21 15:07 - 2012-07-26 01:37 - 00000000 ___HD C:\Users\Default
2013-07-21 15:03 - 2013-07-21 14:47 - 00000000 ____D C:\windows\erdnt
2013-07-21 14:57 - 2012-07-26 01:26 - 00000215 _____ C:\windows\system.ini
2013-07-21 14:12 - 2013-07-21 14:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-21 13:06 - 2013-07-21 13:06 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-21 13:06 - 2013-07-21 13:06 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\Malwarebytes
2013-07-21 13:06 - 2013-07-21 13:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-21 13:06 - 2013-07-21 13:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-21 13:04 - 2013-07-21 13:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Nabeel Ahmad Khan\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-21 03:44 - 2013-07-21 03:44 - 00000568 _____ C:\Users\Nabeel Ahmad Khan\Documents\log3.log
2013-07-21 03:42 - 2013-07-21 03:42 - 00452830 _____ C:\Users\Nabeel Ahmad Khan\Downloads\pe386.wmv
2013-07-19 18:05 - 2013-06-23 03:13 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-07-19 17:54 - 2013-07-19 17:54 - 00003514 _____ C:\windows\System32\Tasks\Run RoboForm TaskBar Icon
2013-07-19 17:54 - 2013-07-19 17:54 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\RoboForm
2013-07-19 17:52 - 2013-07-19 17:52 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\Documents\My Avast EasyPass Data
2013-07-19 17:52 - 2013-07-19 17:52 - 00000000 ____D C:\ProgramData\RoboForm
2013-07-19 17:52 - 2013-07-19 17:52 - 00000000 ____D C:\Program Files (x86)\Siber Systems
2013-07-19 17:51 - 2013-07-19 17:51 - 00378944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2013-07-19 17:51 - 2013-07-19 17:51 - 00001933 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-19 17:51 - 2013-07-19 17:50 - 01030952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-07-19 17:51 - 2013-07-19 17:50 - 00189936 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-07-19 17:51 - 2013-06-27 15:26 - 00000175 _____ C:\windows\system32\Drivers\aswVmm.sys.sum
2013-07-19 17:51 - 2013-06-26 15:26 - 00000175 _____ C:\windows\system32\Drivers\aswSP.sys.sum
2013-07-19 17:51 - 2013-06-26 15:26 - 00000175 _____ C:\windows\system32\Drivers\aswSnx.sys.sum
2013-07-19 17:50 - 2013-06-23 03:12 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-19 17:50 - 2013-06-23 03:11 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-18 21:54 - 2013-06-23 02:02 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1192066696-2626669796-3351997080-1002
2013-07-18 16:24 - 2013-07-18 16:15 - 00181064 _____ (Sysinternals) C:\windows\PSEXESVC.EXE
2013-07-18 16:20 - 2012-07-26 01:26 - 00000128 _____ C:\windows\win.ini
2013-07-18 16:19 - 2013-07-18 16:17 - 00848230 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-07-18 16:14 - 2013-07-18 16:14 - 00000207 _____ C:\windows\tweaking.com-regbackup-IDEA-PC-Microsoft-Windows-8-(64-bit).dat
2013-07-18 16:13 - 2013-07-18 16:13 - 00000000 ____D C:\RegBackup
2013-07-18 16:01 - 2013-06-24 15:02 - 00000000 ____D C:\remote-service
2013-07-18 15:31 - 2013-07-18 15:30 - 00004394 _____ C:\Users\Nabeel Ahmad Khan\Documents\cc_20130718_153056.reg
2013-07-18 15:20 - 2013-07-14 20:44 - 00000000 ____D C:\windows\Minidump
2013-07-18 15:16 - 2013-06-23 02:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-16 20:16 - 2013-07-16 20:16 - 00000648 _____ C:\Users\Nabeel Ahmad Khan\Documents\log 2.log
2013-07-15 19:47 - 2013-07-15 19:46 - 02796214 _____ C:\Users\Nabeel Ahmad Khan\Downloads\BCert.zip
2013-07-14 20:57 - 2013-07-14 20:53 - 00000169 _____ C:\Users\Nabeel Ahmad Khan\Documents\gasdg.txt
2013-07-14 20:56 - 2013-07-14 20:56 - 00000501 _____ C:\Users\Nabeel Ahmad Khan\Documents\log.log
2013-07-14 20:45 - 2013-07-14 20:45 - 00000097 _____ C:\Users\Nabeel Ahmad Khan\Documents\fasdf.txt
2013-07-14 20:35 - 2013-07-14 20:35 - 00281088 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-14 05:53 - 2013-07-14 05:53 - 00207968 _____ (Kaspersky Lab, GERT) C:\windows\system32\Drivers\93319332.sys
2013-07-13 18:10 - 2013-06-23 02:00 - 00003908 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-13 18:10 - 2013-06-23 02:00 - 00003672 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-13 17:58 - 2012-07-26 03:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-13 17:58 - 2012-07-26 01:38 - 00000000 ____D C:\windows\system32\oobe
2013-07-13 17:33 - 2013-06-23 11:12 - 00000000 ____D C:\Users\Nabeel Ahmad Khan\AppData\Roaming\HpUpdate

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-10 06:43

==================== End Of Log ============================

 

[Khansahb]

Continued

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2013 02
Ran by Nabeel Ahmad Khan at 2013-08-11 17:46:55
Running from C:\Users\Nabeel Ahmad Khan\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================


Amazon Browser App (x32 Version: 1.0.0.0)
AMD Accelerated Video Transcoding (Version: 12.5.100.20906)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Fuel (Version: 2012.0911.303.3447)
AMD Quick Stream (Version: 3.3.26.0)
AMD VISION Engine Control Center (x32 Version: 2012.0911.303.3447)
avast! EasyPass (x32 Version: 7-7-8-128)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center InstallProxy (x32 Version: 2012.0911.303.3447)
Catalyst Control Center Localization All (x32 Version: 2012.0911.303.3447)
CCC Help Chinese Standard (x32 Version: 2012.0911.0302.3447)
CCC Help Chinese Traditional (x32 Version: 2012.0911.0302.3447)
CCC Help Czech (x32 Version: 2012.0911.0302.3447)
CCC Help Danish (x32 Version: 2012.0911.0302.3447)
CCC Help Dutch (x32 Version: 2012.0911.0302.3447)
CCC Help English (x32 Version: 2012.0911.0302.3447)
CCC Help Finnish (x32 Version: 2012.0911.0302.3447)
CCC Help French (x32 Version: 2012.0911.0302.3447)
CCC Help German (x32 Version: 2012.0911.0302.3447)
CCC Help Greek (x32 Version: 2012.0911.0302.3447)
CCC Help Hungarian (x32 Version: 2012.0911.0302.3447)
CCC Help Italian (x32 Version: 2012.0911.0302.3447)
CCC Help Japanese (x32 Version: 2012.0911.0302.3447)
CCC Help Korean (x32 Version: 2012.0911.0302.3447)
CCC Help Norwegian (x32 Version: 2012.0911.0302.3447)
CCC Help Polish (x32 Version: 2012.0911.0302.3447)
CCC Help Portuguese (x32 Version: 2012.0911.0302.3447)
CCC Help Russian (x32 Version: 2012.0911.0302.3447)
CCC Help Spanish (x32 Version: 2012.0911.0302.3447)
CCC Help Swedish (x32 Version: 2012.0911.0302.3447)
CCC Help Thai (x32 Version: 2012.0911.0302.3447)
CCC Help Turkish (x32 Version: 2012.0911.0302.3447)
ccc-utility64 (Version: 2012.0911.303.3447)
CCleaner (Version: 4.02)
Dolby Advanced Audio v2 (x32 Version: 7.2.8000.16)
dows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (Version: 06/15/2012 8.1.0.1)
Energy Management (x32 Version: 8.0.2.4)
Google Chrome (x32 Version: 28.0.1500.95)
Google Update Helper (x32 Version: 1.3.21.153)
HitmanPro 3.7 (Version: 3.7.7.203)
HP Deskjet 3510 series Basic Device Software (Version: 28.0.1315.0)
HP Deskjet 3510 series Help (x32 Version: 28.0.0)
HP FWUpdateEDO2 (x32 Version: 1.2.0.0)
HP Photo Creations (x32 Version: 1.0.0.7702)
HP Update (x32 Version: 5.005.000.002)
HPDiagnosticAlert (x32 Version: 1.00.0000)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intelligent Touchpad (x32 Version: 2.00.0012.0723)
Lenovo EasyCamera (x32 Version: 3.4.5.13)
Lenovo OneKey Recovery (Version: 8.0.0.0828)
Lenovo OneKey Recovery (x32 Version: 8.0.0.0828)
Lenovo Photos (x32 Version: 4.8.7)
Lenovo YouCam (x32 Version: 4.1.3127)
Lenovo_Wireless_Driver (x32 Version: 5.0.20)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Nitro Pro 8 (Version: 8.5.5.2)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39029)
Shared C Run-time for x64 (Version: 10.0.0)
SugarSync Manager (x32 Version: 1.9.61.90905)
SUPERAntiSpyware (Version: 5.6.1020)
Synaptics Pointing Device Driver (Version: 16.2.10.13)
UserGuide (x32 Version: 1.0.0.9)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (Version: 06/19/2012 10.13.29.733)

