Jump to content

wrx_02

Members
  • Posts

    17
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Results of screen317's Security Check version 0.99.63 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton Internet Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 6 Update 22 Java 6 Update 29 Java version out of Date! Adobe Flash Player 11.7.700.202 Mozilla Firefox (20.0.1) Google Chrome 26.0.1410.43 Google Chrome 26.0.1410.64 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  2. Ok I'll run that one tonight when I get on the computer.
  3. Whoops did I post the wrong one?
  4. Here is the adwcleaner txt: # AdwCleaner v2.300 - Logfile created 05/13/2013 at 16:43:13 # Updated 28/04/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Brandon - BRANDON-PC # Boot Mode : Normal # Running from : C:\Users\Brandon\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\Vuze_Remote Folder Deleted : C:\ProgramData\InstallMate Folder Deleted : C:\ProgramData\SoftSafe Folder Deleted : C:\Users\Brandon\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Brandon\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Brandon\AppData\LocalLow\Vuze_Remote Folder Deleted : C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\kodmzaao.default\CT2504091 Folder Deleted : C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\kodmzaao.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B07649DD-4F84-49BA-8476-82F48F673884} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B07649DD-4F84-49BA-8476-82F48F673884} Key Deleted : HKLM\Software\Vuze_Remote Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B07649DD-4F84-49BA-8476-82F48F673884} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar Key Deleted : HKLM\SOFTWARE\Software Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Mozilla Firefox v20.0.1 (en-US) File : C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\kodmzaao.default\prefs.js Deleted : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2504091.CTID", "CT2504091"); Deleted : user_pref("CT2504091.CurrentServerDate", "8-5-2012"); Deleted : user_pref("CT2504091.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2504091.DownloadReferralCookieData", ""); Deleted : user_pref("CT2504091.EMailNotifierPollDate", "Mon May 07 2012 18:29:38 GMT-0700 (Pacific Daylight Ti[...] Deleted : user_pref("CT2504091.FeedLastCount129079840422964131", 14); Deleted : user_pref("CT2504091.FeedPollDate128891351169457140", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Da[...] Deleted : user_pref("CT2504091.FeedPollDate129079840422964131", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Da[...] Deleted : user_pref("CT2504091.FeedTTL128891351169457140", 40); Deleted : user_pref("CT2504091.FirstServerDate", "23-6-2010"); Deleted : user_pref("CT2504091.FirstTime", true); Deleted : user_pref("CT2504091.FirstTimeFF3", true); Deleted : user_pref("CT2504091.FirstTimeSettingsDone", true); Deleted : user_pref("CT2504091.FixPageNotFoundErrors", true); Deleted : user_pref("CT2504091.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2504091.Initialize", true); Deleted : user_pref("CT2504091.InitializeCommonPrefs", true); Deleted : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3); Deleted : user_pref("CT2504091.InstallationType", "UnknownIntegration"); Deleted : user_pref("CT2504091.InstalledDate", "Tue Jun 22 2010 22:11:30 GMT-0700 (Pacific Daylight Time)"); Deleted : user_pref("CT2504091.InvalidateCache", false); Deleted : user_pref("CT2504091.IsGrouping", false); Deleted : user_pref("CT2504091.IsMulticommunity", false); Deleted : user_pref("CT2504091.IsOpenThankYouPage", false); Deleted : user_pref("CT2504091.IsOpenUninstallPage", false); Deleted : user_pref("CT2504091.LanguagePackLastCheckTime", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Dayligh[...] Deleted : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2504091.LastLogin_2.7.1.3", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Daylight Time)"[...] Deleted : user_pref("CT2504091.LatestVersion", "3.12.2.3"); Deleted : user_pref("CT2504091.Locale", "en-us"); Deleted : user_pref("CT2504091.LoginCache", 4); Deleted : user_pref("CT2504091.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2504091.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2504091.RadioIsPodcast", false); Deleted : user_pref("CT2504091.RadioLastCheckTime", "Fri Nov 04 2011 23:58:31 GMT-0700 (Pacific Daylight Time)[...] Deleted : user_pref("CT2504091.RadioLastUpdateIPServer", "3"); Deleted : user_pref("CT2504091.RadioLastUpdateServer", "0"); Deleted : user_pref("CT2504091.RadioMediaID", "9909"); Deleted : user_pref("CT2504091.RadioMediaType", "Media Player"); Deleted : user_pref("CT2504091.RadioMenuSelectedID", "EBRadioMenu_CT25040919909"); Deleted : user_pref("CT2504091.RadioStationName", "WQXR-FM%20NYC%20(Classical)"); Deleted : user_pref("CT2504091.RadioStationURL", "hxxp://htc-01.media.globix.net/COMP005996MOD1/meta/wqxr_live[...] Deleted : user_pref("CT2504091.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT2504091.SearchBoxWidth", 151); Deleted : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Deleted : user_pref("CT2504091.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...] Deleted : user_pref("CT2504091.SearchInNewTabEnabled", true); Deleted : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Dayli[...] Deleted : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...] Deleted : user_pref("CT2504091.SettingsCheckIntervalMin", 120); Deleted : user_pref("CT2504091.SettingsLastCheckTime", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Daylight Ti[...] Deleted : user_pref("CT2504091.SettingsLastUpdate", "1335100296"); Deleted : user_pref("CT2504091.