jeccawest

Ohk I found how to get there but I thin i may need to buy a new flashdrive because all I am getting a message that was something like an image is not being supported or something.

oh.. um ohk i will try it again i guess? my screen looked nothing like that.

Yep no problem. Ohk NOW here is everything FRST.exe Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 15-08-2012 Ran by Jessica at 15-08-2012 20:17:57 Running from E:\ Service Pack 1 (X64) OS Language: English(US) Attention: Could not load system hive.The operation completed successfully. ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY. ============ One Month Created Files and Folders ============== 2012-08-15 19:47 - 2012-08-15 20:17 - 00000000 ____D C:\FRST 2012-08-14 22:22 - 2012-08-14 22:22 - 00029514 ____A C:\Users\Jessica\Desktop\DDS.txt 2012-08-14 22:22 - 2012-08-14 22:22 - 00009205 ____A C:\Users\Jessica\Desktop\Attach.txt 2012-08-14 22:04 - 2012-08-14 22:04 - 00004682 ____A C:\Users\Jessica\Desktop\RKreport[1].txt 2012-08-14 22:01 - 2012-08-14 22:01 - 00607260 ____R (Swearware) C:\Users\Jessica\Desktop\dds.com 2012-08-14 21:56 - 2012-08-14 22:04 - 00000000 ____D C:\Users\Jessica\Desktop\RK_Quarantine 2012-08-14 21:31 - 2012-08-14 21:31 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-08-14 21:17 - 2012-08-14 21:17 - 00102400 ____A C:\Windows\RegBootClean.exe 2012-08-14 21:12 - 2012-08-14 21:12 - 00261034 ____A C:\Users\Jessica\AppData\Local\census.cache 2012-08-14 21:11 - 2012-08-14 21:11 - 00130361 ____A C:\Users\Jessica\AppData\Local\ars.cache 2012-08-14 21:01 - 2012-06-05 03:37 - 00256904 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys 2012-08-14 20:58 - 2012-08-14 20:58 - 00000036 ____A C:\Users\Jessica\AppData\Local\housecall.guid.cache 2012-08-14 20:55 - 2012-08-14 20:55 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\QuickScan 2012-08-13 19:46 - 2010-12-20 18:09 - 00038224 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2012-08-13 18:19 - 2012-08-13 18:19 - 00759236 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2012-08-13 18:19 - 2012-08-13 18:19 - 00759236 ____A C:\Windows\System32\PerfStringBackup.INI 2012-08-12 16:31 - 2012-08-12 16:31 - 01623377 ____A C:\Users\Jessica\Downloads\QaenSet_o39.zip 2012-08-12 15:15 - 2012-08-12 15:15 - 00307818 ____A C:\Users\Jessica\Downloads\Leisure dress with Jeans.zip 2012-08-12 15:05 - 2012-08-12 15:05 - 00436030 ____A C:\Users\Jessica\Downloads\Colorful Dress with Lace Hem for Girls.zip 2012-08-12 14:47 - 2012-08-12 14:47 - 00263262 ____A C:\Users\Jessica\Downloads\Earrings 7.zip 2012-08-12 14:18 - 2012-08-12 14:18 - 00123625 ____A C:\Users\Jessica\Downloads\AF Alpha Mesh 0004.zip 2012-08-12 12:22 - 2012-08-12 12:22 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA% 2012-08-12 12:22 - 2012-08-12 12:22 - 00000000 __SHD C:\Windows\System32\%APPDATA% 2012-08-12 12:15 - 2012-08-15 19:47 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-08-12 12:15 - 2012-08-14 19:47 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-08-12 12:15 - 2012-08-14 19:47 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2012-08-12 12:15 - 2012-08-12 12:15 - 00446976 ____A (Andrew Zhezherun) C:\Users\Jessica\AppData\Roaming\ledips.dll 2012-08-12 12:14 - 2012-08-14 21:17 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\xsecva 2012-08-12 11:53 - 2012-08-12 11:53 - 00002326 ____A C:\Users\Public\Desktop\The Sims™ 2 IKEA® Home Stuff.lnk 2012-08-12 10:23 - 2012-08-13 18:58 - 00000000 ____D C:\Program Files (x86)\EA GAMES 2012-08-12 10:23 - 2004-08-18 04:34 - 00442368 ___RA (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2012-08-12 10:23 - 2004-08-18 04:34 - 00442368 ___RA (On2.com) C:\Windows\System32\vp6vfw.dll 2012-08-11 22:16 - 2012-08-11 22:16 - 02114200 ____A C:\Users\Jessica\Downloads\Outfits 15 - Mix&Match.zip 2012-08-11 21:07 - 2012-08-11 21:07 - 00110817 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair061_burgundy.zip 2012-08-11 21:05 - 2012-08-11 21:05 - 00124598 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair058_caramel.zip 2012-08-11 21:02 - 2012-08-11 21:02 - 00202679 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair057_blondesandy.zip 2012-08-11 20:57 - 2012-08-11 20:57 - 00111742 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair055_black.zip 2012-08-11 20:12 - 2012-08-11 20:12 - 00122244 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair004_Blond2.zip 2012-08-11 19:48 - 2012-08-11 19:48 - 00546397 ____A C:\Users\Jessica\Downloads\XMS_Flora_MeshHair009.zip 2012-08-11 19:26 - 2012-08-11 19:26 - 00096901 ____A C:\Users\Jessica\Downloads\XMS_meshoutfits006.zip 2012-08-11 19:13 - 2012-08-11 19:13 - 00676872 ____A C:\Users\Jessica\Downloads\XMSskindonateFeb200511.zip 2012-08-11 19:02 - 2012-08-11 19:02 - 00368739 ____A C:\Users\Jessica\Downloads\7f237bad_XMSoutfits013a.zip 2012-08-11 18:42 - 2012-08-12 12:11 - 00000000 ____D C:\Users\Jessica\Downloads\SIMS2 CUSTOM CONTENT 2012-08-11 18:40 - 2012-08-11 18:40 - 00001964 ____A C:\Users\Jessica\Desktop\vba.ini 2012-08-11 18:35 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\Sims 3 2012-08-11 13:11 - 2012-08-11 13:12 - 05497039 ____A C:\Users\Jessica\Downloads\SimDetails@TSR_FE_Dress_06.sims3pack.4dgue82.partial 2012-08-05 21:06 - 2012-08-05 21:06 - 00000016 ___RH C:\Users\Jessica\AppData\Local\9BC2C316.ini 2012-08-05 20:45 - 2012-08-05 20:45 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\The Sims Resource 2012-08-05 20:35 - 2012-08-10 19:11 - 00000000 ____D C:\Program Files (x86)\MilkShape 3D 1.8.5 2012-08-05 20:35 - 2012-08-05 20:39 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\MilkShape 3D 1.x.x 2012-08-05 20:15 - 2012-08-05 20:15 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\TSRWorkshop 2012-08-05 20:15 - 2012-08-05 20:15 - 00000000 ____D C:\Users\Jessica\AppData\Local\Ibibi_HB 2012-08-05 20:05 - 2012-08-05 20:05 - 18856261 ____A C:\Users\Jessica\Downloads\TSRW_2_0_43.exe.zip 2012-08-05 20:05 - 2012-08-05 20:05 - 00000000 ____D C:\Users\Jessica\Downloads\TSRW_2_0_43.exe 2012-07-28 15:22 - 2012-08-01 21:25 - 00004608 ____A C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-24 21:04 - 2012-07-24 21:04 - 02198320 ____A C:\Users\Jessica\Documents\1.SNA 2012-07-24 03:26 - 2012-07-24 03:26 - 00002087 ____A C:\Users\Public\Desktop\Zoo Tycoon 2 Endangered Species.lnk 2012-07-23 15:05 - 2012-07-23 15:05 - 00000000 ____D C:\Users\Jessica\AppData\Local\{C784411F-43DC-4F97-892B-739309D7BA07} 2012-07-21 07:02 - 2012-03-01 01:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2012-07-21 07:02 - 2012-03-01 01:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll 2012-07-21 07:02 - 2012-03-01 01:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2012-07-21 07:02 - 2012-03-01 01:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll 2012-07-21 07:02 - 2012-03-01 01:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll 2012-07-21 07:02 - 2012-03-01 01:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll 2012-07-21 07:01 - 2012-06-02 05:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-07-21 07:01 - 2012-06-02 05:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-07-21 07:01 - 2012-06-02 04:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-07-21 07:01 - 2012-06-02 04:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-07-21 07:01 - 2012-06-02 04:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-07-21 07:01 - 2012-06-02 04:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-07-21 07:01 - 2012-06-02 04:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-07-21 07:01 - 2012-06-02 04:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-07-21 07:01 - 2012-06-02 04:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-07-21 07:01 - 2012-06-02 04:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-07-21 07:01 - 2012-06-02 04:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-07-21 07:01 - 2012-06-02 04:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-07-21 07:01 - 2012-06-02 04:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-07-21 07:01 - 2012-06-02 04:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-07-21 07:01 - 2012-06-02 04:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-07-21 07:01 - 2012-06-02 04:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-07-21 07:01 - 2012-06-02 04:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-07-21 07:01 - 2012-06-02 04:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-07-21 07:01 - 2012-06-02 04:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-07-21 07:01 - 2012-06-02 04:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-07-21 07:01 - 2012-06-02 04:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-07-21 07:01 - 2012-06-02 04:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-07-21 07:01 - 2012-06-02 04:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-07-21 07:01 - 2012-06-02 04:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-07-21 07:01 - 2012-06-02 04:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-07-21 07:01 - 2012-06-02 04:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-07-21 07:01 - 2012-06-02 04:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-07-21 07:01 - 2012-06-02 04:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-07-20 22:49 - 2012-08-10 19:12 - 00000000 ____D C:\Users\All Users\Big Fish Games 2012-07-20 22:47 - 2012-07-20 22:48 - 15608136 ____A (Big Fish Games) C:\Users\Jessica\Downloads\bfginstaller_s1_l1.exe 2012-07-20 22:29 - 2012-08-10 19:12 - 00000000 ____D C:\BigFishGamesCache 2012-07-20 20:52 - 2012-06-06 01:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-07-20 20:52 - 2012-06-06 01:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-07-20 20:52 - 2012-06-06 01:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-07-20 20:52 - 2012-06-06 01:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-07-20 20:52 - 2012-03-03 01:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2012-07-20 20:52 - 2012-03-03 01:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2012-07-20 20:52 - 2010-06-25 23:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2012-07-20 20:52 - 2010-06-25 23:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll 2012-07-20 20:51 - 2012-06-09 00:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-07-20 20:51 - 2012-06-09 00:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-07-20 20:51 - 2012-06-02 00:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-07-20 20:51 - 2012-06-02 00:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-07-20 20:51 - 2012-06-02 00:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-07-20 20:51 - 2012-06-02 00:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll 2012-07-20 20:51 - 2012-06-02 00:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-07-20 20:51 - 2012-06-02 00:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-07-20 20:51 - 2012-06-02 00:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2012-07-20 20:51 - 2012-06-02 00:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2012-07-20 20:51 - 2012-05-04 06:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2012-07-20 20:51 - 2012-05-04 06:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe 2012-07-20 20:51 - 2012-05-04 06:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2012-07-20 20:51 - 2012-05-04 06:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2012-07-20 20:50 - 2012-04-24 00:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2012-07-20 20:50 - 2012-04-07 07:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2012-07-20 20:50 - 2012-04-07 07:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll 2012-07-20 20:49 - 2012-06-06 01:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2012-07-20 20:49 - 2012-06-06 01:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll 2012-07-20 20:35 - 2012-02-17 01:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2012-07-20 20:35 - 2012-02-17 01:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll 2012-07-20 18:34 - 2012-08-07 21:16 - 00000000 ____D C:\Users\Jessica\AppData\Local\Windows Live 2012-07-20 18:34 - 2012-07-20 18:34 - 00000000 ____D C:\Users\Jessica\AppData\Local\{4D152CB0-5A18-4DBC-891E-7F37CE62BFEA} 2012-07-20 18:34 - 2012-07-20 18:34 - 00000000 ____D C:\Users\Jessica\AppData\Local\{3C30C1D7-3B46-494A-AC9D-E27AB8BF7F5A} 2012-07-20 16:18 - 2012-07-20 16:18 - 00000447 ____A C:\user.js 2012-07-20 16:18 - 2012-07-20 16:18 - 00000000 ____D C:\Program Files\Web Assistant 2012-07-20 16:18 - 2012-07-20 16:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-07-20 16:16 - 2012-07-20 16:16 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Mozilla 2012-07-20 16:16 - 2012-07-20 16:16 - 00000000 ____D C:\Program Files (x86)\Yontoo 2012-07-20 16:15 - 2012-08-10 19:11 - 00000000 ____D C:\Program Files (x86)\1ClickDownload 2012-07-20 13:05 - 2012-07-20 15:06 - 00000000 ____D C:\Users\Jessica\Downloads\The Lion King Trilogy 720p BDRip [A Release-Lounge H264] 2012-07-20 11:16 - 2012-07-20 11:16 - 00000000 ____D C:\Users\Jessica\Downloads\101 Soups, Salads and Sandwiches(EPUB+PDF+MOBI)[Team Nanban]tmrg 2012-07-20 11:15 - 2012-07-20 11:16 - 00000000 ____D C:\Users\Jessica\Downloads\Top Secret Restaurant Recipes - Creating Kitchen Clones from America's Favorite Restaurant Chains -Mantesh 2012-07-20 09:30 - 2012-07-20 09:30 - 00000000 ____D C:\Users\Jessica\Downloads\Cute Is What We Aim For 2012-07-20 09:27 - 2012-07-20 17:23 - 00000000 ____D C:\Users\Jessica\Downloads\Lights - The Listening (2009) 2012-07-20 09:26 - 2012-07-20 09:26 - 00000000 ____D C:\Users\Jessica\Downloads\Lights - Siberia 2012-07-20 09:24 - 2012-08-12 22:47 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\BitTorrent 2012-07-20 09:24 - 2012-07-20 09:24 - 06077848 ____A (BitTorrent, Inc.) C:\Users\Jessica\Downloads\BitTorrent.exe 2012-07-18 20:26 - 2012-08-15 20:09 - 00006652 ____A C:\Windows\SysWOW64\debug.log 2012-07-18 20:26 - 2012-08-15 20:09 - 00006652 ____A C:\Windows\System32\debug.log 2012-07-18 20:26 - 2012-08-15 18:42 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790799072-890783470-2514710844-1001UA.job 2012-07-18 20:26 - 2012-08-14 20:31 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790799072-890783470-2514710844-1001Core.job 2012-07-18 20:26 - 2012-07-18 20:26 - 00000000 ____D C:\Users\Jessica\AppData\Local\Facebook ============ 3 Months Modified Files ======================== 2012-08-15 20:09 - 2012-07-18 20:26 - 00006652 ____A C:\Windows\SysWOW64\debug.log 2012-08-15 20:09 - 2012-07-18 20:26 - 00006652 ____A C:\Windows\System32\debug.log 2012-08-15 20:07 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-08-15 20:07 - 2009-07-14 00:51 - 00071214 ____A C:\Windows\setupact.log 2012-08-15 19:47 - 2012-08-12 12:15 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-08-15 19:40 - 2011-06-28 09:42 - 01964987 ____A C:\Windows\WindowsUpdate.log 2012-08-15 18:42 - 2012-07-18 20:26 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790799072-890783470-2514710844-1001UA.job 2012-08-14 22:22 - 2012-08-14 22:22 - 00029514 ____A C:\Users\Jessica\Desktop\DDS.txt 2012-08-14 22:22 - 2012-08-14 22:22 - 00009205 ____A C:\Users\Jessica\Desktop\Attach.txt 2012-08-14 22:04 - 2012-08-14 22:04 - 00004682 ____A C:\Users\Jessica\Desktop\RKreport[1].txt 2012-08-14 22:01 - 2012-08-14 22:01 - 00607260 ____R (Swearware) C:\Users\Jessica\Desktop\dds.com 2012-08-14 21:51 - 2011-04-02 00:17 - 00336842 ____A C:\Windows\PFRO.log 2012-08-14 21:31 - 2012-08-14 21:31 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-08-14 21:17 - 2012-08-14 21:17 - 00102400 ____A C:\Windows\RegBootClean.exe 2012-08-14 21:12 - 2012-08-14 21:12 - 00261034 ____A C:\Users\Jessica\AppData\Local\census.cache 2012-08-14 21:11 - 2012-08-14 21:11 - 00130361 ____A C:\Users\Jessica\AppData\Local\ars.cache 2012-08-14 20:58 - 2012-08-14 20:58 - 00000036 ____A C:\Users\Jessica\AppData\Local\housecall.guid.cache 2012-08-14 20:31 - 2012-07-18 20:26 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790799072-890783470-2514710844-1001Core.job 2012-08-14 19:47 - 2012-08-12 12:15 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-08-14 19:47 - 2012-08-12 12:15 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2012-08-14 19:47 - 2011-10-16 17:01 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-08-14 19:47 - 2011-10-16 17:01 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2012-08-13 18:19 - 2012-08-13 18:19 - 00759236 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2012-08-13 18:19 - 2012-08-13 18:19 - 00759236 ____A C:\Windows\System32\PerfStringBackup.INI 2012-08-13 12:29 - 2011-09-26 10:26 - 00000258 _RASH C:\Users\All Users\ntuser.pol 2012-08-12 16:31 - 2012-08-12 16:31 - 01623377 ____A C:\Users\Jessica\Downloads\QaenSet_o39.zip 2012-08-12 15:15 - 2012-08-12 15:15 - 00307818 ____A C:\Users\Jessica\Downloads\Leisure dress with Jeans.zip 2012-08-12 15:05 - 2012-08-12 15:05 - 00436030 ____A C:\Users\Jessica\Downloads\Colorful Dress with Lace Hem for Girls.zip 2012-08-12 14:47 - 2012-08-12 14:47 - 00263262 ____A C:\Users\Jessica\Downloads\Earrings 7.zip 2012-08-12 14:18 - 2012-08-12 14:18 - 00123625 ____A C:\Users\Jessica\Downloads\AF Alpha Mesh 0004.zip 2012-08-12 12:15 - 2012-08-12 12:15 - 00446976 ____A (Andrew Zhezherun) C:\Users\Jessica\AppData\Roaming\ledips.dll 2012-08-12 11:53 - 2012-08-12 11:53 - 00002326 ____A C:\Users\Public\Desktop\The Sims™ 2 IKEA® Home Stuff.lnk 2012-08-11 22:16 - 2012-08-11 22:16 - 02114200 ____A C:\Users\Jessica\Downloads\Outfits 15 - Mix&Match.zip 2012-08-11 21:07 - 2012-08-11 21:07 - 00110817 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair061_burgundy.zip 2012-08-11 21:05 - 2012-08-11 21:05 - 00124598 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair058_caramel.zip 2012-08-11 21:02 - 2012-08-11 21:02 - 00202679 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair057_blondesandy.zip 2012-08-11 20:57 - 2012-08-11 20:57 - 00111742 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair055_black.zip 2012-08-11 20:12 - 2012-08-11 20:12 - 00122244 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair004_Blond2.zip 2012-08-11 19:48 - 2012-08-11 19:48 - 00546397 ____A C:\Users\Jessica\Downloads\XMS_Flora_MeshHair009.zip 2012-08-11 19:26 - 2012-08-11 19:26 - 00096901 ____A C:\Users\Jessica\Downloads\XMS_meshoutfits006.zip 