Here is the FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-03-2015
Ran by Ricardo (administrator) on RICARDO-PC on 06-03-2015 22:34:53
Running from C:\Users\Ricardo\Desktop
Loaded Profiles: Ricardo (Available profiles: Ricardo)
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(MYOB Technology Pty Ltd) C:\Program Files\MYOB\AccountRight\Servers\Huxley.Library.WindowsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(PPStream Inc) C:\Program Files\PPSAP.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
() C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
(Dropbox, Inc.) C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MYOB Technology Pty Ltd) C:\Program Files\MYOB\AccountRight\2013.0\AU\Huxley.Server.WindowsService.exe
(MYOB Technology Pty Ltd) C:\Program Files\MYOB\AccountRight\Servers\Huxley.ServerLocator.WindowsService.exe
() C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.285\mcuicnt.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe
(Google Inc.) C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-03-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [614400 2009-08-14] ()
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader.exe [881152 2012-08-21] (Vitzo)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.)
HKLM\...\Run: [Redirector] => C:\Program Files\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-28] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKU\S-1-5-21-236562627-1104106619-1621759228-1000\...\Run: [PPS Accelerator] => C:\Program Files\ppsap.exe [214408 2010-02-24] (PPStream Inc)
HKU\S-1-5-21-236562627-1104106619-1621759228-1000\...\Run: [Google Update] => C:\Users\Ricardo\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-13] (Google Inc.)
HKU\S-1-5-21-236562627-1104106619-1621759228-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [18708224 2013-01-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
Startup: C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ricardo\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-236562627-1104106619-1621759228-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 61.9.195.193 61.9.194.49
Tcpip\..\Interfaces\{3FCFCB62-FAFC-4CA1-A511-4F7A5415B40C}: [NameServer] 10.1.1.1
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-236562627-1104106619-1621759228-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-236562627-1104106619-1621759228-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ricardo\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-03-13]
FF HKLM\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-16]
CHR Extension: (Google Wallet) - C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-05]
StartMenuInternet: Google Chrome - C:\Users\Ricardo\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-06] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 MYOB AccountRight Library; C:\Program Files\MYOB\AccountRight\Servers\Huxley.Library.WindowsService.exe [11264 2013-03-08] (MYOB Technology Pty Ltd) [File not signed]
R2 MYOB AccountRight Server 2013.0; C:\Program Files\MYOB\AccountRight\2013.0\AU\Huxley.Server.WindowsService.exe [15192 2013-03-08] (MYOB Technology Pty Ltd)
R2 MYOB AccountRight Server Locator; C:\Program Files\MYOB\AccountRight\Servers\Huxley.ServerLocator.WindowsService.exe [9728 2013-03-08] (MYOB Technology Pty Ltd) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [162304 2009-09-12] () [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 WSWNDA3100v2; C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1074944 2011-12-12] (Broadcom Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [File not signed]
R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx86.sys [40216 2013-10-12] ()
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-02-11] (Samsung Electronics Co., Ltd.) [File not signed]
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2010-10-15] () [File not signed]
S3 gdrv; C:\Windows\gdrv.sys [17488 2011-03-13] (Windows ® 2000 DDK provider)
S3 GVTDrv; C:\Windows\system32\Drivers\GVTDrv.sys [24944 2011-03-13] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2011-02-18] (Apple, Inc.) [File not signed]
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 tcphoc; \??\C:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.6.2194_1\Program\tcphoc.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-06 22:34 - 2015-03-06 22:35 - 00018739 _____ () C:\Users\Ricardo\Desktop\FRST.txt
2015-03-05 22:14 - 2015-03-05 22:14 - 00002154 _____ () C:\Windows\epplauncher.mif
2015-03-05 22:12 - 2015-03-05 22:12 - 00001826 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-03-05 22:12 - 2015-03-05 22:12 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-03-05 22:11 - 2010-04-06 07:00 - 00221568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-03-05 22:08 - 2015-03-05 22:08 - 11530032 _____ (Microsoft Corporation) C:\Users\Ricardo\Downloads\mseinstall (1).exe
2015-03-05 21:59 - 2015-03-05 21:59 - 01055952 _____ (Adobe) C:\Users\Ricardo\Downloads\install_reader10_en_mssa_aaa_aih.exe
2015-03-05 21:53 - 2015-03-05 21:54 - 00143008 _____ () C:\Windows\Minidump\Mini030515-03.dmp
2015-03-05 21:51 - 2015-03-05 21:51 - 00001947 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-03-05 21:51 - 2015-03-05 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-03-05 21:51 - 2015-03-05 21:51 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-05 21:51 - 2015-03-05 21:51 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-03-05 21:50 - 2015-03-05 21:50 - 00001892 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-03-05 21:50 - 2015-03-05 21:50 - 00001804 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-03-05 21:50 - 2015-03-05 21:50 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-05 21:50 - 2015-03-05 21:50 - 00000000 ____D () C:\Program Files\Adobe
2015-03-05 21:41 - 2015-03-05 21:41 - 00143008 _____ () C:\Windows\Minidump\Mini030515-02.dmp
2015-03-05 21:37 - 2015-03-05 21:37 - 00000000 ____D () C:\Users\Ricardo\Desktop\FRST-OlderVersion
2015-03-05 19:23 - 2015-03-05 19:24 - 00142960 _____ () C:\Windows\Minidump\Mini030515-01.dmp
2015-03-04 21:59 - 2015-03-04 22:00 - 00852604 _____ () C:\Users\Ricardo\Desktop\SecurityCheck.exe
2015-03-04 21:54 - 2015-03-04 21:55 - 05198336 _____ (AVAST Software) C:\Users\Ricardo\Desktop\aswMBR.exe
2015-03-03 23:00 - 2015-03-03 23:00 - 00088438 _____ () C:\Users\Ricardo\Downloads\Prosperitas Superfund 2014.zip
2015-03-03 23:00 - 2015-03-03 23:00 - 00056388 _____ () C:\Users\Ricardo\Downloads\Prosperitas Superfund 2013System files.zip
2015-03-03 21:56 - 2015-03-03 21:56 - 02347384 _____ (ESET) C:\Users\Ricardo\Desktop\esetsmartinstaller_enu.exe
2015-03-03 19:34 - 2015-03-03 21:49 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-03 19:33 - 2015-03-03 19:34 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-03 19:33 - 2015-03-03 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-03 19:33 - 2015-03-03 19:34 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-03 19:33 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-03 19:33 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-03 19:33 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-03 19:32 - 2015-03-03 19:33 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Ricardo\Desktop\mbam-setup-2-0-3-1025.exe
2015-03-03 19:30 - 2015-03-03 19:31 - 00000000 ____D () C:\Users\Ricardo\Desktop\New Folder
2015-03-03 19:23 - 2015-03-03 19:23 - 00143008 _____ () C:\Windows\Minidump\Mini030315-01.dmp
2015-03-03 19:21 - 2015-03-03 19:21 - 01388333 _____ (Thisisu) C:\Users\Ricardo\Desktop\JRT.exe
2015-03-01 18:45 - 2015-03-01 18:47 - 02126848 _____ () C:\Users\Ricardo\Downloads\AdwCleaner (1).exe
2015-03-01 18:39 - 2015-03-01 18:42 - 00000000 ____D () C:\AdwCleaner
2015-03-01 18:39 - 2015-03-01 18:39 - 02126848 _____ () C:\Users\Ricardo\Downloads\AdwCleaner.exe
2015-03-01 18:07 - 2015-03-01 18:09 - 01132032 _____ (Farbar) C:\Users\Ricardo\Downloads\FRST (1).exe
2015-03-01 18:02 - 2015-03-01 18:02 - 00984576 _____ () C:\Users\Ricardo\Downloads\MicrosoftFixit50906.msi
2015-03-01 11:44 - 2015-03-05 21:37 - 01132544 _____ (Farbar) C:\Users\Ricardo\Desktop\FRST.exe
2015-03-01 11:42 - 2015-03-01 11:43 - 00040756 _____ () C:\Users\Ricardo\Downloads\FRST.txt
2015-03-01 11:42 - 2015-03-01 11:43 - 00034577 _____ () C:\Users\Ricardo\Downloads\Addition.txt
2015-03-01 11:41 - 2015-03-06 22:34 - 00000000 ____D () C:\FRST
2015-03-01 11:41 - 2015-03-01 11:41 - 01132032 _____ (Farbar) C:\Users\Ricardo\Downloads\FRST.exe
2015-02-28 21:47 - 2015-02-28 21:47 - 00121902 _____ () C:\Users\Ricardo\Downloads\OTL.Txt
2015-02-28 21:47 - 2015-02-28 21:47 - 00060752 _____ () C:\Users\Ricardo\Downloads\Extras.Txt
2015-02-28 21:40 - 2015-02-28 21:40 - 00602112 _____ (OldTimer Tools) C:\Users\Ricardo\Downloads\OTL.exe
2015-02-28 14:16 - 2015-02-28 14:16 - 00029914 _____ () C:\Users\Ricardo\Downloads\Bucks n Beans - Handi tax return.zip
2015-02-28 12:48 - 2015-02-28 12:49 - 00143008 _____ () C:\Windows\Minidump\Mini022815-01.dmp
2015-02-28 12:16 - 2015-02-28 12:16 - 00071772 _____ () C:\Users\Ricardo\Downloads\BNB2014 (1).zip
2015-02-28 12:09 - 2015-02-28 12:10 - 09953401 _____ () C:\Users\Ricardo\Downloads\BookScan.apk
2015-02-28 11:34 - 2015-02-28 11:34 - 00024666 _____ () C:\Users\Ricardo\Downloads\Result.txt
2015-02-28 11:33 - 2015-02-28 11:33 - 00401920 _____ (Farbar) C:\Users\Ricardo\Downloads\MiniToolBox.exe
2015-02-27 23:53 - 2015-02-27 23:53 - 03419933 _____ () C:\Users\Ricardo\Downloads\BAS qtr to Dec 2014.zip
2015-02-27 21:56 - 2015-02-27 22:05 - 00000000 ____D () C:\symbols
2015-02-27 21:45 - 2015-02-27 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)
2015-02-27 21:45 - 2015-02-27 21:45 - 00000000 ____D () C:\Program Files\Debugging Tools for Windows (x86)
2015-02-27 21:41 - 2015-02-27 21:43 - 17811456 _____ () C:\Users\Ricardo\Downloads\dbg_x86_6.11.1.402.msi
2015-02-27 21:41 - 2015-02-27 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-02-27 21:41 - 2015-02-27 21:41 - 00000000 ____D () C:\Program Files\Windows Kits
2015-02-27 21:41 - 2015-02-27 21:41 - 00000000 ____D () C:\Program Files\Application Verifier
2015-02-27 21:30 - 2015-02-27 21:32 - 19587072 _____ () C:\Users\Ricardo\Downloads\X64 Debuggers And Tools-x64_en-us.msi
2015-02-27 21:20 - 2015-02-27 21:41 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-27 21:19 - 2015-02-27 21:19 - 00998040 _____ (Microsoft Corporation) C:\Users\Ricardo\Downloads\sdksetup.exe
2015-02-27 20:47 - 2015-02-27 20:47 - 00142960 _____ () C:\Windows\Minidump\Mini022715-02.dmp
2015-02-27 20:44 - 2015-02-27 20:44 - 00142912 _____ () C:\Windows\Minidump\Mini022715-01.dmp
2015-02-26 21:58 - 2015-02-26 21:58 - 00143008 _____ () C:\Windows\Minidump\Mini022615-01.dmp
2015-02-25 19:06 - 2015-02-25 19:06 - 00138744 _____ () C:\Windows\Minidump\Mini022515-01.dmp
2015-02-24 18:56 - 2015-02-24 18:56 - 00142912 _____ () C:\Windows\Minidump\Mini022415-03.dmp
2015-02-24 18:54 - 2015-02-24 18:54 - 00000000 _____ () C:\Windows\Minidump\Mini022415-02.dmp
2015-02-24 18:50 - 2015-02-24 18:50 - 00000000 _____ () C:\Windows\Minidump\Mini022415-01.dmp
2015-02-23 19:30 - 2015-02-23 19:30 - 00142912 _____ () C:\Windows\Minidump\Mini022315-02.dmp
2015-02-23 19:24 - 2015-02-23 19:24 - 00142960 _____ () C:\Windows\Minidump\Mini022315-01.dmp
2015-02-22 15:11 - 2015-02-22 15:11 - 00142960 _____ () C:\Windows\Minidump\Mini022215-02.dmp
2015-02-22 11:23 - 2015-02-22 11:23 - 00139792 _____ () C:\Users\Ricardo\Downloads\PIF.csv
2015-02-22 10:22 - 2015-02-22 10:22 - 00142960 _____ () C:\Windows\Minidump\Mini022215-01.dmp
2015-02-21 10:12 - 2015-02-21 10:13 - 00142960 _____ () C:\Windows\Minidump\Mini022115-01.dmp
2015-02-19 21:37 - 2015-02-19 21:37 - 05752207 _____ () C:\Users\Ricardo\Downloads\December Quarter BAS.zip
2015-02-19 21:37 - 2015-02-19 21:37 - 00000000 ____D () C:\Users\Ricardo\Downloads\Statements022
2015-02-19 21:35 - 2015-02-19 21:35 - 05735529 _____ () C:\Users\Ricardo\Downloads\Statements022.zip
2015-02-16 22:59 - 2015-02-16 23:21 - 00000000 ____D () C:\Users\Ricardo\Downloads\Accountants Exemption Information and Resources _2014
2015-02-16 22:58 - 2015-02-16 22:58 - 08194758 _____ () C:\Users\Ricardo\Downloads\Accountants Exemption Information and Resources _2014 (1).zip
2015-02-16 22:58 - 2013-09-27 15:36 - 00043055 _____ () C:\Users\Ricardo\Downloads\Limited AFSL_Risk Register 2013-09-24.xlsx
2015-02-16 22:57 - 2015-02-16 22:57 - 08194758 _____ () C:\Users\Ricardo\Downloads\Accountants Exemption Information and Resources _2014.zip
2015-02-14 15:37 - 2015-02-14 15:38 - 24583627 _____ () C:\Users\Ricardo\Downloads\BookScan_App.zip
2015-02-13 22:04 - 2015-01-23 14:00 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 22:04 - 2015-01-23 13:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-12 22:00 - 2014-11-26 13:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 21:59 - 2015-01-09 11:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 21:58 - 2015-01-13 12:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 21:55 - 2015-01-15 15:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 21:55 - 2014-12-08 12:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 20:04 - 2015-01-14 12:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 20:04 - 2015-01-14 12:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-11 20:04 - 2015-01-14 12:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 20:04 - 2015-01-14 12:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 20:04 - 2015-01-14 12:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 20:04 - 2015-01-14 12:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 20:04 - 2015-01-14 12:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 20:04 - 2015-01-14 12:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 20:04 - 2015-01-14 12:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 20:04 - 2015-01-14 12:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-11 20:04 - 2015-01-14 12:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 20:04 - 2015-01-14 12:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 20:04 - 2015-01-14 12:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 20:04 - 2015-01-14 12:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 20:04 - 2015-01-14 12:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 20:04 - 2015-01-14 12:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 20:04 - 2015-01-14 12:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 20:04 - 2015-01-14 12:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-11 20:04 - 2015-01-14 12:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-11 20:04 - 2015-01-14 12:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-07 21:30 - 2015-02-07 21:30 - 09099935 _____ () C:\Users\Ricardo\Downloads\ht203all (2).exe
2015-02-04 22:23 - 2015-02-04 22:24 - 09110145 _____ () C:\Users\Ricardo\Downloads\ht204all.exe
2015-02-04 21:51 - 2015-02-04 21:51 - 00000000 ____D () C:\Program Files\Common Files\Java
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-06 22:29 - 2006-11-02 23:51 - 01394432 _____ () C:\Windows\WindowsUpdate.log
2015-03-06 22:08 - 2012-08-05 23:11 - 00000000 ___RD () C:\Users\Ricardo\Dropbox
2015-03-06 22:08 - 2012-08-05 23:09 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Dropbox
2015-03-06 22:04 - 2006-11-03 00:00 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-06 22:04 - 2006-11-02 23:46 - 00004880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-06 22:04 - 2006-11-02 23:46 - 00004880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-05 23:05 - 2006-11-03 00:00 - 00032554 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-05 22:36 - 2011-03-25 23:12 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236562627-1104106619-1621759228-1000UA.job
2015-03-05 22:03 - 2011-07-10 12:46 - 00000000 ____D () C:\Program Files\ESET
2015-03-05 21:59 - 2013-01-13 22:40 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Skype
2015-03-05 21:53 - 2014-12-14 20:32 - 450972604 _____ () C:\Windows\MEMORY.DMP
2015-03-05 21:53 - 2014-12-14 20:32 - 00000000 ____D () C:\Windows\Minidump
2015-03-05 21:53 - 2006-11-02 23:59 - 00308984 _____ () C:\Windows\PFRO.log
2015-03-05 21:50 - 2011-03-15 21:16 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-05 21:49 - 2011-03-15 21:16 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\Adobe
2015-03-05 19:36 - 2011-03-25 23:12 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-236562627-1104106619-1621759228-1000Core.job
2015-03-04 00:16 - 2011-03-13 18:45 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-03 19:33 - 2013-10-18 20:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-01 18:17 - 2013-01-13 22:40 - 00000000 ___RD () C:\Program Files\Skype
2015-03-01 18:17 - 2013-01-13 22:40 - 00000000 ____D () C:\ProgramData\Skype
2015-02-28 23:16 - 2014-12-25 11:27 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\AUSkey
2015-02-28 22:19 - 2014-12-21 11:09 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\CutePDF Writer
2015-02-28 14:27 - 2014-12-14 15:04 - 00000204 _____ () C:\Windows\MYOBP.INI
2015-02-28 14:27 - 2014-12-14 15:04 - 00000039 _____ () C:\Windows\MYOB.INI
2015-02-25 21:28 - 2012-08-05 23:41 - 00000000 ____D () C:\Adrian
2015-02-23 21:12 - 2011-03-17 20:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qvod Player 3.5
2015-02-23 21:12 - 2011-03-17 20:51 - 00000000 ____D () C:\Program Files\QvodPlayer
2015-02-23 21:11 - 2013-06-23 18:17 - 00000000 ____D () C:\Program Files\Splashtop
2015-02-22 20:36 - 2013-10-12 22:20 - 00000000 ____D () C:\Program Files\NCH Software
2015-02-22 15:37 - 2013-10-18 22:00 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\PokerStars
2015-02-22 15:37 - 2013-10-18 22:00 - 00000000 ____D () C:\Program Files\PokerStars
2015-02-22 15:36 - 2014-12-31 22:52 - 00000000 ____D () C:\Users\Ricardo\AppData\Local\filestore
2015-02-22 15:35 - 2013-10-12 22:20 - 00000000 ____D () C:\ProgramData\NCH Software
2015-02-22 15:25 - 2011-03-13 00:25 - 00179712 _____ () C:\Users\Ricardo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-21 00:39 - 2011-03-25 23:49 - 00002052 _____ () C:\Users\Ricardo\Desktop\Google Chrome.lnk
2015-02-14 14:57 - 2006-11-02 21:33 - 00759542 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-13 21:41 - 2012-08-05 23:11 - 00000925 _____ () C:\Users\Ricardo\Desktop\Dropbox.lnk
2015-02-13 21:41 - 2012-08-05 23:10 - 00000000 ____D () C:\Users\Ricardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-13 21:28 - 2006-11-02 23:46 - 00415008 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 22:07 - 2013-08-21 20:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 22:00 - 2006-11-02 21:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-02-12 21:59 - 2011-03-21 22:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-04 21:53 - 2014-12-25 11:05 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-04 21:50 - 2014-12-25 11:21 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-02-04 21:49 - 2011-03-13 13:38 - 00000000 ____D () C:\Program Files\Java
==================== Files in the root of some directories =======
2009-07-16 13:41 - 2009-07-16 13:41 - 0000177 _____ () C:\Program Files\assoc.ini
2011-01-18 17:25 - 2011-01-18 17:25 - 0484800 _____ (PPStream Inc.) C:\Program Files\fds.dll
2011-01-04 14:27 - 2011-01-04 14:27 - 0300424 _____ (PPStream Inc.) C:\Program Files\FlashPlayDll.dll
2010-12-24 14:00 - 2010-12-24 14:00 - 1700352 _____ (Microsoft Corporation) C:\Program Files\GdiPlus.dll
2010-02-22 18:58 - 2010-02-22 18:58 - 1219464 _____ (PPStream Inc. ) C:\Program Files\Livenet2.dll
2011-01-27 14:22 - 2011-01-27 14:22 - 1563016 _____ (PPStream Inc. ) C:\Program Files\Livenet3.dll
2011-03-07 17:42 - 2011-03-07 17:42 - 2729352 _____ (PPStream Inc.) C:\Program Files\LPlayer.dll
2011-03-02 20:15 - 2011-03-02 20:15 - 1534344 _____ (PPStream Inc.) C:\Program Files\MediaList.ocx
2011-03-07 17:42 - 2011-03-07 17:42 - 2778504 _____ (PPStream Inc.) C:\Program Files\pfvplayer.dll
2010-09-07 00:13 - 2010-09-07 00:13 - 0278528 _____ (Real Networks, Inc) C:\Program Files\pncrt.dll
2010-12-31 21:24 - 2010-12-31 21:24 - 2053000 _____ (PPStream Inc.) C:\Program Files\PowerList.ocx
2011-03-07 18:32 - 2011-03-07 18:32 - 1508744 _____ (PPStream Inc.) C:\Program Files\PowerPlayer.dll
2011-03-02 19:18 - 2011-03-02 19:18 - 0304008 _____ (PPStream Inc.) C:\Program Files\pp2play.dll
2010-02-24 14:25 - 2010-02-24 14:25 - 0214408 _____ (PPStream Inc) C:\Program Files\PPSAP.exe
2009-06-01 12:36 - 2009-06-01 12:36 - 0348096 _____ (PPStream Inc.) C:\Program Files\ppsimage.dll
2011-02-28 19:44 - 2011-02-28 19:44 - 5826952 _____ (PPStream Inc.) C:\Program Files\PPStream.exe
2011-03-01 13:02 - 2011-03-01 13:02 - 0361864 _____ (PPStream Inc.) C:\Program Files\PSNetwork.dll
2011-03-01 17:43 - 2011-03-01 17:43 - 0207152 _____ (PPStream Inc.) C:\Program Files\unpps.exe
2011-03-17 20:58 - 2011-03-17 20:58 - 0000227 _____ () C:\Program Files\update.ini
2008-07-11 20:44 - 2008-07-11 20:44 - 0067678 _____ () C:\Program Files\Vista.ssk
2011-03-07 14:41 - 2011-03-07 14:41 - 1369480 _____ (PPStream Inc.) C:\Program Files\Vodnet.dll
2011-03-07 14:41 - 2011-03-07 14:41 - 0423304 _____ (PPStream Inc.) C:\Program Files\Vodres.dll
2012-09-04 22:56 - 2010-01-26 12:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-05-25 22:37 - 2011-05-25 22:37 - 0010963 _____ () C:\Users\Ricardo\AppData\Roaming\SmarThruOptions.xml
2011-03-13 00:03 - 2014-12-20 18:28 - 0000680 _____ () C:\Users\Ricardo\AppData\Local\d3d9caps.dat
2011-03-13 00:25 - 2015-02-22 15:25 - 0179712 _____ () C:\Users\Ricardo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-09 16:36 - 2011-07-28 17:32 - 0000000 _____ () C:\ProgramData\Spooler opens temp file
Some content of TEMP:
====================
C:\Users\Ricardo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_js343.dll
C:\Users\Ricardo\AppData\Local\Temp\mpam-df598f78.exe
C:\Users\Ricardo\AppData\Local\Temp\Quarantine.exe
C:\Users\Ricardo\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-06 22:14
==================== End Of Log ============================