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Tue Apr 17 2012 05:21:24 GMT-0700 (Pacific Day[...] Deleted : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586"); Deleted : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Deleted : user_pref("CT2504091.UserID", "UN41893000791607380"); Deleted : user_pref("CT2504091.ValidationData_Search", 2); Deleted : user_pref("CT2504091.ValidationData_Toolbar", 2); Deleted : user_pref("CT2504091.WeatherNetwork", ""); Deleted : user_pref("CT2504091.WeatherPollDate", "Fri Nov 11 2011 20:00:43 GMT-0800 (Pacific Standard Time)"); Deleted : user_pref("CT2504091.WeatherUnit", "F"); Deleted : user_pref("CT2504091.alertChannelId", "897164"); Deleted : user_pref("CT2504091.backendstorage._gpl_firstrun10100", "31333137393432313339"); Deleted : user_pref("CT2504091.backendstorage.cb_firstuse0100", "31"); Deleted : user_pref("CT2504091.backendstorage.cb_user_id_000", "43423432333538353837373232395F46697265666F78")[...] Deleted : user_pref("CT2504091.backendstorage.cbcountry_000", "5553"); Deleted : user_pref("CT2504091.backendstorage.cbfirsttime", "4D6F6E204A616E20303920323031322030343A34303A30302[...] Deleted : user_pref("CT2504091.backendstorage.for_aoi", "31333132363636323235"); Deleted : user_pref("CT2504091.backendstorage.for_ccid", "466F727420576F727468"); Deleted : user_pref("CT2504091.backendstorage.for_cdtr2", "31333135353639333935"); Deleted : user_pref("CT2504091.backendstorage.for_cdtr5", "31333132363636323235"); Deleted : user_pref("CT2504091.backendstorage.for_cdtr6", "31333135353639333930"); Deleted : user_pref("CT2504091.backendstorage.for_cid", "5553"); Deleted : user_pref("CT2504091.backendstorage.for_ip", "39392E3134372E3134322E3735"); Deleted : user_pref("CT2504091.backendstorage.for_lcut", "31333336343430323033"); Deleted : user_pref("CT2504091.backendstorage.for_pid", "31303231"); Deleted : user_pref("CT2504091.backendstorage.for_rid", "5458"); Deleted : user_pref("CT2504091.backendstorage.for_zoneid", "3130313537"); Deleted : user_pref("CT2504091.backendstorage.hxxp://dl_gameplaylabs_com/items/conduit/temp._gpl_firstrun10100[...] Deleted : user_pref("CT2504091.backendstorage.shoppingapp.gk.exipres", "546875204D617920313020323031322030393A[...] Deleted : user_pref("CT2504091.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573"); Deleted : user_pref("CT2504091.backendstorage.url_history", "687474703A2F2F7777772E6272617A7A6572732E636F6D2F7[...] Deleted : user_pref("CT2504091.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E636F6D2F7[...] Deleted : user_pref("CT2504091.backendstorage.url_history_time", "31333237333235333536313536"); Deleted : user_pref("CT2504091.clientLogIsEnabled", false); Deleted : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Deleted : user_pref("CT2504091.myStuffEnabled", true); Deleted : user_pref("CT2504091.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2504091.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...] Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2504091"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091"); -\\ Google Chrome v26.0.1410.64 File : C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [12698 octets] - [13/05/2013 04:28:38] AdwCleaner[s1].txt - [11870 octets] - [13/05/2013 16:43:13] ########## EOF - C:\AdwCleaner[s1].txt - [11931 octets] ##########
  5. Adware txt: # AdwCleaner v2.300 - Logfile created 05/13/2013 at 04:28:38 # Updated 28/04/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Brandon - BRANDON-PC # Boot Mode : Normal # Running from : C:\Users\Brandon\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\Program Files (x86)\Vuze_Remote Folder Found : C:\Program Files (x86)\Vuze_Remote Folder Found : C:\ProgramData\InstallMate Folder Found : C:\ProgramData\SoftSafe Folder Found : C:\Users\Brandon\AppData\LocalLow\Conduit Folder Found : C:\Users\Brandon\AppData\LocalLow\PriceGong Folder Found : C:\Users\Brandon\AppData\LocalLow\Vuze_Remote Folder Found : C:\Users\Brandon\AppData\LocalLow\Vuze_Remote Folder Found : C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\kodmzaao.default\CT2504091 Folder Found : C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\kodmzaao.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\Vuze_Remote Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B07649DD-4F84-49BA-8476-82F48F673884} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B07649DD-4F84-49BA-8476-82F48F673884} Key Found : HKLM\Software\Vuze_Remote Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B07649DD-4F84-49BA-8476-82F48F673884} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar Key Found : HKLM\SOFTWARE\Software Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}] Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Mozilla Firefox v20.0.1 (en-US) File : C:\Users\Brandon\AppData\Roaming\Mozilla\Firefox\Profiles\kodmzaao.default\prefs.js Found : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Found : user_pref("CT2504091.CTID", "CT2504091"); Found : user_pref("CT2504091.CurrentServerDate", "8-5-2012"); Found : user_pref("CT2504091.DialogsAlignMode", "LTR"); Found : user_pref("CT2504091.DownloadReferralCookieData", ""); Found : user_pref("CT2504091.EMailNotifierPollDate", "Mon May 07 2012 18:29:38 GMT-0700 (Pacific Daylight Ti[...] Found : user_pref("CT2504091.FeedLastCount129079840422964131", 14); Found : user_pref("CT2504091.FeedPollDate128891351169457140", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Da[...] Found : user_pref("CT2504091.FeedPollDate129079840422964131", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Da[...] Found : user_pref("CT2504091.FeedTTL128891351169457140", 40); Found : user_pref("CT2504091.FirstServerDate", "23-6-2010"); Found : user_pref("CT2504091.FirstTime", true); Found : user_pref("CT2504091.FirstTimeFF3", true); Found : user_pref("CT2504091.FirstTimeSettingsDone", true); Found : user_pref("CT2504091.FixPageNotFoundErrors", true); Found : user_pref("CT2504091.GroupingServerCheckInterval", 1440); Found : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Found : user_pref("CT2504091.Initialize", true); Found : user_pref("CT2504091.InitializeCommonPrefs", true); Found : user_pref("CT2504091.InstallationAndCookieDataSentCount", 3); Found : user_pref("CT2504091.InstallationType", "UnknownIntegration"); Found : user_pref("CT2504091.InstalledDate", "Tue Jun 22 2010 22:11:30 GMT-0700 (Pacific Daylight Time)"); Found : user_pref("CT2504091.InvalidateCache", false); Found : user_pref("CT2504091.IsGrouping", false); Found : user_pref("CT2504091.IsMulticommunity", false); Found : user_pref("CT2504091.IsOpenThankYouPage", false); Found : user_pref("CT2504091.IsOpenUninstallPage", false); Found : user_pref("CT2504091.LanguagePackLastCheckTime", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Dayligh[...] Found : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440); Found : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Found : user_pref("CT2504091.LastLogin_2.7.1.3", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Daylight Time)"[...] Found : user_pref("CT2504091.LatestVersion", "3.12.2.3"); Found : user_pref("CT2504091.Locale", "en-us"); Found : user_pref("CT2504091.LoginCache", 4); Found : user_pref("CT2504091.MCDetectTooltipHeight", "83"); Found : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Found : user_pref("CT2504091.MCDetectTooltipWidth", "295"); Found : user_pref("CT2504091.RadioIsPodcast", false); Found : user_pref("CT2504091.RadioLastCheckTime", "Fri Nov 04 2011 23:58:31 GMT-0700 (Pacific Daylight Time)[...] Found : user_pref("CT2504091.RadioLastUpdateIPServer", "3"); Found : user_pref("CT2504091.RadioLastUpdateServer", "0"); Found : user_pref("CT2504091.RadioMediaID", "9909"); Found : user_pref("CT2504091.RadioMediaType", "Media Player"); Found : user_pref("CT2504091.RadioMenuSelectedID", "EBRadioMenu_CT25040919909"); Found : user_pref("CT2504091.RadioStationName", "WQXR-FM%20NYC%20(Classical)"); Found : user_pref("CT2504091.RadioStationURL", "hxxp://htc-01.media.globix.net/COMP005996MOD1/meta/wqxr_live[...] Found : user_pref("CT2504091.SHRINK_TOOLBAR", 1); Found : user_pref("CT2504091.SearchBoxWidth", 151); Found : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Found : user_pref("CT2504091.SearchFromAddressBarIsInit", true); Found : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...] Found : user_pref("CT2504091.SearchInNewTabEnabled", true); Found : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440); Found : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Dayli[...] Found : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Found : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...] Found : user_pref("CT2504091.SettingsCheckIntervalMin", 120); Found : user_pref("CT2504091.SettingsLastCheckTime", "Mon May 07 2012 18:23:21 GMT-0700 (Pacific Daylight Ti[...] Found : user_pref("CT2504091.SettingsLastUpdate", "1335100296"); Found : user_pref("CT2504091.ThirdPartyComponentsInterval", 504); Found : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Tue Apr 17 2012 05:21:24 GMT-0700 (Pacific Day[...] Found : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586"); Found : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Found : user_pref("CT2504091.UserID", "UN41893000791607380"); Found : user_pref("CT2504091.ValidationData_Search", 2); Found : user_pref("CT2504091.ValidationData_Toolbar", 2); Found : user_pref("CT2504091.WeatherNetwork", ""); Found : user_pref("CT2504091.WeatherPollDate", "Fri Nov 11 2011 20:00:43 GMT-0800 (Pacific Standard Time)"); Found : user_pref("CT2504091.WeatherUnit", "F"); Found : user_pref("CT2504091.alertChannelId", "897164"); Found : user_pref("CT2504091.backendstorage._gpl_firstrun10100", "31333137393432313339"); Found : user_pref("CT2504091.backendstorage.cb_firstuse0100", "31"); Found : user_pref("CT2504091.backendstorage.cb_user_id_000", "43423432333538353837373232395F46697265666F78")[...] Found : user_pref("CT2504091.backendstorage.cbcountry_000", "5553"); Found : user_pref("CT2504091.backendstorage.cbfirsttime", "4D6F6E204A616E20303920323031322030343A34303A30302[...] Found : user_pref("CT2504091.backendstorage.for_aoi", "31333132363636323235"); Found : user_pref("CT2504091.backendstorage.for_ccid", "466F727420576F727468"); Found : user_pref("CT2504091.backendstorage.for_cdtr2", "31333135353639333935"); Found : user_pref("CT2504091.backendstorage.for_cdtr5", "31333132363636323235"); Found : user_pref("CT2504091.backendstorage.for_cdtr6", "31333135353639333930"); Found : user_pref("CT2504091.backendstorage.for_cid", "5553"); Found : user_pref("CT2504091.backendstorage.for_ip", "39392E3134372E3134322E3735"); Found : user_pref("CT2504091.backendstorage.for_lcut", "31333336343430323033"); Found : user_pref("CT2504091.backendstorage.for_pid", "31303231"); Found : user_pref("CT2504091.backendstorage.for_rid", "5458"); Found : user_pref("CT2504091.backendstorage.for_zoneid", "3130313537"); Found : user_pref("CT2504091.backendstorage.hxxp://dl_gameplaylabs_com/items/conduit/temp._gpl_firstrun10100[...] Found : user_pref("CT2504091.backendstorage.shoppingapp.gk.exipres", "546875204D617920313020323031322030393A[...] Found : user_pref("CT2504091.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573"); Found : user_pref("CT2504091.backendstorage.url_history", "687474703A2F2F7777772E6272617A7A6572732E636F6D2F7[...] Found : user_pref("CT2504091.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E636F6D2F7[...] Found : user_pref("CT2504091.backendstorage.url_history_time", "31333237333235333536313536"); Found : user_pref("CT2504091.clientLogIsEnabled", false); Found : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Found : user_pref("CT2504091.myStuffEnabled", true); Found : user_pref("CT2504091.myStuffPublihserMinWidth", 400); Found : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Found : user_pref("CT2504091.myStuffServiceIntervalMM", 1440); Found : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Found : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...] Found : user_pref("CommunityToolbar.ToolbarsList", "CT2504091"); Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091"); -\\ Google Chrome v26.0.1410.64 File : C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [12569 octets] - [13/05/2013 04:28:38] ########## EOF - C:\AdwCleaner[R1].txt - [12630 octets] ##########
  6. Sorry text was reduced...... I just sent you a donation MrC, thanks again and let me know if there is anything else I need to run or do. Oh and very nice dogs btw, I always admire a dog lover.
  7. I just sent you a donation MrC, thanks again and let me know if there is anything else I need to run or do. Oh and very nice dogs btw, I always admire a dog lover.
  8. I moved the mbar folder to my desktop and ran another scan and the logs popped up. The last scan I did returned "no items found". I did a total of 3 scans. Logs are attached. system-log.txt mbar-log-2013-05-06 (19-56-11).txt
  9. Sorry for the delay. I have done 2 scans and both have returned items that need to be removed. I removed those items and rebooted the computer but have yet to find the "......two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt" I opened MBAR with the only program I have, winrar. Not sure if I missed something but it opens the folder on the program but did not unzip it I guess. Wondering if the logs were dropped in another place? I will continue to run scans and clean them until it program stops finding issues. The computer does seem to be functioning as it did before. I will be sending you a donation for all your help. Thanks!
  10. Computer started up, not sure if there is anything else we need to do. Here is the fix text. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-05-2013 Ran by SYSTEM at 2013-05-03 04:29:18 Run:1 Running from I:\ Boot Mode: Recovery ============================================== HKEY_USERS\Brandon\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully. HKLM\System\ControlSet001\Control\Session Manager\SubSystems\\Windows => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs Packet => Value eleted successfully. C:\Users\Brandon\AppData\Roaming\skype.ini => Moved successfully. C:\Users\Brandon\1os0ieiryvktk-10083.exe => Moved successfully. C:\Users\Brandon\Downloads\nikki benz9765896 => Moved successfully. C:\Windows\System32\consrv.dll => Moved successfully. C:\Windows\assembly\GAC_32\Desktop.ini => Moved successfully. C:\Windows\assembly\GAC_64\Desktop.ini => Moved successfully. C:\$Recycle.Bin\S-1-5-21-1925604824-1092996795-2013925537-1000\$9dd3a2fe2e0340ccf325005d2adfdfe9 => Moved successfully. C:\Users\Brandon\AppData\Roaming\skype.dat => Moved successfully. ==== End of Fixlog ====
  11. I will try this when I get home tonight.
  12. Ran home and got the text file done. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2013 Ran by SYSTEM on 02-05-2013 10:39:11 Running from G:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> FRST could be run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [16334368 2009-07-18] (NVIDIA Corporation) HKLM\...\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [610360 2009-09-14] () HKLM\...\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.) HKLM-x32\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM-x32\...\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-24] (Hewlett-Packard) HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [600936 2009-06-29] (Symantec Corporation) HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [620152 2006-10-22] (Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [1884160 2007-03-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-09-08] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2010-09-24] (Apple Inc.) HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1164584 2010-09-16] () HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [449608 2011-08-31] (Malwarebytes Corporation) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [ANIWZCS2Service] C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service) HKLM-x32\...\Run: [D-Link D-Link RangeBooster N DWA-140] C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.) HKLM-x32\...\Run: [WZCSLDR2] C:\Program Files (x86)\D-Link\DWA-140 revB\WZCSLDR2.exe [x] HKU\Brandon\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [1685048 2009-09-29] (Hewlett-Packard) HKU\Brandon\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation) HKU\Brandon\...\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [5201528 2011-07-08] (SlySoft, Inc.) HKU\Brandon\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation) HKU\Brandon\...\Run: [Windows Update Server] C:\Users\Brandon\1os0ieiryvktk-10083.exe [99840 2013-04-30] () HKU\Brandon\...\Winlogon: [shell] explorer.exe,C:\Users\Brandon\AppData\Roaming\skype.dat [58368 2011-11-16] () <==== ATTENTION HKU\Default\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard) HKU\Default User\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard) HKU\test\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [1685048 2009-09-29] (Hewlett-Packard) HKU\Test.Brandon-PC\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1685048 2009-09-29] (Hewlett-Packard) HKU\Test.Brandon-PC.000\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [1685048 2009-09-29] (Hewlett-Packard) SubSystems: [Windows] ATTENTION! ====> ZeroAccess Startup: C:ProgramData\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe () Startup: C:ProgramData\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe () Startup: C:ProgramData\Start Menu\Programs\Startup\CineForm Status.lnk ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) Startup: C:ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) Startup: C:ProgramData\Start Menu\Programs\Startup\PictureMover.lnk ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company) Startup: C:\Users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Services (Whitelisted) ================= S2 ANIWConnService; C:\Windows\SysWow64\ANIWConnService.exe [151552 2009-07-07] () S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [366152 2011-08-31] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\diMaster.dll [135032 2010-04-29] (Symantec Corporation) S2 Packet; C:\Windows\system32\HabuFltr.dll [6656 2009-07-13] (Oak Technology Inc.) S2 SPService; c:\windows\system32\config\systemprofile\appdata\roaming\adobe\sp.dll [x] ==================== Drivers (Whitelisted) ==================== S1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] () S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138872 2011-06-09] (SlySoft, Inc.) S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100709.001\BHDrvx64.sys [942640 2010-05-22] (Symantec Corporation) S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-05-29] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [132656 2010-05-29] (Symantec Corporation) S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100726.001\IDSvia64.sys [463408 2010-05-28] (Symantec Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25416 2011-08-31] (Malwarebytes Corporation) S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [987648 2009-08-05] (Ralink Technology Corp.) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited) S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-05-29] (Symantec Corporation) S1 ccHP; \SystemRoot\system32\drivers\NISx64\1107000.00C\ccHPx64.sys [x] S1 ElbyCDIO; System32\Drivers\ElbyCDIO.sys [x] S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100728.021\ENG64.SYS [x] S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100728.021\EX64.SYS [x] S3 SRTSP; \SystemRoot\System32\Drivers\NISx64\1107000.00C\SRTSP64.SYS [x] S1 SRTSPX; \SystemRoot\system32\drivers\NISx64\1107000.00C\SRTSPX64.SYS [x] S0 SymDS; system32\drivers\NISx64\1107000.00C\SYMDS64.SYS [x] S0 SymEFA; system32\drivers\NISx64\1107000.00C\SYMEFA64.SYS [x] S1 SymIRON; \SystemRoot\system32\drivers\NISx64\1107000.00C\Ironx64.SYS [x] S1 SYMTDIv; \SystemRoot\System32\Drivers\NISx64\1107000.00C\SYMTDIV.SYS [x] ==================== NetSvcs (Whitelisted) =================== NETSVC: Packet -> C:\Windows\system32\HabuFltr.dll (Oak Technology Inc.) ATTENTION! ====> ZeroAccess ==================== One Month Created Files and Folders ======== 2013-05-02 10:38 - 2013-05-02 10:38 - 00000000 ____D C:\FRST 2013-05-02 04:30 - 2013-05-02 04:30 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Local\GoPro 2013-05-02 03:40 - 2013-05-02 04:19 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Roaming\Hewlett-Packard 2013-05-02 03:40 - 2013-05-02 03:40 - 00123392 ____A C:\Users\Test.Brandon-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT 2013-05-02 03:40 - 2013-05-02 03:40 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Roaming\PictureMover 2013-05-02 03:40 - 2013-05-02 03:40 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Roaming\Apple Computer 2013-05-02 03:40 - 2013-05-02 03:40 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Local\Adobe 2013-05-02 03:39 - 2013-05-02 03:49 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Local\Hewlett-Packard 2013-05-02 03:39 - 2013-05-02 03:40 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Roaming\Adobe 2013-05-02 03:39 - 2013-05-02 03:39 - 00002261 ____A C:\Users\Test.Brandon-PC.000\Desktop\Google Chrome.lnk 2013-05-02 03:39 - 2013-05-02 03:39 - 00000020 ___SH C:\Users\Test.Brandon-PC.000\ntuser.ini 2013-05-02 03:39 - 2013-05-02 03:39 - 00000000 ____D C:\users\Test.Brandon-PC.000 2013-05-02 03:39 - 2010-05-30 22:25 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Local\Microsoft Help 2013-05-02 03:36 - 2013-05-02 03:36 - 00000020 __ASH C:\Users\Test.Brandon-PC\ntuser.ini 2013-05-02 03:36 - 2013-05-02 03:36 - 00000000 ____D C:\users\Test.Brandon-PC 2013-05-02 03:36 - 2010-05-30 22:25 - 00000000 ____D C:\Users\Test.Brandon-PC\AppData\Local\Microsoft Help 2013-05-01 17:09 - 2013-05-01 17:09 - 00000000 ____D C:\Users\Brandon\AppData\Local\{50A565BA-E296-4B87-87AF-4C72B77DB827} 2013-05-01 12:28 - 2013-05-01 12:28 - 00000000 ____D C:\Users\test\AppData\Local\CrashDumps 2013-05-01 09:44 - 2013-05-01 15:35 - 00000000 ____D C:\Users\test\AppData\Local\GoPro 2013-05-01 09:43 - 2013-05-01 12:26 - 00000000 ____D C:\Users\test\AppData\Roaming\Malwarebytes 2013-05-01 09:42 - 2013-05-01 09:42 - 00123392 ____A C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT 2013-05-01 09:42 - 2013-05-01 09:42 - 00000000 ____D C:\Users\test\AppData\Roaming\Hewlett-Packard 2013-05-01 09:42 - 2013-05-01 09:42 - 00000000 ____D C:\Users\test\AppData\Roaming\Apple Computer 2013-05-01 09:42 - 2013-05-01 09:42 - 00000000 ____D C:\Users\test\AppData\Local\Adobe 2013-05-01 09:41 - 2013-05-01 15:35 - 00000000 ____D C:\Users\test\AppData\Roaming\PictureMover 2013-05-01 09:41 - 2013-05-01 15:35 - 00000000 ____D C:\Users\test\AppData\Local\Hewlett-Packard 2013-05-01 09:41 - 2013-05-01 09:42 - 00000000 ____D C:\Users\test\AppData\Roaming\Adobe 2013-05-01 09:40 - 2013-05-01 15:35 - 00000000 ____D C:\users\test 2013-05-01 09:40 - 2010-05-30 22:25 - 00000000 ____D C:\Users\test\AppData\Local\Microsoft Help 2013-04-30 18:00 - 2013-04-30 18:00 - 00000000 ____D C:\Users\Brandon\AppData\Local\{A7FD36F3-A6FF-4EA6-AB33-1F2F2836F35F} 2013-04-30 17:52 - 2013-04-30 17:52 - 00000000 ____D C:\Users\Brandon\AppData\Local\{9276B347-9747-4B00-A698-BD004112B247} 2013-04-30 17:33 - 2013-04-30 17:33 - 00000000 ____D C:\Users\Brandon\AppData\Local\{7D3D6AF1-9435-4A58-8DB6-4B49880DE64E} 2013-04-30 17:30 - 2013-04-30 17:30 - 00000000 ____D C:\Users\Brandon\AppData\Local\{6BFDC97A-1BD0-4DC2-BCC1-325E5885B67F} 2013-04-30 17:26 - 2013-05-01 17:09 - 00000004 ____A C:\Users\Brandon\AppData\Roaming\skype.ini 2013-04-30 17:21 - 2013-04-30 17:21 - 00099840 __ASH C:\Users\Brandon\1os0ieiryvktk-10083.exe 2013-04-30 17:08 - 2013-04-30 17:09 - 00000000 ___HD C:\Users\Brandon\Downloads\nikki benz9765896 2013-04-30 02:16 - 2013-04-30 02:16 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe(92).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml(115).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-30 02:16 - 2013-04-30 02:16 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-04-30 02:16 - 2013-04-30 02:16 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-04-30 02:16 - 2013-04-30 02:16 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl(96).cpl 2013-04-30 02:16 - 2013-04-30 02:16 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-04-30 02:16 - 2013-04-30 02:16 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-04-30 02:16 - 2013-04-30 02:16 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-04-30 02:16 - 2013-04-30 02:16 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript(98).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds(99).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript(123).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-04-30 02:16 - 2013-04-30 02:16 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-04-30 02:16 - 2013-04-30 02:16 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html(111).iec 2013-04-30 02:16 - 2013-04-30 02:16 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck(125).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt(94).exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating(116).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache(102).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack(91).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache(117).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng(97).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-04-30 02:16 - 2013-04-30 02:16 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc(103).ocx 2013-04-30 02:16 - 2013-04-30 02:16 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs(119).exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-04-30 02:16 - 2013-04-30 02:16 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc(121).ocx 2013-04-30 02:16 - 2013-04-30 02:16 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt(118).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil(95).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler(101).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs(114).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil(112).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10(113).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta(100).exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-04-30 02:03 - 2013-04-30 02:03 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1(81).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11(84).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint(105).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite(86).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9(83).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter(127).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt(104).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt(126).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1(82).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation(122).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-04-30 02:00 - 2013-04-30 02:19 - 00007985 ____A C:\Windows\IE10_main.log 2013-04-23 10:08 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-23 10:08 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs(85).sys 2013-04-22 14:42 - 2013-04-22 14:42 - 00000000 ____D C:\Users\Brandon\AppData\Local\{3878EBBA-5F18-4E08-A88B-16FD83A875D8} 2013-04-18 03:40 - 2013-04-18 03:40 - 00000000 ____D C:\Users\Brandon\AppData\Local\{D7C8B7CE-7751-480A-885C-F80AAEB738DA} 2013-04-17 03:30 - 2013-04-17 03:31 - 00000000 ___HD C:\Users\Brandon\Downloads\remy lacroix 2013-04-12 14:53 - 2013-04-12 14:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-12 14:11 - 2013-04-12 14:12 - 00000000 ____D C:\Users\Brandon\AppData\Local\{61F87703-0B8F-4CB6-AB64-890EB6987F29} 2013-04-10 17:31 - 2013-04-10 17:31 - 00000000 ____D C:\Users\Brandon\AppData\Local\{D8FB5C10-A628-48CB-9852-4CCA0C640DC9} 2013-04-10 11:11 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-04-10 11:11 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-04-10 11:11 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-10 11:11 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-10 11:11 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-04-10 11:11 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-04-10 11:11 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-04-10 11:11 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll 2013-04-10 11:11 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2013-04-10 11:11 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll 2013-04-10 11:11 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-04-10 11:11 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-04-10 11:11 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-04-10 11:11 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys 2013-04-04 14:46 - 2013-04-04 14:47 - 00000000 ___HD C:\Users\Brandon\Downloads\rikki six 2013-04-03 03:21 - 2013-04-03 03:40 - 115250352 ___AH C:\Users\Brandon\Downloads\rikki_six_ck113012_pics.zip 2013-04-02 17:53 - 2013-04-03 17:54 - 00000000 ____D C:\Users\Brandon\AppData\Local\{4D664F2E-AD64-4A3D-BE7A-576634EE6A08} ==================== One Month Modified Files and Folders ======= 2013-05-02 10:38 - 2013-05-02 10:38 - 00000000 ____D C:\FRST 2013-05-02 09:36 - 2012-11-11 19:18 - 00000005 ____A C:\Windows\SysWOW64\ANIWZCSUSERNAME{47CF9079-9B47-42C6-A0E3-37C1B656F4AF} 2013-05-02 09:35 - 2010-06-07 04:20 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-02 09:35 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-02 09:35 - 2009-07-13 20:51 - 00059887 ____A C:\Windows\setupact.log 2013-05-02 09:16 - 2010-10-21 22:02 - 00000406 ___AH C:\Windows\Tasks\Norton Security Scan for Brandon.job 2013-05-02 09:07 - 2010-06-07 04:20 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-02 09:06 - 2012-03-28 15:19 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-02 04:38 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-02 04:38 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-02 04:35 - 2009-07-13 21:13 - 00726270 ____A C:\Windows\System32\PerfStringBackup.INI 2013-05-02 04:30 - 2013-05-02 04:30 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Local\GoPro 2013-05-02 04:19 - 2013-05-02 03:40 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Roaming\Hewlett-Packard 2013-05-02 03:49 - 2013-05-02 03:39 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Local\Hewlett-Packard 2013-05-02 03:40 - 2013-05-02 03:40 - 00123392 ____A C:\Users\Test.Brandon-PC.000\AppData\Local\GDIPFONTCACHEV1.DAT 2013-05-02 03:40 - 2013-05-02 03:40 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Roaming\PictureMover 2013-05-02 03:40 - 2013-05-02 03:40 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Roaming\Apple Computer 2013-05-02 03:40 - 2013-05-02 03:40 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Local\Adobe 2013-05-02 03:40 - 2013-05-02 03:39 - 00000000 ____D C:\Users\Test.Brandon-PC.000\AppData\Roaming\Adobe 2013-05-02 03:39 - 2013-05-02 03:39 - 00002261 ____A C:\Users\Test.Brandon-PC.000\Desktop\Google Chrome.lnk 2013-05-02 03:39 - 2013-05-02 03:39 - 00000020 ___SH C:\Users\Test.Brandon-PC.000\ntuser.ini 2013-05-02 03:39 - 2013-05-02 03:39 - 00000000 ____D C:\users\Test.Brandon-PC.000 2013-05-02 03:39 - 2010-02-13 09:26 - 00081190 ____A C:\Windows\PFRO.log 2013-05-02 03:36 - 2013-05-02 03:36 - 00000020 __ASH C:\Users\Test.Brandon-PC\ntuser.ini 2013-05-02 03:36 - 2013-05-02 