==================== Restore Points =========================

24-07-2013 16:59:50 OTL Restore Point - 7/24/2013 12:59:50 PM
02-08-2013 10:36:13 Scheduled Checkpoint

==================== Hosts content: ==========================

2012-07-26 01:26 - 2013-07-21 14:57 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {023B9B99-14BC-49D9-878E-C988B206297B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {023CA311-7B5F-4FC4-928F-3621D9A5044A} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-07-19] (Siber Systems)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {17F1C471-EEB8-4BEE-8B20-A27AFCA41E3A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {25B40183-489A-40EA-BFDD-0E3267917534} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5CF78136-7687-410C-A131-7CCD80669D62} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8D09A937-DB38-4905-932E-94B847444CA6} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1192066696-2626669796-3351997080-1002
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {A320D1AF-6515-4670-A963-3BCCA9BE8EA3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\windows\system32\sc.exe [2012-07-25] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AE42D590-C43D-45C2-A343-57C4EA7548A2} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BCE1D926-0F39-45AA-B0D2-6D16952C9626} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-23] (Google Inc.)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D7C6B28A-EA51-4F75-9819-300DA82625B3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {D974FA34-5898-4DFF-9B45-5590F1D7B72C} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-26] (Synaptics Incorporated)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4728A55-D50C-485F-879F-E97E9F6367BF} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1192066696-2626669796-3351997080-1002 => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-25] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F1AB202C-5307-4D22-8B7C-999F8F284E8F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: C:\windows\Tasks\Bomgar Task 1429374.job => C:\windows\explorer.exe
Task: C:\windows\Tasks\Bomgar Task 1442416.job => C:\windows\explorer.exe
Task: C:\windows\Tasks\Bomgar Task 2530211.job => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2013 08:26:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (08/06/2013 07:57:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (08/06/2013 07:56:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (08/06/2013 07:48:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (08/05/2013 03:00:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (08/02/2013 06:35:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (08/02/2013 06:35:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/30/2013 08:14:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/27/2013 07:23:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (07/27/2013 07:22:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.


System errors:
=============
Error: (08/11/2013 02:22:07 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (08/11/2013 02:21:52 PM) (Source: DCOM) (User: idea-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/11/2013 02:21:39 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/11/2013 02:21:39 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/11/2013 02:21:39 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/11/2013 02:21:30 PM) (Source: DCOM) (User: idea-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/11/2013 02:21:17 PM) (Source: DCOM) (User: idea-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/11/2013 02:20:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/11/2013 02:20:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/11/2013 02:20:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (08/08/2013 08:26:22 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/06/2013 07:57:24 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/06/2013 07:56:49 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/06/2013 07:48:07 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/05/2013 03:00:25 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/02/2013 06:35:45 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/02/2013 06:35:12 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/30/2013 08:14:42 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/27/2013 07:23:00 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/27/2013 07:22:45 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
Date: 2013-07-21 14:54:29.581
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 3526.25 MB
Available physical RAM: 2155.82 MB
Total Pagefile: 7110.25 MB
Available Pagefile: 5590.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:418.43 GB) (Free:383.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 015AD997)

Partition: GPT Partition Type
==================== End Of Log ============================

 

[Broni]

There is definitely nothing malicious on your computer so...

In this forum, we make sure, your computer is free of malware and your computer is clean
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

You can copy and paste "Event log errors" section from FRST in your new Windows topic.

Good luck

 

[Khansahb]

Ok, thanks for your help. Do you think someone at the Windows forum might be able to explain the issue of picture deterioration as well as the event log errors?

 

[Broni]

I hope so...

 

[Khansahb]

Ok, cool. Thanks again

 

[Broni]