Thank you. Here are the two texts...
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-08-2013
Ran by Katelynn (administrator) on 05-08-2013 16:16:09
Running from C:\Users\Katelynn\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\system32\aestsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Boingo Wireless, Inc.) C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
( ) C:\Windows\system32\lxcrcoms.exe
(Dropbox, Inc.) C:\Users\Katelynn\AppData\Roaming\Dropbox\bin\Dropbox.exe
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Katelynn\Downloads\FRST(1).exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\avast.setup
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [947152 2013-01-27] (Microsoft Corporation)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] shell32.dll ATTENTION! ====> ZeroAccess?
MountPoints2: I - I:\LaunchU3.exe -a
MountPoints2: {216201f7-ee96-11df-85a3-806e6f6e6963} - I:\LaunchU3.exe -a
MountPoints2: {36f36e1d-8981-11e0-a1b8-806e6f6e6963} - H:\ToolLauncher-Bootstrap.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2008-01-20] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2008-01-20] (Microsoft Corporation)
Startup: C:\Users\Katelynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Katelynn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://start.earthlink.net/AL/Search
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://start.earthlink.net
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.co...=us&ibd=1080319
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co...=us&ibd=1080319
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.co...=us&ibd=1080319
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...=ie&ar=iesearch
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: SrchHook Class - {44F9B173-041C-4825-A9B9-D914BD9DCBB3} - C:\Program Files\EarthLink TotalAccess\ElnIE.dll (EarthLink, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://search.live.c...ferrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://search.live.c...ferrer:source?}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
http://search.condui...863578649497140
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
http://search.condui...863578649497140
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: No Name - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No File
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -No Name - {C7768536-96F8-4001-B1A2-90EE21279187} - No File
Toolbar: HKCU -No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU -No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10}
http://cdn.scan.onec...s/wlscctrl2.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}
http://quickscan.bit...m/qsax/qsax.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx...owserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - No File
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
FireFox:
========
FF ProfilePath: C:\Users\Katelynn\AppData\Roaming\Mozilla\Firefox\Profiles\vhqdna17.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Katelynn\AppData\Roaming\Mozilla\Extensions\
[email protected]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{4bcdbfd0-fa26-11de-8a39-0800200c9a66}] C:\Windows\system32\config\systemprofile\AppData\Roaming\Mozilla\FireFox\{4bcdbfd0-fa26-11de-8a39-0800200c9a66}
FF HKLM\...\Firefox\Extensions: [
[email protected]] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\
[email protected]
FF HKLM\...\Firefox\Extensions: [
[email protected]] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\
[email protected]
FF HKLM\...\Firefox\Extensions: [
[email protected]] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Firefox\Extensions: [{3E3CFC85-4A3A-4DBF-87EF-909A20B86A0C}] C:\Users\Katelynn\AppData\Local\{3E3CFC85-4A3A-4DBF-87EF-909A20B86A0C}
FF Extension: XULRunner - C:\Users\Katelynn\AppData\Local\{3E3CFC85-4A3A-4DBF-87EF-909A20B86A0C}
Chrome:
=======
CHR RestoreOnStartup: "urls_to_restore_on_startup": null
CHR DefaultSearchURL: (Google) - {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Katelynn\AppData\Local\Google\Chrome\Application\12.0.742.122\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Chrome NaCl) - C:\Users\Katelynn\AppData\Local\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Katelynn\AppData\Local\Google\Chrome\Application\12.0.742.122\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Users\Katelynn\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Katelynn\AppData\Local\Temp\ccex.crx
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 EarthLinkMonitor; C:\Program Files\EarthLink TotalAccess\WENGINE\wmonitor.exe [65604 2005-01-26] (Boingo Wireless, Inc.)
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106280 2013-06-28] (SurfRight B.V.)
R2 lxcr_device; C:\Windows\system32\lxcrcoms.exe [537520 2006-12-11] ( )
S4 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [104000 2006-11-17] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
S4 wltrysvc; C:\Windows\System32\bcmwltry.exe [2506752 2007-12-12] (Dell Inc.)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-07-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-07-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-07-28] ()
S3 BW2NDIS5; C:\Windows\System32\Drivers\BW2NDIS5.sys [17536 2004-11-01] (Printing Communications Assoc., Inc. (PCAUSA))
S3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [58880 2008-06-04] (Option N.V.)
S3 GTUHSNDISIPXP; C:\Windows\System32\DRIVERS\gtuhs51.sys [106112 2008-06-04] (Option N.V.)
S3 GTUHSOMS; C:\Windows\System32\DRIVERS\gtuhsoms.sys [18816 2008-06-06] (Option N.V.)
S3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2008-06-04] (Option N.V.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2013-07-29] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113608 2013-01-27] (Power Software Ltd)
R1 SCT_SKMScan; C:\Windows\System32\DRIVERS\sct_skmscan.sys [33096 2012-10-12] (Sophos Limited)
U3 TrueSight; C:\Windows\system32\TrueSight.sys [15616 2013-07-29] ()
S3 utuyntu3; C:\Windows\system32\Drivers\utuyntu3.sys [7168 2013-04-08] ()
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [x]
S3 catchme; \??\C:\Users\Katelynn\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 MEMSWEEP2; \??\C:\Windows\system32\4EF9.tmp [x]
S3 MFE_RR; \??\C:\Users\Katelynn\AppData\Local\Temp\mfe_rr.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S0 rfhej; System32\drivers\ljqrd.sys [x]
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-05 16:12 - 2013-08-05 16:12 - 01228808 _____ (Farbar) C:\Users\Katelynn\Downloads\FRST(1).exe
2013-08-01 22:45 - 2013-08-05 16:15 - 00035423 _____ C:\Users\Katelynn\Desktop\FRST.txt
2013-08-01 22:45 - 2013-08-01 22:47 - 00016954 _____ C:\Users\Katelynn\Desktop\Addition.txt
2013-08-01 22:43 - 2013-08-01 22:46 - 00016954 _____ C:\Users\Katelynn\Downloads\Addition.txt
2013-08-01 22:41 - 2013-08-01 22:41 - 00000000 ____D C:\FRST
2013-08-01 22:40 - 2013-08-01 22:40 - 01222124 _____ (Farbar) C:\Users\Katelynn\Downloads\FRST.exe
2013-08-01 17:15 - 2013-08-01 17:15 - 00000000 __SHD C:\found.004
2013-07-31 18:07 - 2013-07-31 18:07 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Katelynn\Downloads\tdsskiller.exe
2013-07-30 20:46 - 2013-07-30 20:46 - 00044895 _____ C:\Users\Katelynn\Desktop\GMER.txt
2013-07-30 20:11 - 2013-07-30 20:11 - 00688992 ____R (Swearware) C:\Users\Katelynn\Downloads\dds(1).com
2013-07-29 22:02 - 2013-07-29 22:02 - 00013356 _____ C:\Users\Katelynn\Desktop\DDS-1.txt
2013-07-29 22:00 - 2013-07-30 20:13 - 00012753 _____ C:\Users\Katelynn\Desktop\dds.txt
2013-07-29 22:00 - 2013-07-30 20:13 - 00004773 _____ C:\Users\Katelynn\Desktop\attach.txt
2013-07-29 21:56 - 2013-07-29 21:56 - 00688992 ____R (Swearware) C:\Users\Katelynn\Downloads\dds.com
2013-07-29 17:22 - 2013-07-29 17:40 - 00002576 _____ C:\Users\Katelynn\Desktop\Rkill.txt
2013-07-29 17:22 - 2013-07-29 17:22 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Katelynn\Downloads\rkill.com
2013-07-29 16:45 - 2013-07-29 16:45 - 00000000 ____D C:\Program Files\kioskea.exe
2013-07-29 16:45 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-29 16:42 - 2013-07-29 16:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katelynn\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-07-29 16:35 - 2013-07-29 16:35 - 00003403 _____ C:\Users\Katelynn\Desktop\RKreport[0]_D_07292013_163552.txt
2013-07-29 16:27 - 2013-07-29 16:27 - 00015616 _____ C:\Windows\system32\TrueSight.sys
2013-07-29 16:26 - 2013-07-29 16:40 - 00000000 ____D C:\Users\Katelynn\Desktop\RK_Quarantine
2013-07-29 16:26 - 2013-07-29 16:26 - 00916992 _____ C:\Users\Katelynn\Downloads\RogueKiller.exe
2013-07-28 21:24 - 2013-07-28 21:24 - 00068096 _____ C:\Users\Katelynn\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-28 21:21 - 2013-07-28 21:27 - 03596088 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-28 20:00 - 2013-07-28 20:00 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-28 20:00 - 2013-07-28 20:00 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-28 20:00 - 2013-07-28 20:00 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-28 20:00 - 2013-07-28 20:00 - 00001831 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-28 20:00 - 2013-07-28 20:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-28 20:00 - 2013-07-28 20:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-28 20:00 - 2013-07-28 20:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-28 20:00 - 2013-07-28 20:00 - 00000000 _____ C:\Windows\setuperr.log
2013-07-28 20:00 - 2013-07-28 20:00 - 00000000 _____ C:\Windows\setupact.log
2013-07-28 20:00 - 2013-05-09 04:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-07-28 20:00 - 2013-05-09 04:59 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-07-28 20:00 - 2013-05-09 04:59 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-07-28 20:00 - 2013-05-09 04:59 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-28 20:00 - 2013-05-09 04:59 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-07-28 19:59 - 2013-05-09 04:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-07-28 19:04 - 2013-07-28 19:45 - 117478104 _____ C:\Users\Katelynn\Downloads\avast_free_antivirus_setup.exe
2013-07-28 19:00 - 2013-08-05 16:10 - 00400955 _____ C:\Windows\WindowsUpdate.log
2013-07-28 16:46 - 2013-07-28 17:05 - 04745728 _____ (AVAST Software) C:\Users\Katelynn\Downloads\aswMBR.exe
2013-07-28 16:43 - 2013-07-28 16:43 - 00000120 ___RH C:\Users\Katelynn\Downloads\Stinger.opt
2013-07-28 16:37 - 2013-07-28 16:43 - 00000641 _____ C:\Users\Katelynn\Downloads\Stinger_28072013_163732.html
2013-07-28 16:33 - 2013-07-28 16:33 - 00167344 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe.944e.deleteme
2013-07-28 16:32 - 2013-07-28 16:43 - 00000000 ____D C:\Program Files\stinger
2013-07-28 16:32 - 2013-07-28 16:36 - 00000643 _____ C:\Users\Katelynn\Downloads\Stinger_28072013_163248.html
2013-07-28 16:32 - 2013-07-28 16:32 - 11394080 _____ (McAfee Inc) C:\Users\Katelynn\Downloads\stinger32.exe
2013-07-28 16:32 - 2013-07-28 16:32 - 00490268 _____ C:\Users\Katelynn\Downloads\runtime.dat
2013-07-28 16:32 - 2013-07-28 16:32 - 00000000 ____D C:\Stinger_Quarantine
2013-07-27 19:11 - 2013-07-27 19:11 - 71508223 _____ (Sophos Limited) C:\Users\Katelynn\Downloads\Sophos Virus Removal Tool.exe
2013-07-27 19:09 - 2013-07-27 19:09 - 00000297 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190936.txt
2013-07-27 19:09 - 2013-07-27 19:09 - 00000291 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190958.txt
2013-07-27 19:09 - 2013-07-27 19:09 - 00000291 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190948.txt
2013-07-27 19:09 - 2013-07-27 19:09 - 00000291 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190934.txt
2013-07-27 19:04 - 2013-07-27 19:04 - 00551408 _____ (McAfee, Inc.) C:\Users\Katelynn\Downloads\rootkitremover.exe
2013-07-27 19:04 - 2013-07-27 19:04 - 00000029 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190427.txt
2013-07-26 22:46 - 2013-07-29 17:26 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-07-26 20:50 - 2013-07-26 20:59 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-07-26 18:36 - 2013-07-26 21:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-26 17:47 - 2013-07-26 17:47 - 00000000 __SHD C:\found.003
2013-07-26 16:53 - 2013-07-26 16:54 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katelynn\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-25 18:17 - 2013-07-25 18:17 - 07876512 _____ (Adobe Systems Inc.) C:\Users\Katelynn\Downloads\Shockwave_Installer_Slim.exe
2013-07-25 18:15 - 2013-07-25 18:15 - 00000000 ____D C:\Users\Katelynn\AppData\Roaming\Oracle
2013-07-25 17:34 - 2013-07-25 17:33 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-25 17:33 - 2013-07-25 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-25 17:33 - 2013-07-25 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-25 17:33 - 2013-07-25 17:33 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-25 17:30 - 2013-07-25 17:30 - 00903080 _____ (Oracle Corporation) C:\Users\Katelynn\Downloads\jre-7u25-windows-i586-iftw.exe
2013-07-25 17:10 - 2013-07-25 17:10 - 00000000 ____D C:\Users\Katelynn\Desktop\Old Firefox Data-2
2013-07-22 19:28 - 2013-07-24 20:45 - 00000132 _____ C:\Users\Katelynn\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Program Files\Common Files\PACE Anti-Piracy
2013-07-21 18:06 - 2013-07-21 18:06 - 00000000 ____D C:\Program Files\InterLok
==================== One Month Modified Files and Folders =======
2013-08-05 16:15 - 2013-08-01 22:45 - 00035423 _____ C:\Users\Katelynn\Desktop\FRST.txt
2013-08-05 16:12 - 2013-08-05 16:12 - 01228808 _____ (Farbar) C:\Users\Katelynn\Downloads\FRST(1).exe
2013-08-05 16:10 - 2013-07-28 19:00 - 00400955 _____ C:\Windows\WindowsUpdate.log
2013-08-05 15:42 - 2013-02-05 01:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-05 14:30 - 2013-01-31 23:20 - 00000000 ___RD C:\Users\Katelynn\Dropbox
2013-08-05 14:30 - 2013-01-31 23:18 - 00000000 ____D C:\Users\Katelynn\AppData\Roaming\Dropbox
2013-08-05 14:28 - 2006-11-02 09:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-05 14:28 - 2006-11-02 08:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-05 14:28 - 2006-11-02 08:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-05 03:28 - 2006-11-02 09:01 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-01 22:47 - 2013-08-01 22:45 - 00016954 _____ C:\Users\Katelynn\Desktop\Addition.txt
2013-08-01 22:46 - 2013-08-01 22:43 - 00016954 _____ C:\Users\Katelynn\Downloads\Addition.txt
2013-08-01 22:41 - 2013-08-01 22:41 - 00000000 ____D C:\FRST
2013-08-01 22:40 - 2013-08-01 22:40 - 01222124 _____ (Farbar) C:\Users\Katelynn\Downloads\FRST.exe
2013-08-01 17:15 - 2013-08-01 17:15 - 00000000 __SHD C:\found.004
2013-07-31 18:07 - 2013-07-31 18:07 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Katelynn\Downloads\tdsskiller.exe
2013-07-30 20:46 - 2013-07-30 20:46 - 00044895 _____ C:\Users\Katelynn\Desktop\GMER.txt
2013-07-30 20:13 - 2013-07-29 22:00 - 00012753 _____ C:\Users\Katelynn\Desktop\dds.txt
2013-07-30 20:13 - 2013-07-29 22:00 - 00004773 _____ C:\Users\Katelynn\Desktop\attach.txt
2013-07-30 20:11 - 2013-07-30 20:11 - 00688992 ____R (Swearware) C:\Users\Katelynn\Downloads\dds(1).com
2013-07-30 19:46 - 2013-06-29 19:19 - 00000000 ____D C:\Users\Katelynn\Desktop\Photographs
2013-07-29 22:02 - 2013-07-29 22:02 - 00013356 _____ C:\Users\Katelynn\Desktop\DDS-1.txt
2013-07-29 21:56 - 2013-07-29 21:56 - 00688992 ____R (Swearware) C:\Users\Katelynn\Downloads\dds.com
2013-07-29 17:40 - 2013-07-29 17:22 - 00002576 _____ C:\Users\Katelynn\Desktop\Rkill.txt
2013-07-29 17:26 - 2013-07-26 22:46 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2013-07-29 17:22 - 2013-07-29 17:22 - 01844864 _____ (Bleeping Computer, LLC) C:\Users\Katelynn\Downloads\rkill.com
2013-07-29 16:45 - 2013-07-29 16:45 - 00000000 ____D C:\Program Files\kioskea.exe
2013-07-29 16:42 - 2013-07-29 16:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katelynn\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-07-29 16:40 - 2013-07-29 16:26 - 00000000 ____D C:\Users\Katelynn\Desktop\RK_Quarantine
2013-07-29 16:35 - 2013-07-29 16:35 - 00003403 _____ C:\Users\Katelynn\Desktop\RKreport[0]_D_07292013_163552.txt
2013-07-29 16:35 - 2008-05-06 13:50 - 00000000 ____D C:\Users\Katelynn\AppData\Roaming\Adobe
2013-07-29 16:27 - 2013-07-29 16:27 - 00015616 _____ C:\Windows\system32\TrueSight.sys
2013-07-29 16:26 - 2013-07-29 16:26 - 00916992 _____ C:\Users\Katelynn\Downloads\RogueKiller.exe
2013-07-29 15:22 - 2008-07-15 01:28 - 00001356 _____ C:\Users\Katelynn\AppData\Local\d3d9caps.dat
2013-07-28 21:27 - 2013-07-28 21:21 - 03596088 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-28 21:24 - 2013-07-28 21:24 - 00068096 _____ C:\Users\Katelynn\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-28 20:00 - 2013-07-28 20:00 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-28 20:00 - 2013-07-28 20:00 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-28 20:00 - 2013-07-28 20:00 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-28 20:00 - 2013-07-28 20:00 - 00001831 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-07-28 20:00 - 2013-07-28 20:00 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-28 20:00 - 2013-07-28 20:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-28 20:00 - 2013-07-28 20:00 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-28 20:00 - 2013-07-28 20:00 - 00000000 _____ C:\Windows\setuperr.log
2013-07-28 20:00 - 2013-07-28 20:00 - 00000000 _____ C:\Windows\setupact.log
2013-07-28 20:00 - 2006-11-02 06:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-07-28 19:58 - 2013-02-07 21:26 - 00000000 ____D C:\ProgramData\AVAST Software
2013-07-28 19:58 - 2013-02-07 21:26 - 00000000 ____D C:\Program Files\AVAST Software
2013-07-28 19:45 - 2013-07-28 19:04 - 117478104 _____ C:\Users\Katelynn\Downloads\avast_free_antivirus_setup.exe
2013-07-28 19:06 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-07-28 18:59 - 2010-06-22 10:34 - 00000000 ____D C:\Users\Katelynn\AppData\Local\CrashDumps
2013-07-28 17:05 - 2013-07-28 16:46 - 04745728 _____ (AVAST Software) C:\Users\Katelynn\Downloads\aswMBR.exe
2013-07-28 16:43 - 2013-07-28 16:43 - 00000120 ___RH C:\Users\Katelynn\Downloads\Stinger.opt
2013-07-28 16:43 - 2013-07-28 16:37 - 00000641 _____ C:\Users\Katelynn\Downloads\Stinger_28072013_163732.html
2013-07-28 16:43 - 2013-07-28 16:32 - 00000000 ____D C:\Program Files\stinger
2013-07-28 16:36 - 2013-07-28 16:32 - 00000643 _____ C:\Users\Katelynn\Downloads\Stinger_28072013_163248.html
2013-07-28 16:33 - 2013-07-28 16:33 - 00167344 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe.944e.deleteme
2013-07-28 16:32 - 2013-07-28 16:32 - 11394080 _____ (McAfee Inc) C:\Users\Katelynn\Downloads\stinger32.exe
2013-07-28 16:32 - 2013-07-28 16:32 - 00490268 _____ C:\Users\Katelynn\Downloads\runtime.dat
2013-07-28 16:32 - 2013-07-28 16:32 - 00000000 ____D C:\Stinger_Quarantine
2013-07-27 20:22 - 2011-03-19 22:31 - 00000000 ____D C:\Users\Katelynn\Desktop\Sesu Project
2013-07-27 19:11 - 2013-07-27 19:11 - 71508223 _____ (Sophos Limited) C:\Users\Katelynn\Downloads\Sophos Virus Removal Tool.exe
2013-07-27 19:09 - 2013-07-27 19:09 - 00000297 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190936.txt
2013-07-27 19:09 - 2013-07-27 19:09 - 00000291 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190958.txt
2013-07-27 19:09 - 2013-07-27 19:09 - 00000291 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190948.txt
2013-07-27 19:09 - 2013-07-27 19:09 - 00000291 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190934.txt
2013-07-27 19:04 - 2013-07-27 19:04 - 00551408 _____ (McAfee, Inc.) C:\Users\Katelynn\Downloads\rootkitremover.exe
2013-07-27 19:04 - 2013-07-27 19:04 - 00000029 _____ C:\Users\Katelynn\Downloads\RootkitRemover20130727190427.txt
2013-07-26 21:21 - 2013-07-26 18:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-26 20:59 - 2013-07-26 20:50 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-07-26 17:47 - 2013-07-26 17:47 - 00000000 __SHD C:\found.003
2013-07-26 16:54 - 2013-07-26 16:53 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katelynn\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-25 18:34 - 2013-06-28 17:56 - 00001734 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2013-07-25 18:18 - 2010-06-01 09:40 - 00000000 ____D C:\Windows\system32\Adobe
2013-07-25 18:17 - 2013-07-25 18:17 - 07876512 _____ (Adobe Systems Inc.) C:\Users\Katelynn\Downloads\Shockwave_Installer_Slim.exe
2013-07-25 18:16 - 2008-03-18 19:48 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-25 18:15 - 2013-07-25 18:15 - 00000000 ____D C:\Users\Katelynn\AppData\Roaming\Oracle
2013-07-25 18:15 - 2013-04-12 16:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-25 17:33 - 2013-07-25 17:34 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-25 17:33 - 2013-07-25 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-25 17:33 - 2013-07-25 17:33 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-25 17:33 - 2013-07-25 17:33 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-25 17:33 - 2012-07-10 18:35 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-25 17:33 - 2010-05-20 08:16 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-25 17:30 - 2013-07-25 17:30 - 00903080 _____ (Oracle Corporation) C:\Users\Katelynn\Downloads\jre-7u25-windows-i586-iftw.exe
2013-07-25 17:26 - 2012-09-04 14:20 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-25 17:26 - 2012-01-22 23:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-25 17:26 - 2008-05-20 00:37 - 00000000 ____D C:\Users\Katelynn\AppData\Local\Adobe
2013-07-25 17:10 - 2013-07-25 17:10 - 00000000 ____D C:\Users\Katelynn\Desktop\Old Firefox Data-2
2013-07-24 20:45 - 2013-07-22 19:28 - 00000132 _____ C:\Users\Katelynn\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-07-24 17:54 - 2010-03-26 08:42 - 00000000 ____D C:\Users\Katelynn\AppData\Roaming\Audacity
2013-07-24 00:31 - 2008-05-25 10:09 - 00002595 _____ C:\Users\Katelynn\Desktop\Microsoft Word.lnk
2013-07-22 15:19 - 2010-05-04 09:38 - 00000000 ____D C:\Program Files\Audacity 1.3 Beta (Unicode)
2013-07-22 15:19 - 2008-05-01 10:00 - 00000000 ____D C:\Users\Katelynn
2013-07-22 15:19 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\system32\spool
2013-07-22 15:19 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-07-22 15:19 - 2006-11-02 07:18 - 00000000 ____D C:\Windows\registration
2013-07-22 15:19 - 2006-11-02 06:22 - 41943040 _____ C:\Windows\system32\config\software_previous
2013-07-22 15:19 - 2006-11-02 06:22 - 34340864 _____ C:\Windows\system32\config\components_previous
2013-07-22 15:19 - 2006-11-02 06:22 - 23592960 _____ C:\Windows\system32\config\system_previous
2013-07-22 15:19 - 2006-11-02 06:22 - 00786432 _____ C:\Windows\system32\config\default_previous
2013-07-22 15:19 - 2006-11-02 06:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-07-22 15:19 - 2006-11-02 06:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-07-21 18:11 - 2013-07-21 18:11 - 00000000 ____D C:\Program Files\Common Files\PACE Anti-Piracy
2013-07-21 18:06 - 2013-07-21 18:06 - 00000000 ____D C:\Program Files\InterLok
2013-07-20 17:26 - 2009-04-09 21:23 - 00000000 ____D C:\Windows\Minidump
2013-07-12 20:42 - 2010-08-19 23:52 - 00000000 ____D C:\Users\Katelynn\AppData\Roaming\Vso
2013-07-12 01:10 - 2013-05-09 21:39 - 00000000 ____D C:\Users\Katelynn\AppData\Roaming\dBpoweramp
2013-07-12 01:10 - 2008-05-01 10:08 - 00167424 _____ C:\Users\Katelynn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-08 22:14 - 2011-09-12 01:36 - 00000000 ____D C:\Users\Katelynn\Documents\ConvertXtoDVD
2013-07-08 21:59 - 2013-06-18 21:33 - 00000000 ____D C:\Users\Katelynn\AppData\Roaming\vlc
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-388320372-3171994607-2745187211-1000\$050076a3fdf72717b23ae8ebb8ea3a1e
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$050076a3fdf72717b23ae8ebb8ea3a1e
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-05 14:36
==================== End Of Log ============================