03:36 - 00000000 ____D C:\users\Test.Brandon-PC 2013-05-01 17:10 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Offline Web Pages 2013-05-01 17:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK 2013-05-01 17:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR 2013-05-01 17:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK 2013-05-01 17:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR 2013-05-01 17:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache 2013-05-01 17:10 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-05-01 17:09 - 2013-05-01 17:09 - 00000000 ____D C:\Users\Brandon\AppData\Local\{50A565BA-E296-4B87-87AF-4C72B77DB827} 2013-05-01 17:09 - 2013-04-30 17:26 - 00000004 ____A C:\Users\Brandon\AppData\Roaming\skype.ini 2013-05-01 17:09 - 2012-11-11 19:56 - 00003284 ____A C:\Windows\SysWOW64\ANIWZCS{47CF9079-9B47-42C6-A0E3-37C1B656F4AF} 2013-05-01 17:09 - 2012-11-11 19:56 - 00003284 ____A C:\Users\Brandon\AppData\Roaming\ANIWZCS{47CF9079-9B47-42C6-A0E3-37C1B656F4AF} 2013-05-01 17:09 - 2011-07-17 18:18 - 00000125 ___SH C:ProgramData\.zreglib 2013-05-01 17:09 - 2010-05-30 16:35 - 00000000 ___HD C:\Users\Brandon\Tracing 2013-05-01 17:09 - 2010-05-29 20:19 - 00000000 ____D C:\users\Brandon 2013-05-01 17:09 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat 2013-05-01 17:03 - 2012-04-30 19:37 - 00000000 ____D C:\Users\Brandon\AppData\Local\GoPro 2013-05-01 17:03 - 2011-11-29 04:54 - 00000000 ____D C:ProgramData\McAfee Security Scan 2013-05-01 17:03 - 2011-11-12 08:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-01 17:03 - 2010-05-30 21:04 - 00000000 ____D C:ProgramData\FLEXnet 2013-05-01 17:03 - 2010-05-29 20:21 - 00000000 ____D C:\Users\Brandon\AppData\Local\Hewlett-Packard 2013-05-01 17:03 - 2010-02-13 10:07 - 00000000 ____D C:ProgramData\Norton 2013-05-01 17:03 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2013-05-01 17:03 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-05-01 16:47 - 2011-11-12 08:17 - 00000000 ____D C:ProgramData\Malwarebytes 2013-05-01 15:35 - 2013-05-01 09:44 - 00000000 ____D C:\Users\test\AppData\Local\GoPro 2013-05-01 15:35 - 2013-05-01 09:41 - 00000000 ____D C:\Users\test\AppData\Roaming\PictureMover 2013-05-01 15:35 - 2013-05-01 09:41 - 00000000 ____D C:\Users\test\AppData\Local\Hewlett-Packard 2013-05-01 15:35 - 2013-05-01 09:40 - 00000000 ____D C:\users\test 2013-05-01 12:28 - 2013-05-01 12:28 - 00000000 ____D C:\Users\test\AppData\Local\CrashDumps 2013-05-01 12:26 - 2013-05-01 09:43 - 00000000 ____D C:\Users\test\AppData\Roaming\Malwarebytes 2013-05-01 09:42 - 2013-05-01 09:42 - 00123392 ____A C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT 2013-05-01 09:42 - 2013-05-01 09:42 - 00000000 ____D C:\Users\test\AppData\Roaming\Hewlett-Packard 2013-05-01 09:42 - 2013-05-01 09:42 - 00000000 ____D C:\Users\test\AppData\Roaming\Apple Computer 2013-05-01 09:42 - 2013-05-01 09:42 - 00000000 ____D C:\Users\test\AppData\Local\Adobe 2013-05-01 09:42 - 2013-05-01 09:41 - 00000000 ____D C:\Users\test\AppData\Roaming\Adobe 2013-05-01 03:56 - 2010-07-22 04:10 - 16505344 __ASH C:\Users\Brandon\Desktop\Thumbs.db 2013-04-30 18:00 - 2013-04-30 18:00 - 00000000 ____D C:\Users\Brandon\AppData\Local\{A7FD36F3-A6FF-4EA6-AB33-1F2F2836F35F} 2013-04-30 17:52 - 2013-04-30 17:52 - 00000000 ____D C:\Users\Brandon\AppData\Local\{9276B347-9747-4B00-A698-BD004112B247} 2013-04-30 17:52 - 2010-05-29 20:19 - 01287364 ____A C:\Windows\WindowsUpdate.log 2013-04-30 17:33 - 2013-04-30 17:33 - 00000000 ____D C:\Users\Brandon\AppData\Local\{7D3D6AF1-9435-4A58-8DB6-4B49880DE64E} 2013-04-30 17:30 - 2013-04-30 17:30 - 00000000 ____D C:\Users\Brandon\AppData\Local\{6BFDC97A-1BD0-4DC2-BCC1-325E5885B67F} 2013-04-30 17:30 - 2010-06-22 19:43 - 00000000 ____D C:\Users\Brandon\AppData\Local\CrashDumps 2013-04-30 17:21 - 2013-04-30 17:21 - 00099840 __ASH C:\Users\Brandon\1os0ieiryvktk-10083.exe 2013-04-30 17:09 - 2013-04-30 17:08 - 00000000 ___HD C:\Users\Brandon\Downloads\nikki benz9765896 2013-04-30 02:19 - 2013-04-30 02:00 - 00007985 ____A C:\Windows\IE10_main.log 2013-04-30 02:16 - 2013-04-30 02:16 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe(92).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml(115).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-30 02:16 - 2013-04-30 02:16 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-04-30 02:16 - 2013-04-30 02:16 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-04-30 02:16 - 2013-04-30 02:16 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl(96).cpl 2013-04-30 02:16 - 2013-04-30 02:16 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-04-30 02:16 - 2013-04-30 02:16 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-04-30 02:16 - 2013-04-30 02:16 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-04-30 02:16 - 2013-04-30 02:16 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript(98).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds(99).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript(123).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-04-30 02:16 - 2013-04-30 02:16 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-04-30 02:16 - 2013-04-30 02:16 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html(111).iec 2013-04-30 02:16 - 2013-04-30 02:16 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck(125).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt(94).exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating(116).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache(102).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack(91).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache(117).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng(97).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-04-30 02:16 - 2013-04-30 02:16 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc(103).ocx 2013-04-30 02:16 - 2013-04-30 02:16 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs(119).exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-04-30 02:16 - 2013-04-30 02:16 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc(121).ocx 2013-04-30 02:16 - 2013-04-30 02:16 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt(118).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil(95).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler(101).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs(114).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil(112).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10(113).dll 2013-04-30 02:16 - 2013-04-30 02:16 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta(100).exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-04-30 02:16 - 2013-04-30 02:16 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-04-30 02:03 - 2013-04-30 02:03 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1(81).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11(84).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint(105).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite(86).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9(83).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter(127).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt(104).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt(126).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1(82).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation(122).dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-04-30 02:03 - 2013-04-30 02:03 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-04-22 14:42 - 2013-04-22 14:42 - 00000000 ____D C:\Users\Brandon\AppData\Local\{3878EBBA-5F18-4E08-A88B-16FD83A875D8} 2013-04-18 03:40 - 2013-04-18 03:40 - 00000000 ____D C:\Users\Brandon\AppData\Local\{D7C8B7CE-7751-480A-885C-F80AAEB738DA} 2013-04-18 03:33 - 2012-05-07 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-04-17 03:31 - 2013-04-17 03:30 - 00000000 ___HD C:\Users\Brandon\Downloads\remy lacroix 2013-04-12 14:53 - 2013-04-12 14:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-04-12 14:12 - 2013-04-12 14:11 - 00000000 ____D C:\Users\Brandon\AppData\Local\{61F87703-0B8F-4CB6-AB64-890EB6987F29} 2013-04-12 06:45 - 2013-04-23 10:08 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-12 06:45 - 2013-04-23 10:08 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs(85).sys 2013-04-11 02:19 - 2009-07-13 20:45 - 02371656 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-10 17:31 - 2013-04-10 17:31 - 00000000 ____D C:\Users\Brandon\AppData\Local\{D8FB5C10-A628-48CB-9852-4CCA0C640DC9} 2013-04-10 17:30 - 2009-07-13 21:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-04-04 14:47 - 2013-04-04 14:46 - 00000000 ___HD C:\Users\Brandon\Downloads\rikki six 2013-04-03 17:54 - 2013-04-02 17:53 - 00000000 ____D C:\Users\Brandon\AppData\Local\{4D664F2E-AD64-4A3D-BE7A-576634EE6A08} 2013-04-03 03:40 - 2013-04-03 03:21 - 115250352 ___AH C:\Users\Brandon\Downloads\rikki_six_ck113012_pics.zip ZeroAccess: C:\Windows\System32\consrv.dll ZeroAccess: C:\Windows\assembly\GAC_32\Desktop.ini ZeroAccess: C:\Windows\assembly\GAC_64\Desktop.ini ZeroAccess: C:\$Recycle.Bin\S-1-5-21-1925604824-1092996795-2013925537-1000\$9dd3a2fe2e0340ccf325005d2adfdfe9 Other Malware: =========== C:\Users\Brandon\AppData\Roaming\skype.dat C:\Users\Brandon\AppData\Roaming\skype.ini ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-04-17 23:00:10 Restore point made on: 2013-04-24 02:00:23 Restore point made on: 2013-04-30 02:00:22 Restore point made on: 2013-04-30 17:53:35 Restore point made on: 2013-05-02 04:19:35 ==================== Memory info =========================== Percentage of memory in use: 14% Total physical RAM: 5887.24 MB Available physical RAM: 5032.57 MB Total Pagefile: 5885.39 MB Available Pagefile: 5013.97 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: (HP) (Fixed) (Total:920.61 GB) (Free:711.31 GB) NTFS (Disk=0 Partition=2) Drive e: (FACTORY_IMAGE) (Fixed) (Total:10.81 GB) (Free:1.58 GB) NTFS (Disk=0 Partition=3) ==>[system with boot components (obtained from reading drive)] Drive g: (EOS_DIGITAL) (Removable) (Total:7.45 GB) (Free:7.43 GB) FAT32 (Disk=2 Partition=1) Drive x: (Boot) (Fixed) (Total:0.08 GB) (Free:0.07 GB) NTFS Drive y: (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 931 GB 7168 KB Disk 1 No Media 0 B 0 B Disk 2 Online 7631 MB 0 B Disk 3 No Media 0 B 0 B Disk 4 No Media 0 B 0 B Partitions of Disk 0: =============== Disk ID: 46C4F4AE Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 90 MB 1024 KB Partition 2 Primary 920 GB 94 MB Partition 3 Primary 10 GB 920 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 90 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C HP NTFS Partition 920 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E FACTORY_IMA NTFS Partition 10 GB Healthy ========================================================= Partitions of Disk 2: =============== Disk ID: 00000000 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 7631 MB 31 KB ================================================================================== Disk: 2 Partition 1 Type : 0C Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 G EOS_DIGITAL FAT32 Removable 7631 MB Healthy ========================================================= ============================== MBR & Partition Table ================== ==================================================================== Disk: 0 (Size: 932 GB) (Disk ID: 46C4F4AE) Partition 1: (Active) - (Size=90 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=921 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS) ==================================================================== Disk: 2 (Size: 7 GB) (Disk ID: 00000000) Partition 1: (Active) - (Size=7 GB) - (Type=0C) Last Boot: 2013-04-23 23:02 ==================== End Of Log ============================
  13. You sir, are a gentlemen. Thanks!
  14. Thanks MrC for the info. I did not have a flash drive with me yesterday so I grab what I had lastnight ( 8GB Lexer SD card) I am assuming it is all the same compared to a Flash USB stick? I did more research and created a new account with admin rights, through command prompt last night and was able to log in, I still could not get internet to work. I did run Repair Your Computer at the boot options the other day and not sure if there was any success. It still would only load a white screen. I will download FarBar and try to make a recovery disk while at work (My computer came preloaded without a disk) so I can try it later today. Does this mean I can download FarBar and run it in the new account or will I still have to run it through command prompt?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.