2012-08-11 19:13 - 2012-08-11 19:13 - 00676872 ____A C:\Users\Jessica\Downloads\XMSskindonateFeb200511.zip 2012-08-11 19:02 - 2012-08-11 19:02 - 00368739 ____A C:\Users\Jessica\Downloads\7f237bad_XMSoutfits013a.zip 2012-08-11 18:40 - 2012-08-11 18:40 - 00001964 ____A C:\Users\Jessica\Desktop\vba.ini 2012-08-11 13:12 - 2012-08-11 13:11 - 05497039 ____A C:\Users\Jessica\Downloads\SimDetails@TSR_FE_Dress_06.sims3pack.4dgue82.partial 2012-08-11 12:22 - 2011-11-19 12:15 - 00001052 ____A C:\Windows\KB893803v2.log 2012-08-05 21:06 - 2012-08-05 21:06 - 00000016 ___RH C:\Users\Jessica\AppData\Local\9BC2C316.ini 2012-08-05 20:13 - 2011-04-02 00:38 - 00130228 ____A C:\Windows\DirectX.log 2012-08-05 20:05 - 2012-08-05 20:05 - 18856261 ____A C:\Users\Jessica\Downloads\TSRW_2_0_43.exe.zip 2012-08-01 21:25 - 2012-07-28 15:22 - 00004608 ____A C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-24 21:04 - 2012-07-24 21:04 - 02198320 ____A C:\Users\Jessica\Documents\1.SNA 2012-07-24 03:26 - 2012-07-24 03:26 - 00002087 ____A C:\Users\Public\Desktop\Zoo Tycoon 2 Endangered Species.lnk 2012-07-20 22:48 - 2012-07-20 22:47 - 15608136 ____A (Big Fish Games) C:\Users\Jessica\Downloads\bfginstaller_s1_l1.exe 2012-07-20 16:18 - 2012-07-20 16:18 - 00000447 ____A C:\user.js 2012-07-20 09:24 - 2012-07-20 09:24 - 06077848 ____A (BitTorrent, Inc.) C:\Users\Jessica\Downloads\BitTorrent.exe 2012-06-26 17:41 - 2012-06-26 16:19 - 00004096 ____A C:\Users\Public\Documents\00001BF6.LCS 2012-06-24 17:40 - 2012-06-24 17:40 - 00734984 ____A C:\Windows\Minidump\062412-35349-01.dmp 2012-06-24 17:40 - 2011-10-22 21:12 - 498214842 ____A C:\Windows\MEMORY.DMP 2012-06-14 16:42 - 2012-06-14 16:42 - 00000000 ____A C:\Windows\PowerReg.dat 2012-06-14 16:38 - 2012-06-14 16:38 - 00002080 ____A C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk 2012-06-14 15:59 - 2012-06-14 15:59 - 00012578 ____A C:\Users\Jessica\Documents\Book4.xlsx 2012-06-14 10:12 - 2011-09-19 11:44 - 00001952 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2012-06-09 00:41 - 2012-07-20 20:51 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-06-09 00:41 - 2012-07-20 20:51 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-06-06 01:05 - 2012-07-20 20:52 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-06-06 01:05 - 2012-07-20 20:52 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-06-06 01:05 - 2012-07-20 20:52 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-06-06 01:05 - 2012-07-20 20:52 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-06-06 01:03 - 2012-07-20 20:49 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2012-06-06 01:03 - 2012-07-20 20:49 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll 2012-06-05 03:37 - 2012-08-14 21:01 - 00256904 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys 2012-06-02 05:07 - 2012-07-21 07:01 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-06-02 05:07 - 2012-07-21 07:01 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-06-02 04:43 - 2012-07-21 07:01 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-06-02 04:43 - 2012-07-21 07:01 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-06-02 04:33 - 2012-07-21 07:01 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-06-02 04:33 - 2012-07-21 07:01 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-06-02 04:26 - 2012-07-21 07:01 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-06-02 04:26 - 2012-07-21 07:01 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-06-02 04:25 - 2012-07-21 07:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-06-02 04:25 - 2012-07-21 07:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-06-02 04:25 - 2012-07-21 07:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-06-02 04:25 - 2012-07-21 07:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-06-02 04:23 - 2012-07-21 07:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-06-02 04:23 - 2012-07-21 07:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-06-02 04:21 - 2012-07-21 07:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-06-02 04:21 - 2012-07-21 07:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-06-02 04:20 - 2012-07-21 07:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-06-02 04:20 - 2012-07-21 07:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-06-02 04:19 - 2012-07-21 07:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-06-02 04:19 - 2012-07-21 07:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-06-02 04:19 - 2012-07-21 07:01 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-06-02 04:19 - 2012-07-21 07:01 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-06-02 04:17 - 2012-07-21 07:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-06-02 04:17 - 2012-07-21 07:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-06-02 04:16 - 2012-07-21 07:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-06-02 04:16 - 2012-07-21 07:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-06-02 04:14 - 2012-07-21 07:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-06-02 04:14 - 2012-07-21 07:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-06-02 00:40 - 2012-07-20 20:51 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-06-02 00:40 - 2012-07-20 20:51 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-06-02 00:40 - 2012-07-20 20:51 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-06-02 00:40 - 2012-07-20 20:51 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll 2012-06-02 00:39 - 2012-07-20 20:51 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-06-02 00:39 - 2012-07-20 20:51 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-06-02 00:34 - 2012-07-20 20:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2012-06-02 00:34 - 2012-07-20 20:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2012-05-20 15:48 - 2012-05-20 15:48 - 00001283 ____A C:\Users\Public\Desktop\Seagate Dashboard.lnk 2012-05-20 15:43 - 2012-05-20 15:43 - 00002029 ____A C:\Users\Mcx1-JESSICA-ASUS\Desktop\Purchase Petz 4.lnk 2012-05-20 15:43 - 2012-05-20 15:43 - 00001989 ____A C:\Users\Mcx1-JESSICA-ASUS\Desktop\Play Petz 4.lnk ZeroAccess: C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94} C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L\00000004.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L\201d3dde C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\00000004.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\00000008.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\000000cb.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\80000000.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\80000032.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\80000064.@ ZeroAccess: C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94} C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\@ C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\n C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U ZeroAccess: C:\Windows\assembly\GAC_32\Desktop.ini ZeroAccess: C:\Windows\assembly\GAC_64\Desktop.ini ========================= Bamital & volsnap Check ============ C:\Windows\explorer.exe [2011-09-17 11:19] - [2011-02-25 02:19] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3 C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\User32.dll [2011-02-18 15:49] - [2010-11-20 08:08] - 0833024 ____A (Microsoft Corporation) 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!. ========================= Memory info ====================== Percentage of memory in use: 13% Total physical RAM: 3874.21 MB Available physical RAM: 3348.07 MB Total Pagefile: 7746.62 MB Available Pagefile: 7228.2 MB Total Virtual: 4095.88 MB Available Virtual: 3995.03 MB ======================= Partitions ========================= 1 Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:35.72 GB) NTFS ==>[system with boot components (obtained from reading drive)] 2 Drive d: (DATA) (Fixed) (Total:254.45 GB) (Free:173.94 GB) NTFS 3 Drive e: (GET RID OF VIRUS) (CDROM) (Total:0.69 GB) (Free:0.68 GB) UDF Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 1024 KB Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 25 GB 1024 KB Partition 2 Primary 186 GB 25 GB Partition 0 Extended 254 GB 211 GB Partition 3 Logical 254 GB 211 GB ================================================================================== Disk: 0 Partition 1 Type : 1C Hidden: Yes Active: No There is no volume associated with this partition. ================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C OS NTFS Partition 186 GB Healthy System (partition with boot components) ================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 D DATA NTFS Partition 254 GB Healthy ================================================================================== ======================= End Of Log ========================== and Search.exe Farbar Recovery Scan Tool Version: 15-08-2012 Ran by Jessica at 2012-08-15 20:33:03 Running from E:\ ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 19:19] - [2009-07-13 21:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB === End Of Search ===

Oops I forgot a step. Be right back!

Ohk here we go. Search.txt Farbar Recovery Scan Tool Version: 15-08-2012 Ran by Jessica at 2012-08-15 19:48:23 Running from E:\ ================== Search: "system recovery options" =================== === End Of Search === And FRST.exe Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 15-08-2012 Ran by Jessica at 15-08-2012 20:17:57 Running from E:\ Service Pack 1 (X64) OS Language: English(US) Attention: Could not load system hive.The operation completed successfully. ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY. ============ One Month Created Files and Folders ============== 2012-08-15 19:47 - 2012-08-15 20:17 - 00000000 ____D C:\FRST 2012-08-14 22:22 - 2012-08-14 22:22 - 00029514 ____A C:\Users\Jessica\Desktop\DDS.txt 2012-08-14 22:22 - 2012-08-14 22:22 - 00009205 ____A C:\Users\Jessica\Desktop\Attach.txt 2012-08-14 22:04 - 2012-08-14 22:04 - 00004682 ____A C:\Users\Jessica\Desktop\RKreport[1].txt 2012-08-14 22:01 - 2012-08-14 22:01 - 00607260 ____R (Swearware) C:\Users\Jessica\Desktop\dds.com 2012-08-14 21:56 - 2012-08-14 22:04 - 00000000 ____D C:\Users\Jessica\Desktop\RK_Quarantine 2012-08-14 21:31 - 2012-08-14 21:31 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-08-14 21:17 - 2012-08-14 21:17 - 00102400 ____A C:\Windows\RegBootClean.exe 2012-08-14 21:12 - 2012-08-14 21:12 - 00261034 ____A C:\Users\Jessica\AppData\Local\census.cache 2012-08-14 21:11 - 2012-08-14 21:11 - 00130361 ____A C:\Users\Jessica\AppData\Local\ars.cache 2012-08-14 21:01 - 2012-06-05 03:37 - 00256904 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys 2012-08-14 20:58 - 2012-08-14 20:58 - 00000036 ____A C:\Users\Jessica\AppData\Local\housecall.guid.cache 2012-08-14 20:55 - 2012-08-14 20:55 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\QuickScan 2012-08-13 19:46 - 2010-12-20 18:09 - 00038224 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2012-08-13 18:19 - 2012-08-13 18:19 - 00759236 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2012-08-13 18:19 - 2012-08-13 18:19 - 00759236 ____A C:\Windows\System32\PerfStringBackup.INI 2012-08-12 16:31 - 2012-08-12 16:31 - 01623377 ____A C:\Users\Jessica\Downloads\QaenSet_o39.zip 2012-08-12 15:15 - 2012-08-12 15:15 - 00307818 ____A C:\Users\Jessica\Downloads\Leisure dress with Jeans.zip 2012-08-12 15:05 - 2012-08-12 15:05 - 00436030 ____A C:\Users\Jessica\Downloads\Colorful Dress with Lace Hem for Girls.zip 2012-08-12 14:47 - 2012-08-12 14:47 - 00263262 ____A C:\Users\Jessica\Downloads\Earrings 7.zip 2012-08-12 14:18 - 2012-08-12 14:18 - 00123625 ____A C:\Users\Jessica\Downloads\AF Alpha Mesh 0004.zip 2012-08-12 12:22 - 2012-08-12 12:22 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA% 2012-08-12 12:22 - 2012-08-12 12:22 - 00000000 __SHD C:\Windows\System32\%APPDATA% 2012-08-12 12:15 - 2012-08-15 19:47 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-08-12 12:15 - 2012-08-14 19:47 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-08-12 12:15 - 2012-08-14 19:47 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2012-08-12 12:15 - 2012-08-12 12:15 - 00446976 ____A (Andrew Zhezherun) C:\Users\Jessica\AppData\Roaming\ledips.dll 2012-08-12 12:14 - 2012-08-14 21:17 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\xsecva 2012-08-12 11:53 - 2012-08-12 11:53 - 00002326 ____A C:\Users\Public\Desktop\The Sims™ 2 IKEA® Home Stuff.lnk 2012-08-12 10:23 - 2012-08-13 18:58 - 00000000 ____D C:\Program Files (x86)\EA GAMES 2012-08-12 10:23 - 2004-08-18 04:34 - 00442368 ___RA (On2.com) C:\Windows\SysWOW64\vp6vfw.dll 2012-08-12 10:23 - 2004-08-18 04:34 - 00442368 ___RA (On2.com) C:\Windows\System32\vp6vfw.dll 2012-08-11 22:16 - 2012-08-11 22:16 - 02114200 ____A C:\Users\Jessica\Downloads\Outfits 15 - Mix&Match.zip 2012-08-11 21:07 - 2012-08-11 21:07 - 00110817 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair061_burgundy.zip 2012-08-11 21:05 - 2012-08-11 21:05 - 00124598 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair058_caramel.zip 2012-08-11 21:02 - 2012-08-11 21:02 - 00202679 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair057_blondesandy.zip 2012-08-11 20:57 - 2012-08-11 20:57 - 00111742 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair055_black.zip 2012-08-11 20:12 - 2012-08-11 20:12 - 00122244 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair004_Blond2.zip 2012-08-11 19:48 - 2012-08-11 19:48 - 00546397 ____A C:\Users\Jessica\Downloads\XMS_Flora_MeshHair009.zip 2012-08-11 19:26 - 2012-08-11 19:26 - 00096901 ____A C:\Users\Jessica\Downloads\XMS_meshoutfits006.zip 2012-08-11 19:13 - 2012-08-11 19:13 - 00676872 ____A C:\Users\Jessica\Downloads\XMSskindonateFeb200511.zip 2012-08-11 19:02 - 2012-08-11 19:02 - 00368739 ____A C:\Users\Jessica\Downloads\7f237bad_XMSoutfits013a.zip 2012-08-11 18:42 - 2012-08-12 12:11 - 00000000 ____D C:\Users\Jessica\Downloads\SIMS2 CUSTOM CONTENT 2012-08-11 18:40 - 2012-08-11 18:40 - 00001964 ____A C:\Users\Jessica\Desktop\vba.ini 2012-08-11 18:35 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\Sims 3 2012-08-11 13:11 - 2012-08-11 13:12 - 05497039 ____A C:\Users\Jessica\Downloads\SimDetails@TSR_FE_Dress_06.sims3pack.4dgue82.partial 2012-08-05 21:06 - 2012-08-05 21:06 - 00000016 ___RH C:\Users\Jessica\AppData\Local\9BC2C316.ini 2012-08-05 20:45 - 2012-08-05 20:45 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\The Sims Resource 2012-08-05 20:35 - 2012-08-10 19:11 - 00000000 ____D C:\Program Files (x86)\MilkShape 3D 1.8.5 2012-08-05 20:35 - 2012-08-05 20:39 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\MilkShape 3D 1.x.x 2012-08-05 20:15 - 2012-08-05 20:15 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\TSRWorkshop 2012-08-05 20:15 - 2012-08-05 20:15 - 00000000 ____D C:\Users\Jessica\AppData\Local\Ibibi_HB 2012-08-05 20:05 - 2012-08-05 20:05 - 18856261 ____A C:\Users\Jessica\Downloads\TSRW_2_0_43.exe.zip 2012-08-05 20:05 - 2012-08-05 20:05 - 00000000 ____D C:\Users\Jessica\Downloads\TSRW_2_0_43.exe 2012-07-28 15:22 - 2012-08-01 21:25 - 00004608 ____A C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-24 21:04 - 2012-07-24 21:04 - 02198320 ____A C:\Users\Jessica\Documents\1.SNA 2012-07-24 03:26 - 2012-07-24 03:26 - 00002087 ____A C:\Users\Public\Desktop\Zoo Tycoon 2 Endangered Species.lnk 2012-07-23 15:05 - 2012-07-23 15:05 - 00000000 ____D C:\Users\Jessica\AppData\Local\{C784411F-43DC-4F97-892B-739309D7BA07} 2012-07-21 07:02 - 2012-03-01 01:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2012-07-21 07:02 - 2012-03-01 01:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll 2012-07-21 07:02 - 2012-03-01 01:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2012-07-21 07:02 - 2012-03-01 01:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll 2012-07-21 07:02 - 2012-03-01 01:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll 2012-07-21 07:02 - 2012-03-01 01:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll 2012-07-21 07:01 - 2012-06-02 05:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-07-21 07:01 - 2012-06-02 05:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-07-21 07:01 - 2012-06-02 04:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-07-21 07:01 - 2012-06-02 04:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-07-21 07:01 - 2012-06-02 04:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-07-21 07:01 - 2012-06-02 04:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-07-21 07:01 - 2012-06-02 04:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-07-21 07:01 - 2012-06-02 04:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-07-21 07:01 - 2012-06-02 04:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-07-21 07:01 - 2012-06-02 04:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-07-21 07:01 - 2012-06-02 04:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-07-21 07:01 - 2012-06-02 04:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-07-21 07:01 - 2012-06-02 04:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-07-21 07:01 - 2012-06-02 04:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-07-21 07:01 - 2012-06-02 04:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-07-21 07:01 - 2012-06-02 04:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-07-21 07:01 - 2012-06-02 04:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-07-21 07:01 - 2012-06-02 04:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-07-21 07:01 - 2012-06-02 04:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-07-21 07:01 - 2012-06-02 04:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-07-21 07:01 - 2012-06-02 04:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-07-21 07:01 - 2012-06-02 04:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-07-21 07:01 - 2012-06-02 04:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-07-21 07:01 - 2012-06-02 04:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-07-21 07:01 - 2012-06-02 04:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-07-21 07:01 - 2012-06-02 04:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-07-21 07:01 - 2012-06-02 04:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-07-21 07:01 - 2012-06-02 04:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-07-20 22:49 - 2012-08-10 19:12 - 00000000 ____D C:\Users\All Users\Big Fish Games 2012-07-20 22:47 - 2012-07-20 22:48 - 15608136 ____A (Big Fish Games) C:\Users\Jessica\Downloads\bfginstaller_s1_l1.exe 2012-07-20 22:29 - 2012-08-10 19:12 - 00000000 ____D C:\BigFishGamesCache 2012-07-20 20:52 - 2012-06-06 01:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-07-20 20:52 - 2012-06-06 01:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-07-20 20:52 - 2012-06-06 01:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-07-20 20:52 - 2012-06-06 01:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-07-20 20:52 - 2012-03-03 01:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2012-07-20 20:52 - 2012-03-03 01:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2012-07-20 20:52 - 2010-06-25 23:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2012-07-20 20:52 - 2010-06-25 23:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll 2012-07-20 20:51 - 2012-06-09 00:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-07-20 20:51 - 2012-06-09 00:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-07-20 20:51 - 2012-06-02 00:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-07-20 20:51 - 2012-06-02 00:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-07-20 20:51 - 2012-06-02 00:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-07-20 20:51 - 2012-06-02 00:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll 2012-07-20 20:51 - 2012-06-02 00:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-07-20 20:51 - 2012-06-02 00:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-07-20 20:51 - 2012-06-02 00:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2012-07-20 20:51 - 2012-06-02 00:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2012-07-20 20:51 - 2012-05-04 06:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2012-07-20 20:51 - 2012-05-04 06:03 - 03968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe 2012-07-20 20:51 - 2012-05-04 06:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2012-07-20 20:51 - 2012-05-04 06:03 - 03913072 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2012-07-20 20:50 - 2012-04-24 00:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 01158656 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2012-07-20 20:50 - 2012-04-24 00:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2012-07-20 20:50 - 2012-04-07 07:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2012-07-20 20:50 - 2012-04-07 07:26 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll 2012-07-20 20:49 - 2012-06-06 01:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2012-07-20 20:49 - 2012-06-06 01:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll 2012-07-20 20:35 - 2012-02-17 01:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2012-07-20 20:35 - 2012-02-17 01:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll 2012-07-20 18:34 - 2012-08-07 21:16 - 00000000 ____D C:\Users\Jessica\AppData\Local\Windows Live 2012-07-20 18:34 - 2012-07-20 18:34 - 00000000 ____D C:\Users\Jessica\AppData\Local\{4D152CB0-5A18-4DBC-891E-7F37CE62BFEA} 2012-07-20 18:34 - 2012-07-20 18:34 - 00000000 ____D C:\Users\Jessica\AppData\Local\{3C30C1D7-3B46-494A-AC9D-E27AB8BF7F5A} 2012-07-20 16:18 - 2012-07-20 16:18 - 00000447 ____A C:\user.js 2012-07-20 16:18 - 2012-07-20 16:18 - 00000000 ____D C:\Program Files\Web Assistant 2012-07-20 16:18 - 2012-07-20 16:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2012-07-20 16:16 - 2012-07-20 16:16 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\Mozilla 2012-07-20 16:16 - 2012-07-20 16:16 - 00000000 ____D C:\Program Files (x86)\Yontoo 2012-07-20 16:15 - 2012-08-10 19:11 - 00000000 ____D C:\Program Files (x86)\1ClickDownload 2012-07-20 13:05 - 2012-07-20 15:06 - 00000000 ____D C:\Users\Jessica\Downloads\The Lion King Trilogy 720p BDRip [A Release-Lounge H264] 2012-07-20 11:16 - 2012-07-20 11:16 - 00000000 ____D C:\Users\Jessica\Downloads\101 Soups, Salads and Sandwiches(EPUB+PDF+MOBI)[Team Nanban]tmrg 2012-07-20 11:15 - 2012-07-20 11:16 - 00000000 ____D C:\Users\Jessica\Downloads\Top Secret Restaurant Recipes - Creating Kitchen Clones from America's Favorite Restaurant Chains -Mantesh 2012-07-20 09:30 - 2012-07-20 09:30 - 00000000 ____D C:\Users\Jessica\Downloads\Cute Is What We Aim For 2012-07-20 09:27 - 2012-07-20 17:23 - 00000000 ____D C:\Users\Jessica\Downloads\Lights - The Listening (2009) 2012-07-20 09:26 - 2012-07-20 09:26 - 00000000 ____D C:\Users\Jessica\Downloads\Lights - Siberia 2012-07-20 09:24 - 2012-08-12 22:47 - 00000000 ____D C:\Users\Jessica\AppData\Roaming\BitTorrent 2012-07-20 09:24 - 2012-07-20 09:24 - 06077848 ____A (BitTorrent, Inc.) C:\Users\Jessica\Downloads\BitTorrent.exe 2012-07-18 20:26 - 2012-08-15 20:09 - 00006652 ____A C:\Windows\SysWOW64\debug.log 2012-07-18 20:26 - 2012-08-15 20:09 - 00006652 ____A C:\Windows\System32\debug.log 2012-07-18 20:26 - 2012-08-15 18:42 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790799072-890783470-2514710844-1001UA.job 2012-07-18 20:26 - 2012-08-14 20:31 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790799072-890783470-2514710844-1001Core.job 2012-07-18 20:26 - 2012-07-18 20:26 - 00000000 ____D C:\Users\Jessica\AppData\Local\Facebook ============ 3 Months Modified Files ======================== 2012-08-15 20:09 - 2012-07-18 20:26 - 00006652 ____A C:\Windows\SysWOW64\debug.log 2012-08-15 20:09 - 2012-07-18 20:26 - 00006652 ____A C:\Windows\System32\debug.log 2012-08-15 20:07 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-08-15 20:07 - 2009-07-14 00:51 - 00071214 ____A C:\Windows\setupact.log 2012-08-15 19:47 - 2012-08-12 12:15 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-08-15 19:40 - 2011-06-28 09:42 - 01964987 ____A C:\Windows\WindowsUpdate.log 2012-08-15 18:42 - 2012-07-18 20:26 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790799072-890783470-2514710844-1001UA.job 2012-08-14 22:22 - 2012-08-14 22:22 - 00029514 ____A C:\Users\Jessica\Desktop\DDS.txt 2012-08-14 22:22 - 2012-08-14 22:22 - 00009205 ____A C:\Users\Jessica\Desktop\Attach.txt 2012-08-14 22:04 - 2012-08-14 22:04 - 00004682 ____A C:\Users\Jessica\Desktop\RKreport[1].txt 2012-08-14 22:01 - 2012-08-14 22:01 - 00607260 ____R (Swearware) C:\Users\Jessica\Desktop\dds.com 2012-08-14 21:51 - 2011-04-02 00:17 - 00336842 ____A C:\Windows\PFRO.log 2012-08-14 21:31 - 2012-08-14 21:31 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-08-14 21:17 - 2012-08-14 21:17 - 00102400 ____A C:\Windows\RegBootClean.exe 2012-08-14 21:12 - 2012-08-14 21:12 - 00261034 ____A C:\Users\Jessica\AppData\Local\census.cache 2012-08-14 21:11 - 2012-08-14 21:11 - 00130361 ____A C:\Users\Jessica\AppData\Local\ars.cache 2012-08-14 20:58 - 2012-08-14 20:58 - 00000036 ____A C:\Users\Jessica\AppData\Local\housecall.guid.cache 2012-08-14 20:31 - 2012-07-18 20:26 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-790799072-890783470-2514710844-1001Core.job 2012-08-14 19:47 - 2012-08-12 12:15 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-08-14 19:47 - 2012-08-12 12:15 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2012-08-14 19:47 - 2011-10-16 17:01 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-08-14 19:47 - 2011-10-16 17:01 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2012-08-13 18:19 - 2012-08-13 18:19 - 00759236 ____A C:\Windows\SysWOW64\PerfStringBackup.INI 2012-08-13 18:19 - 2012-08-13 18:19 - 00759236 ____A C:\Windows\System32\PerfStringBackup.INI 2012-08-13 12:29 - 2011-09-26 10:26 - 00000258 _RASH C:\Users\All Users\ntuser.pol 2012-08-12 16:31 - 2012-08-12 16:31 - 01623377 ____A C:\Users\Jessica\Downloads\QaenSet_o39.zip 2012-08-12 15:15 - 2012-08-12 15:15 - 00307818 ____A C:\Users\Jessica\Downloads\Leisure dress with Jeans.zip 2012-08-12 15:05 - 2012-08-12 15:05 - 00436030 ____A C:\Users\Jessica\Downloads\Colorful Dress with Lace Hem for Girls.zip 2012-08-12 14:47 - 2012-08-12 14:47 - 00263262 ____A C:\Users\Jessica\Downloads\Earrings 7.zip 2012-08-12 14:18 - 2012-08-12 14:18 - 00123625 ____A C:\Users\Jessica\Downloads\AF Alpha Mesh 0004.zip 2012-08-12 12:15 - 2012-08-12 12:15 - 00446976 ____A (Andrew Zhezherun) C:\Users\Jessica\AppData\Roaming\ledips.dll 2012-08-12 11:53 - 2012-08-12 11:53 - 00002326 ____A C:\Users\Public\Desktop\The Sims™ 2 IKEA® Home Stuff.lnk 2012-08-11 22:16 - 2012-08-11 22:16 - 02114200 ____A C:\Users\Jessica\Downloads\Outfits 15 - Mix&Match.zip 2012-08-11 21:07 - 2012-08-11 21:07 - 00110817 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair061_burgundy.zip 2012-08-11 21:05 - 2012-08-11 21:05 - 00124598 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair058_caramel.zip 2012-08-11 21:02 - 2012-08-11 21:02 - 00202679 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair057_blondesandy.zip 2012-08-11 20:57 - 2012-08-11 20:57 - 00111742 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair055_black.zip 2012-08-11 20:12 - 2012-08-11 20:12 - 00122244 ____A C:\Users\Jessica\Downloads\XMS_Flora_hair004_Blond2.zip 2012-08-11 19:48 - 2012-08-11 19:48 - 00546397 ____A C:\Users\Jessica\Downloads\XMS_Flora_MeshHair009.zip 2012-08-11 19:26 - 2012-08-11 19:26 - 00096901 ____A C:\Users\Jessica\Downloads\XMS_meshoutfits006.zip 2012-08-11 19:13 - 2012-08-11 19:13 - 00676872 ____A C:\Users\Jessica\Downloads\XMSskindonateFeb200511.zip 2012-08-11 19:02 - 2012-08-11 19:02 - 00368739 ____A C:\Users\Jessica\Downloads\7f237bad_XMSoutfits013a.zip 2012-08-11 18:40 - 2012-08-11 18:40 - 00001964 ____A C:\Users\Jessica\Desktop\vba.ini 2012-08-11 13:12 - 2012-08-11 13:11 - 05497039 ____A C:\Users\Jessica\Downloads\SimDetails@TSR_FE_Dress_06.sims3pack.4dgue82.partial 2012-08-11 12:22 - 2011-11-19 12:15 - 00001052 ____A C:\Windows\KB893803v2.log 2012-08-05 21:06 - 2012-08-05 21:06 - 00000016 ___RH C:\Users\Jessica\AppData\Local\9BC2C316.ini 2012-08-05 20:13 - 2011-04-02 00:38 - 00130228 ____A C:\Windows\DirectX.log 2012-08-05 20:05 - 2012-08-05 20:05 - 18856261 ____A C:\Users\Jessica\Downloads\TSRW_2_0_43.exe.zip 2012-08-01 21:25 - 2012-07-28 15:22 - 00004608 ____A C:\Users\Jessica\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-07-24 21:04 - 2012-07-24 21:04 - 02198320 ____A C:\Users\Jessica\Documents\1.SNA 2012-07-24 03:26 - 2012-07-24 03:26 - 00002087 ____A C:\Users\Public\Desktop\Zoo Tycoon 2 Endangered Species.lnk 2012-07-20 22:48 - 2012-07-20 22:47 - 15608136 ____A (Big Fish Games) C:\Users\Jessica\Downloads\bfginstaller_s1_l1.exe 2012-07-20 16:18 - 2012-07-20 16:18 - 00000447 ____A C:\user.js 2012-07-20 09:24 - 2012-07-20 09:24 - 06077848 ____A (BitTorrent, Inc.) C:\Users\Jessica\Downloads\BitTorrent.exe 2012-06-26 17:41 - 2012-06-26 16:19 - 00004096 ____A C:\Users\Public\Documents\00001BF6.LCS 2012-06-24 17:40 - 2012-06-24 17:40 - 00734984 ____A C:\Windows\Minidump\062412-35349-01.dmp 2012-06-24 17:40 - 2011-10-22 21:12 - 498214842 ____A C:\Windows\MEMORY.DMP 2012-06-14 16:42 - 2012-06-14 16:42 - 00000000 ____A C:\Windows\PowerReg.dat 2012-06-14 16:38 - 2012-06-14 16:38 - 00002080 ____A C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk 2012-06-14 15:59 - 2012-06-14 15:59 - 00012578 ____A C:\Users\Jessica\Documents\Book4.xlsx 2012-06-14 10:12 - 2011-09-19 11:44 - 00001952 ____A C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2012-06-09 00:41 - 2012-07-20 20:51 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2012-06-09 00:41 - 2012-07-20 20:51 - 12873728 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll 2012-06-06 01:05 - 2012-07-20 20:52 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2012-06-06 01:05 - 2012-07-20 20:52 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2012-06-06 01:05 - 2012-07-20 20:52 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2012-06-06 01:05 - 2012-07-20 20:52 - 01236992 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2012-06-06 01:03 - 2012-07-20 20:49 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll 2012-06-06 01:03 - 2012-07-20 20:49 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll 2012-06-05 03:37 - 2012-08-14 21:01 - 00256904 ____A (Trend Micro Inc.) C:\Windows\System32\Drivers\tmcomm.sys 2012-06-02 05:07 - 2012-07-21 07:01 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-06-02 05:07 - 2012-07-21 07:01 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-06-02 04:43 - 2012-07-21 07:01 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-06-02 04:43 - 2012-07-21 07:01 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-06-02 04:33 - 2012-07-21 07:01 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-06-02 04:33 - 2012-07-21 07:01 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-06-02 04:26 - 2012-07-21 07:01 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-06-02 04:26 - 2012-07-21 07:01 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-06-02 04:25 - 2012-07-21 07:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-06-02 04:25 - 2012-07-21 07:01 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-06-02 04:25 - 2012-07-21 07:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-06-02 04:25 - 2012-07-21 07:01 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-06-02 04:23 - 2012-07-21 07:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-06-02 04:23 - 2012-07-21 07:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-06-02 04:21 - 2012-07-21 07:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-06-02 04:21 - 2012-07-21 07:01 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-06-02 04:20 - 2012-07-21 07:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-06-02 04:20 - 2012-07-21 07:01 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-06-02 04:19 - 2012-07-21 07:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-06-02 04:19 - 2012-07-21 07:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-06-02 04:19 - 2012-07-21 07:01 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-06-02 04:19 - 2012-07-21 07:01 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-06-02 04:17 - 2012-07-21 07:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-06-02 04:17 - 2012-07-21 07:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-06-02 04:16 - 2012-07-21 07:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-06-02 04:16 - 2012-07-21 07:01 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-06-02 04:14 - 2012-07-21 07:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-06-02 04:14 - 2012-07-21 07:01 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-06-02 00:40 - 2012-07-20 20:51 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2012-06-02 00:40 - 2012-07-20 20:51 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-06-02 00:40 - 2012-07-20 20:51 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2012-06-02 00:40 - 2012-07-20 20:51 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll 2012-06-02 00:39 - 2012-07-20 20:51 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2012-06-02 00:39 - 2012-07-20 20:51 - 00219136 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-06-02 00:34 - 2012-07-20 20:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2012-06-02 00:34 - 2012-07-20 20:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll 2012-05-20 15:48 - 2012-05-20 15:48 - 00001283 ____A C:\Users\Public\Desktop\Seagate Dashboard.lnk 2012-05-20 15:43 - 2012-05-20 15:43 - 00002029 ____A C:\Users\Mcx1-JESSICA-ASUS\Desktop\Purchase Petz 4.lnk 2012-05-20 15:43 - 2012-05-20 15:43 - 00001989 ____A C:\Users\Mcx1-JESSICA-ASUS\Desktop\Play Petz 4.lnk ZeroAccess: C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94} C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L\00000004.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L\201d3dde C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\00000004.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\00000008.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\000000cb.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\80000000.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\80000032.@ C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\80000064.@ ZeroAccess: C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94} C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\@ C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\n C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U ZeroAccess: C:\Windows\assembly\GAC_32\Desktop.ini ZeroAccess: C:\Windows\assembly\GAC_64\Desktop.ini ========================= Bamital & volsnap Check ============ C:\Windows\explorer.exe [2011-09-17 11:19] - [2011-02-25 02:19] - 2871808 ____A (Microsoft Corporation) 332FEAB1435662FC6C672E25BEB37BE3 C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!. C:\Windows\System32\User32.dll [2011-02-18 15:49] - [2010-11-20 08:08] - 0833024 ____A (Microsoft Corporation) 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!. ========================= Memory info ====================== Percentage of memory in use: 13% Total physical RAM: 3874.21 MB Available physical RAM: 3348.07 MB Total Pagefile: 7746.62 MB Available Pagefile: 7228.2 MB Total Virtual: 4095.88 MB Available Virtual: 3995.03 MB ======================= Partitions ========================= 1 Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:35.72 GB) NTFS ==>[system with boot components (obtained from reading drive)] 2 Drive d: (DATA) (Fixed) (Total:254.45 GB) (Free:173.94 GB) NTFS 3 Drive e: (GET RID OF VIRUS) (CDROM) (Total:0.69 GB) (Free:0.68 GB) UDF Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 1024 KB Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 25 GB 1024 KB Partition 2 Primary 186 GB 25 GB Partition 0 Extended 254 GB 211 GB Partition 3 Logical 254 GB 211 GB ================================================================================== Disk: 0 Partition 1 Type : 1C Hidden: Yes Active: No There is no volume associated with this partition. ================================================================================== Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C OS NTFS Partition 186 GB Healthy System (partition with boot components) ================================================================================== Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 D DATA NTFS Partition 254 GB Healthy ================================================================================== ======================= End Of Log ========================== Should I save the pics on my computer and stuff or could they be infected and just better to get rid of everything?

Well at least I don't bank online lol. Ohk so I am thinking reformat. This may be a stupid question but if I don't have a flash drive could I use just a regular CD?

Sorry I posted efore I read. Here is the report. RogueKiller V7.6.6 [08/10/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User: Jessica [Admin rights] Mode: Scan -- Date: 08/14/2012 22:04:37 ¤¤¤ Bad processes: 1 ¤¤¤ [sUSP PATH] FACEBO~1.EXE -- C:\Users\Jessica\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 21 ¤¤¤ [bLACKLIST DLL] HKCU\[...]\Run : agetu (rundll32.exe "C:\Users\Jessica\AppData\Roaming\agetu.dll",GetDriverInfo) -> FOUND [bLACKLIST DLL] HKCU\[...]\Run : ledips (rundll32.exe "C:\Users\Jessica\AppData\Roaming\ledips.dll",Long_FromString) -> FOUND [bLACKLIST DLL] HKLM\[...]\Run : ledips ("C:\Windows\System32\rundll32.exe" "C:\Users\Jessica\AppData\Roaming\ledips.dll",Long_FromString) -> FOUND [bLACKLIST DLL] HKLM\[...]\Run : agetu (rundll32.exe "C:\Users\Jessica\AppData\Roaming\agetu.dll",GetDriverInfo) -> FOUND [bLACKLIST DLL] HKUS\S-1-5-21-790799072-890783470-2514710844-1001[...]\Run : agetu (rundll32.exe "C:\Users\Jessica\AppData\Roaming\agetu.dll",GetDriverInfo) -> FOUND [bLACKLIST DLL] HKUS\S-1-5-21-790799072-890783470-2514710844-1001[...]\Run : ledips (rundll32.exe "C:\Users\Jessica\AppData\Roaming\ledips.dll",Long_FromString) -> FOUND [sUSP PATH] {B59E99E3-69D5-4CE2-8469-0903A795011B}.job @ : C:\Users\Jessica\Desktop\PetSalon.exe -> FOUND [sUSP PATH] Facebook Messenger.lnk @Jessica : C:\Users\Jessica\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe -> FOUND [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\Jessica\AppData\Local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\n.) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FILE] @ : c:\windows\installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\@ --> FOUND [ZeroAccess][FOLDER] U : c:\windows\installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U --> FOUND [ZeroAccess][FOLDER] L : c:\windows\installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L --> FOUND [ZeroAccess][FILE] n : c:\users\jessica\appdata\local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\n --> FOUND [ZeroAccess][FILE] @ : c:\users\jessica\appdata\local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\@ --> FOUND [ZeroAccess][FOLDER] U : c:\users\jessica\appdata\local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U --> FOUND [ZeroAccess][FOLDER] L : c:\users\jessica\appdata\local\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\L --> FOUND [ZeroAccess][FILE] Desktop.ini : c:\windows\assembly\gac_32\desktop.ini --> FOUND [ZeroAccess][FILE] Desktop.ini : c:\windows\assembly\gac_64\desktop.ini --> FOUND [susp.ASLR][ASLR WIPED-OFF] services.exe : c:\windows\system32\services.exe --> FOUND ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9500325AS +++++ --- User --- [MBR] 1adc24914383b501ac1193c37206dec8 [bSP] a6dfcef95bdca6f6c690eb797753f4a9 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 190776 Mo 2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 443140096 | Size: 260562 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: SD Card +++++ --- User --- [MBR] b07927c6b904ea2d7d8dc9b2acf6092f [bSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown Partition table: 0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 249 | Size: 968 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt

I do have roguekiller installed and have already run a scan. do you need the results?

Also here is the Attach log as well. . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/16/2011 10:37:04 PM System Uptime: 8/14/2012 9:51:06 PM (1 hours ago) . Motherboard: ASUSTeK Computer Inc. | | K53E Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU 1 | 2301/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 186 GiB total, 35.607 GiB free. D: is FIXED (NTFS) - 254 GiB total, 173.937 GiB free. E: is CDROM () F: is CDROM () G: is CDROM () H: is Removable I: is CDROM () J: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Virtual WiFi Miniport Adapter Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2F4B1062&0&02 Manufacturer: Microsoft Name: Microsoft Virtual WiFi Miniport Adapter #2 PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2F4B1062&0&02 Service: vwifimp . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . ??????? Windows Live Mesh ActiveX ??(????) ??????? Windows Live Mesh ActiveX ??? Adobe AIR Adobe Community Help Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Media Player Adobe Photoshop CS5 Adobe Reader X (10.1.1) Alcor Micro USB Card Reader Any Video Converter 3.2.7 Apple Application Support Apple Software Update ASUS AI Recovery ASUS FancyStart ASUS LifeFrame3 ASUS Live Update ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Virtual Camera ASUS WebStorage AsusScr_K3 Series_ENG AsusVibe2.0 ATK Package BitTorrent CEP (Color Enable Package) v.9.2 (beta) Compatibility Pack for the 2007 Office system Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX de Windows Live Mesh para conexiones remotas Controlo ActiveX do Windows Live Mesh para Ligações Remotas CyberLink LabelPrint CyberLink Power2Go D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition EPSON Scan Facebook Messenger 2.1.4590.0 Galeria de Fotografias do Windows Live Galerie de photos Windows Live Galería fotográfica de Windows Live Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® WiDi IZArc 4.1.6 Java Auto Updater Java 6 Update 29 Junk Mail filter update Malwarebytes Anti-Malware version 1.62.0.1300 Memeo AutoSync Memeo Instant Backup Mesh Runtime Microsoft Office 2010 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 MSVCRT MSVCRT_amd64 Nuance PDF Reader Origin PDF Settings CS5 QuickTime Realtek High Definition Audio Driver Seagate Dashboard Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) SlimDX Redistributable for .NET 2.0 (September 2011) Sonic Focus syncables desktop SE The Sims 2 The Sims 2 Family Fun Stuff The Sims 2 Glamour Life Stuff The Sims 2 Nightlife The Sims 2 Open For Business The Sims 2 Pets The Sims 2 University The Sims™ 2 Bon Voyage The Sims™ 2 Celebration! Stuff The Sims™ 2 H&M® Fashion Stuff The Sims™ 2 IKEA® Home Stuff The Sims™ 2 Kitchen & Bath Interior Design Stuff The Sims™ 2 Seasons The Sims™ 2 Teen Style Stuff The Sims™ 3 Fast Lane Stuff The Sims™ 3 Generations The Sims™ 3 High-End Loft Stuff The Sims™ 3 Late Night The Sims™ 3 Outdoor Living Stuff The Sims™ 3 Pets Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553092) Windows Live Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinFlash Wireless Console 3 Zoo Tycoon 2 - Marine Mania Zoo Tycoon 2 Endangered Species Zoo Tycoon: Complete Collection . ==== Event Viewer Messages From Past Week ======== . 8/9/2012 9:05:16 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user Jessica-ASUS\Jessica SID (S-1-5-21-790799072-890783470-2514710844-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 8/9/2012 9:05:16 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user Jessica-ASUS\Jessica SID (S-1-5-21-790799072-890783470-2514710844-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 8/14/2012 9:52:46 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 8/14/2012 9:52:46 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891 8/14/2012 9:51:39 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The system cannot find the file specified. 8/14/2012 9:51:36 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 8/14/2012 9:51:32 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 8/14/2012 9:51:31 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 8/12/2012 7:01:20 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 8/12/2012 6:58:04 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 12. 8/12/2012 6:58:04 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10. . ==== End Of File ===========================

Please help me. I am desperate to get this thing off of my computer. When I use google search links, the links actually take me to different websites (mostly spam) I have posted both logs and really just want to get this thing off of my laptop. HERE IS MALWAREBYTES Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.14.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Jessica :: JESSICA-ASUS [administrator] 8/14/2012 9:32:03 PM mbam-log-2012-08-14 (21-32-03).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 239656 Time elapsed: 14 minute(s), 54 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\n (Rootkit.0Access) -> Quarantined and deleted successfully. C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully. C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully. C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\80000032.@ (Rootkit.0Access) -> Quarantined and deleted successfully. (end) HERE IS DDS . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Jessica at 22:02:35 on 2012-08-14 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.1924 [GMT -4:00] . SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Windows\system32\WLANExt.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files\Web Assistant\ExtensionUpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Windows\AsScrPro.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\spool\drivers\x64\3\E_IATIEQA.EXE C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoUpdater.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Jessica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X4ETO0Q1\RogueKiller.exe "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Presario&pf=cnnb uStart Page = hxxp://www.google.com/ mStart Page = hxxp://asus.msn.com uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - C:\Program Files\Web Assistant\Extension32.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [EPSON WorkForce 500 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEQA.EXE /FU "C:\Windows\TEMP\E_SCD86.tmp" /EF "HKCU" uRun: [Facebook Update] "C:\Users\Jessica\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [agetu] rundll32.exe "C:\Users\Jessica\AppData\Roaming\agetu.dll",GetDriverInfo uRun: [ledips] rundll32.exe "C:\Users\Jessica\AppData\Roaming\ledips.dll",Long_FromString mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui mRun: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui StartupFolder: C:\Users\Jessica\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FACEBO~1.LNK - C:\Users\Jessica\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe StartupFolder: C:\Users\Jessica\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll LSP: mswsock.dll DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{9700C361-ADB4-4F19-A893-93A7AF9F342E} : DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{BB17913B-C9D3-4A4B-8D76-015FA6B6AC12} : DhcpNameServer = 65.32.5.111 65.32.5.112 TCP: Interfaces\{BB17913B-C9D3-4A4B-8D76-015FA6B6AC12}\14E64627F69646140503135413 : DhcpNameServer = 192.168.43.1 TCP: Interfaces\{BB17913B-C9D3-4A4B-8D76-015FA6B6AC12}\3505343547574656E647 : DhcpNameServer = 172.16.2.22 172.16.2.2 TCP: Interfaces\{BB17913B-C9D3-4A4B-8D76-015FA6B6AC12}\77962756C656373753830353 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{BB17913B-C9D3-4A4B-8D76-015FA6B6AC12}\84F43505944514C4D27455543545 : DhcpNameServer = 10.202.0.6 TCP: Interfaces\{BB17913B-C9D3-4A4B-8D76-015FA6B6AC12}\A45616E656474756355636F6270514D27657563747 : DhcpNameServer = 65.32.5.74 65.32.5.75 192.168.33.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll BHO-X64: Web Assistant Helper - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui mRun-x64: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL . ============= SERVICES / DRIVERS =============== . R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-3-22 1136128] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-2-11 907600] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-2-11 997712] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-2-23 134928] R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-5-4 25824] R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-16 134928] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-28 2656280] R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-7-20 185856] R3 AMPPAL;Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?] R3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-2-11 1304912] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?] R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?] R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-12 250056] S3 AMPPALP;Intel® Centrino® Bluetooth 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-2-4 340240] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-08-15 01:31:15 711240 ----a-w- C:\Windows\isRS-000.tmp 2012-08-15 01:17:28 102400 ----a-w- C:\Windows\RegBootClean.exe 2012-08-15 01:01:24 256904 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys 2012-08-15 00:55:09 -------- d-----w- C:\Users\Jessica\AppData\Roaming\QuickScan 2012-08-13 23:46:46 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2012-08-13 23:46:39 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-12 16:22:01 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-08-12 16:15:23 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-08-12 16:15:22 446976 ----a-w- C:\Users\Jessica\AppData\Roaming\ledips.dll 2012-08-12 16:14:29 -------- d-----w- C:\Users\Jessica\AppData\Roaming\xsecva 2012-08-12 14:23:18 -------- d-----w- C:\Program Files (x86)\EA GAMES 2012-08-12 14:23:17 442368 ----a-r- C:\Windows\SysWow64\vp6vfw.dll 2012-08-11 22:35:23 -------- d-----w- C:\Program Files (x86)\Sims 3 2012-08-10 22:21:13 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3EDFC26-7C1E-4C42-8771-EA23323B4E9D}\mpengine.dll 2012-08-06 00:45:56 -------- d-----w- C:\Users\Jessica\AppData\Roaming\The Sims Resource 2012-08-06 00:35:45 -------- d-----w- C:\Users\Jessica\AppData\Roaming\MilkShape 3D 1.x.x 2012-08-06 00:35:33 -------- d-----w- C:\Program Files (x86)\MilkShape 3D 1.8.5 2012-08-06 00:15:06 -------- d-----w- C:\Users\Jessica\AppData\Roaming\TSRWorkshop 2012-08-06 00:15:06 -------- d-----w- C:\Users\Jessica\AppData\Local\Ibibi_HB 2012-07-23 19:05:18 -------- d-----w- C:\Users\Jessica\AppData\Local\{C784411F-43DC-4F97-892B-739309D7BA07} 2012-07-21 11:26:45 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-21 11:02:08 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-07-21 11:02:08 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-07-21 11:02:08 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-07-21 11:02:07 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-07-21 11:02:07 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-07-21 11:02:07 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-07-21 11:02:07 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-07-21 02:49:10 -------- d-----w- C:\ProgramData\Big Fish Games 2012-07-21 02:29:48 -------- d-----w- C:\BigFishGamesCache 2012-07-21 00:52:38 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-07-21 00:52:38 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-07-21 00:52:36 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2012-07-21 00:52:36 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2012-07-21 00:52:36 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-21 00:52:36 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-07-21 00:52:36 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-07-21 00:52:36 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-07-21 00:52:00 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-07-21 00:52:00 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-07-21 00:52:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-07-21 00:50:46 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-07-21 00:50:44 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-07-21 00:50:43 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-07-21 00:50:43 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-07-21 00:50:37 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-07-21 00:50:36 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-07-21 00:50:36 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-07-21 00:50:36 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-07-21 00:50:36 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-07-21 00:50:36 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-07-21 00:50:01 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-07-21 00:35:38 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-07-21 00:35:38 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-07-21 00:35:38 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-07-21 00:30:30 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-07-21 00:30:16 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-07-21 00:29:52 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-07-21 00:29:52 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-07-20 22:34:59 -------- d-----w- C:\Users\Jessica\AppData\Local\Windows Live 2012-07-20 22:34:59 -------- d-----w- C:\Users\Jessica\AppData\Local\{4D152CB0-5A18-4DBC-891E-7F37CE62BFEA} 2012-07-20 22:34:24 -------- d-----w- C:\Users\Jessica\AppData\Local\{3C30C1D7-3B46-494A-AC9D-E27AB8BF7F5A} 2012-07-20 20:18:00 -------- d-----w- C:\Program Files\Web Assistant 2012-07-20 20:16:35 -------- d-----w- C:\Program Files (x86)\Yontoo 2012-07-20 20:16:32 -------- d-----w- C:\ProgramData\Tarma Installer 2012-07-20 20:15:23 -------- d-----w- C:\Program Files (x86)\1ClickDownload 2012-07-20 13:24:49 -------- d-----w- C:\Users\Jessica\AppData\Roaming\BitTorrent 2012-07-19 00:26:10 -------- d-----w- C:\Users\Jessica\AppData\Local\Facebook . ==================== Find3M ==================== . 2012-08-15 01:51:36 45056 ----a-w- C:\Windows\System32\acovcnt.exe 2012-08-14 23:47:37 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 22:08:03.84 ===============

Thank you very much! I will do my best!

I am having weird problems with Google. When I search anything I used to get different advertisenment websites (porn, buy this, spam, etc) if anyone could PLEASE help Now when I search something it goes to www.google.com/webhp and just refuses to search anything.