Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

downloaded IMVU and spyhunter4 ;-;

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

downloaded IMVU and spyhunter4 ;-;

Unread postby Vanilla-krypton » January 15th, 2014, 3:39 pm

Ok so, about a month ago I downloaded IMVU. I quickly got tired of it and it was lagging my computer terribly. So, of course I uninstalled it. After doing so, my computer continued to be laggy and I knew something was up. So, I googled a bunch of ways to get rid of the IMVU virus and I read that I could use spyhunter4 to get rid of it. So, I downloaded spyhunter4 and ran a scan. The scan found 1,400 different virus things on my computer, the majority of it being tracking cookies. Spyhunter4 wanted me to pay to get rid of the viruses so I just uninstalled it. After I uninstalled it my Norton Antivirus started picking up trojans and modifications to my start up settings. My computer is still horribly laggy, it randomly closes tabs and windows, there's pop ups, and recently the icons and start menu bar have been disappearing.

dds.txt-

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6002.18005
Run by Danielle at 14:24:44 on 2014-01-15
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1918.766 [GMT -5:00]
.
AV: Norton Internet Security *Enabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\rundll32.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Free Ride Games\GPlayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Users\Danielle\AppData\Roaming\Spotify\Spotify_new.exe
C:\Windows\system32\conime.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uSearch Bar = hxxp://my.netzero.net/s/search?r=minisearch
uSearch Page = hxxp://my.netzero.net/s/search?r=minisearch
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
mSearch Page = hxxp://my.netzero.net/s/search?r=minisearch
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
mDefault_Search_URL = hxxp://my.netzero.net/s/search?r=minisearch
uSearchURL,(Default) = hxxp://my.netzero.net/s/search?r=minisearch
uURLSearchHooks: {00A6FAF6-072E-44cf-8957-5838F569A31D} - <orphaned>
uURLSearchHooks: {f92a9fe4-2850-4198-b9d5-279880e49b16} - <orphaned>
uURLSearchHooks: {bb45ef8e-1e36-4535-a017-ec908fb1e335} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Better Surf Plus: {1824FF90-C98E-48A6-838F-E3B6572B0C77} -
BHO: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} -
BHO: Video Player: {2cbed59b-72ad-4e61-8ee2-0a8bc1c7a44a} -
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\common files\symantec shared\ids\IPSBHO.dll
BHO: Browse2save: {794102C7-184D-E4C7-9C18-6BA131F039D5} -
BHO: Better-Surf: {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} -
BHO: Kozaka: {a45e3fa8-5048-4372-94ad-c6661671f7fc} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Wincore Mediabar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe autorun=AUTORUN
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [Facebook Update] "c:\users\danielle\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Exetender] "c:\program files\free ride games\GPlayer.exe" /runonstartup
uRun: [Spotify Web Helper] "c:\users\danielle\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Spotify] "c:\users\danielle\appdata\roaming\spotify\Spotify.exe" /uri spotify:autostart
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [DPService] "c:\program files\hp\dvdplay\DPService.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateReg] "c:\windows\system32\jureg.exe" -delete
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [SMessaging] c:\users\danielle\appdata\local\strongvault online backup\SMessaging.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
dRun: [Exetender] "c:\program files\free ride games\GPlayer.exe" /runonstartup
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Trusted Zone: netzero.com
Trusted Zone: netzero.net
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{9236C930-75F5-48DF-8A95-8499A47D475E} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{d8932e52-6a6f-11db-b6ab-806e6f6e6963} : NameServer = 107.6.133.8,23.23.180.210
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\progra~1\browse~1\sprote~1.dll c:\progra~2\smooth~1\smooth~1.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2014-01-14 02:50:11 -------- d-----w- c:\windows\system32\eu-ES
2014-01-14 02:50:11 -------- d-----w- c:\windows\system32\ca-ES
2014-01-14 02:50:09 -------- d-----w- c:\windows\system32\vi-VN
2014-01-14 02:39:02 -------- d-----w- c:\windows\system32\SPReview
2014-01-14 02:26:13 928768 ----a-w- c:\windows\system32\scavenge.dll
2014-01-14 02:25:55 57856 ----a-w- c:\windows\system32\compcln.exe
2014-01-14 02:22:59 40448 ----a-w- c:\windows\system32\certprop.dll
2014-01-14 02:21:59 1123840 ----a-w- c:\windows\system32\usercpl.dll
2014-01-14 02:20:57 125952 ----a-w- c:\windows\system32\tintlgnt.ime
2014-01-14 02:20:56 1576960 ----a-w- c:\windows\system32\tquery.dll
2014-01-14 02:20:55 242688 ----a-w- c:\windows\system32\tapisrv.dll
2014-01-14 02:20:55 170496 ----a-w- c:\windows\system32\tcpipcfg.dll
2014-01-14 02:20:55 135168 ----a-w- c:\windows\system32\tcpmon.dll
2014-01-14 02:20:54 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-01-14 02:20:54 615424 ----a-w- c:\windows\system32\themeui.dll
2014-01-14 02:20:54 53224 ----a-w- c:\windows\system32\drivers\termdd.sys
2014-01-14 02:20:54 449024 ----a-w- c:\windows\system32\termsrv.dll
2014-01-14 02:20:54 313344 ----a-w- c:\windows\system32\thawbrkr.dll
2014-01-14 02:20:54 1152000 ----a-w- c:\windows\system32\themecpl.dll
2014-01-14 02:16:12 -------- d-----w- C:\aea6443951cd268773389a2fbc401c
2014-01-14 01:34:32 -------- d-----w- c:\users\danielle\appdata\local\Microsoft Corporation
2014-01-14 01:32:48 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2014-01-13 03:22:45 -------- d-----w- c:\windows\system32\EventProviders
2014-01-10 00:01:59 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2014-01-10 00:01:59 117360 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2014-01-10 00:01:58 75376 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2014-01-10 00:01:58 272496 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll
2014-01-10 00:01:58 20080 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2014-01-09 23:30:14 -------- d-----w- c:\program files\VideoPlayerV3
2013-12-31 04:24:15 -------- d-----w- c:\programdata\Smooth Browsing
2013-12-28 20:36:04 -------- d-----w- c:\users\danielle\appdata\local\ElevatedDiagnostics
2013-12-28 20:35:59 -------- d-----w- C:\MATS
2013-12-28 18:26:16 -------- d-----w- c:\program files\Enigma Software Group
2013-12-28 18:24:45 -------- d-----w- c:\windows\220FB0354744483A9A0B41DF77061583.TMP
2013-12-28 18:24:39 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2013-12-27 21:12:29 -------- d-----w- c:\program files\WebexpEnhancedV1
.
==================== Find3M ====================
.
2013-12-10 20:09:57 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 20:09:57 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 14:29:55.08 ===============


attach.txt-

DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 9/4/2008 10:07:29 AM
System Uptime: 1/15/2014 2:21:35 PM (0 hours ago)
.
Motherboard: OEM_MB | | IVY8
Processor: AMD Sempron(tm) Dual Core Processor 2200 | Socket AM2 | 1800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 138 GiB total, 27.232 GiB free.
D: is FIXED (NTFS) - 11 GiB total, 1.506 GiB free.
E: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP709: 1/13/2014 9:19:01 PM - Windows Vista™ Service Pack 2
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.2
AppCore
Belkin USB Wireless Adaptor
CameraHelperMsi
Cards_Calendar_OrderGift_DoMorePlugout
ccCommon
Cheat Engine 6.1
Compatibility Pack for the 2007 Office system
Component Framework
CyberLink DVD Suite Deluxe
Download Updater (AOL Inc.)
DVD Play
Enhanced Multimedia Keyboard Solution
erLT
Facebook Video Calling 1.2.0.287
Facebook Video Calling 2.0.0.447
Façade
Free Realms
Free Ride Games Player
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hamsterball 3.6
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Demo
HP Photosmart Essential 2.5
HP Photosmart Essential 3.0
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Total Care Advisor
HP Update
HPPhotoSmartPhotobookWebPack1
HPTCSSetup
LiveUpdate (Symantec Corporation)
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
Network Play System (Patching)
Norton AntiVirus
Norton AntiVirus Help
Norton AntiVirus Online (Symantec Corporation)
Norton Protection Center
NVIDIA Drivers
Origin
PCIe Soft Data Fax Modem with SmartCP
PSSWCORE
Python 2.5.2
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Skype Click to Call
Skype™ 6.10
Smooth Browsing
Software Version Updater
SPBBC 32bit
Spotify
Strongvault Online Backup
Symantec Real Time Storage Protection Component
SymNet
The Sims
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage
The Sims™ 2 Double Deluxe
The Sims™ 2 FreeTime
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Seasons
The Sims™ 3
The Sims™ 3 70s, 80s, & 90s Stuff
The Sims™ 3 Ambitions
The Sims™ 3 Create a World Tool - Beta
The Sims™ 3 Diesel Stuff
The Sims™ 3 Fast Lane Stuff
The Sims™ 3 Generations
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 Into the Future
The Sims™ 3 Island Paradise
The Sims™ 3 Katy Perry's Sweet Treats
The Sims™ 3 Late Night
The Sims™ 3 Master Suite Stuff
The Sims™ 3 Movie Stuff
The Sims™ 3 Outdoor Living Stuff
The Sims™ 3 Pets
The Sims™ 3 Seasons
The Sims™ 3 Showtime
The Sims™ 3 Supernatural
The Sims™ 3 Town Life Stuff
The Sims™ 3 University Life
The Sims™ 3 World Adventures
The Sims™ Life Stories
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Video Player
VideoToolkit01
Windows 7 Upgrade Advisor
.
==== Event Viewer Messages From Past Week ========
.
1/15/2014 2:23:10 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
1/15/2014 2:23:10 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
1/15/2014 2:23:10 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
1/15/2014 2:23:10 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
.
==== End Of File ===========================
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm
Advertisement
Register to Remove

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby pgmigg » January 15th, 2014, 3:43 pm

Hello Vanilla-krypton,

Welcome back to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby pgmigg » January 15th, 2014, 4:34 pm

Hello Vanilla-krypton,

Step 1.
Create a System Restore Point
Because we are going to be making changes to your computer, it is advisable to create a new System Restore Point.
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection, then choose Create.
  4. In the System Restore dialog box, type a description for the restore point and then click Create again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK, then close the System Restore dialog.

If you have successfully created a System Restore Point, we can proceed.
If you have NOT successfully created a System Restore Point, do not go any further!
Please post back so we can determine why it was unsuccessful.


Step 2.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the words 'Code: Select all' into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Cheat Engine 6.1
    Free Realms
    Free Ride Games Player
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

Step 3.
Image Junkware Removal Tool
  1. Please download Junkware Removal Tool and save JRT.exe to your Desktop.
  2. Shut down your protection software as shown in This topic now to avoid potential conflicts.
  3. Right click on JRT.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  4. Please be patient as this can take a while to complete depending on your system's specifications.
  5. On completion, a log file JRT.txt is saved to your desktop and will automatically open.
  6. Please post the contents of JRT.txt into your next reply.

Step 4.
AdwCleaner
Please download AdwCleaner by Xplode onto your desktop.
  1. Close all open programs and internet browsers.
  2. Right click on adwcleaner.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  3. Click on Scan. When the scan finishes, you'll see a message on the product window: "Pending. Please uncheck elements you don't want to remove."
  4. Press the Clean button.
  5. A log file C:\AdwCleaner[Sn].txt will automatically open. ([Sn] n = number of run)
  6. Please post the content of the C:\AdwCleaner[Sn].txt log file in your next reply.

Step 5.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Then:
Please tell me about The Sims games - did you installed all of them yourself?

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the JRT.txt log file
  3. Contents of the AdwCleaner[Sn].txt log file
  4. Contents of a OTL.txt log file
  5. Contents of a Extras.txt log file
  6. Answer about The Sims games.
  7. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby Vanilla-krypton » January 15th, 2014, 5:07 pm

When I tried to uninstall Free Realms a message popped up that said: '' Runtime Error! Program: C:\Users\Danielle\AppData\Local\Temp\Uninstaller-5396.exe This application has requested the Runtime to terminate in an unusual way. Please contact the application's support team for more information.'' Then I hit ok and it said: ''Uninstaller-4448.exe has stopped working A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available.'' I then clicked close program. I tried to uninstall three more times and every time there's a different number for ''4448'' in ''Uninstaller-4448.exe''
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby pgmigg » January 15th, 2014, 6:47 pm

Please skip Free Realms uninstalling attempts and proceed with next steps...
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby Vanilla-krypton » January 15th, 2014, 7:52 pm

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows Vista (TM) Home Basic x86
Ran by Danielle on Wed 01/15/2014 at 18:39:42.66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wecarereminder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\fun web products
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\funwebproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\mywebsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\searchqutoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{103089DA-0F31-4A8B-843F-7D24A7FE8345}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\search results toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1320680
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3101810
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{794102C7-184D-E4C7-9C18-6BA131F039D5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{794102C7-184D-E4C7-9C18-6BA131F039D5}



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\goforfilesupdate
Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\cloud software ltd"
Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
Successfully deleted: [Folder] "C:\Users\Danielle\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Danielle\AppData\Roaming\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Danielle\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Danielle\AppData\Roaming\iwin"
Successfully deleted: [Folder] "C:\Users\Danielle\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\funwebproducts"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\mywebsearch"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Users\Danielle\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\vaudix"
Successfully deleted: [Folder] "C:\Program Files\Common Files\software update utility"
Successfully deleted: [Folder] "C:\Users\Danielle\AppData\Roaming\microsoft\windows\start menu\programs\free ride games"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Users\Danielle\AppData\Roaming\mozilla\firefox\profiles\dv9qb26k.default\user.js
Successfully deleted: [File] C:\Users\Danielle\AppData\Roaming\mozilla\firefox\profiles\dv9qb26k.default\extensions\addon@defaulttab.com.xpi
Successfully deleted: [File] C:\Users\Danielle\AppData\Roaming\mozilla\firefox\profiles\dv9qb26k.default\searchplugins\search-here.xml
Successfully deleted: [File] C:\Users\Danielle\AppData\Roaming\mozilla\firefox\profiles\dv9qb26k.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\Danielle\AppData\Roaming\mozilla\firefox\profiles\dv9qb26k.default\searchplugins\searchtheweb.xml
Successfully deleted the following from C:\Users\Danielle\AppData\Roaming\mozilla\firefox\profiles\dv9qb26k.default\prefs.js

user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&s_qt=ab&s_it=amonetizetest1-ff&tb_uuid=20121203225753354&t
user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=amonetizetest1-ff&s_qt=sb&tb_uuid=20121203225753354&tb_oid=03-12-2012&tb_mrud=
user_pref("browser.search.order.1", "Search Results");
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.defaulttab.lastUsed", 1354594292);
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CUI=UN33934945972107223&q=");
user_pref("smartbar.originalSearchAddressUrl", "hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&s_qt=ab&s_it=amonetizetest1-ff&tb_uuid=20121203225753354&tb_oi
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\Danielle\AppData\Roaming\mozilla\firefox\profiles\dv9qb26k.default\minidumps [283 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/15/2014 at 18:45:35.83
Computer was rebooted
End of JRT log


And about the Sims games. I did buy all of them at the store and download them myself.
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby pgmigg » January 15th, 2014, 8:06 pm

Hello Vanilla-krypton,

And about the Sims games. I did buy all of them at the store and download them myself.
Thank you, I need this information to separate applications were installed by you and by IMVU under the cover.

Anyway, you made a good job and I am waiting for the rest of the logs... :D

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby Vanilla-krypton » January 15th, 2014, 9:51 pm

Adwcleaner log-

# AdwCleaner v3.017 - Report created 15/01/2014 at 19:09:02
# Updated 12/01/2014 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : Danielle - SENNSTROM-HOME
# Running from : C:\Users\Danielle\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Browse2Save
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files\Better-Surf
Folder Deleted : C:\Program Files\BrowseToSave
Folder Deleted : C:\Users\Danielle\AppData\Local\PackageAware
Folder Deleted : C:\Users\Danielle\AppData\LocalLow\wincoreimband
Folder Deleted : C:\Users\School\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Caitlyn Houk\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Caitlyn Houk\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Caitlyn Houk\AppData\LocalLow\mediabarim
Folder Deleted : C:\Users\Caitlyn Houk\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Caitlyn Houk\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Caitlyn Houk\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Caitlyn Houk\AppData\LocalLow\wincoreimband
Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\Extensions\50f7225c070c4@50f7225c070fd.com
Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\Extensions\50f72569c6f10@50f72569c6f49.com
Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\Extensions\trash
Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\Extensions\{72a0f495-ba60-4524-827b-b36b8c18587a}
Folder Deleted : C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\albdabdghhkekbhhiakniganflmkdkmc
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D03E4ED-1A1F-4ABD-A162-A3727C850DD0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D03E4ED-1A1F-4ABD-A162-A3727C850DD0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9305439-B383-BDFB-CEFE-506EADC4DD89}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\AppDataLow\Software\mediabarim
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\InfoAtoms
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6002.18005

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl []

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\prefs.js ]

Line Deleted : user_pref("CT3272810.UserID", "UN33934945972107223");
Line Deleted : user_pref("CT3272810.addressUrlXPETakeover", "true");
Line Deleted : user_pref("CT3272810.autoDisableScopes", -1);
Line Deleted : user_pref("CT3272810.installDate", "16/1/2013 16:37:17");
Line Deleted : user_pref("CT3272810.keyword", "true");
Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("browser.newtabpage.pinned", "[{\"url\":\"hxxp://www.goodgoth.com/\",\"title\":\"GoodGoth.com\"},{\"url\":\"hxxp://www.sinistersoles.com/\",\"title\":\"Gothic Boots, Gothic Shoes, Demonia Sh[...]
Line Deleted : user_pref("ct3272810.UserID", "UN33934945972107223");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10923 octets] - [15/01/2014 18:55:35]
AdwCleaner[S0].txt - [10039 octets] - [15/01/2014 19:09:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10100 octets] ##########

OTL Extras-

OTL Extras logfile created on: 1/15/2014 8:15:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danielle\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.94 Gb Available Physical Memory | 50.19% Memory free
3.99 Gb Paging File | 2.85 Gb Available in Paging File | 71.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.03 Gb Total Space | 22.30 Gb Free Space | 16.15% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.51 Gb Free Space | 13.67% Space Free | Partition Type: NTFS
Drive E: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SENNSTROM-HOME | User Name: Danielle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0865FB17-1253-4BF6-A1A6-055A69DEDEF0}" = Symantec Real Time Storage Protection Component
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = The Sims™ 3 Master Suite Stuff
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = The Sims™ 3 Outdoor Living Stuff
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Mansion and Garden Stuff
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = The Sims™ 3 Diesel Stuff
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24E34264-D483-477C-A9A0-4E53F69834CF}" = Façade
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = The Sims™ 2 Double Deluxe
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}" = Norton AntiVirus Help
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = DVD Play
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{51E88875-7298-4C7D-91C7-4F134C6C57A0}" = SymNet
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5E33D30D-D896-4D92-B033-5F45819B2937}" = Strongvault Online Backup
"{5F189DF5-2D05-472B-9091-84D9848AE48B}{4ccdc918}" = Smooth Browsing
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = The Sims™ 3 Create a World Tool - Beta
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8524BBAC-E3A7-42F5-9B9A-5AE50A10C500}" = Belkin USB Wireless Adaptor
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = The Sims™ 3 Katy Perry's Sweet Treats
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Into the Future
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0087539-3C57-44E0-BEE7-D779D546CBE1}" = The Sims™ 3 Movie Stuff
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DA932D71-E52A-43D5-009E-395A1AEC1474}" = The Sims™ Life Stories
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Island Paradise
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E1868CAE-E3B9-4099-8C18-AA8944D336FD}" = The Sims™ 3 70s, 80s, & 90s Stuff
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 University Life
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CNXT_MODEM_PCI_HSF" = PCIe Soft Data Fax Modem with SmartCP
"Google Chrome" = Google Chrome
"Hamsterball_is1" = Hamsterball 3.6
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"InstallShield_{8524BBAC-E3A7-42F5-9B9A-5AE50A10C500}" = Belkin USB Wireless Adaptor
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Network Play System (Patching)" = Network Play System (Patching)
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"Origin" = Origin
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SymSetup.{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus Online (Symantec Corporation)
"The Sims" = The Sims
"Video Player" = Video Player
"WildTangent hp Master Uninstall" = My HP Games

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SOE-Free Realms" = Free Realms
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/15/2014 8:56:40 PM | Computer Name = Sennstrom-Home | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 1/15/2014 8:56:41 PM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7023
Description =

Error - 1/15/2014 8:56:41 PM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7000
Description =

Error - 1/15/2014 8:56:41 PM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7003
Description =

Error - 1/15/2014 8:56:41 PM | Computer Name = Sennstrom-Home | Source = Service Control Manager | ID = 7003
Description =


< End of report >
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby Vanilla-krypton » January 15th, 2014, 9:52 pm

OTL.txt-

OTL logfile created on: 1/15/2014 8:15:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Danielle\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.94 Gb Available Physical Memory | 50.19% Memory free
3.99 Gb Paging File | 2.85 Gb Available in Paging File | 71.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.03 Gb Total Space | 22.30 Gb Free Space | 16.15% Space Free | Partition Type: NTFS
Drive D: | 11.02 Gb Total Space | 1.51 Gb Free Space | 13.67% Space Free | Partition Type: NTFS
Drive E: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: SENNSTROM-HOME | User Name: Danielle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/15 20:10:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
PRC - [2014/01/15 14:26:05 | 006,118,400 | ---- | M] (Spotify Ltd) -- C:\Users\Danielle\AppData\Roaming\Spotify\spotify.exe
PRC - [2014/01/15 14:25:19 | 001,171,968 | ---- | M] (Spotify Ltd) -- C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/01/15 14:25:17 | 000,603,648 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
PRC - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/11 16:19:27 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 13:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/06/22 14:31:34 | 001,353,232 | ---- | M] (Logitech, Inc.) -- C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
PRC - [2011/06/22 14:31:30 | 000,351,248 | ---- | M] (Logitech, Inc.) -- C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2007/12/06 20:47:28 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/15 14:25:42 | 036,967,424 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2014/01/15 14:25:17 | 000,603,648 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
MOD - [2014/01/13 22:04:07 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\a3a76226460de2153a62bdbfed9228b9\System.Management.ni.dll
MOD - [2014/01/13 22:03:02 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll
MOD - [2014/01/13 22:03:00 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\5cbea3b1a1d74123219b69306b8c8af2\System.Transactions.ni.dll
MOD - [2014/01/13 22:02:59 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\87f2c180fec78701501d8e3e84fac248\System.EnterpriseServices.ni.dll
MOD - [2014/01/13 22:02:59 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\87f2c180fec78701501d8e3e84fac248\System.EnterpriseServices.Wrapper.dll
MOD - [2014/01/13 22:02:27 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\550e7b31f1821d964f21f0a854e3f195\System.Data.ni.dll
MOD - [2014/01/13 22:02:15 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\61019556ac408cc39cc478101b0d3cb4\PresentationFramework.Aero.ni.dll
MOD - [2014/01/13 22:02:14 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0444ab43ccfb3390d2eaab1d9a34772f\PresentationFramework.ni.dll
MOD - [2014/01/13 22:01:50 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll
MOD - [2014/01/13 22:01:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll
MOD - [2014/01/13 22:01:33 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll
MOD - [2014/01/13 22:01:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll
MOD - [2014/01/13 22:01:20 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5c25d899e7dcebd6b63d192b79bc6b8e\PresentationCore.ni.dll
MOD - [2014/01/13 22:01:02 | 003,314,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\93391bd2f02e492718c69bef3abc5a64\WindowsBase.ni.dll
MOD - [2014/01/13 22:00:56 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll
MOD - [2014/01/13 22:00:34 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll
MOD - [2011/11/11 13:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/11/11 13:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/11/11 13:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/11/11 13:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/11/11 13:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2009/04/10 23:28:22 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/04/10 19:04:16 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/29 21:42:20 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/29 21:42:18 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/07/03 14:45:00 | 000,032,768 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/07/03 14:42:56 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/07/03 14:42:54 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/07/03 14:42:48 | 000,114,688 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/07/03 14:42:46 | 000,010,240 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/07/03 14:42:40 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/07/03 14:42:40 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/07/03 14:42:40 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll


========== Services (SafeList) ==========

SRV - [2014/01/09 19:02:29 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/10 15:09:59 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/08/07 16:13:00 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 14:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/12/06 20:47:32 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/12/06 20:47:28 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2097/12/31 23:00:00 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20140115.001\NAVEX15.SYS -- (NAVEX15)
DRV - [2097/12/31 23:00:00 | 000,286,328 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20140107.001\IDSvix86.sys -- (IDSvix86)
DRV - [2097/12/31 23:00:00 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20140115.001\NAVENG.SYS -- (NAVENG)
DRV - [2013/11/21 04:00:00 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/11/21 04:00:00 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/10 17:51:33 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/08/05 21:47:29 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV - [2012/01/18 01:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 01:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/07/08 15:10:08 | 000,541,800 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/03/17 11:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 12:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 12:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symndisv.sys -- (SYMNDISV)
DRV - [2009/02/19 12:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2009/02/19 12:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symfw.sys -- (SYMFW)
DRV - [2009/02/19 12:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2009/02/19 12:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symdns.sys -- (SYMDNS)
DRV - [2008/07/30 16:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/06/06 14:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 14:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/22 14:20:54 | 000,020,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2008/05/22 09:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/22 04:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/05/21 06:44:10 | 001,049,760 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/02/12 10:27:34 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS3.sys -- (HSXHWBS3)
DRV - [2008/02/12 10:25:22 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/11/30 22:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 22:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 22:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/10/18 10:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/12/12 12:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{3A9A5C13-2D3F-49E8-8BD6-F8DD111E6162}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{4ECD9BFB-55E9-42E0-A875-21F5822773FC}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\URLSearchHook: {bb45ef8e-1e36-4535-a017-ec908fb1e335} - No CLSID value found
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\URLSearchHook: {f92a9fe4-2850-4198-b9d5-279880e49b16} - No CLSID value found
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes\{3A9A5C13-2D3F-49E8-8BD6-F8DD111E6162}: "URL" = http://search.yahoo.com/search?ei=ISO-8 ... =egames&q={searchTerms}
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes\{4ECD9BFB-55E9-42E0-A875-21F5822773FC}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_enUS468
IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AOL Search"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "www.Google.com"
FF - prefs.js..extensions.enabledAddons: newtaburl%40sogame.cat:2.2.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: ""
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Danielle\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@VideoPlayerV3beta771.net: C:\Program Files\VideoPlayerV3\VideoPlayerV3beta771\ff [2014/01/09 18:30:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/01/09 19:02:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/01/09 19:02:02 | 000,000,000 | ---D | M]

[2013/11/24 18:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Extensions
[2014/01/15 19:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\extensions
[2012/09/29 10:25:18 | 000,051,994 | ---- | M] () (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\extensions\newtaburl@sogame.cat.xpi
[2012/12/03 22:57:53 | 000,002,545 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\searchplugins\aol-search.xml
[2014/01/09 19:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/01/13 18:17:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/01/09 19:01:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/01/13 18:17:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/01/09 19:02:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - homepage:
CHR - Extension: No name found = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpglcldcfjaeeaihmdfeinfkejomefkh\1\
CHR - Extension: No name found = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: No name found = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl\1.1_0\
CHR - Extension: No name found = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: No name found = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnmhffahclgfegfdplnmobppnlmnbobi\1.1_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Better Surf Plus) - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll File not found
O2 - BHO: (Video Player) - {2cbed59b-72ad-4e61-8ee2-0a8bc1c7a44a} - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta771\ie\VideoPlayerV3beta771.dll File not found
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\Toolbar\WebBrowser: (no name) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DPService] C:\Program Files\HP\DVDPlay\DPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000..\Run: [Facebook Update] C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000..\Run: [Spotify] C:\Users\Danielle\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000..\Run: [Spotify Web Helper] C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..Trusted Domains: netzero.net ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9236C930-75F5-48DF-8A95-8499A47D475E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{d8932e52-6a6f-11db-b6ab-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/25 08:12:57 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/09/18 02:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 17:36:44 | 000,000,049 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4ae8d875-7a8a-11dd-baad-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2013/09/18 02:50:17 | 000,465,216 | R--- | M] (Electronic Arts)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/15 20:09:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
[2014/01/15 18:55:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/15 18:36:16 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/15 18:31:41 | 001,037,068 | ---- | C] (Thisisu) -- C:\Users\Danielle\Desktop\JRT.exe
[2014/01/13 21:50:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2014/01/13 21:50:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2014/01/13 21:50:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2014/01/13 21:39:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2014/01/13 21:26:13 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2014/01/13 21:25:55 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2014/01/13 21:23:59 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2014/01/13 21:23:58 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2014/01/13 21:23:57 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2014/01/13 21:23:57 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2014/01/13 21:23:57 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2014/01/13 21:23:56 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2014/01/13 21:23:55 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2014/01/13 21:23:55 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2014/01/13 21:23:52 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2014/01/13 21:23:52 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2014/01/13 21:23:52 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2014/01/13 21:23:52 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2014/01/13 21:23:52 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2014/01/13 21:23:51 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2014/01/13 21:23:51 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2014/01/13 21:23:51 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2014/01/13 21:23:51 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2014/01/13 21:23:51 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2014/01/13 21:23:51 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2014/01/13 21:23:51 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2014/01/13 21:23:51 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2014/01/13 21:23:51 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2014/01/13 21:23:51 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2014/01/13 21:23:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2014/01/13 21:23:50 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2014/01/13 21:23:50 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2014/01/13 21:23:50 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2014/01/13 21:23:50 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2014/01/13 21:23:50 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2014/01/13 21:23:50 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2014/01/13 21:23:48 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2014/01/13 21:23:47 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2014/01/13 21:23:47 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2014/01/13 21:23:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2014/01/13 21:23:46 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2014/01/13 21:23:46 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2014/01/13 21:23:46 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2014/01/13 21:23:46 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2014/01/13 21:23:46 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2014/01/13 21:23:45 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2014/01/13 21:23:45 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2014/01/13 21:23:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2014/01/13 21:23:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2014/01/13 21:23:44 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2014/01/13 21:23:44 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014/01/13 21:23:44 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2014/01/13 21:23:44 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2014/01/13 21:23:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2014/01/13 21:23:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2014/01/13 21:23:44 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2014/01/13 21:23:43 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2014/01/13 21:23:43 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2014/01/13 21:23:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2014/01/13 21:23:42 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2014/01/13 21:23:42 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2014/01/13 21:23:42 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2014/01/13 21:23:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2014/01/13 21:23:41 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2014/01/13 21:23:41 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2014/01/13 21:23:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2014/01/13 21:23:40 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2014/01/13 21:23:39 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/01/13 21:23:39 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2014/01/13 21:23:39 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2014/01/13 21:23:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2014/01/13 21:23:38 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2014/01/13 21:23:34 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2014/01/13 21:23:27 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2014/01/13 21:23:27 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2014/01/13 21:23:25 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2014/01/13 21:23:25 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2014/01/13 21:23:25 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2014/01/13 21:23:24 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2014/01/13 21:23:24 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2014/01/13 21:23:24 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2014/01/13 21:23:24 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2014/01/13 21:23:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2014/01/13 21:23:24 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014/01/13 21:23:23 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/01/13 21:23:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2014/01/13 21:23:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2014/01/13 21:23:21 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2014/01/13 21:23:21 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2014/01/13 21:23:21 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2014/01/13 21:23:21 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2014/01/13 21:23:21 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2014/01/13 21:23:21 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2014/01/13 21:23:20 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2014/01/13 21:23:19 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2014/01/13 21:23:19 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2014/01/13 21:23:19 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2014/01/13 21:23:19 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2014/01/13 21:23:19 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2014/01/13 21:23:19 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2014/01/13 21:23:19 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2014/01/13 21:23:18 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2014/01/13 21:23:18 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2014/01/13 21:23:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2014/01/13 21:23:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2014/01/13 21:23:17 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2014/01/13 21:23:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2014/01/13 21:23:17 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2014/01/13 21:23:17 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2014/01/13 21:23:17 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2014/01/13 21:23:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2014/01/13 21:23:16 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2014/01/13 21:23:16 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2014/01/13 21:23:16 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2014/01/13 21:23:15 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2014/01/13 21:23:15 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2014/01/13 21:23:15 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2014/01/13 21:23:15 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2014/01/13 21:23:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2014/01/13 21:23:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2014/01/13 21:23:15 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2014/01/13 21:23:15 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2014/01/13 21:23:15 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2014/01/13 21:23:15 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2014/01/13 21:23:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2014/01/13 21:23:15 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2014/01/13 21:23:14 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2014/01/13 21:23:13 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2014/01/13 21:23:13 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2014/01/13 21:23:13 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2014/01/13 21:23:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2014/01/13 21:23:12 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014/01/13 21:23:12 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014/01/13 21:23:12 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2014/01/13 21:23:12 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/01/13 21:23:11 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2014/01/13 21:23:11 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2014/01/13 21:23:11 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2014/01/13 21:23:11 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/01/13 21:23:11 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2014/01/13 21:23:09 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2014/01/13 21:23:09 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2014/01/13 21:23:08 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2014/01/13 21:23:08 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2014/01/13 21:23:08 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2014/01/13 21:23:08 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2014/01/13 21:23:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2014/01/13 21:23:07 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2014/01/13 21:23:06 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2014/01/13 21:23:05 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2014/01/13 21:23:05 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2014/01/13 21:23:05 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2014/01/13 21:23:05 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2014/01/13 21:23:05 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2014/01/13 21:23:04 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2014/01/13 21:23:04 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2014/01/13 21:23:03 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2014/01/13 21:23:03 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2014/01/13 21:23:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2014/01/13 21:23:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2014/01/13 21:23:03 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2014/01/13 21:23:03 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2014/01/13 21:23:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2014/01/13 21:23:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2014/01/13 21:23:02 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2014/01/13 21:23:02 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2014/01/13 21:23:02 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014/01/13 21:23:01 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2014/01/13 21:23:01 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2014/01/13 21:23:01 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2014/01/13 21:23:01 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2014/01/13 21:23:01 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2014/01/13 21:23:00 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2014/01/13 21:23:00 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2014/01/13 21:23:00 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014/01/13 21:23:00 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2014/01/13 21:23:00 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2014/01/13 21:23:00 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2014/01/13 21:23:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2014/01/13 21:23:00 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2014/01/13 21:22:59 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2014/01/13 21:22:58 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2014/01/13 21:22:58 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2014/01/13 21:22:58 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2014/01/13 21:22:58 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2014/01/13 21:22:58 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2014/01/13 21:22:58 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014/01/13 21:22:58 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2014/01/13 21:22:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/01/13 21:22:54 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2014/01/13 21:22:54 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2014/01/13 21:22:54 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2014/01/13 21:22:53 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2014/01/13 21:22:52 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2014/01/13 21:22:52 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2014/01/13 21:22:51 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2014/01/13 21:22:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2014/01/13 21:22:50 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2014/01/13 21:22:50 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2014/01/13 21:22:49 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2014/01/13 21:22:49 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2014/01/13 21:22:49 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014/01/13 21:22:48 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/01/13 21:22:45 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2014/01/13 21:22:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2014/01/13 21:22:43 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2014/01/13 21:22:43 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2014/01/13 21:22:41 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2014/01/13 21:22:41 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2014/01/13 21:22:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2014/01/13 21:22:40 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2014/01/13 21:22:40 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2014/01/13 21:22:40 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2014/01/13 21:22:40 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2014/01/13 21:22:39 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2014/01/13 21:22:39 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2014/01/13 21:22:39 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2014/01/13 21:22:39 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2014/01/13 21:22:39 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/01/13 21:22:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2014/01/13 21:22:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2014/01/13 21:22:38 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2014/01/13 21:22:38 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2014/01/13 21:22:38 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2014/01/13 21:22:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2014/01/13 21:22:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2014/01/13 21:22:37 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2014/01/13 21:22:37 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2014/01/13 21:22:37 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2014/01/13 21:22:36 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2014/01/13 21:22:36 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2014/01/13 21:22:36 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2014/01/13 21:22:36 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2014/01/13 21:22:36 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2014/01/13 21:22:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2014/01/13 21:22:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2014/01/13 21:22:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2014/01/13 21:22:35 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2014/01/13 21:22:35 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2014/01/13 21:22:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2014/01/13 21:22:34 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/01/13 21:22:34 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2014/01/13 21:22:33 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2014/01/13 21:22:33 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2014/01/13 21:22:33 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2014/01/13 21:22:32 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2014/01/13 21:22:30 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2014/01/13 21:22:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2014/01/13 21:22:29 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2014/01/13 21:22:29 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2014/01/13 21:22:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2014/01/13 21:22:27 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2014/01/13 21:22:27 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2014/01/13 21:22:26 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2014/01/13 21:22:26 | 000,398,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/01/13 21:22:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2014/01/13 21:22:26 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2014/01/13 21:22:26 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2014/01/13 21:22:26 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2014/01/13 21:22:26 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2014/01/13 21:22:26 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2014/01/13 21:22:25 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2014/01/13 21:22:25 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2014/01/13 21:22:25 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2014/01/13 21:22:24 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2014/01/13 21:22:24 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2014/01/13 21:22:23 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2014/01/13 21:22:21 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2014/01/13 21:22:18 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2014/01/13 21:22:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2014/01/13 21:22:17 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2014/01/13 21:22:17 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2014/01/13 21:22:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2014/01/13 21:22:16 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2014/01/13 21:22:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2014/01/13 21:22:14 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2014/01/13 21:22:14 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2014/01/13 21:22:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2014/01/13 21:22:12 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2014/01/13 21:22:12 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2014/01/13 21:22:11 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2014/01/13 21:22:11 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2014/01/13 21:22:11 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2014/01/13 21:22:10 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2014/01/13 21:22:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2014/01/13 21:22:10 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2014/01/13 21:22:09 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2014/01/13 21:22:08 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2014/01/13 21:22:08 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014/01/13 21:22:08 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2014/01/13 21:22:07 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2014/01/13 21:22:07 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2014/01/13 21:22:06 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2014/01/13 21:22:06 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2014/01/13 21:22:05 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2014/01/13 21:22:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2014/01/13 21:22:05 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2014/01/13 21:22:04 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2014/01/13 21:22:04 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2014/01/13 21:22:03 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2014/01/13 21:22:03 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2014/01/13 21:22:02 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2014/01/13 21:22:02 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2014/01/13 21:22:01 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014/01/13 21:22:00 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2014/01/13 21:21:59 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2014/01/13 21:21:57 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2014/01/13 21:21:57 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2014/01/13 21:21:57 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2014/01/13 21:21:57 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2014/01/13 21:21:55 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2014/01/13 21:21:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2014/01/13 21:21:55 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2014/01/13 21:21:54 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2014/01/13 21:21:54 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2014/01/13 21:21:54 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2014/01/13 21:21:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2014/01/13 21:21:53 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2014/01/13 21:21:53 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2014/01/13 21:21:53 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2014/01/13 21:21:53 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2014/01/13 21:21:52 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2014/01/13 21:21:52 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2014/01/13 21:21:52 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2014/01/13 21:21:51 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2014/01/13 21:21:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2014/01/13 21:21:47 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2014/01/13 21:21:46 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2014/01/13 21:21:46 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2014/01/13 21:21:46 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2014/01/13 21:21:46 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2014/01/13 21:21:45 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/01/13 21:21:44 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2014/01/13 21:21:44 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/01/13 21:21:43 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2014/01/13 21:21:42 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/01/13 21:21:42 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2014/01/13 21:21:39 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2014/01/13 21:21:38 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2014/01/13 21:21:38 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2014/01/13 21:21:38 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2014/01/13 21:21:37 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2014/01/13 21:21:36 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/01/13 21:21:36 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2014/01/13 21:21:29 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2014/01/13 21:21:29 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2014/01/13 21:21:29 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2014/01/13 21:21:28 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2014/01/13 21:21:28 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2014/01/13 21:21:28 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2014/01/13 21:21:27 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2014/01/13 21:21:27 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2014/01/13 21:21:27 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2014/01/13 21:21:26 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2014/01/13 21:21:26 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2014/01/13 21:21:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2014/01/13 21:21:25 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2014/01/13 21:21:25 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2014/01/13 21:21:25 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2014/01/13 21:21:25 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2014/01/13 21:21:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2014/01/13 21:21:24 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2014/01/13 21:21:23 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2014/01/13 21:21:23 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2014/01/13 21:21:23 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2014/01/13 21:21:23 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2014/01/13 21:21:23 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2014/01/13 21:21:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2014/01/13 21:21:22 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2014/01/13 21:21:21 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2014/01/13 21:21:21 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2014/01/13 21:21:19 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2014/01/13 21:21:19 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2014/01/13 21:21:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2014/01/13 21:21:18 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2014/01/13 21:21:09 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2014/01/13 21:21:07 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2014/01/13 21:21:06 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2014/01/13 21:20:57 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2014/01/13 21:20:56 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2014/01/13 21:20:55 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2014/01/13 21:20:54 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2014/01/13 21:20:54 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2014/01/13 21:16:12 | 000,000,000 | ---D | C] -- C:\aea6443951cd268773389a2fbc401c
[2014/01/13 20:34:32 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\Microsoft Corporation
[2014/01/13 20:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2014/01/12 22:22:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2014/01/09 19:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/01/09 18:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\VideoPlayerV3
[2014/01/06 20:15:00 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Danielle\Desktop\dds.scr
[2013/12/30 23:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Smooth Browsing
[2013/12/28 15:36:04 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\ElevatedDiagnostics
[2013/12/28 15:35:59 | 000,000,000 | ---D | C] -- C:\MATS
[2013/12/28 13:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/12/28 13:24:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013/12/27 16:12:29 | 000,000,000 | ---D | C] -- C:\Program Files\WebexpEnhancedV1
[10 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Danielle\Desktop\Looool Jake
[2014/01/15 20:20:20 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{153C7F06-C33C-4344-9301-9EF00F17085C}.job
[2014/01/15 20:10:41 | 000,011,519 | ---- | M] () -- C:\Users\Danielle\Desktop\adwarecleaner.rtf
[2014/01/15 20:10:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Danielle\Desktop\OTL.exe
[2014/01/15 20:09:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/15 19:58:37 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/15 19:55:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/15 19:55:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/15 19:55:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/15 19:55:02 | 2011,615,232 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/15 18:55:05 | 001,236,282 | ---- | M] () -- C:\Users\Danielle\Desktop\adwcleaner.exe
[2014/01/15 18:54:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/15 18:32:03 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users\Danielle\Desktop\JRT.exe
[2014/01/15 17:24:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2767167476-1858105450-2367976372-1000UA.job
[2014/01/15 17:24:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2767167476-1858105450-2367976372-1000Core.job
[2014/01/15 14:19:24 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/15 14:19:24 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/13 22:36:07 | 000,000,905 | ---- | M] () -- C:\Users\Danielle\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/13 21:56:23 | 000,305,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/13 20:32:51 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[2014/01/13 20:18:27 | 000,000,500 | ---- | M] () -- C:\Windows\tasks\Norton AntiVirus Online - Run Full System Scan - Danielle.job
[2014/01/12 18:20:20 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDanielle.job
[2014/01/09 19:04:18 | 000,000,016 | ---- | M] () -- C:\Windows\ka.ini
[2014/01/06 20:15:11 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Danielle\Desktop\dds.scr
[10 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

File not found -- C:\Users\Danielle\Desktop\Looool Jake
[2014/01/15 20:10:18 | 000,011,519 | ---- | C] () -- C:\Users\Danielle\Desktop\adwarecleaner.rtf
[2014/01/15 18:54:05 | 001,236,282 | ---- | C] () -- C:\Users\Danielle\Desktop\adwcleaner.exe
[2014/01/13 22:36:07 | 000,000,905 | ---- | C] () -- C:\Users\Danielle\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/13 21:23:46 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2014/01/13 21:23:44 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2014/01/13 21:23:25 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2014/01/13 21:23:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2014/01/13 21:23:19 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2014/01/13 21:22:05 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2014/01/13 21:21:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2014/01/13 21:21:26 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2014/01/13 21:21:24 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2014/01/13 21:21:06 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2014/01/13 20:32:51 | 000,001,958 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
[2014/01/13 20:32:51 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[2013/12/26 11:33:03 | 000,002,041 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims™ 3 Into the Future.lnk
[2013/04/26 13:01:46 | 000,000,039 | ---- | C] () -- C:\Windows\wininit.ini
[2013/04/26 13:01:45 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2013/03/28 21:55:31 | 000,000,040 | ---- | C] () -- C:\Users\Danielle\AppData\Roaming\mbam.context.scan
[2013/01/16 00:03:45 | 000,000,552 | ---- | C] () -- C:\Users\Danielle\AppData\Local\d3d8caps.dat
[2012/08/05 21:47:29 | 000,027,424 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys
[2012/08/05 17:01:56 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2012/05/03 15:34:52 | 000,000,000 | ---- | C] () -- C:\Users\Danielle\AppData\Roaming\wklnhst.dat
[2012/04/01 17:08:45 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/01/18 01:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/01/18 01:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/01/18 01:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012/01/17 03:17:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/21 10:13:38 | 000,007,715 | ---- | C] () -- C:\Users\Danielle\AppData\Roaming\UserTile.png
[2008/12/05 08:49:07 | 000,017,408 | ---- | C] () -- C:\Users\Danielle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/04 15:38:42 | 000,000,680 | ---- | C] () -- C:\Users\Danielle\AppData\Local\d3d9caps.dat

========== ZeroAccess Check ==========

[2006/11/02 07:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/12/24 14:48:34 | 000,000,000 | ---D | M] -- C:\Users\Caitlyn Houk\AppData\Roaming\PlayFirst
[2011/12/24 14:36:49 | 000,000,000 | ---D | M] -- C:\Users\Caitlyn Houk\AppData\Roaming\WildTangent
[2011/04/25 15:03:29 | 000,000,000 | -HSD | M] -- C:\Users\Danielle\AppData\Roaming\.#
[2009/05/12 15:01:10 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Gamelab
[2012/08/19 14:54:44 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Leadertech
[2012/08/08 06:01:16 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\MusicNet
[2013/04/26 12:36:45 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Origin
[2010/04/18 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\PlayFirst
[2009/01/03 00:15:19 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\SPORE Creature Creator
[2014/01/15 20:28:57 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Spotify
[2012/05/03 15:34:55 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Template
[2008/12/04 17:22:48 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\WildTangent
[2013/03/26 16:30:46 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\WinBatch
[2010/07/07 23:19:13 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PlayFirst
[2010/03/31 16:05:31 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\WildTangent
[2012/01/31 17:42:23 | 000,000,000 | -HSD | M] -- C:\Users\School\AppData\Roaming\.#

========== Purity Check ==========



< End of report >

All the instructions were easy to understand and my computer is being a lot faster now. There's no pop-ups and windows aren't randomly closing.
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby pgmigg » January 16th, 2014, 1:05 am

Hello Vanilla-krypton,

All the instructions were easy to understand and my computer is being a lot faster now. There's no pop-ups and windows aren't randomly closing.
Nice to read, but we are not finished yet...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :OTL
    IE - HKLM\..\SearchScopes\{3A9A5C13-2D3F-49E8-8BD6-F8DD111E6162}: "URL" = http://search.yahoo.com/search?p= {searchTerms}&ei={inputEncoding}&fr=hp-pvdt
    IE - HKLM\..\SearchScopes\{4ECD9BFB-55E9-42E0-A875-21F5822773FC}: "URL" = http://www.ask.com/web?q= {searchterms}&l=dis&o=ushpd
    IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\URLSearchHook: {bb45ef8e-1e36-4535-a017-ec908fb1e335} - No CLSID value found
    IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\URLSearchHook: {f92a9fe4-2850-4198-b9d5-279880e49b16} - No CLSID value found
    IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes\{3A9A5C13-2D3F-49E8-8BD6-F8DD111E6162}: "URL" = http://search.yahoo.com/search?ei=ISO-8 ... =egames&q= {searchTerms}
    IE - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\SearchScopes\{4ECD9BFB-55E9-42E0-A875-21F5822773FC}: "URL" = http://www.ask.com/web?q= {searchterms}&l=dis&o=ushpd
    FF - prefs.js..browser.search.defaultenginename: "AOL Search
    FF - prefs.js..extensions.enabledAddons: newtaburl%40sogame.cat:2.2.3
    [2012/09/29 10:25:18 | 000,051,994 | ---- | M] () (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\extensions\newtaburl@sogame.cat.xpi
    [2012/12/03 22:57:53 | 000,002,545 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\searchplugins\aol-search.xml
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..\Toolbar\WebBrowser: (no name) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED File not found
    O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
    O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
    O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
    O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
    O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
    O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
    O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
    O15 - HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
    
    :Files
    C:\Program Files\uTorrent
    C:\Users\Danielle\AppData\Local\ElevatedDiagnostics
    C:\Program Files\Enigma Software Group
    C:\Windows\ka.ini
    C:\Windows\*.tmp
    ipconfig /flushdns /c
    
    :Commands
    [emptytemp]
    [emptyflash]
    [emptyjava]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
FRST - Farbar Recovery Scanner Tool Image
Please download FRST64.exe ... by Farbar. Save it to your desktop.
  1. Double-click to run it. When the tool opens click Yes to disclaimer.
  2. Press Scan button.
  3. ... A log will be created FRST.txt in the same directory the tool is run.
  4. Please copy/paste FRST.txt it to your reply.
  5. The first time the tool is run, it makes also another log... Addition.txt.
  6. Please copy/paste Addition.txt in your reply.

Step 3.
SystemLook
Please download SystemLook.exe by jpshortstuff and save it to your Desktop.
Alternate download site.
  1. Right click on SystemLook.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If you receive an "Open file - security warning"... asking "Do you want to run this file?", press the Run button.
  2. Highlight and copy the following entries: into SystemLook's main text entry window.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :filefind
    *AskToolbar*
    *Ask.com*
    *Bandoo*
    *Babylon*
    *Cheat*
    *Conduit*
    *Coupons*
    *datamngr*
    *ElevatedDiagnostics*
    *Enigma*
    *searchab*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *Realms*
    *Searchqu*
    *Searchnu*
    *Slick*
    *smartbar*
    *Somoto*
    *Sweet*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :folderfind
    *AskToolbar*
    *Ask.com*
    *Babylon*
    *Bandoo*
    *Cheat*
    *Conduit*
    *Coupons*
    *datamngr*
    *ElevatedDiagnostics*
    *Enigma*
    *searchab*
    *smartbar*
    *Fun4IM*
    *Funmoods*
    *iLivid*
    *IObit*
    *Iminent*
    *Realms*
    *Searchqu*
    *Searchnu*
    *Slick*
    *smartbar*
    *Somoto*
    *Sweet*
    *Tarma*
    *trolltech*
    *Vafmusic2*
    *vshare*
    *whitesmoke*
    *Yontoo*
    
    :Regfind
    AskToolbar
    Ask.com
    Babylon
    Bandoo
    Cheat
    Conduit
    Coupons
    datamngr
    ElevatedDiagnostics
    Enigma
    searchab
    Fun4IM
    Funmoods
    iLivid
    IObit
    Iminent
    Realms
    Searchqu
    Searchnu
    Slick
    smartbar
    Somoto
    Sweetpack
    Tarma
    trolltech
    Vafmusic2
    vshare
    whitesmoke
    Yontoo
    
  3. Press the Look button to start the scan. The scan will take a while so please be patient...
    When finished, a Notepad window will open with the results of the scan.
    A file will be created (on your Desktop) with the results of the scan, named SystemLook.txt
  4. Please post the contents of the SystemLook.txt file in your next reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the FRST.txt [/b] log file
  4. Contents of the Addition.txt log file
  5. Contents of the SystemLook.txt log file
  6. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby Vanilla-krypton » January 16th, 2014, 8:12 pm

OTL fixscript log-

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A9A5C13-2D3F-49E8-8BD6-F8DD111E6162}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A9A5C13-2D3F-49E8-8BD6-F8DD111E6162}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4ECD9BFB-55E9-42E0-A875-21F5822773FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ECD9BFB-55E9-42E0-A875-21F5822773FC}\ not found.
Registry value HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bb45ef8e-1e36-4535-a017-ec908fb1e335} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bb45ef8e-1e36-4535-a017-ec908fb1e335}\ not found.
Registry value HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f92a9fe4-2850-4198-b9d5-279880e49b16} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f92a9fe4-2850-4198-b9d5-279880e49b16}\ not found.
Registry key HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3A9A5C13-2D3F-49E8-8BD6-F8DD111E6162}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A9A5C13-2D3F-49E8-8BD6-F8DD111E6162}\ not found.
Registry key HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4ECD9BFB-55E9-42E0-A875-21F5822773FC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ECD9BFB-55E9-42E0-A875-21F5822773FC}\ not found.
Prefs.js: "AOL Search removed from browser.search.defaultenginename
Prefs.js: newtaburl%40sogame.cat:2.2.3 removed from extensions.enabledAddons
C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\extensions\newtaburl@sogame.cat.xpi moved successfully.
C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\searchplugins\aol-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F0F8ECBE-D460-4B34-B007-56A92E8F84A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0F8ECBE-D460-4B34-B007-56A92E8F84A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2767167476-1858105450-2367976372-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\uTorrent not found.
C:\Users\Danielle\AppData\Local\ElevatedDiagnostics\1256913147 folder moved successfully.
C:\Users\Danielle\AppData\Local\ElevatedDiagnostics folder moved successfully.
C:\Program Files\Enigma Software Group\SpyHunter\Log folder moved successfully.
C:\Program Files\Enigma Software Group\SpyHunter folder moved successfully.
C:\Program Files\Enigma Software Group folder moved successfully.
C:\Windows\ka.ini moved successfully.
C:\Windows\220FB0354744483A9A0B41DF77061583.TMP folder moved successfully.
C:\Windows\~GLC0000.TMP moved successfully.
C:\Windows\~GLC0001.TMP moved successfully.
C:\Windows\~GLC0002.TMP moved successfully.
C:\Windows\~GLH0000.TMP moved successfully.
C:\Windows\~GLH0001.TMP moved successfully.
C:\Windows\~GLH0002.TMP moved successfully.
C:\Windows\~GLH0003.TMP moved successfully.
C:\Windows\~GLH0004.TMP moved successfully.
C:\Windows\~GLH0005.TMP moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Danielle\Desktop\cmd.bat deleted successfully.
C:\Users\Danielle\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Caitlyn Houk
->Temp folder emptied: 5129249 bytes
->Temporary Internet Files folder emptied: 60009837 bytes
->Flash cache emptied: 958 bytes

User: Danielle
->Temp folder emptied: 7729950 bytes
->Temporary Internet Files folder emptied: 371026605 bytes
->Java cache emptied: 6341 bytes
->FireFox cache emptied: 124087034 bytes
->Google Chrome cache emptied: 79376646 bytes
->Flash cache emptied: 8424541 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 54298953 bytes
->Temporary Internet Files folder emptied: 70911175 bytes
->FireFox cache emptied: 70268218 bytes
->Google Chrome cache emptied: 276624858 bytes
->Flash cache emptied: 11531 bytes

User: Public

User: School
->Temp folder emptied: 1492018 bytes
->Temporary Internet Files folder emptied: 15510233 bytes
->Flash cache emptied: 779 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 360917298 bytes
RecycleBin emptied: 33113 bytes

Total Files Cleaned = 1,436.00 mb


[EMPTYFLASH]

User: All Users

User: Caitlyn Houk
->Flash cache emptied: 0 bytes

User: Danielle
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Public

User: School
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Caitlyn Houk

User: Danielle
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Guest

User: Public

User: School

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01162014_152924

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\CR_D2E43.tmp\setup.exe not found!
File\Folder C:\Windows\temp\24BF.tmp not found!
File\Folder C:\Windows\temp\2F4D.tmp not found!
File\Folder C:\Windows\temp\C35B.tmp not found!
C:\Windows\temp\chrome_installer.log moved successfully.
File\Folder C:\Windows\temp\JETB70E.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


I downloaded the Farbar Recovery Scanner Tool and saved it to my desktop, but when I try to open it it says ''The version of this file is not compatible with the version of windows you're running. Check your computer's system information to see whether you need an x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher.'' I already know my system is a 32-bit.
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby pgmigg » January 17th, 2014, 12:20 am

Hello Vanilla-krypton,

I downloaded the Farbar Recovery Scanner Tool and saved it to my desktop, but when I try to open it it says ''The version of this file is not compatible with the version of windows you're running. Check your computer's system information to see whether you need an x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher.'' I already know my system is a 32-bit.
Sorry, it was my fault. :oops:

The right step is:

FRST - Farbar Recovery Scanner Tool Image
Please download FRST.exe ... by Farbar. Save it to your desktop.
  1. Double-click to run it. When the tool opens click Yes to disclaimer.
  2. Press Scan button.
  3. ... A log will be created FRST.txt in the same directory the tool is run.
  4. Please copy/paste FRST.txt it to your reply.
  5. The first time the tool is run, it makes also another log... Addition.txt.
  6. Please copy/paste Addition.txt in your reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the FRST.txt log file
  3. Contents of the Addition.txt log file
  4. Contents of the SystemLook.txt log file
  5. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby Vanilla-krypton » January 17th, 2014, 6:25 pm

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-01-2014 03
Ran by Danielle (administrator) on SENNSTROM-HOME on 17-01-2014 17:18:19
Running from C:\Users\Danielle\Desktop
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Spotify Ltd) C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Danielle\AppData\Roaming\Spotify\spotify.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Logitech, Inc.) C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
(Logitech, Inc.) C:\Users\Danielle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
() C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] - c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] - C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13539872 2008-05-22] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [92704 2008-05-22] (NVIDIA Corporation)
HKLM\...\Run: [HP Health Check Scheduler] - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard)
HKLM\...\Run: [DPService] - C:\Program Files\HP\DVDPlay\DPService.exe [90112 2008-06-11] (CyberLink Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateReg] - C:\Windows\system32\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [ccApp] - C:\Program Files\Common Files\Symantec Shared\ccApp.exe [51048 2008-10-17] (Symantec Corporation)
HKLM\...\Run: [LWS] - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKCU\...\Run: [HPAdvisor] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-07-03] (Hewlett-Packard)
HKCU\...\Run: [EA Core] - "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKCU\...\Run: [Facebook Update] - C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Danielle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify] - C:\Users\Danielle\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-15] (Spotify Ltd)
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKCU\...\Policies\Explorer: [NofolderOptions] 0
MountPoints2: {4ae8d875-7a8a-11dd-baad-806e6f6e6963} - E:\Autorun.exe
HKU\Caitlyn Houk\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2008-07-03] (Hewlett-Packard)
HKU\Caitlyn Houk\...\Run: [EA Core] - "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\Caitlyn Houk\...\Run: [NetZero_uoltray] - C:\Program Files\NetZero\exec.exe regrun
HKU\Caitlyn Houk\...\Run: [Facebook Update] - C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-07-11] (Facebook Inc.)
HKU\Caitlyn Houk\...\Run: [MyWebSearch Email Plugin] - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
HKU\Caitlyn Houk\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-20] (Microsoft Corporation)
HKU\Caitlyn Houk\...\Run: [Exetender] - "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup
HKU\Caitlyn Houk\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2012-01-27] (Google Inc.)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2008-07-03] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2008-07-03] (Hewlett-Packard)
HKU\Guest\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2008-07-03] (Hewlett-Packard)
HKU\Guest\...\Run: [NetZero_uoltray] - C:\Program Files\NetZero\exec.exe regrun
HKU\Guest\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2012-01-27] (Google Inc.)
HKU\Guest\...\Run: [EA Core] - "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\Guest\...\Run: [Facebook Update] - C:\Users\Guest\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2013-07-25] (Facebook Inc.)
HKU\Guest\...\Run: [MyWebSearch Email Plugin] - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
HKU\Guest\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-20] (Microsoft Corporation)
HKU\Guest\...\Run: [Exetender] - "C:\Program Files\Free Ride Games\GPlayer.exe" /schedule 300000
HKU\Guest\...\Run: [RoboForm] - "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
HKU\School\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2008-07-03] (Hewlett-Packard)
HKU\School\...\Run: [NetZero_uoltray] - C:\Program Files\NetZero\exec.exe regrun
HKU\School\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-20] (Microsoft Corporation)
HKU\School\...\Run: [EA Core] - "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\School\...\Run: [Facebook Update] - C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-07-11] (Facebook Inc.)
HKU\School\...\Run: [MyWebSearch Email Plugin] - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
HKU\School\...\Run: [Exetender] - "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Better Surf Plus - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll No File
BHO: Video Player - {2cbed59b-72ad-4e61-8ee2-0a8bc1c7a44a} - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta771\ie\VideoPlayerV3beta771.dll No File
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d8932e52-6a6f-11db-b6ab-806e6f6e6963}: [NameServer]107.6.133.8,23.23.180.210

FireFox:
========
FF ProfilePath: C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Danielle\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-01-09]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-01-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta771.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta771\ff
FF Extension: Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta771\ff [2014-01-09]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: ""
CHR Extension: (0) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\albdabdghhkekbhhiakniganflmkdkmc [2013-01-16]
CHR Extension: (0) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-20]
CHR Extension: (0) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-20]
CHR Extension: (0) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-20]
CHR Extension: (0) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpglcldcfjaeeaihmdfeinfkejomefkh [2013-01-16]
CHR Extension: (0) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-16]
CHR Extension: (0) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl [2013-12-10]
CHR Extension: (0) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-25]
CHR Extension: (No Name) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnmhffahclgfegfdplnmobppnlmnbobi [2013-12-27]
CHR HKLM\...\Chrome\Extension: [fjpbiejamkbdmglmndhcidcodgdffcae] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta771\ch\VideoPlayerV3beta771.crx [2014-01-07]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [mciekghplkkgcmofonmkmlomhkamochd] - C:\Program Files\Kozaka\mciekghplkkgcmofonmkmlomhkamochd.crx [2013-10-09]

========================== Services (Whitelisted) =================

R2 4ccdc918; C:\ProgramData\Smooth Browsing\SmoothBrowsingSvc.dll [179024 2013-12-30] ()
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [243064 2007-12-06] (Symantec Corporation)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
R2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3192184 2007-12-06] (Symantec Corporation)
R2 LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1251720 2012-08-07] ()
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)

==================== Drivers (Whitelisted) ====================

S3 COH_Mon; C:\Windows\system32\Drivers\COH_Mon.sys [23888 2008-07-30] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [27424 2012-08-05] ()
R3 HSXHWBS3; C:\Windows\System32\DRIVERS\HSXHWBS3.sys [207360 2008-02-12] (Conexant Systems, Inc.)
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20140115.001\IDSvix86.sys [286328 2097-12-31] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20140116.003\NAVENG.SYS [93272 2097-12-31] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20140116.003\NAVEX15.SYS [1612376 2097-12-31] (Symantec Corporation)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [447024 2009-03-17] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [279088 2007-11-30] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2007-11-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2007-11-30] (Symantec Corporation)
R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [13616 2009-02-19] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124464 2012-08-10] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [96560 2009-02-19] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [24112 2009-02-19] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [41008 2009-02-19] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [22320 2009-02-19] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [184496 2009-02-19] (Symantec Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [x]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [x]
S4 USBSTOR; \SystemRoot\system32\drivers\usbstor.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-17 17:18 - 2014-01-17 17:19 - 00017802 _____ C:\Users\Danielle\Desktop\FRST.txt
2014-01-17 17:18 - 2014-01-17 17:18 - 00000000 ____D C:\FRST
2014-01-17 17:17 - 2014-01-17 17:17 - 01220608 _____ (Farbar) C:\Users\Danielle\Desktop\FRST.exe
2014-01-16 19:03 - 2014-01-16 19:04 - 02076160 _____ (Farbar) C:\Users\Danielle\Desktop\FRST64.exe
2014-01-16 15:29 - 2014-01-16 15:29 - 00000000 ____D C:\_OTL
2014-01-15 20:30 - 2014-01-15 20:30 - 00168288 _____ C:\Users\Danielle\Desktop\OTL.Txt
2014-01-15 20:30 - 2014-01-15 20:30 - 00028480 _____ C:\Users\Danielle\Desktop\Extras.Txt
2014-01-15 20:09 - 2014-01-15 20:10 - 00602112 _____ (OldTimer Tools) C:\Users\Danielle\Desktop\OTL.exe
2014-01-15 18:55 - 2014-01-15 19:09 - 00000000 ____D C:\AdwCleaner
2014-01-15 18:54 - 2014-01-15 18:55 - 01236282 _____ C:\Users\Danielle\Desktop\adwcleaner.exe
2014-01-15 18:45 - 2014-01-15 18:45 - 00012605 _____ C:\Users\Danielle\Desktop\JRT.txt
2014-01-15 18:36 - 2014-01-15 18:36 - 00000000 ____D C:\Windows\ERUNT
2014-01-15 18:31 - 2014-01-15 18:32 - 01037068 _____ (Thisisu) C:\Users\Danielle\Desktop\JRT.exe
2014-01-15 14:30 - 2014-01-15 14:30 - 00005391 _____ C:\Users\Danielle\Desktop\attach.txt
2014-01-15 14:30 - 2014-01-15 14:29 - 00011338 _____ C:\Users\Danielle\Desktop\dds.txt
2014-01-13 21:50 - 2014-01-13 21:51 - 00000000 ____D C:\Windows\system32\vi-VN
2014-01-13 21:50 - 2014-01-13 21:51 - 00000000 ____D C:\Windows\system32\eu-ES
2014-01-13 21:50 - 2014-01-13 21:51 - 00000000 ____D C:\Windows\system32\ca-ES
2014-01-13 21:39 - 2014-01-13 21:39 - 00000000 ____D C:\Windows\system32\SPReview
2014-01-13 21:26 - 2009-04-10 23:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2014-01-13 21:25 - 2009-04-10 23:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2014-01-13 21:23 - 2009-04-10 23:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-01-13 21:23 - 2009-04-10 23:32 - 01083880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-01-13 21:23 - 2009-04-10 23:32 - 00054248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2014-01-13 21:23 - 2009-04-10 23:32 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2014-01-13 21:23 - 2009-04-10 23:32 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2014-01-13 21:23 - 2009-04-10 23:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2014-01-13 21:23 - 2009-04-10 23:28 - 00612864 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-13 21:23 - 2009-04-10 23:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2014-01-13 21:23 - 2009-04-10 23:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-01-13 21:23 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-01-13 21:23 - 2009-04-10 23:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-01-13 21:23 - 2009-04-10 23:28 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2014-01-13 21:23 - 2009-04-10 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-01-13 21:23 - 2009-04-10 23:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\extmgr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00117248 _____ C:\Windows\system32\EhStorAuthn.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-01-13 21:23 - 2009-04-10 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2014-01-13 21:23 - 2009-04-10 23:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2014-01-13 21:23 - 2009-04-10 23:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-01-13 21:23 - 2009-04-10 23:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-01-13 21:23 - 2009-04-10 23:27 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-01-13 21:23 - 2009-04-10 23:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-01-13 21:23 - 2009-04-10 23:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-01-13 21:23 - 2009-04-10 23:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2014-01-13 21:23 - 2009-04-10 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2014-01-13 21:23 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2014-01-13 21:23 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2014-01-13 21:23 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2014-01-13 21:23 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2014-01-13 21:23 - 2009-04-10 23:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2014-01-13 21:23 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2014-01-13 21:23 - 2009-04-10 23:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-01-13 21:23 - 2009-04-10 23:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-01-13 21:23 - 2009-04-10 22:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2014-01-13 21:23 - 2009-04-10 22:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2014-01-13 21:23 - 2009-04-10 22:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2014-01-13 21:23 - 2009-04-10 21:51 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-01-13 21:23 - 2009-04-10 21:48 - 00344698 _____ C:\Windows\system32\eaphost.tmf
2014-01-13 21:23 - 2009-04-10 21:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2014-01-13 21:23 - 2009-04-10 21:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2014-01-13 21:23 - 2009-04-10 21:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-01-13 21:23 - 2009-04-10 21:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-01-13 21:23 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2014-01-13 21:23 - 2009-04-10 21:43 - 00442788 _____ C:\Windows\system32\dot3.tmf
2014-01-13 21:23 - 2009-04-10 21:43 - 00392170 _____ C:\Windows\system32\onex.tmf
2014-01-13 21:23 - 2009-04-10 21:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-01-13 21:23 - 2009-04-10 21:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-01-13 21:23 - 2009-04-10 21:42 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-13 21:23 - 2009-04-10 21:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2014-01-13 21:23 - 2009-04-10 21:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-01-13 21:23 - 2009-04-10 21:23 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-13 21:23 - 2009-04-10 21:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2014-01-13 21:23 - 2009-04-10 21:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-01-13 21:23 - 2009-04-10 21:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2014-01-13 21:23 - 2009-04-10 21:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-01-13 21:23 - 2009-04-10 21:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2014-01-13 21:23 - 2009-04-10 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-01-13 21:23 - 2009-02-19 17:20 - 00009212 _____ C:\Windows\system32\RacUR.xml
2014-01-13 21:23 - 2009-02-18 11:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-01-13 21:23 - 2009-02-18 11:39 - 00102816 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-13 21:22 - 2009-04-10 23:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-01-13 21:22 - 2009-04-10 23:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-01-13 21:22 - 2009-04-10 23:32 - 00223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-13 21:22 - 2009-04-10 23:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-01-13 21:22 - 2009-04-10 23:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2014-01-13 21:22 - 2009-04-10 23:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2014-01-13 21:22 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-01-13 21:22 - 2009-04-10 23:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-01-13 21:22 - 2009-04-10 23:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2014-01-13 21:22 - 2009-04-10 23:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-01-13 21:22 - 2009-04-10 23:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-01-13 21:22 - 2009-04-10 23:28 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00679936 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2014-01-13 21:22 - 2009-04-10 23:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-13 21:22 - 2009-04-10 23:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-01-13 21:22 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00368640 _____ C:\Windows\system32\msjetoledb40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-01-13 21:22 - 2009-04-10 23:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-01-13 21:22 - 2009-04-10 23:28 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2014-01-13 21:22 - 2009-04-10 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-01-13 21:22 - 2009-04-10 23:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2014-01-13 21:22 - 2009-04-10 23:27 - 01827840 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-13 21:22 - 2009-04-10 23:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2014-01-13 21:22 - 2009-04-10 23:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2014-01-13 21:22 - 2009-04-10 23:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2014-01-13 21:22 - 2009-04-10 23:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-01-13 21:22 - 2009-04-10 23:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2014-01-13 21:22 - 2009-04-10 23:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2014-01-13 21:22 - 2009-04-10 23:23 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2014-01-13 21:22 - 2009-04-10 23:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2014-01-13 21:22 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2014-01-13 21:22 - 2009-04-10 21:46 - 00208966 _____ C:\Windows\system32\WFP.TMF
2014-01-13 21:22 - 2009-04-10 21:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2014-01-13 21:22 - 2009-04-10 21:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2014-01-13 21:22 - 2009-04-10 21:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-13 21:22 - 2009-04-10 21:42 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-13 21:22 - 2009-04-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2014-01-13 21:22 - 2009-04-10 21:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-01-13 21:22 - 2009-04-10 21:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2014-01-13 21:22 - 2009-04-10 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-13 21:22 - 2009-04-10 18:54 - 03662128 _____ C:\Windows\system32\locale.nls
2014-01-13 21:22 - 2009-03-29 21:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-01-13 21:22 - 2009-03-29 21:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-01-13 21:22 - 2009-02-18 11:38 - 00619864 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-01-13 21:22 - 2009-02-18 11:38 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-01-13 21:22 - 2009-02-18 11:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-01-13 21:22 - 2009-02-18 11:38 - 00009048 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-01-13 21:21 - 2009-04-10 23:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-01-13 21:21 - 2009-04-10 23:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-01-13 21:21 - 2009-04-10 23:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2014-01-13 21:21 - 2009-04-10 23:32 - 00226280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-01-13 21:21 - 2009-04-10 23:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2014-01-13 21:21 - 2009-04-10 23:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2014-01-13 21:21 - 2009-04-10 23:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2014-01-13 21:21 - 2009-04-10 23:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2014-01-13 21:21 - 2009-04-10 23:28 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2014-01-13 21:21 - 2009-04-10 23:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-01-13 21:21 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2014-01-13 21:21 - 2009-04-10 23:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2014-01-13 21:21 - 2009-04-10 23:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2014-01-13 21:21 - 2009-04-10 23:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-01-13 21:21 - 2009-04-10 23:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2014-01-13 21:21 - 2009-04-10 23:27 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-01-13 21:21 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-13 21:21 - 2009-04-10 21:46 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-01-13 21:21 - 2009-04-10 21:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2014-01-13 21:21 - 2009-04-10 21:43 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-13 21:21 - 2009-04-10 21:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2014-01-13 21:21 - 2009-04-10 21:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2014-01-13 21:21 - 2009-04-10 21:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-13 21:21 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2014-01-13 21:21 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2014-01-13 21:21 - 2009-04-10 21:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2014-01-13 21:21 - 2009-04-10 21:14 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-01-13 21:21 - 2009-04-10 19:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2014-01-13 21:21 - 2009-04-10 18:59 - 00107612 _____ C:\Windows\system32\StructuredQuerySchema.bin
2014-01-13 21:21 - 2009-03-06 18:11 - 00130008 _____ C:\Windows\system32\systemsf.ebd
2014-01-13 21:21 - 2009-02-19 17:20 - 00009239 _____ C:\Windows\system32\spcinstrumentation.man
2014-01-13 21:21 - 2009-02-18 11:39 - 00092918 _____ C:\Windows\system32\slmgr.vbs
2014-01-13 21:21 - 2009-02-18 11:39 - 00035680 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-01-13 21:20 - 2009-04-10 23:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2014-01-13 21:20 - 2009-04-10 23:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-01-13 21:20 - 2009-04-10 23:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-01-13 21:20 - 2009-04-10 23:28 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-01-13 21:20 - 2009-04-10 23:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-01-13 21:20 - 2009-04-10 23:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2014-01-13 21:20 - 2009-04-10 23:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2014-01-13 21:20 - 2009-04-10 23:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-01-13 21:20 - 2009-04-10 23:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2014-01-13 21:20 - 2009-04-10 23:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2014-01-13 21:20 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-01-13 21:16 - 2014-01-13 21:39 - 00000000 ____D C:\aea6443951cd268773389a2fbc401c
2014-01-13 20:45 - 2014-01-13 21:15 - 365230920 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows6.0-KB948465-X86(1).exe
2014-01-13 20:34 - 2014-01-13 20:34 - 00000000 ____D C:\Users\Danielle\AppData\Local\Microsoft Corporation
2014-01-13 20:32 - 2014-01-13 20:32 - 00001946 _____ C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
2014-01-13 20:32 - 2014-01-13 20:32 - 00000000 ____D C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-01-13 20:23 - 2014-01-13 20:27 - 24805592 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows-KB890830-V5.7(1).exe
2014-01-13 20:23 - 2014-01-13 20:25 - 08669472 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows7UpgradeAdvisorSetup(1).exe
2014-01-12 22:22 - 2014-01-12 22:22 - 00000000 ____D C:\Windows\system32\EventProviders
2014-01-12 21:29 - 2014-01-12 22:16 - 365230920 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows6.0-KB948465-X86.exe
2014-01-12 21:28 - 2014-01-12 21:32 - 24805592 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows-KB890830-V5.7.exe
2014-01-12 21:28 - 2014-01-12 21:30 - 08669472 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows7UpgradeAdvisorSetup.exe
2014-01-12 21:04 - 2014-01-12 21:04 - 00000761 _____ C:\Windows\KB932823-v3.log
2014-01-12 21:03 - 2014-01-12 21:03 - 00629288 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\WindowsXP-KB932823-v3-x86-ENU.exe
2014-01-09 19:01 - 2014-01-09 19:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-09 18:30 - 2014-01-09 18:30 - 00000000 ____D C:\Program Files\VideoPlayerV3
2014-01-06 20:15 - 2014-01-06 20:15 - 00688992 ____R (Swearware) C:\Users\Danielle\Desktop\dds.scr
2013-12-30 23:24 - 2013-12-30 23:24 - 00000000 ____D C:\ProgramData\Smooth Browsing
2013-12-28 15:35 - 2013-12-28 15:35 - 00000000 ____D C:\MATS
2013-12-28 15:30 - 2013-12-28 15:30 - 00347816 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.52311689800172698.1.1.Run.exe
2013-12-28 13:24 - 2013-12-28 13:24 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-27 16:12 - 2013-12-28 13:09 - 00000000 ____D C:\Program Files\WebexpEnhancedV1

==================== One Month Modified Files and Folders =======

2014-01-17 17:20 - 2009-02-21 09:18 - 00000424 ____H C:\Windows\Tasks\User_Feed_Synchronization-{153C7F06-C33C-4344-9301-9EF00F17085C}.job
2014-01-17 17:19 - 2014-01-17 17:18 - 00017802 _____ C:\Users\Danielle\Desktop\FRST.txt
2014-01-17 17:18 - 2014-01-17 17:18 - 00000000 ____D C:\FRST
2014-01-17 17:17 - 2014-01-17 17:17 - 01220608 _____ (Farbar) C:\Users\Danielle\Desktop\FRST.exe
2014-01-17 17:14 - 2012-08-19 15:30 - 00000000 ____D C:\Users\Danielle\AppData\Roaming\Skype
2014-01-17 17:13 - 2012-04-29 11:27 - 00000000 ____D C:\Users\Danielle\AppData\Roaming\Spotify
2014-01-17 17:11 - 2012-04-29 10:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-17 17:11 - 2012-01-27 20:47 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-17 17:11 - 2011-10-15 16:14 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2767167476-1858105450-2367976372-1000UA.job
2014-01-17 17:11 - 2008-09-04 09:11 - 01990228 _____ C:\Windows\WindowsUpdate.log
2014-01-17 17:11 - 2006-11-02 07:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-17 17:11 - 2006-11-02 07:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-16 19:18 - 2006-11-02 07:49 - 00081043 _____ C:\Windows\setupact.log
2014-01-16 19:04 - 2014-01-16 19:03 - 02076160 _____ (Farbar) C:\Users\Danielle\Desktop\FRST64.exe
2014-01-16 18:56 - 2012-01-27 20:47 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-16 18:56 - 2006-11-02 07:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 18:55 - 2008-01-20 22:02 - 00209572 _____ C:\Windows\PFRO.log
2014-01-16 18:54 - 2006-11-02 07:58 - 00032610 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-16 17:24 - 2011-10-15 16:14 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2767167476-1858105450-2367976372-1000Core.job
2014-01-16 15:29 - 2014-01-16 15:29 - 00000000 ____D C:\_OTL
2014-01-15 20:30 - 2014-01-15 20:30 - 00168288 _____ C:\Users\Danielle\Desktop\OTL.Txt
2014-01-15 20:30 - 2014-01-15 20:30 - 00028480 _____ C:\Users\Danielle\Desktop\Extras.Txt
2014-01-15 20:10 - 2014-01-15 20:09 - 00602112 _____ (OldTimer Tools) C:\Users\Danielle\Desktop\OTL.exe
2014-01-15 19:09 - 2014-01-15 18:55 - 00000000 ____D C:\AdwCleaner
2014-01-15 18:55 - 2014-01-15 18:54 - 01236282 _____ C:\Users\Danielle\Desktop\adwcleaner.exe
2014-01-15 18:45 - 2014-01-15 18:45 - 00012605 _____ C:\Users\Danielle\Desktop\JRT.txt
2014-01-15 18:36 - 2014-01-15 18:36 - 00000000 ____D C:\Windows\ERUNT
2014-01-15 18:32 - 2014-01-15 18:31 - 01037068 _____ (Thisisu) C:\Users\Danielle\Desktop\JRT.exe
2014-01-15 18:23 - 2008-08-25 07:55 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2014-01-15 18:21 - 2012-01-27 20:47 - 00000000 ____D C:\Users\Danielle\AppData\Local\Google
2014-01-15 14:30 - 2014-01-15 14:30 - 00005391 _____ C:\Users\Danielle\Desktop\attach.txt
2014-01-15 14:29 - 2014-01-15 14:30 - 00011338 _____ C:\Users\Danielle\Desktop\dds.txt
2014-01-15 14:19 - 2006-11-02 05:33 - 00703214 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-13 22:36 - 2008-12-03 21:31 - 00000917 _____ C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-01-13 22:36 - 2008-12-03 21:31 - 00000911 _____ C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-13 22:13 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\rescache
2014-01-13 22:08 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-13 21:56 - 2006-11-02 07:44 - 00305440 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-13 21:51 - 2014-01-13 21:50 - 00000000 ____D C:\Windows\system32\vi-VN
2014-01-13 21:51 - 2014-01-13 21:50 - 00000000 ____D C:\Windows\system32\eu-ES
2014-01-13 21:51 - 2014-01-13 21:50 - 00000000 ____D C:\Windows\system32\ca-ES
2014-01-13 21:51 - 2006-11-02 07:35 - 00000000 ____D C:\Windows\system32\XPSViewer
2014-01-13 21:51 - 2006-11-02 07:35 - 00000000 ____D C:\Program Files\Windows Sidebar
2014-01-13 21:51 - 2006-11-02 07:35 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2014-01-13 21:51 - 2006-11-02 07:35 - 00000000 ____D C:\Program Files\Windows Defender
2014-01-13 21:51 - 2006-11-02 07:35 - 00000000 ____D C:\Program Files\Windows Collaboration
2014-01-13 21:51 - 2006-11-02 07:35 - 00000000 ____D C:\Program Files\Windows Calendar
2014-01-13 21:51 - 2006-11-02 07:35 - 00000000 ____D C:\Program Files\Movie Maker
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\zh-TW
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\zh-CN
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\uk-UA
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\tr-TR
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\th-TH
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\sv-SE
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\SLUI
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\sl-SI
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\sk-SK
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\ru-RU
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\ro-RO
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\pt-PT
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\pt-BR
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\pl-PL
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\nl-NL
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\nb-NO
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\lv-LV
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\lt-LT
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\ko-KR
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\ja-JP
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\it-IT
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\hu-HU
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\hr-HR
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\he-IL
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\fr-FR
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\fi-FI
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\et-EE
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\el-GR
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\de-DE
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\bg-BG
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\ar-SA
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Windows\IME
2014-01-13 21:51 - 2006-11-02 06:18 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-13 21:49 - 2008-08-25 07:56 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-13 21:47 - 2012-08-19 14:53 - 00010600 _____ C:\Windows\system32\lvcoinst.log
2014-01-13 21:46 - 2008-08-25 07:41 - 00000000 ____D C:\Windows\system32\RTCOM
2014-01-13 21:41 - 2012-08-19 14:49 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2014-01-13 21:39 - 2014-01-13 21:39 - 00000000 ____D C:\Windows\system32\SPReview
2014-01-13 21:39 - 2014-01-13 21:16 - 00000000 ____D C:\aea6443951cd268773389a2fbc401c
2014-01-13 21:15 - 2014-01-13 20:45 - 365230920 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows6.0-KB948465-X86(1).exe
2014-01-13 20:34 - 2014-01-13 20:34 - 00000000 ____D C:\Users\Danielle\AppData\Local\Microsoft Corporation
2014-01-13 20:32 - 2014-01-13 20:32 - 00001946 _____ C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
2014-01-13 20:32 - 2014-01-13 20:32 - 00000000 ____D C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-01-13 20:27 - 2014-01-13 20:23 - 24805592 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows-KB890830-V5.7(1).exe
2014-01-13 20:25 - 2014-01-13 20:23 - 08669472 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows7UpgradeAdvisorSetup(1).exe
2014-01-13 20:18 - 2012-08-06 18:47 - 00000500 _____ C:\Windows\Tasks\Norton AntiVirus Online - Run Full System Scan - Danielle.job
2014-01-13 18:39 - 2012-04-29 11:30 - 00000000 ____D C:\Users\Danielle\AppData\Local\Spotify
2014-01-13 18:17 - 2012-08-19 15:30 - 00000000 ___RD C:\Program Files\Skype
2014-01-13 18:17 - 2012-08-19 15:29 - 00000000 ____D C:\ProgramData\Skype
2014-01-13 18:13 - 2011-08-28 16:25 - 00000000 ____D C:\Program Files\NetZero
2014-01-12 22:25 - 2008-12-28 23:25 - 00000000 ___RD C:\Users\Danielle\Desktop\Everything
2014-01-12 22:22 - 2014-01-12 22:22 - 00000000 ____D C:\Windows\system32\EventProviders
2014-01-12 22:16 - 2014-01-12 21:29 - 365230920 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows6.0-KB948465-X86.exe
2014-01-12 21:32 - 2014-01-12 21:28 - 24805592 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows-KB890830-V5.7.exe
2014-01-12 21:30 - 2014-01-12 21:28 - 08669472 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\Windows7UpgradeAdvisorSetup.exe
2014-01-12 21:16 - 2009-01-28 15:23 - 00000000 ____D C:\Users\Danielle\Documents\Haunted Mansion
2014-01-12 21:04 - 2014-01-12 21:04 - 00000761 _____ C:\Windows\KB932823-v3.log
2014-01-12 21:03 - 2014-01-12 21:03 - 00629288 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\WindowsXP-KB932823-v3-x86-ENU.exe
2014-01-12 19:18 - 2012-06-10 14:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-12 18:20 - 2008-12-03 21:31 - 00000334 _____ C:\Windows\Tasks\HPCeeScheduleForDanielle.job
2014-01-09 19:02 - 2014-01-09 19:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-09 18:41 - 2013-12-05 17:17 - 00000000 ____D C:\Users\Public
2014-01-09 18:30 - 2014-01-09 18:30 - 00000000 ____D C:\Program Files\VideoPlayerV3
2014-01-06 20:15 - 2014-01-06 20:15 - 00688992 ____R (Swearware) C:\Users\Danielle\Desktop\dds.scr
2013-12-30 23:24 - 2013-12-30 23:24 - 00000000 ____D C:\ProgramData\Smooth Browsing
2013-12-29 19:27 - 2008-12-07 19:17 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-12-28 15:35 - 2013-12-28 15:35 - 00000000 ____D C:\MATS
2013-12-28 15:30 - 2013-12-28 15:30 - 00347816 _____ (Microsoft Corporation) C:\Users\Danielle\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.52311689800172698.1.1.Run.exe
2013-12-28 13:24 - 2013-12-28 13:24 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-12-28 13:09 - 2013-12-27 16:12 - 00000000 ____D C:\Program Files\WebexpEnhancedV1
2013-12-28 13:08 - 2008-12-25 11:33 - 00000000 ____D C:\Program Files\eGames
2013-12-26 11:46 - 2008-12-18 15:23 - 00000000 ____D C:\Program Files\Viva Media
2013-12-26 11:34 - 2010-04-17 23:18 - 00000000 ____D C:\Program Files\PlayFirst
2013-12-26 11:25 - 2009-08-16 15:56 - 00000000 ____D C:\Program Files\Electronic Arts

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-16 19:01

==================== End Of Log ============================
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby Vanilla-krypton » January 17th, 2014, 6:25 pm

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-01-2014 03
Ran by Danielle at 2014-01-17 17:20:46
Running from C:\Users\Danielle\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Out of date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Out of date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 (Version: 8.1.2 - Adobe Systems Incorporated)
AppCore (Version: 1.3 - Symantec Corporation) Hidden
Belkin USB Wireless Adaptor (Version: 1.0.0.10 - Belkin)
Belkin USB Wireless Adaptor (Version: 1.0.0.10 - Belkin) Hidden
CameraHelperMsi (Version: 13.31.1038.0 - Logitech) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
ccCommon (Version: 107.0.0.102 - Symantec) Hidden
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
Component Framework (Version: 2006.1.3.35 - Symantec Corporation) Hidden
CyberLink DVD Suite Deluxe (Version: .1707 - CyberLink Corp.)
DVD Play (Version: 2.4.5411 - Hewlett-Packard)
Enhanced Multimedia Keyboard Solution (Version: - Hewlett-Packard)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Façade (Version: 1.1.2 - Procedural Arts)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287 - Skype Limited)
Facebook Video Calling 2.0.0.447 (Version: 2.0.447 - Skype Limited)
Free Realms (Version: - Sony Online Entertainment)
Google Chrome (Version: 32.0.1700.76 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Hamsterball 3.6 (Version: - Raptisoft)
Hardware Diagnostic Tools (Version: 5.1.4861.15 - PC-Doctor, Inc.)
Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.63.2 - HP) Hidden
HP Active Support Library (Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (Version: 5.6.0.2510 - Hewlett-Packard)
HP Customer Feedback (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Demo (Version: 1.00.0000 - Hewlett-Packard)
HP Photosmart Essential 2.5 (Version: 1.03.0000 - Hewlett-Packard) Hidden
HP Photosmart Essential 3.0 (Version: 3.0 - HP)
HP Picasso Media Center Add-In (Version: 1.0.0 - HP) Hidden
HP Recovery Manager RSS (Version: 84.0.0.7 - Hewlet Packard Company) Hidden
HP Total Care Advisor (Version: 2.3.4292.2709 - Hewlett-Packard)
HP Update (Version: 5.005.000.002 - Hewlett-Packard)
HPPhotoSmartPhotobookWebPack1 (Version: 2.03.0000 - Hewlett-Packard) Hidden
HPTCSSetup (Version: 1.0.964.2626 - Hewlett-Packard Company)
LiveUpdate (Symantec Corporation) (Version: 3.4.0.162 - Symantec)
LiveUpdate (Symantec Corporation) (Version: 3.4.0.162 - Symantec) Hidden
Logitech Webcam Software (Version: 2.0 - Logitech Inc.)
LWS Facebook (Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (Version: 13.31.1038.0 - Logitech) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 60 day trial (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.1 (Version: 6.10.050 - muvee Technologies)
My HP Games (Version: 1.0.0.52 - WildTangent)
Network Play System (Patching) (Version: - )
Norton AntiVirus (Version: 15.0.0.58 - Symantec Corporation) Hidden
Norton AntiVirus Help (Version: 15.0 - Symantec Corporation) Hidden
Norton AntiVirus Online (Symantec Corporation) (Version: 15.0.0.58 - Symantec Corporation)
Norton Protection Center (Version: 3.1.0.98 - Symantec Corporation) Hidden
NVIDIA Drivers (Version: - )
Origin (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PCIe Soft Data Fax Modem with SmartCP (Version: 7.71.00.50 - Conexant Systems)
PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
Python 2.5.2 (Version: 2.5.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (Version: 6.0.1.5657 - Realtek Semiconductor Corp.)
Skype Click to Call (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.10 (Version: 6.10.104 - Skype Technologies S.A.)
Smooth Browsing (Version: - Appdev Ltd)
SPBBC 32bit (Version: 4.0.0.134 - Symantec Corporation) Hidden
Spotify (Version: 0.9.7.16.g4b197456 - Spotify AB)
Strongvault Online Backup (Version: 5.0.2.34 - Strongvault Online Backup) Hidden
Symantec Real Time Storage Protection Component (Version: 10.2.2.6 - Symantec Corporation) Hidden
SymNet (Version: 8.0.3.4 - Symantec Corporation) Hidden
The Sims (Version: - )
The Sims 2 Open For Business (Version: - )
The Sims 2 Pets (Version: - )
The Sims 2 University (Version: - )
The Sims™ 2 Apartment Life (Version: - Electronic Arts)
The Sims™ 2 Bon Voyage (Version: - Electronic Arts)
The Sims™ 2 Double Deluxe (Version: - Electronic Arts)
The Sims™ 2 FreeTime (Version: - Electronic Arts)
The Sims™ 2 Mansion and Garden Stuff (Version: - Electronic Arts)
The Sims™ 2 Seasons (Version: - )
The Sims™ 3 (Version: 1.63.4 - Electronic Arts)
The Sims™ 3 70s, 80s, & 90s Stuff (Version: 17.0.77 - Electronic Arts)
The Sims™ 3 Ambitions (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Create a World Tool - Beta (Version: 1.19.4 - Electronic Arts)
The Sims™ 3 Diesel Stuff (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (Version: 5.0.44 - Electronic Arts)
The Sims™ 3 Generations (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Into the Future (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Katy Perry's Sweet Treats (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Late Night (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Master Suite Stuff (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Movie Stuff (Version: 20.0.53 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (Version: 7.0.55 - Electronic Arts)
The Sims™ 3 Pets (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Supernatural (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Town Life Stuff (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 University Life (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 World Adventures (Version: 2.0.86 - Electronic Arts)
The Sims™ Life Stories (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Video Player (Version: 1.1 - Video Player)
VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Windows 7 Upgrade Advisor (Version: 2.0.5000.0 - Microsoft Corporation)

==================== Restore Points =========================

15-01-2014 20:52:35 malwareremoval told me to
16-01-2014 20:29:40 OTL Restore Point - 1/16/2014 3:29:39 PM

==================== Hosts content: ==========================

2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0378390B-4761-4FF0-A10E-EEEAB1304F06} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2767167476-1858105450-2367976372-1000Core => C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {04E68783-7001-4B91-858F-2BF018A702C4} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1B9199C4-162F-43A5-B74F-DE38E819CAB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-27] (Google Inc.)
Task: {23C20502-5135-4DA6-9F29-B2B4EA154C29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-27] (Google Inc.)
Task: {3A4767B8-7190-4BAD-92B7-90E6A0BD1619} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Danielle => C:\Program Files\Windows Calendar\wincal.exe [2009-04-10] (Microsoft Corporation)
Task: {3E588C91-3DB7-4FB2-85A1-ABA18506940B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2767167476-1858105450-2367976372-1000UA => C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {58BEC6FB-B1C2-481B-AD80-DF89D3F906E6} - System32\Tasks\RecoveryCD => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-04-11] ()
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {6B1EABC8-DA18-4166-8A30-68566AB96E71} - System32\Tasks\Norton AntiVirus Online - Run Full System Scan - Danielle => C:\Program Files\Norton AntiVirus\Navw32.exe [2007-12-06] (Symantec Corporation)
Task: {76F8B4E1-E197-49E6-9B5E-7EA97F4F5C33} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMPMLMPMPMLJOMNMKMCNKJMJJJJMCNLMKMLMOJCNHMMJHMHMCNNJLMOJNMKJPMOJLMIMGMLJOJJNJICMIMCNLMCNNMFMIMCNPMCNJMPMPMOMFMJMCNPMCNJMPMPMOMCNNMJNPICMPMFMFMMMMMJNHICMNJKIBJPMOMJNBJCMLLOJBJGJKJDJDJKJJNKJCMJNNICMJNDJCMKJBJ"
Task: {793BCAB2-0A80-40D0-A6D5-3071BE88D477} - System32\Tasks\HPCeeScheduleForDanielle => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-12-17] (Hewlett-Packard)
Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {A4D6192D-2A9B-4F6C-B946-3659A202AD14} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {A4EC0100-76A3-4BBF-B702-E499C8B41D19} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor for Windows\RunProfiler.exe [2008-04-09] (PC-Doctor, Inc.)
Task: {BA415AF0-7697-49EC-8D44-E6C4D6BE0E00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {E0C1436B-1E78-478B-829E-33E9DD71F952} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {E1618330-6507-42EE-BB39-DAC62ECD86F1} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2767167476-1858105450-2367976372-1000Core.job => C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2767167476-1858105450-2367976372-1000UA.job => C:\Users\Danielle\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDanielle.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton AntiVirus Online - Run Full System Scan - Danielle.job => C:\Program Files\Norton AntiVirus\Navw32.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{153C7F06-C33C-4344-9301-9EF00F17085C}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2011-11-11 13:08 - 2011-11-11 13:08 - 02145304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 07956504 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 00342552 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 00029208 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 00128536 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2008-07-03 14:42 - 2008-07-03 14:42 - 00057344 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2008-07-03 14:45 - 2008-07-03 14:45 - 00032768 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
2008-07-03 14:42 - 2008-07-03 14:42 - 00114688 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
2008-07-03 14:42 - 2008-07-03 14:42 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2008-07-03 14:42 - 2008-07-03 14:42 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2008-07-03 14:42 - 2008-07-03 14:42 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2014-01-13 21:22 - 2009-04-10 23:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2008-07-03 14:42 - 2008-07-03 14:42 - 00010240 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2008-07-03 14:42 - 2008-07-03 14:42 - 00007168 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2012-04-29 11:30 - 2014-01-15 14:25 - 36967424 _____ () C:\Users\Danielle\AppData\Roaming\Spotify\Data\libcef.dll
2014-01-09 19:02 - 2014-01-09 19:02 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-10 15:09 - 2013-12-10 15:09 - 16242056 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2014 05:11:42 PM) (Source: Google Update) (User: Sennstrom-Home)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (01/16/2014 06:57:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2014 04:56:17 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@874@9E29F0.###> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/16/2014 04:56:17 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@874@9E29C0.###> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/16/2014 04:56:16 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@874@9E2990.###> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/16/2014 04:56:16 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@80C@A129F0.###> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/16/2014 04:56:16 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@80C@A129C0.###> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/16/2014 04:56:16 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@80C@A12990.###> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (01/15/2014 07:56:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/17/2014 05:11:21 PM) (Source: WPDMTPDriver) (User: )
Description: MTP WPD Driver0x80070002

Error: (01/16/2014 06:57:25 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (01/16/2014 06:57:25 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (01/16/2014 06:57:25 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (01/16/2014 06:57:25 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (01/16/2014 03:29:25 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Service1

Error: (01/16/2014 03:24:12 PM) (Source: DCOM) (User: )
Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}

Error: (01/15/2014 07:56:41 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (01/15/2014 07:56:41 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (01/15/2014 07:56:41 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (01/17/2014 05:11:42 PM) (Source: Google Update)(User: Sennstrom-Home)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned

Error: (01/16/2014 06:57:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/16/2014 04:56:17 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@874@9E29F0.###

Error: (01/16/2014 04:56:17 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@874@9E29C0.###

Error: (01/16/2014 04:56:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@874@9E2990.###

Error: (01/16/2014 04:56:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@80C@A129F0.###

Error: (01/16/2014 04:56:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@80C@A129C0.###

Error: (01/16/2014 04:56:16 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\ROAMING\.#\MBX@80C@A12990.###

Error: (01/15/2014 07:56:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2014-01-13 21:18:40.474
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 21:18:40.322
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 21:18:40.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 21:18:40.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 21:18:39.847
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 20:37:44.176
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Free Ride Games\X6Ex.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 20:37:44.024
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Free Ride Games\X6Ex.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 20:37:43.866
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Free Ride Games\X6Ex.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 20:37:43.711
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Free Ride Games\X6Ex.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-01-13 20:37:43.532
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Free Ride Games\X6Ex.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 1917.76 MB
Available physical RAM: 884.76 MB
Total Pagefile: 4084.71 MB
Available Pagefile: 2667.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1906.93 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:138.03 GB) (Free:21.61 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.02 GB) (Free:1.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Sims3EP11) (CDROM) (Total:6.15 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=138 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Vanilla-krypton
Regular Member
 
Posts: 91
Joined: January 6th, 2014, 8:59 pm

Re: downloaded IMVU and spyhunter4 ;-;

Unread postby pgmigg » January 17th, 2014, 8:00 pm

Hello Vanilla-krypton,

Very good job! :D To continue I am waiting the rest - contents of the SystemLook.txt log file

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 118 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware