Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

CAN NOT STOP POPUPS [Solved]

Started by RUSTY2 , Aug 07 2013 01:21 PM

  • This topic is locked This topic is locked

#16
RUSTY2
Posted 11 August 2013 - 10:51 AM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
The tdsskiller never asked me to delete the files should I ?
  • 0

Advertisements

#17
gringo_pr
Posted 11 August 2013 - 08:36 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

The files in TDSSKiller are OK

Please download Farbar Recovery Scan Tool and save it to your desktop.


Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


Gringo
  • 0

#18
RUSTY2
Posted 11 August 2013 - 08:46 PM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-08-2013 02
Ran by BR (administrator) on 11-08-2013 19:40:56
Running from C:\Users\BR\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1289704 2012-09-12] (Microsoft Corporation)
HKCU\...\Run: [aliim] - C:\Program Files (x86)\Trademanager\AliIM.exe [292368 2013-03-06] (Alibaba (China) Co., Ltd.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKCU\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [896400 2012-08-19] (BitTorrent, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Photobucket Desktop] - C:\Program Files (x86)\Photobucket Desktop\Photobucket.App.exe [320000 2012-08-14] (Photobucket)
HKLM-x32\...\Run: [ROC_roc_ssl_v12] - "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\bcom\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKU\LogMeInRemoteUser\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....q={searchTerms}
URLSearchHook: (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
URLSearchHook: (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM - {0336D126-A0DD-4CAC-8545-B6629D8F38E8} URL = http://www.ask.com/w...}&l=dis&o=cahpd
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {F17A48D0-8904-4BB6-B591-791D4194FA80} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKCU - DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKCU - {0336D126-A0DD-4CAC-8545-B6629D8F38E8} URL =
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - ALOT Appbar - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll No File
Toolbar: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll No File
Toolbar: HKCU - No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds...ransferCtrl.cab
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default
FF Homepage: hxxp://www.google.ca/ig
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 - C:\Users\BR\AppData\Local\Temp\..\application data\nptrademanager\nptrademanager.dll ( )
FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 - C:\Program Files (x86)\Trademanager\npwangwang.dll ( )
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rim.com/npappworld - C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: {@alibaba.com/alisetup;version=1.0} - C:\Users\BR\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF SearchPlugin: C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF Extension: appbario7 - C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\Extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}
FF Extension: No Name - C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.5.3\pricegong.crx
CHR HKLM-x32\...\Chrome\Extension: [cielokkdbnmofbmnbpcejffmiphehkfh] - C:\ProgramData\ADDICT-THING\cielokkdbnmofbmnbpcejffmiphehkfh.crx
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\BR\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\BR\AppData\Local\Wajam\Chrome\wajam.crx
CHR HKLM-x32\...\Chrome\Extension: [nbpjhhdlpbeomimlbihkcknjdkcnmhfk] - C:\ProgramData\ADDICT-THING\nbpjhhdlpbeomimlbihkcknjdkcnmhfk.crx
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx

==================== Services (Whitelisted) =================

S4 BackupService; C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
S4 CrossLoopService; C:\Users\BRIAN\AppData\Local\CrossLoop\CrossLoopService.exe [569072 2012-01-06] (CrossLoop)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-08-07] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-08-07] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22072 2012-09-12] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368896 2012-09-12] (Microsoft Corporation)
S4 SQLANYs_SmpParts; C:\Program Files (x86)\SQL Anywhere 10\win32\dbsrv10.exe [136568 2010-12-08] (iAnywhere Solutions, Inc.)
S4 tvnserver; C:\Users\BRIAN\AppData\Local\CrossLoop\tvnserver.exe [814080 2010-07-21] (GlavSoft LLC.)

==================== Drivers (Whitelisted) ====================

R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-08-07] (LogMeIn, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2012-12-06] (Research In Motion Limited)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S4 LMIRfsClientNP; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-11 19:39 - 2013-08-11 19:40 - 01575246 _____ (Farbar) C:\Users\BR\Downloads\FRST64.exe
2013-08-11 13:06 - 2013-08-11 15:11 - 00013852 _____ C:\Users\BR\Documents\PARTS CREDIT.xlsx
2013-08-11 11:22 - 2013-08-11 15:35 - 00011671 _____ C:\Users\BR\Documents\GST TAX.xlsx
2013-08-11 10:02 - 2013-08-11 10:02 - 00000000 ____D C:\Users\BR\AppData\Local\VirtualStore
2013-08-11 09:32 - 2013-08-11 09:32 - 00002750 _____ C:\Users\BR\Desktop\RKreport[0]_D_08112013_093220.txt
2013-08-11 09:31 - 2013-08-11 09:31 - 00002623 _____ C:\Users\BR\Desktop\RKreport[0]_S_08112013_093157.txt
2013-08-11 09:29 - 2013-08-11 09:32 - 00000000 ____D C:\Users\BR\Desktop\RK_Quarantine
2013-08-11 09:26 - 2013-08-11 09:26 - 00001143 _____ C:\Users\BR\Desktop\RogueKillerX64.exe - Shortcut.lnk
2013-08-11 09:25 - 2013-08-11 09:25 - 03800064 _____ C:\Users\BR\Downloads\RogueKillerX64.exe
2013-08-11 08:50 - 2013-08-11 09:05 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-11 08:46 - 2013-08-11 08:46 - 00001107 _____ C:\Users\BR\Desktop\tdsskiller.exe - Shortcut.lnk
2013-08-11 08:32 - 2013-08-11 08:32 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\BR\Downloads\tdsskiller.exe
2013-08-11 08:30 - 2013-08-11 08:33 - 00000000 ____D C:\Users\BR\AppData\Local\{BCCA73FA-85AA-4DC4-839E-6B62A2439221}
2013-08-10 21:52 - 2013-08-10 22:03 - 00000000 ____D C:\ComboFix
2013-08-10 21:49 - 2013-08-10 21:49 - 00000000 ____D C:\Users\BR\AppData\Roaming\Alibaba
2013-08-10 10:23 - 2013-08-11 09:48 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-10 10:09 - 2013-08-10 10:27 - 00000000 ____D C:\Windows\erdnt
2013-08-10 10:09 - 2013-08-10 10:17 - 00000000 ____D C:\Qoobox
2013-08-10 10:09 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-10 10:09 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-10 10:09 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-10 10:09 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-10 10:09 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-10 10:09 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-10 10:09 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-10 10:09 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-10 10:08 - 2013-08-10 10:08 - 00001089 _____ C:\Users\BR\Desktop\ComboFix.exe - Shortcut.lnk
2013-08-10 10:02 - 2013-08-10 10:02 - 05102523 ____R (Swearware) C:\Users\BR\Downloads\ComboFix.exe
2013-08-10 06:56 - 2013-08-10 06:56 - 00013164 _____ C:\Users\BR\Desktop\JRT.exe - Shortcut.lnk
2013-08-10 06:50 - 2013-08-10 06:50 - 00118546 _____ C:\Users\BR\Desktop\JRT.txt
2013-08-10 06:43 - 2013-08-10 06:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-10 06:42 - 2013-08-10 06:42 - 00958418 _____ (Oleg N. Scherbakov) C:\Users\BR\Downloads\JRT.exe
2013-08-08 07:20 - 2013-08-08 07:20 - 00000707 _____ C:\Users\BR\Desktop\OTL.lnk
2013-08-07 08:57 - 2013-08-08 07:06 - 00108662 _____ C:\Users\BR\Downloads\Extras.Txt
2013-08-07 08:56 - 2013-08-08 07:16 - 00111200 _____ C:\Users\BR\Downloads\OTL.Txt
2013-08-07 08:46 - 2013-08-08 06:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-07 08:17 - 2013-08-07 08:17 - 00602112 _____ (OldTimer Tools) C:\Users\BR\Downloads\OTL.exe
2013-08-06 21:18 - 2013-04-17 00:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-08-06 21:18 - 2013-04-16 23:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-08-06 17:26 - 2013-08-06 17:27 - 00655200 _____ C:\Users\BR\Downloads\setup(2).exe
2013-08-06 17:26 - 2013-08-06 17:26 - 00892040 _____ (CNET Download.com) C:\Users\BR\Downloads\cbsidlm-cbsi127-Free_Invoice_Template-SEO-75329843(2).exe
2013-08-06 17:23 - 2013-08-06 17:24 - 00892040 _____ (CNET Download.com) C:\Users\BR\Downloads\cbsidlm-cbsi127-Free_Invoice_Template-SEO-75329843(1).exe
2013-08-06 17:23 - 2013-08-06 17:23 - 00000258 __RSH C:\Users\BR\ntuser.pol
2013-08-06 17:22 - 2013-08-06 17:22 - 00892040 _____ (CNET Download.com) C:\Users\BR\Downloads\cbsidlm-cbsi127-Free_Invoice_Template-SEO-75329843.exe
2013-08-06 16:07 - 2013-08-06 16:07 - 00000000 ____D C:\Users\BR\AppData\Roaming\SeeSimilar
2013-08-06 16:04 - 2013-08-06 16:04 - 00546048 _____ () C:\Users\BR\Desktop\SeeSimilarSetup.exe
2013-08-06 16:04 - 2013-08-06 16:04 - 00041758 _____ C:\Users\BR\Desktop\commercial-invoice-template.zip
2013-08-06 16:02 - 2013-08-06 16:02 - 00392040 _____ (Softonic ) C:\Users\BR\Downloads\SoftonicDownloader_for_commercial-invoice-template.exe
2013-08-06 07:08 - 2013-08-06 07:07 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-06 07:08 - 2013-08-06 07:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-06 07:08 - 2013-08-06 07:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-06 07:08 - 2013-08-06 07:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-06 07:07 - 2013-08-06 07:07 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-06 06:14 - 2013-08-06 06:14 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-06 06:14 - 2013-08-06 06:14 - 00000000 ____D C:\Users\BR\AppData\Roaming\Malwarebytes
2013-08-06 06:14 - 2013-08-06 06:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 06:14 - 2013-08-06 06:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-06 06:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-06 06:13 - 2013-08-06 06:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\BR\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-06 05:06 - 2013-04-09 16:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-08-06 05:06 - 2013-04-02 15:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-06 03:33 - 2013-08-06 03:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-06 03:33 - 2013-08-06 03:33 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-06 03:33 - 2013-08-06 03:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-06 03:33 - 2013-08-06 03:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-08-06 03:33 - 2013-08-06 03:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-06 03:33 - 2013-08-06 03:33 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-06 03:33 - 2013-08-06 03:33 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-08-06 03:33 - 2013-08-06 03:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-06 03:33 - 2013-08-06 03:33 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-08-06 03:33 - 2013-08-06 03:33 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-08-06 03:31 - 2013-08-06 03:31 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-06 03:28 - 2013-08-06 03:36 - 00008315 _____ C:\Windows\IE10_main.log
2013-08-06 03:02 - 2013-08-06 03:02 - 00002174 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-06 00:41 - 2013-05-07 23:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-06 00:41 - 2013-04-09 23:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-08-06 00:41 - 2013-04-09 23:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-08-06 00:41 - 2013-02-26 23:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-08-06 00:41 - 2013-02-26 22:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-08-06 00:41 - 2013-02-26 22:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-08-06 00:41 - 2013-02-26 22:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-08-06 00:41 - 2013-02-26 22:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-08-06 00:41 - 2013-02-26 21:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-08-06 00:41 - 2013-02-26 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-08-06 00:41 - 2013-02-26 21:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-08-06 00:41 - 2013-02-14 23:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-08-06 00:41 - 2013-02-14 23:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-08-06 00:41 - 2013-02-14 23:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-08-06 00:41 - 2013-02-14 21:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-08-06 00:41 - 2013-02-14 21:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-08-06 00:41 - 2013-02-14 20:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-08-06 00:41 - 2013-01-02 23:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-08-06 00:41 - 2011-02-03 04:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-08-06 00:40 - 2013-06-03 23:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-08-06 00:40 - 2013-06-03 21:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-08-06 00:40 - 2013-05-05 23:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-06 00:40 - 2013-05-05 21:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-06 00:40 - 2013-04-12 07:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-08-06 00:40 - 2013-03-18 22:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-06 00:40 - 2013-03-18 22:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-08-06 00:40 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-08-06 00:40 - 2013-01-03 22:46 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-08-06 00:40 - 2013-01-03 21:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-06 00:40 - 2013-01-03 19:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-06 00:40 - 2013-01-03 19:47 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-06 00:40 - 2013-01-03 19:47 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-06 00:40 - 2013-01-03 19:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-06 00:40 - 2012-12-07 06:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-08-06 00:40 - 2012-12-07 06:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-08-06 00:40 - 2012-12-07 05:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-08-06 00:40 - 2012-12-07 05:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-08-06 00:40 - 2012-12-07 04:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-08-06 00:40 - 2012-12-07 04:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-08-06 00:40 - 2012-12-07 04:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-08-06 00:40 - 2012-12-07 04:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-08-06 00:40 - 2012-12-07 04:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-08-06 00:40 - 2012-12-07 04:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-08-06 00:40 - 2012-12-07 04:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-08-06 00:40 - 2012-12-07 04:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-08-06 00:40 - 2012-12-07 04:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-08-06 00:40 - 2012-12-07 04:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-08-06 00:40 - 2012-12-07 04:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-08-06 00:40 - 2012-12-07 04:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-08-06 00:40 - 2012-12-07 04:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-08-06 00:40 - 2012-12-07 04:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-08-06 00:40 - 2012-12-07 03:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-08-06 00:40 - 2012-11-29 22:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-06 00:40 - 2012-11-29 22:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-06 00:40 - 2012-11-29 22:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-06 00:40 - 2012-11-29 22:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-06 00:40 - 2012-11-29 22:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-06 00:40 - 2012-11-29 22:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-06 00:40 - 2012-11-29 22:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-06 00:40 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-06 00:40 - 2012-11-29 21:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-06 00:40 - 2012-11-29 21:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-06 00:40 - 2012-11-29 21:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-06 00:40 - 2012-11-29 20:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-06 00:40 - 2012-11-29 16:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-08-06 00:40 - 2012-11-29 16:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-08-06 00:40 - 2012-11-21 22:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-08-06 00:40 - 2012-11-21 21:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-08-06 00:40 - 2012-11-19 22:48 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-08-06 00:40 - 2012-11-19 21:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-08-06 00:40 - 2012-10-31 22:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-08-06 00:40 - 2012-10-31 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-08-06 00:40 - 2012-10-31 21:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-08-06 00:40 - 2012-10-31 21:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-08-06 00:39 - 2013-06-04 20:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-06 00:39 - 2013-05-09 22:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-06 00:39 - 2013-05-09 20:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-08-06 00:39 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-06 00:39 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-08-06 00:39 - 2013-01-23 23:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-08-06 00:39 - 2012-11-29 22:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 21:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 19:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 19:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 19:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-06 00:39 - 2012-11-29 19:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-06 00:39 - 2012-11-22 20:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-08-06 00:38 - 2013-05-12 22:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-06 00:38 - 2013-05-12 22:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-06 00:38 - 2013-05-12 22:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-06 00:38 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-08-06 00:38 - 2013-05-12 21:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-06 00:38 - 2013-05-12 21:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-06 00:38 - 2013-05-12 21:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-06 00:38 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-08-06 00:38 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-08-06 00:38 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-08-06 00:38 - 2013-04-25 16:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-08-06 00:38 - 2013-03-31 15:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-08-06 00:38 - 2013-03-18 23:04 - 05550424 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-06 00:38 - 2013-03-18 22:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-08-06 00:38 - 2013-03-18 22:04 - 03968856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-06 00:38 - 2013-03-18 22:04 - 03913560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-06 00:38 - 2013-03-18 21:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-08-06 00:38 - 2013-03-18 20:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

==================== One Month Modified Files and Folders =======

2013-08-11 19:40 - 2013-08-11 19:40 - 00000000 ____D C:\FRST
2013-08-11 19:40 - 2013-08-11 19:39 - 01575246 _____ (Farbar) C:\Users\BR\Downloads\FRST64.exe
2013-08-11 19:40 - 2012-08-19 17:34 - 00000000 ____D C:\Users\BR\AppData\Roaming\uTorrent
2013-08-11 19:39 - 2012-04-13 08:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-11 19:33 - 2012-04-18 08:43 - 00000000 ____D C:\Users\BR\AppData\Roaming\Skype
2013-08-11 19:15 - 2012-05-05 17:39 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-11 18:55 - 2012-03-13 13:19 - 00000000 ____D C:\ProgramData\LogMeIn
2013-08-11 16:45 - 2012-03-13 06:12 - 01515783 _____ C:\Windows\WindowsUpdate.log
2013-08-11 15:35 - 2013-08-11 11:22 - 00011671 _____ C:\Users\BR\Documents\GST TAX.xlsx
2013-08-11 15:11 - 2013-08-11 13:06 - 00013852 _____ C:\Users\BR\Documents\PARTS CREDIT.xlsx
2013-08-11 10:02 - 2013-08-11 10:02 - 00000000 ____D C:\Users\BR\AppData\Local\VirtualStore
2013-08-11 09:55 - 2009-07-13 21:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-11 09:55 - 2009-07-13 21:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-11 09:48 - 2013-08-10 10:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-11 09:48 - 2012-04-18 08:29 - 00000000 ____D C:\Program Files (x86)\Trademanager
2013-08-11 09:47 - 2012-05-05 17:39 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-11 09:47 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-11 09:47 - 2009-07-13 21:51 - 00041937 _____ C:\Windows\setupact.log
2013-08-11 09:32 - 2013-08-11 09:32 - 00002750 _____ C:\Users\BR\Desktop\RKreport[0]_D_08112013_093220.txt
2013-08-11 09:32 - 2013-08-11 09:29 - 00000000 ____D C:\Users\BR\Desktop\RK_Quarantine
2013-08-11 09:32 - 2012-04-01 11:22 - 00000000 ___RD C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-11 09:31 - 2013-08-11 09:31 - 00002623 _____ C:\Users\BR\Desktop\RKreport[0]_S_08112013_093157.txt
2013-08-11 09:26 - 2013-08-11 09:26 - 00001143 _____ C:\Users\BR\Desktop\RogueKillerX64.exe - Shortcut.lnk
2013-08-11 09:25 - 2013-08-11 09:25 - 03800064 _____ C:\Users\BR\Downloads\RogueKillerX64.exe
2013-08-11 09:05 - 2013-08-11 08:50 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-08-11 08:46 - 2013-08-11 08:46 - 00001107 _____ C:\Users\BR\Desktop\tdsskiller.exe - Shortcut.lnk
2013-08-11 08:33 - 2013-08-11 08:30 - 00000000 ____D C:\Users\BR\AppData\Local\{BCCA73FA-85AA-4DC4-839E-6B62A2439221}
2013-08-11 08:32 - 2013-08-11 08:32 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\BR\Downloads\tdsskiller.exe
2013-08-10 22:46 - 2009-07-13 22:13 - 00782986 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-10 22:40 - 2012-03-13 06:44 - 00343740 _____ C:\Windows\PFRO.log
2013-08-10 22:03 - 2013-08-10 21:52 - 00000000 ____D C:\ComboFix
2013-08-10 22:01 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini
2013-08-10 21:49 - 2013-08-10 21:49 - 00000000 ____D C:\Users\BR\AppData\Roaming\Alibaba
2013-08-10 10:27 - 2013-08-10 10:09 - 00000000 ____D C:\Windows\erdnt
2013-08-10 10:21 - 2012-04-26 06:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-10 10:17 - 2013-08-10 10:09 - 00000000 ____D C:\Qoobox
2013-08-10 10:08 - 2013-08-10 10:08 - 00001089 _____ C:\Users\BR\Desktop\ComboFix.exe - Shortcut.lnk
2013-08-10 10:02 - 2013-08-10 10:02 - 05102523 ____R (Swearware) C:\Users\BR\Downloads\ComboFix.exe
2013-08-10 06:56 - 2013-08-10 06:56 - 00013164 _____ C:\Users\BR\Desktop\JRT.exe - Shortcut.lnk
2013-08-10 06:50 - 2013-08-10 06:50 - 00118546 _____ C:\Users\BR\Desktop\JRT.txt
2013-08-10 06:45 - 2012-08-19 17:35 - 00000000 ____D C:\Users\BR\AppData\Local\Conduit
2013-08-10 06:43 - 2013-08-10 06:43 - 00000000 ____D C:\Windows\ERUNT
2013-08-10 06:42 - 2013-08-10 06:42 - 00958418 _____ (Oleg N. Scherbakov) C:\Users\BR\Downloads\JRT.exe
2013-08-08 07:20 - 2013-08-08 07:20 - 00000707 _____ C:\Users\BR\Desktop\OTL.lnk
2013-08-08 07:16 - 2013-08-07 08:56 - 00111200 _____ C:\Users\BR\Downloads\OTL.Txt
2013-08-08 07:06 - 2013-08-07 08:57 - 00108662 _____ C:\Users\BR\Downloads\Extras.Txt
2013-08-08 06:54 - 2013-08-07 08:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-07 08:17 - 2013-08-07 08:17 - 00602112 _____ (OldTimer Tools) C:\Users\BR\Downloads\OTL.exe
2013-08-07 07:40 - 2012-04-20 04:27 - 00000008 _____ C:\Windows\SysWOW64\MagicEmotions.idx
2013-08-07 01:08 - 2012-03-13 13:19 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2013-08-07 01:07 - 2012-03-13 13:19 - 00107368 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2013-08-07 01:07 - 2012-03-13 13:19 - 00100680 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2013-08-07 01:07 - 2012-03-13 13:19 - 00035656 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2013-08-06 18:33 - 2012-04-24 06:29 - 00000000 ____D C:\Users\BR\Tracing
2013-08-06 17:27 - 2013-08-06 17:26 - 00655200 _____ C:\Users\BR\Downloads\setup(2).exe
2013-08-06 17:26 - 2013-08-06 17:26 - 00892040 _____ (CNET Download.com) C:\Users\BR\Downloads\cbsidlm-cbsi127-Free_Invoice_Template-SEO-75329843(2).exe
2013-08-06 17:24 - 2013-08-06 17:23 - 00892040 _____ (CNET Download.com) C:\Users\BR\Downloads\cbsidlm-cbsi127-Free_Invoice_Template-SEO-75329843(1).exe
2013-08-06 17:23 - 2013-08-06 17:23 - 00000258 __RSH C:\Users\BR\ntuser.pol
2013-08-06 17:23 - 2012-04-01 11:22 - 00000000 ____D C:\Users\BR
2013-08-06 17:23 - 2009-07-13 20:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-08-06 17:23 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-08-06 17:22 - 2013-08-06 17:22 - 00892040 _____ (CNET Download.com) C:\Users\BR\Downloads\cbsidlm-cbsi127-Free_Invoice_Template-SEO-75329843.exe
2013-08-06 17:09 - 2012-03-13 05:33 - 00000000 ____D C:\Users\BR\Documents\My Scans
2013-08-06 17:02 - 2012-03-13 05:33 - 00000000 ____D C:\Users\BR\Documents\Invoices
2013-08-06 16:07 - 2013-08-06 16:07 - 00000000 ____D C:\Users\BR\AppData\Roaming\SeeSimilar
2013-08-06 16:04 - 2013-08-06 16:04 - 00546048 _____ () C:\Users\BR\Desktop\SeeSimilarSetup.exe
2013-08-06 16:04 - 2013-08-06 16:04 - 00041758 _____ C:\Users\BR\Desktop\commercial-invoice-template.zip
2013-08-06 16:02 - 2013-08-06 16:02 - 00392040 _____ (Softonic ) C:\Users\BR\Downloads\SoftonicDownloader_for_commercial-invoice-template.exe
2013-08-06 09:22 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-08-06 07:07 - 2013-08-06 07:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-06 07:07 - 2013-08-06 07:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-06 07:07 - 2013-08-06 07:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-06 07:07 - 2013-08-06 07:08 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-06 07:07 - 2013-08-06 07:07 - 00000000 ____D C:\Program Files (x86)\Java
2013-08-06 07:07 - 2012-11-07 22:35 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2013-08-06 07:07 - 2012-03-21 12:15 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-06 06:14 - 2013-08-06 06:14 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-06 06:14 - 2013-08-06 06:14 - 00000000 ____D C:\Users\BR\AppData\Roaming\Malwarebytes
2013-08-06 06:14 - 2013-08-06 06:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-06 06:14 - 2013-08-06 06:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-06 06:14 - 2013-08-06 06:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\BR\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-06 04:55 - 2012-04-01 11:22 - 00001415 _____ C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-06 04:55 - 2012-04-01 11:22 - 00000000 ___RD C:\Users\BR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-08-06 04:52 - 2009-07-13 21:45 - 00454560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-06 04:51 - 2012-05-12 03:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-06 04:51 - 2012-05-12 03:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-08-06 04:49 - 2009-07-14 00:45 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-06 04:49 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-06 04:49 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-06 04:49 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-08-06 04:49 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-08-06 04:49 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-08-06 04:49 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-08-06 04:49 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-06 03:54 - 2012-03-13 06:43 - 00768454 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-06 03:43 - 2012-03-13 16:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-06 03:36 - 2013-08-06 03:28 - 00008315 _____ C:\Windows\IE10_main.log
2013-08-06 03:33 - 2013-08-06 03:33 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-06 03:33 - 2013-08-06 03:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-06 03:33 - 2013-08-06 03:33 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-06 03:33 - 2013-08-06 03:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-06 03:33 - 2013-08-06 03:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-08-06 03:33 - 2013-08-06 03:33 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-08-06 03:33 - 2013-08-06 03:33 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-08-06 03:33 - 2013-08-06 03:33 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-08-06 03:33 - 2013-08-06 03:33 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-08-06 03:33 - 2013-08-06 03:33 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-08-06 03:33 - 2013-08-06 03:33 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-08-06 03:33 - 2013-08-06 03:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-08-06 03:33 - 2013-08-06 03:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-08-06 03:31 - 2013-08-06 03:31 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-06 03:31 - 2013-08-06 03:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-06 03:02 - 2013-08-06 03:02 - 00002174 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-06 03:02 - 2012-04-18 23:25 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-06 01:10 - 2012-05-05 17:39 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-08-06 01:10 - 2012-05-05 17:39 - 00003634 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-08-06 01:04 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Msdtc

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-06 09:14

==================== End Of Log ============================
  • 0

#19
RUSTY2
Posted 11 August 2013 - 08:46 PM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
ADD

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2013 02
Ran by BR at 2013-08-11 19:41:53
Running from C:\Users\BR\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================


Update for Microsoft Office 2007 (KB2508958) (x32)
µTorrent (x32 Version: 3.2.0)
64 Bit HP CIO Components Installer (Version: 7.2.8)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2)
ADDICT-THING (x32 Version: )
Adobe AIR (x32 Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (x32 Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (x32 Version: 11.3.300.271)
Adobe Reader X (10.1.7) (x32 Version: 10.1.7)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000)
AIO_CDA_Software (x32 Version: 130.0.365.000)
AIO_Scan (x32 Version: 130.0.365.000)
AliIM Plugins for Browser (HKCU Version: 1.0)
AliSetup 0.1.0.52 (x32 Version: 0.1.0.52)
ALOT Appbar (x32)
Any Video Converter 3.5.8 (x32)
Babylon toolbar on IE (x32)
BlackBerry App World Browser Plugin (x32 Version: 4.2.1.12)
BufferChm (x32 Version: 130.0.331.000)
C6100 (x32 Version: 130.0.365.000)
c6100_Help (x32 Version: 82.0.256.000)
CDBurnerXP (x32 Version: 4.4.1.3341)
Copy (x32 Version: 130.0.428.000)
CrossLoop 2.82 (x32 Version: 2.82)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2115)
D3DX10 (x32 Version: 15.4.2368.0902)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904)
DocProc (x32 Version: 13.0.0.0)
DVD Flick 1.3.0.7 (x32 Version: 1.3.0.7)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224)
el® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Fax (x32 Version: 130.0.418.000)
File Type Assistant (x32)
Google Earth (x32 Version: 7.1.1.1888)
Google SketchUp 8 (x32 Version: 3.0.11752)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 130.0.371.000)
Hardware Diagnostic Tools (Version: 6.0.5247.34)
HP Advisor (x32 Version: 3.3.9512.3162)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Games (x32 Version: 1.0.0.71)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart DVD (x32 Version: 3.1.3317)
HP MediaSmart Music/Photo/Video (x32 Version: 3.1.3422)
HP MediaSmart SmartMenu (Version: 3.1.0.1)
HP Odometer (x32 Version: 2.10.0000)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Remote Solution (x32 Version: 1.1.11.0)
HP Setup (x32 Version: 1.2.3560.3170)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (x32 Version: 4.2.5.3)
HP Support Information (x32 Version: 10.1.0002)
HP Update (x32 Version: 5.003.001.001)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.7)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.371.000)
HPSSupply (x32 Version: 130.0.371.000)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
LabelPrint (x32 Version: 2.5.2017)
LightScribe System Software (x32 Version: 1.18.8.1)
Logitech Harmony Remote Software (x86) (x32 Version: 2.0)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0)
LogMeIn (x32 Version: 4.1.2138)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (x32 Version: 3.0.566.0)
Microsoft Office 2003 Web Components (x32 Version: 12.0.6213.1000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310)
Mozilla Firefox 23.0 (x86 en-US) (x32 Version: 23.0)
Mozilla Maintenance Service (x32 Version: 23.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NetAssistant (x32 Version: 3.8.3)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PDFCreator (x32 Version: 1.2.0)
Photobucket Desktop (x32 Version: 1.0.3.1552)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (x32 Version: 6.0.3304)
PowerDirector (x32 Version: 7.0.3503)
PriceGong 2.5.3 (x32 Version: 2.5.3)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5938)
Recovery Manager (x32 Version: 5.5.2216)
Remote Control USB Driver (x32 Version: 2.3.2.317)
Scan (x32 Version: 13.0.0.0)
Sentinel System Driver Installer 7.5.7 (x32 Version: 7.5.7)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (x32 Version: 6.1.10441)
Skype™ 5.10 (x32 Version: 5.10.116)
SmartWebPrinting (x32 Version: 130.0.457.000)
SMPIS (x32 Version: 29.00.000)
SolidWorks 2011 x64 Edition SP02 (Version: 19.120.49)
SolidWorks 2011 x64 Edition SP02 (x32 Version: 19.2.0.49)
SolidWorks eDrawings 2011 SP02 (x32 Version: 11.2.113)
SolidWorks eDrawings 2011 x64 Edition SP02 (Version: 11.2.113)
SolidWorks Explorer 2011 SP02 (x32 Version: 19.20.49)
SolutionCenter (x32 Version: 130.0.373.000)
SQLAnywhere1000 (x32 Version: 10.1.4157)
Status (x32 Version: 130.0.469.000)
Toolbox (x32 Version: 130.0.648.000)
TradeManager 2011 SP2 (x32)
TrayApp (x32 Version: 130.0.422.000)
UnloadSupport (x32 Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Access 2007 Help (KB963663) (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Update Installer for WildTangent Games App (x32)
uTorrentControl_v2 Toolbar (x32 Version: 6.9.0.16)
WebReg (x32 Version: 130.0.132.017)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5)
WildTangent Games App (x32 Version: 4.0.9.8)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
Zoom Downloader (x32)

==================== Restore Points =========================

07-08-2013 01:35:35 Windows Update
07-08-2013 07:00:29 Windows Backup
07-08-2013 10:00:11 Windows Update
08-08-2013 07:01:10 Windows Backup
09-08-2013 07:00:29 Windows Backup
10-08-2013 07:00:28 Windows Backup
10-08-2013 14:29:03 Windows Update
11-08-2013 07:00:44 Windows Backup

==================== Hosts content: ==========================

2009-07-13 19:34 - 2013-08-10 22:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {036057E2-0FE8-4F2B-8E01-427F7DB35FCA} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {06AF75E1-CC6B-4EF8-B888-69A66EC19261} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2012-02-28] (Trusted Software ApS)
Task: {137B4BA2-DE24-4F80-BC1F-179956948A9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11] (Adobe Systems Incorporated)
Task: {19835642-4FB1-409E-B1C8-8C8DAB245E33} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard)
Task: {379D608C-0688-4B10-B21D-50B5B2A22E4F} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {48566D35-17CA-4A05-98D0-0BFF7D2582CB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-13] (Microsoft Corporation)
Task: {58044AB4-8524-4227-9073-AAA8DF62A596} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard)
Task: {6AB5DF9B-167C-4E53-B5F8-EC132C9AB8CD} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe No File
Task: {7016C1DA-8A0A-4266-A065-4ECEF51B751B} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {751FC730-C3F0-4E4C-A355-2DDD1C8042A0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {87365837-3315-454A-B041-CF01E75281BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-05] (Google Inc.)
Task: {A67C187F-1AA3-40BE-A05B-E4087F16587F} - System32\Tasks\User_Feed_Synchronization-{04763158-D395-4D60-AA42-FEC1973CEF7F} => C:\Windows\system32\msfeedssync.exe [2013-08-06] (Microsoft Corporation)
Task: {A806E665-86B9-4A5A-8D09-9AEFD4573FF8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2012-09-12] (Microsoft Corporation)
Task: {BB3D484D-2D74-4AAB-B836-E11F8C4270C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-05] (Google Inc.)
Task: {E69F9295-23A3-4A2F-889F-37CF217E5706} - System32\Tasks\WPD\SqmUpload_S-1-5-21-998330651-303224156-1059126384-1004 => C:\Windows\system32\rundll32.exe [2009-07-13] (Microsoft Corporation)
Task: {EFBFF8D6-C539-4881-9214-7E4BE60C3988} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2012-07-30] (Microsoft)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: Photosmart C6100 series
Description: Photosmart C6100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2013 08:46:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/11/2013 00:08:47 AM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).

Error: (08/10/2013 09:53:04 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c).

Error: (08/10/2013 09:53:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007043c, This service cannot be started in Safe Mode
.


Operation:
Instantiating VSS server

Error: (08/10/2013 09:53:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]


Operation:
Instantiating VSS server

Error: (08/10/2013 10:05:28 AM) (Source: ESENT) (User: )
Description: wlmail (5504) WindowsLiveMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (08/10/2013 10:00:15 AM) (Source: ESENT) (User: )
Description: wlmail (2076) WindowsLiveMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.


System errors:
=============
Error: (08/11/2013 08:36:57 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (08/10/2013 10:02:52 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/10/2013 10:02:52 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/10/2013 10:02:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/10/2013 10:02:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (08/10/2013 10:02:49 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (08/10/2013 10:01:37 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (08/10/2013 10:01:10 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/10/2013 10:01:10 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/10/2013 09:59:16 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-08-10 22:01:10.731
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-08-10 22:01:10.622
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-08-10 22:01:10.528
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-08-10 22:01:10.419
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-08-10 10:17:06.624
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-08-10 10:17:06.530
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 29%
Total physical RAM: 7133.18 MB
Available physical RAM: 5055.93 MB
Total Pagefile: 14264.54 MB
Available Pagefile: 11942.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:920.39 GB) (Free:784.3 GB) NTFS (Disk=0 Partition=2)
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.02 GB) (Free:1.59 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#20
gringo_pr
Posted 11 August 2013 - 09:46 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

We need to reset Chrome back to defaults to completely clear out what is going on.

We can keep the bookmarks by exporting them - Export Bookmarks


Then I need you to go Google Sync and sign into your account

scroll down untill you see the "Stop and Clear" button and click on button

At the prompt click on "Ok"

Now we need to uninstall chrome

I want you to uninstall Chrome and if asked about user data or settings then remove this also

restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome

After you have Chrome reinstalled please check things out and let me know how it is doing.

Gringo
  • 0

#21
RUSTY2
Posted 12 August 2013 - 11:14 AM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
HI i DONT HAVE GOOGLE CHROME? I USE FIREFOX , SHOULD I DO THE SAME WITH IT?
  • 0

#22
gringo_pr
Posted 12 August 2013 - 08:47 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


Chrome is installed on the computer so if you do not use it then uninstall it



gringo
  • 0

#23
gringo_pr
Posted 17 August 2013 - 10:10 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#24
RUSTY2
Posted 17 August 2013 - 10:13 AM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
Hi Gringo, I looked into my control and I dont see chrome?
  • 0

#25
gringo_pr
Posted 17 August 2013 - 05:42 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

I would like you to rerun OTL for me and send me the fresh scan for me.

Run New OTL Scan


  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
  • 0

Advertisements

#26
RUSTY2
Posted 18 August 2013 - 11:06 AM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
OTL logfile created on: 18/08/2013 9:44:12 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BR\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

6.97 Gb Total Physical Memory | 4.13 Gb Available Physical Memory | 59.25% Memory free
13.93 Gb Paging File | 10.93 Gb Available in Paging File | 78.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 920.39 Gb Total Space | 779.31 Gb Free Space | 84.67% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.59 Gb Free Space | 14.44% Space Free | Partition Type: NTFS
Drive F: | 0.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 122.10 Mb Total Space | 24.08 Mb Free Space | 19.72% Space Free | Partition Type: FAT
Drive K: | 930.86 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: BRIAN-PC | User Name: BR | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\BR\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Photobucket Desktop\Photobucket.App.exe (Photobucket)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\8c7afb6ec60dfae5429ac4a0e1fc547b\System.Data.Entity.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\34d70315422024c772edcc3155a9029c\System.ComponentModel.DataAnnotations.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\e5a56a4a38559e6e8de77648d2d4f594\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\e6dde468ff71d1d97cce61a600f89201\System.Data.OracleClient.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e14351b89d40bb0a3b76cde6e7a87338\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\30212ac4ab2e8f165a31128a61f678eb\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\9f37a2a23772a8e9dcbef5c6b6ebe0ad\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\30212ac4ab2e8f165a31128a61f678eb\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0a3d8f846e42d481c0cc2200b7859858\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\e77f989b5dae0c6d2367d534c73a31f9\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\f5adadfb9255916e3ec6325edbd5599e\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\44d87641535e186f4a7fc9c469bc73dd\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a342a61dd88db0c26a11470ce6a4f167\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\42c02d5f442dea943fc7def7b864bb90\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\236e310945d616f235503fcbcec19a5a\Microsoft.CSharp.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\b71973d97b8cb32df5cd97145a68e75b\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\f34c329ee04252d65e7e3eefa991deda\System.Dynamic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\5c4f1eb1b2efdd138d137c5069a8bdf5\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\0835155203a99b6a9bb540629920da0d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6a1d260372cda12056515b30b2bcf715\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\da18beba41f700dd4c71a3f5464c4342\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\0227c518c1722fed818a4532bc033027\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\7e3570a0cc71998e14e7adb8e4ea0cbb\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4f02f7d34c4fd0dc58ce1dffb5b424f9\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\fc16a5cafc433e6d942e9bd5b14fbeaf\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\906825def698b2831547de1c5b8cbbe0\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8c20095bd7d46cdfa7933eb258a07daa\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\91bc7f6fd5295405b227cecc0e232ce8\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c799474a067f07ef3a167d75029fa012\mscorlib.ni.dll ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (CoordinatorServiceHost) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe (Dassault Systèmes SolidWorks Corp.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
SRV - (SolidWorks Licensing Service) -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (CrossLoopService) -- C:\Users\BRIAN\AppData\Local\CrossLoop\CrossLoopService.exe (CrossLoop)
SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)
SRV - (SQLANYs_SmpParts) -- C:\Program Files (x86)\SQL Anywhere 10\win32\dbsrv10.exe (iAnywhere Solutions, Inc.)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (tvnserver) -- C:\Users\BRIAN\AppData\Local\CrossLoop\tvnserver.exe (GlavSoft LLC.)
SRV - (BackupService) -- C:\Users\BRIAN\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe (ArcSoft, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.)
DRV:64bit: - (SNTUSB64) -- C:\Windows\SysNative\drivers\SNTUSB64.SYS (SafeNet, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Sentinel64) -- C:\Windows\SysNative\drivers\sentinel64.sys (SafeNet, Inc.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ahcix64s) -- C:\Windows\SysNative\drivers\ahcix64s.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {80c554b9-c7f8-4a21-9471-06d606da78a2}
IE:64bit: - HKLM\..\SearchScopes\{0336D126-A0DD-4CAC-8545-B6629D8F38E8}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE:64bit: - HKLM\..\SearchScopes\{07C7C110-7846-4522-8DA7-7316F05F3171}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSSE
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - SOFTWARE\Classes\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {F17A48D0-8904-4BB6-B591-791D4194FA80}
IE - HKLM\..\SearchScopes\{07C7C110-7846-4522-8DA7-7316F05F3171}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSSE


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/
IE - HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
IE - HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B EC DF 20 C0 9A CE 01 [binary data]
IE - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Ask Search"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/ig"
FF - prefs.js..extensions.enabledAddons: %7B4DC70064-89E2-4a55-8FC6-E8CDEAE3618C%7D:0.7.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0: C:\Users\BR\AppData\Local\Temp\..\application data\nptrademanager\nptrademanager.dll ()
FF - HKLM\Software\MozillaPlugins\@alibaba.com/npwangwang;version=1.0: C:\Program Files (x86)\Trademanager\npwangwang.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@alibaba.com/npAliSSOLogin;version=1.0: C:\Program Files (x86)\Trademanager\npAliSSOLogin.dll (Alibaba software (Shanghai) Corporation.)
FF - HKCU\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}: C:\Users\BR\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/03/13 08:20:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/15 08:42:31 | 000,000,000 | ---D | M]

[2012/04/05 09:58:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BR\AppData\Roaming\Mozilla\Extensions
[2013/08/16 13:53:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions
[2013/08/06 16:07:37 | 000,000,000 | ---D | M] (appbario7) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions\{6926c7f7-6006-42d1-b046-eba1b3010315}
[2013/08/16 13:53:39 | 000,590,000 | ---- | M] () (No name found) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions\[email protected]
[2012/12/20 16:34:30 | 000,013,345 | ---- | M] () (No name found) -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi
[2013/08/06 07:13:06 | 000,002,545 | ---- | M] () -- C:\Users\BR\AppData\Roaming\Mozilla\Firefox\Profiles\acm539rf.default\searchplugins\ask-search.xml
[2013/08/07 08:46:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/07 08:46:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/07 08:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 09:12:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/05/31 02:16:36 | 000,108,576 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll
[2011/07/29 06:33:40 | 000,108,480 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll
[2012/12/15 13:32:33 | 000,003,546 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

O1 HOSTS File: ([2013/08/10 22:01:35 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll File not found
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll漀最爀愀洀 䘀椀氀攀猀 ⠀砀㠀㘀⤀ File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Photobucket Desktop] C:\Program Files (x86)\Photobucket Desktop\Photobucket.App.exe (Photobucket)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKU\S-1-5-21-998330651-303224156-1059126384-1004..\Run: [aliim] C:\Program Files (x86)\Trademanager\AliIM.exe (Alibaba (China) Co., Ltd.)
O4 - HKU\S-1-5-21-998330651-303224156-1059126384-1004..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..Trusted Domains: taobao.com ([]https in Trusted sites)
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds...ransferCtrl.cab (DLC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{975E2597-4892-450D-9E49-5CA092C4B97F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC556D6E-E0DC-496A-82C9-E12641CD952E}: DhcpNameServer = 192.168.0.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll File not found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/12 14:56:58 | 000,000,030 | RH-- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/18 09:26:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/08/18 09:20:51 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{DAF57313-C4E1-4B9C-9F90-997850E29A87}
[2013/08/17 08:55:07 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{0BD8E2D5-C9C8-44CF-A08F-EEC93DECBA67}
[2013/08/17 08:53:59 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{897E8690-AC11-41C7-BBA2-1E72E6EADBC3}
[2013/08/17 08:11:11 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{5586FDE5-CB81-43CD-913C-2DE66D95EEB5}
[2013/08/16 18:45:55 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{5F012FD3-ECAE-4192-8C89-9300543372EA}
[2013/08/16 13:06:12 | 000,000,000 | ---D | C] -- C:\Intel
[2013/08/16 13:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2013/08/16 13:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2013/08/16 13:03:12 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/08/16 13:03:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/08/16 13:03:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/08/16 13:03:11 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/08/16 13:03:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/08/16 13:03:09 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/08/16 13:03:09 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/08/16 13:03:09 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/08/16 13:03:09 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/08/16 13:03:09 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/08/16 13:03:09 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/08/16 13:03:09 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/08/16 13:03:09 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/08/16 13:03:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/08/16 13:03:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/08/16 13:03:09 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/08/16 13:03:09 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/08/16 13:03:09 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/08/16 13:03:09 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/08/16 13:03:09 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/08/16 13:03:08 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/08/16 13:03:08 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/08/16 13:03:08 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/08/16 13:03:08 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/08/16 12:59:09 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/08/16 12:59:09 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/08/16 12:59:04 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/08/16 12:47:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/16 10:14:27 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{85FFEA7A-E7D8-41CE-8009-65786091674F}
[2013/08/15 08:42:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/08/15 08:33:57 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{BC992B23-1D8F-4863-95CA-F5505F95EE8B}
[2013/08/14 16:28:51 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{1593A49A-4720-4E94-BE40-AD89F5CDE8B9}
[2013/08/14 15:17:25 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{BB7048B5-9D7F-44F5-A5E4-08177D567C78}
[2013/08/14 15:15:32 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{545F8CDC-C01B-4E93-9BEE-2672FB6B5614}
[2013/08/14 12:12:53 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{B9C4C2B6-4B85-431F-B0FB-3493BB9F6FB5}
[2013/08/14 07:59:05 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{EABC7FF0-F464-499F-9AB0-5387B2CDD28F}
[2013/08/14 06:58:05 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{261E12C4-963F-40B0-989A-2C1C2640D9C0}
[2013/08/14 03:18:27 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/14 03:18:26 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/14 03:18:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/14 03:18:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/14 03:18:25 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/14 03:18:24 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/14 03:18:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/14 03:18:24 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/14 03:18:24 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/14 03:18:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/14 03:18:24 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/14 03:18:20 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/14 03:18:19 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/14 03:18:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/14 03:18:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/13 15:59:46 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{991F11C4-255A-4D4F-861C-61B2F9A3BEC8}
[2013/08/13 14:23:37 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/13 14:23:36 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/13 14:23:36 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/13 14:23:16 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/13 14:23:15 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/13 14:23:12 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/13 14:23:10 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/13 14:23:10 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/13 14:23:09 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/13 14:23:09 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/13 14:23:09 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/13 14:23:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/13 14:23:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/13 14:23:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/13 14:23:06 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/13 14:23:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/08/13 03:00:41 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{2D08E2DC-780C-4892-B40C-97275DCEFE8C}
[2013/08/12 10:02:02 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{E881744B-4B03-48B5-A293-17DDAC72ADAF}
[2013/08/11 19:40:42 | 000,000,000 | ---D | C] -- C:\FRST
[2013/08/11 10:02:39 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\VirtualStore
[2013/08/11 09:29:23 | 000,000,000 | ---D | C] -- C:\Users\BR\Desktop\RK_Quarantine
[2013/08/11 08:50:34 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/08/11 08:30:59 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\{BCCA73FA-85AA-4DC4-839E-6B62A2439221}
[2013/08/10 22:41:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/08/10 22:01:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/08/10 21:52:57 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/08/10 21:49:18 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Roaming\Alibaba
[2013/08/10 10:23:24 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/08/10 10:09:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/08/10 10:09:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/08/10 10:09:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/08/10 10:09:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/10 10:09:04 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/08/10 06:43:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/07 08:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/06 21:18:15 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/08/06 16:07:53 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Roaming\SeeSimilar
[2013/08/06 07:09:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/08/06 07:08:20 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/08/06 07:08:15 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/08/06 07:08:15 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/08/06 07:08:15 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/08/06 07:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/08/06 06:14:47 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Roaming\Malwarebytes
[2013/08/06 06:14:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/08/06 06:14:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/08/06 06:14:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/08/06 06:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/06 06:14:18 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Local\Programs
[2013/08/06 05:06:57 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/08/06 03:33:35 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/08/06 03:33:35 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/08/06 03:33:35 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/08/06 03:33:34 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/08/06 03:33:34 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/08/06 03:33:34 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/08/06 03:33:34 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/08/06 03:33:34 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/08/06 03:33:34 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/08/06 03:33:34 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/08/06 03:33:34 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/08/06 03:33:34 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/08/06 03:33:34 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/08/06 03:33:34 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/08/06 03:33:34 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/08/06 03:33:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/08/06 03:33:33 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/08/06 03:33:33 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/08/06 03:33:33 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/08/06 03:33:33 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/08/06 03:33:33 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/08/06 03:33:33 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/08/06 03:33:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/08/06 03:33:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/08/06 03:33:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/08/06 03:33:32 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/08/06 03:33:32 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/08/06 03:33:32 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/08/06 03:33:32 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/08/06 03:33:32 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/08/06 03:33:32 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/08/06 03:33:32 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/08/06 03:33:32 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/08/06 03:33:32 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/08/06 03:33:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/08/06 03:33:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/08/06 03:33:31 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/08/06 03:33:31 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/08/06 03:33:31 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/08/06 03:33:31 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/08/06 03:33:31 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/08/06 03:33:31 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/08/06 03:33:31 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/08/06 03:33:31 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/08/06 03:33:31 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/08/06 03:33:31 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/08/06 03:33:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/08/06 03:33:31 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/08/06 03:33:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/08/06 03:33:31 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/08/06 03:33:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/08/06 03:33:31 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/08/06 03:33:30 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/08/06 03:31:32 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/08/06 03:31:32 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/08/06 03:31:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/08/06 03:31:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/08/06 03:31:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/08/06 03:31:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/08/06 03:31:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/08/06 03:31:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/08/06 03:31:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/08/06 03:31:32 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/08/06 03:31:31 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/08/06 03:31:31 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/08/06 03:31:31 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/08/06 03:31:31 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/08/06 03:31:31 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/08/06 03:31:31 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/08/06 03:31:31 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/08/06 03:31:31 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/08/06 03:31:31 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/08/06 03:31:31 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/08/06 03:31:31 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/08/06 03:31:31 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/08/06 03:31:31 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/08/06 03:31:31 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/08/06 03:31:30 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/08/06 03:31:30 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/08/06 03:31:30 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/08/06 03:31:30 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/08/06 03:31:30 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/08/06 03:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/08/06 00:41:24 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/08/06 00:41:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/08/06 00:41:08 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013/08/06 00:41:01 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/08/06 00:41:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/08/06 00:41:00 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/08/06 00:41:00 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/08/06 00:40:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/08/06 00:40:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/08/06 00:40:46 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/08/06 00:40:46 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/08/06 00:40:46 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/08/06 00:40:42 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013/08/06 00:40:42 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013/08/06 00:40:42 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013/08/06 00:40:42 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013/08/06 00:40:42 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013/08/06 00:40:42 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013/08/06 00:40:42 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013/08/06 00:40:42 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013/08/06 00:40:42 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013/08/06 00:40:42 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013/08/06 00:40:42 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013/08/06 00:40:42 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013/08/06 00:40:42 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013/08/06 00:40:42 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013/08/06 00:40:42 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013/08/06 00:40:42 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013/08/06 00:40:42 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013/08/06 00:40:42 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013/08/06 00:40:42 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013/08/06 00:40:42 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013/08/06 00:40:42 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013/08/06 00:40:41 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013/08/06 00:40:41 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013/08/06 00:40:41 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013/08/06 00:40:40 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013/08/06 00:40:40 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013/08/06 00:40:40 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013/08/06 00:40:40 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013/08/06 00:40:40 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013/08/06 00:40:40 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013/08/06 00:40:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013/08/06 00:40:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013/08/06 00:40:32 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013/08/06 00:40:30 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/08/06 00:40:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/08/06 00:40:01 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/08/06 00:40:01 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/08/06 00:40:01 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/08/06 00:40:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/08/06 00:40:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/08/06 00:40:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/08/06 00:40:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/08/06 00:40:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/08/06 00:39:59 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/08/06 00:39:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/08/06 00:39:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/08/06 00:39:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/08/06 00:39:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/08/06 00:39:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/08/06 00:39:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/08/06 00:39:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/08/06 00:39:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/08/06 00:39:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/08/06 00:39:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/08/06 00:39:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/08/06 00:39:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/08/06 00:39:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/08/06 00:39:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/08/06 00:39:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/08/06 00:39:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/08/06 00:39:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/08/06 00:39:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/08/06 00:39:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/08/06 00:39:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/08/06 00:39:56 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/08/06 00:39:56 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/08/06 00:39:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/08/06 00:39:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/08/06 00:39:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/08/06 00:39:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/08/06 00:39:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/08/06 00:39:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/08/06 00:39:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/08/06 00:39:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/08/06 00:39:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/08/06 00:39:39 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013/08/06 00:39:39 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013/08/06 00:39:25 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013/08/06 00:39:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013/08/06 00:39:23 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013/08/06 00:38:58 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013/08/06 00:38:58 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013/08/06 00:38:57 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013/08/06 00:38:57 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013/08/06 00:38:35 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/08/06 00:38:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/08/06 00:38:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/08/06 00:38:22 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/08/06 00:38:22 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2029/07/17 17:13:42 | 000,695,103 | ---- | M] () -- C:\Users\BR\Documents\IMG_0057.JPG
[2029/07/17 17:13:42 | 000,695,103 | ---- | M] () -- C:\Users\BR\Documents\IMG_0057(0).JPG
[2013/08/18 09:46:32 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/18 09:46:32 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/18 09:39:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/18 09:38:44 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/18 09:38:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/18 09:37:41 | 1314,791,423 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/18 09:26:53 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2013/08/18 09:26:53 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2013/08/18 09:26:53 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Google Docs.lnk
[2013/08/18 09:15:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/16 13:17:50 | 000,455,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/16 13:05:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2013/08/16 13:04:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2013/08/16 13:04:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2013/08/16 13:02:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2013/08/16 13:00:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2013/08/16 12:59:39 | 000,001,230 | ---- | M] () -- C:\Users\BR\Desktop\Continue Adobe Flash Player ActiveX Free Download Installation.lnk
[2013/08/16 12:54:51 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/08/16 12:49:01 | 000,782,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/16 12:49:01 | 000,667,262 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/16 12:49:01 | 000,125,938 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/16 11:51:04 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/08/16 11:51:04 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/08/15 08:42:31 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/08/13 03:05:49 | 000,768,454 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/11 09:26:45 | 000,001,143 | ---- | M] () -- C:\Users\BR\Desktop\RogueKillerX64.exe - Shortcut.lnk
[2013/08/11 08:46:52 | 000,001,107 | ---- | M] () -- C:\Users\BR\Desktop\tdsskiller.exe - Shortcut.lnk
[2013/08/10 22:01:35 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/08/10 10:08:29 | 000,001,089 | ---- | M] () -- C:\Users\BR\Desktop\ComboFix.exe - Shortcut.lnk
[2013/08/10 06:56:50 | 000,013,164 | ---- | M] () -- C:\Users\BR\Desktop\JRT.exe - Shortcut.lnk
[2013/08/08 07:20:09 | 000,000,707 | ---- | M] () -- C:\Users\BR\Desktop\OTL.lnk
[2013/08/07 07:40:31 | 000,000,008 | ---- | M] () -- C:\Windows\SysWow64\MagicEmotions.idx
[2013/08/07 01:07:30 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013/08/07 01:07:29 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013/08/07 01:07:29 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2013/08/06 17:23:26 | 000,000,258 | RHS- | M] () -- C:\Users\BR\ntuser.pol
[2013/08/06 16:04:12 | 000,041,758 | ---- | M] () -- C:\Users\BR\Desktop\commercial-invoice-template.zip
[2013/08/06 07:07:53 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/08/06 07:07:48 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013/08/06 07:07:48 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/08/06 07:07:48 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/08/06 07:07:48 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/08/06 07:07:47 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/08/06 06:14:42 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/06 03:33:35 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/08/06 03:33:35 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/08/06 03:33:35 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/08/06 03:33:35 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/08/06 03:33:34 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/08/06 03:33:34 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/08/06 03:33:34 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/08/06 03:33:34 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/08/06 03:33:34 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/08/06 03:33:34 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/08/06 03:33:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/08/06 03:33:34 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/08/06 03:33:34 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/08/06 03:33:34 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/08/06 03:33:34 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/08/06 03:33:34 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/08/06 03:33:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/08/06 03:33:33 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/08/06 03:33:33 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/08/06 03:33:33 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/08/06 03:33:33 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/08/06 03:33:33 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/08/06 03:33:33 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/08/06 03:33:33 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/08/06 03:33:33 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/08/06 03:33:33 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/08/06 03:33:32 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/08/06 03:33:32 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/08/06 03:33:32 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/08/06 03:33:32 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/08/06 03:33:32 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/08/06 03:33:32 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/08/06 03:33:32 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/08/06 03:33:32 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/08/06 03:33:32 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/08/06 03:33:32 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/08/06 03:33:32 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/08/06 03:33:32 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/08/06 03:33:32 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/08/06 03:33:31 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/08/06 03:33:31 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/08/06 03:33:31 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/08/06 03:33:31 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/08/06 03:33:31 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/08/06 03:33:31 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/08/06 03:33:31 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/08/06 03:33:31 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/08/06 03:33:31 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/08/06 03:33:31 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/08/06 03:33:31 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/08/06 03:33:31 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/08/06 03:33:31 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/08/06 03:33:31 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/08/06 03:33:31 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/08/06 03:33:30 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/08/06 03:31:32 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/08/06 03:31:32 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/08/06 03:31:32 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/08/06 03:31:32 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/08/06 03:31:32 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/08/06 03:31:32 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/08/06 03:31:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/08/06 03:31:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/08/06 03:31:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/08/06 03:31:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/08/06 03:31:32 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/08/06 03:31:32 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/08/06 03:31:31 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/08/06 03:31:31 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/08/06 03:31:31 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/08/06 03:31:31 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/08/06 03:31:31 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/08/06 03:31:31 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/08/06 03:31:31 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/08/06 03:31:31 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/08/06 03:31:31 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/08/06 03:31:31 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/08/06 03:31:31 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/08/06 03:31:31 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/08/06 03:31:31 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/08/06 03:31:31 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/08/06 03:31:30 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/08/06 03:31:30 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/08/06 03:31:30 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/08/06 03:31:30 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/08/06 03:02:32 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/07/25 22:13:58 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/25 22:12:27 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/25 22:12:08 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/25 22:12:08 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/25 22:12:04 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/25 22:12:04 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/25 22:12:03 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/25 22:12:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/25 20:12:04 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/25 20:12:00 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/25 20:12:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/25 20:12:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/25 20:11:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/25 19:39:38 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/25 18:59:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/25 02:25:54 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/25 01:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/18 09:26:53 | 000,002,006 | ---- | C] () -- C:\Users\Public\Desktop\Google Slides.lnk
[2013/08/18 09:26:53 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Google Sheets.lnk
[2013/08/18 09:26:53 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Google Docs.lnk
[2013/08/16 13:05:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01011.Wdf
[2013/08/16 13:04:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2013/08/16 13:04:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01011.Wdf
[2013/08/16 13:02:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf
[2013/08/16 13:00:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2013/08/16 12:59:39 | 000,001,230 | ---- | C] () -- C:\Users\BR\Desktop\Continue Adobe Flash Player ActiveX Free Download Installation.lnk
[2013/08/15 08:42:31 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/08/15 08:42:31 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/08/11 09:26:45 | 000,001,143 | ---- | C] () -- C:\Users\BR\Desktop\RogueKillerX64.exe - Shortcut.lnk
[2013/08/11 08:46:52 | 000,001,107 | ---- | C] () -- C:\Users\BR\Desktop\tdsskiller.exe - Shortcut.lnk
[2013/08/10 10:09:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/08/10 10:09:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/08/10 10:09:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/08/10 10:09:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/08/10 10:09:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/08/10 10:08:29 | 000,001,089 | ---- | C] () -- C:\Users\BR\Desktop\ComboFix.exe - Shortcut.lnk
[2013/08/10 06:56:50 | 000,013,164 | ---- | C] () -- C:\Users\BR\Desktop\JRT.exe - Shortcut.lnk
[2013/08/08 07:20:09 | 000,000,707 | ---- | C] () -- C:\Users\BR\Desktop\OTL.lnk
[2013/08/06 17:23:26 | 000,000,258 | RHS- | C] () -- C:\Users\BR\ntuser.pol
[2013/08/06 16:04:11 | 000,041,758 | ---- | C] () -- C:\Users\BR\Desktop\commercial-invoice-template.zip
[2013/08/06 06:14:42 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/06 03:33:33 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/08/06 03:33:32 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/08/06 03:02:32 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/08/06 01:07:03 | 1314,791,423 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/02 13:08:02 | 000,000,105 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/10/03 18:23:13 | 000,049,261 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD6.1
[2012/10/03 18:23:12 | 000,136,857 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD6.0
[2012/10/03 18:23:12 | 000,049,486 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD6.JPG
[2012/10/03 18:22:42 | 000,050,685 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD5.1
[2012/10/03 18:22:40 | 000,135,858 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD5.0
[2012/10/03 18:22:40 | 000,050,520 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD5.JPG
[2012/10/03 18:22:18 | 000,134,269 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD4.0
[2012/10/03 18:22:18 | 000,049,466 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD4.JPG
[2012/10/03 18:21:55 | 000,115,714 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD3.0
[2012/10/03 18:21:55 | 000,038,427 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD3.JPG
[2012/10/03 18:21:35 | 000,121,078 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD1.0
[2012/10/03 18:21:35 | 000,044,248 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD1.JPG
[2012/10/03 18:18:39 | 000,112,551 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD2.0
[2012/10/03 18:18:39 | 000,040,181 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpNOMAD2.JPG
[2012/09/23 14:15:55 | 000,132,533 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpFM3 #2 001.JPG
[2012/09/23 14:15:52 | 000,132,486 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpFM3 #2 001.1
[2012/09/23 14:15:39 | 000,003,890 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpFM3 #2 001_navi.JPG
[2012/09/23 14:15:33 | 000,137,289 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpFM3 #2 001.0
[2012/08/22 16:05:20 | 000,006,400 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).0
[2012/08/22 16:05:20 | 000,001,969 | ---- | C] () -- C:\Users\BR\AppData\Local\tmpUNTITLED LOGO XX2_THUMBNAIL(0).JPG
[2012/06/07 21:09:05 | 000,000,000 | ---- | C] () -- C:\Users\BR\AppData\Local\Temptable.xml
[2012/06/07 14:40:49 | 000,016,016 | ---- | C] () -- C:\Users\BR\carbon_steel.jpg
[2012/06/07 14:07:28 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2012/03/14 09:36:24 | 000,682,208 | ---- | C] () -- C:\Users\BR\P9010008(0).JPG
[2012/03/14 09:36:24 | 000,670,313 | ---- | C] () -- C:\Users\BR\P9010021(0).JPG
[2012/03/14 08:44:41 | 000,000,133 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/03/13 18:47:41 | 000,000,173 | ---- | C] () -- C:\ProgramData\LockFilePath.ini
[2012/03/13 08:16:26 | 000,202,546 | ---- | C] () -- C:\Windows\hpoins18.dat
[2012/03/13 08:16:26 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2012/03/13 06:43:42 | 000,768,454 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/13 05:27:04 | 000,682,208 | ---- | C] () -- C:\Users\BR\P9010008.JPG
[2012/03/13 05:27:04 | 000,670,313 | ---- | C] () -- C:\Users\BR\P9010021.JPG

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Files - Unicode (All) ==========
[2012/03/14 09:44:01 | 001,133,304 | ---- | C] ()(C:\Users\BR\Documents\??0014(0).JPG) -- C:\Users\BR\Documents\扫描0014(0).JPG
[2012/03/14 09:43:54 | 000,019,267 | ---- | C] ()(C:\Users\BR\Documents\SYC86 ?? internal fan(0).pdf) -- C:\Users\BR\Documents\SYC86 馬達 internal fan(0).pdf
[2012/03/13 05:33:01 | 001,133,304 | ---- | C] ()(C:\Users\BR\Documents\??0014.JPG) -- C:\Users\BR\Documents\扫描0014.JPG
[2012/03/13 05:32:55 | 000,019,267 | ---- | C] ()(C:\Users\BR\Documents\SYC86 ?? internal fan.pdf) -- C:\Users\BR\Documents\SYC86 馬達 internal fan.pdf
[2009/05/27 18:49:52 | 001,133,304 | ---- | M] ()(C:\Users\BR\Documents\??0014.JPG) -- C:\Users\BR\Documents\扫描0014.JPG
[2009/05/27 18:49:52 | 001,133,304 | ---- | M] ()(C:\Users\BR\Documents\??0014(0).JPG) -- C:\Users\BR\Documents\扫描0014(0).JPG
[2009/04/15 22:15:20 | 000,019,267 | ---- | M] ()(C:\Users\BR\Documents\SYC86 ?? internal fan.pdf) -- C:\Users\BR\Documents\SYC86 馬達 internal fan.pdf
[2009/04/15 22:15:20 | 000,019,267 | ---- | M] ()(C:\Users\BR\Documents\SYC86 ?? internal fan(0).pdf) -- C:\Users\BR\Documents\SYC86 馬達 internal fan(0).pdf

========== Alternate Data Streams ==========

@Alternate Data Stream - 917 bytes -> C:\Users\BR\Documents\Re_ 1965 Chevrolet Corvette on UsedCorvettesOnline.com.eml:OECustomProperty
@Alternate Data Stream - 917 bytes -> C:\Users\BR\Documents\Re_ 1965 Chevrolet Corvette on UsedCorvettesOnline.com(0).eml:OECustomProperty
@Alternate Data Stream - 829 bytes -> C:\Users\BR\Documents\Aluminum Fabricated Tables.eml:OECustomProperty
@Alternate Data Stream - 781 bytes -> C:\Users\BR\Documents\P.O. For tumble weed.eml:OECustomProperty
@Alternate Data Stream - 781 bytes -> C:\Users\BR\Documents\P.O. For tumble weed(0).eml:OECustomProperty
@Alternate Data Stream - 613 bytes -> C:\Users\BR\Documents\reaper pic sept.eml:OECustomProperty
@Alternate Data Stream - 613 bytes -> C:\Users\BR\Documents\reaper pic sept(0).eml:OECustomProperty

< End of report >
  • 0

#27
gringo_pr
Posted 18 August 2013 - 11:22 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello RUSTY2

I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image text box.
    :OTL
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - SOFTWARE\Classes\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\InprocServer32 File not found
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll File not found
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-998330651-303224156-1059126384-1004\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll????? ????? ????? File not found
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKU\S-1-5-21-998330651-303224156-1059126384-1004..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll File not found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
IE:64bit: - HKLM\..\SearchScopes\{0336D126-A0DD-4CAC-8545-B6629D8F38E8}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
FF - prefs.js..browser.search.order.1: "Ask Search"
FF - HKLM\Software\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0: C:\Users\BR\AppData\Local\Temp\..\application data\nptrademanager\nptrademanager.dll ()
FF - HKLM\Software\MozillaPlugins\@alibaba.com/npwangwang;version=1.0: C:\Program Files (x86)\Trademanager\npwangwang.dll ( )
FF - HKCU\Software\MozillaPlugins\@alibaba.com/npAliSSOLogin;version=1.0: C:\Program Files (x86)\Trademanager\npAliSSOLogin.dll (Alibaba software (Shanghai) Corporation.)
FF - HKCU\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}: C:\Users\BR\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
O4 - HKU\S-1-5-21-998330651-303224156-1059126384-1004..\Run: [aliim] C:\Program Files (x86)\Trademanager\AliIM.exe (Alibaba (China) Co., Ltd.)
[2013/08/10 21:49:18 | 000,000,000 | ---D | C] -- C:\Users\BR\AppData\Roaming\Alibaba

:Files
ipconfig /flushdns /c

:Commands
[PURITY]
[emptyjava]
[EMPTYFLASH]
[reboot]
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.

Let me know How things are doing

Gringo
  • 0

#28
RUSTY2
Posted 18 August 2013 - 10:47 PM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
thank you for your help, here is the log

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A531D99C-5A22-449b-83DA-872725C6D0ED} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A531D99C-5A22-449b-83DA-872725C6D0ED}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7473B6BD-4691-4744-A82B-7854EB3D70B6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_roc_ssl_v12 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ deleted successfully.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
File Protocol\Handler\mso-offdap11 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0336D126-A0DD-4CAC-8545-B6629D8F38E8}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0336D126-A0DD-4CAC-8545-B6629D8F38E8}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Prefs.js: "Ask Search" removed from browser.search.order.1
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0\ deleted successfully.
C:\Users\BR\AppData\Local\Temp\..\application data\nptrademanager\nptrademanager.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@alibaba.com/npwangwang;version=1.0\ deleted successfully.
C:\Program Files (x86)\Trademanager\npwangwang.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@alibaba.com/npAliSSOLogin;version=1.0\ deleted successfully.
File C:\Program Files (x86)\Trademanager\npAliSSOLogin.dll (Alibaba software not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\{@alibaba.com/alisetup;version=1.0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{@alibaba.com/alisetup;version=1.0}\ not found.
C:\Users\BR\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-998330651-303224156-1059126384-1004\Software\Microsoft\Windows\CurrentVersion\Run\\aliim deleted successfully.
C:\Program Files (x86)\Trademanager\AliIM.exe moved successfully.
C:\Users\BR\AppData\Roaming\Alibaba\AliTalk folder moved successfully.
C:\Users\BR\AppData\Roaming\Alibaba folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\BR\Downloads\cmd.bat deleted successfully.
C:\Users\BR\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: bcom

User: BR
->Java cache emptied: 5778586 bytes

User: BRIAN
->Java cache emptied: 26557 bytes

User: Default

User: Default User

User: LogMeInRemoteUser

User: Public

Total Java Files Cleaned = 6.00 mb


[EMPTYFLASH]

User: All Users

User: bcom
->Flash cache emptied: 56475 bytes

User: BR
->Flash cache emptied: 58081 bytes

User: BRIAN
->Flash cache emptied: 57235 bytes

User: Default
->Flash cache emptied: 56475 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LogMeInRemoteUser

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08182013_213907
  • 0

#29
RUSTY2
Posted 19 August 2013 - 08:48 AM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
Great well it seems I have another problem now. Windows Mail suddenly stopped showing message text in the message preview pane, in the open message window and in the compose message window. headers display normally.even recently opened mail shows nothing now?
  • 0

#30
RUSTY2
Posted 19 August 2013 - 09:14 AM

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts
I ran windows live in my control panel and hit repair and now it seems to be working, but just wondering why this happened ?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP