Jump to content

tmanyp40

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. ??????? Windows Live Mesh ActiveX ??(????) ??????? Windows Live Mesh ActiveX ??? Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Shockwave Player 12.0 Alcor Micro USB Card Reader Ask Toolbar Ask Toolbar Updater Asmedia ASM104x USB 3.0 Host Controller Driver ASUS AI Recovery ASUS FancyStart ASUS LifeFrame3 ASUS Live Update ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Virtual Camera ASUS WebStorage ASUS_Screensaver AsusVibe2.0 Atheros Driver Installation Program ATK Package Bing Bar Cisco Connect Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX de Windows Live Mesh para conexiones remotas Controlo ActiveX do Windows Live Mesh para Ligações Remotas CyberLink LabelPrint CyberLink Power2Go D3DX10 Free Ride Games Player Galeria de Fotografias do Windows Live Galerie de photos Windows Live Galería fotográfica de Windows Live GamingWonderland Toolbar Google Chrome Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper HP FWUpdateEDO2 HP Officejet Pro 8600 Help HP Update I.R.I.S. OCR Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Java Auto Updater Java 6 Update 33 Junk Mail filter update Mesh Runtime Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable MSVCRT MSVCRT_amd64 MyFunCards Toolbar Norton PC Checkup Nuance PDF Reader Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Sonic Focus swMSM syncables desktop SE Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Windows Live Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinFlash Wireless Console 3
  2. Sorry for the delay. Here are the combofix logs. ComboFix 13-06-18.02 - John Manypenny 06/19/2013 20:55:01.1.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4000.2909 [GMT -5:00]Running from: c:\users\John Manypenny\Downloads\ComboFix.exeAV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files (x86)\TotalRecipeSearch_14EIc:\program files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\14EIPlug.dllc:\program files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\14EZSETP.dllc:\program files (x86)\TotalRecipeSearch_14EI\Installr\1.bin\NP14EISb.dll..((((((((((((((((((((((((( Files Created from 2013-05-20 to 2013-06-20 )))))))))))))))))))))))))))))))..2013-06-20 02:01 . 2013-06-20 02:01 -------- d-----w- c:\users\Default\AppData\Local\temp2013-06-20 01:42 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{675DCD72-752F-4A34-95B1-7FED474F3E64}\mpengine.dll2013-06-20 01:40 . 2013-06-20 01:41 -------- d-----w- C:\rei2013-06-20 01:40 . 2013-06-20 01:40 -------- d-----w- c:\program files\Reimage2013-06-20 01:39 . 2013-06-20 01:39 -------- d--h--w- c:\programdata\Common Files2013-06-18 21:05 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-06-17 19:29 . 2013-06-17 19:29 -------- d-----w- C:\FRST2013-06-17 17:13 . 2013-05-23 12:54 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7ABD350D-4D8F-4D28-A32F-7335B5430895}\gapaengine.dll2013-06-11 16:45 . 2013-06-11 16:45 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-05-30 20:45 . 2013-05-30 20:45 -------- d-----w- c:\windows\SysWow64\Adobe2013-05-23 12:57 . 2013-05-23 12:54 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E3A5DEDB-E9FC-4F0B-8D47-1F912FFA845F}\gapaengine.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-06-17 17:01 . 2011-12-16 19:26 45056 ----a-w- c:\windows\system32\acovcnt.exe2013-05-23 12:54 . 2012-02-29 22:53 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2013-05-19 12:56 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2013-05-02 15:29 . 2011-12-17 00:09 278800 ------w- c:\windows\system32\MpSigStub.exe2013-04-13 05:49 . 2013-05-16 20:01 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll2013-04-13 05:49 . 2013-05-16 20:01 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll2013-04-13 05:49 . 2013-05-16 20:01 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll2013-04-13 05:49 . 2013-05-16 20:01 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll2013-04-13 04:45 . 2013-05-16 20:01 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll2013-04-13 04:45 . 2013-05-16 20:01 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll2013-04-12 14:45 . 2013-04-25 15:40 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys2013-04-10 06:01 . 2013-05-16 20:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys2013-04-10 06:01 . 2013-05-16 20:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys2013-04-10 03:30 . 2013-05-16 20:01 3153920 ----a-w- c:\windows\system32\win32k.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-04 1519272].[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}]2012-08-19 20:43 699536 ----a-w- c:\progra~2\GAMING~2\bar\1.bin\gtbar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{ab5d199e-9659-47a2-930b-fc3b69061353}]2012-08-19 20:43 62864 ----a-w- c:\program files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{c4b22c87-45ef-4f43-89f2-40db2078864e}]2012-05-13 16:52 66960 ----a-w- c:\program files (x86)\MyFunCards_5m\bar\1.bin\5mSrcAs.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]2012-05-04 20:43 1519272 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{da71fd14-5f7b-46ae-b8b1-44074a38f331}]2012-05-13 16:52 693648 ----a-w- c:\progra~2\MYFUNC~2\bar\1.bin\5mbar.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]"{210f1b36-3b7f-41a4-b5da-3eb87f5a56c2}"= "c:\program files (x86)\MyFunCards_5m\bar\1.bin\5mbar.dll" [2012-05-13 693648]"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-04 1519272]"{a899079d-206f-43a6-be6a-07e0fa648ea0}"= "c:\program files (x86)\GamingWonderland\bar\1.bin\gtbar.dll" [2012-08-19 699536].[HKEY_CLASSES_ROOT\clsid\{210f1b36-3b7f-41a4-b5da-3eb87f5a56c2}].[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}][HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1][HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}][HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd].[HKEY_CLASSES_ROOT\clsid\{a899079d-206f-43a6-be6a-07e0fa648ea0}].[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2011-09-09 2676584].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-02 2018032]"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]"MyFunCards Search Scope Monitor"="c:\progra~2\MYFUNC~2\bar\1.bin\5msrchmn.exe" [2012-05-13 42552]"MyFunCards_5m Browser Plugin Loader"="c:\progra~2\MYFUNC~2\bar\1.bin\5mbrmon.exe" [2012-05-13 30096]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-05-04 1561768]"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]"GamingWonderland Search Scope Monitor"="c:\progra~2\GAMING~2\bar\1.bin\gtsrchmn.exe" [2012-08-19 42536]"GamingWonderland Browser Plugin Loader"="c:\progra~2\GAMING~2\bar\1.bin\gtbrmon.exe" [2012-08-19 30096].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-1 549040]FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [2011-10-29 12862].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]S2 GamingWonderlandService;GamingWonderlandService;c:\progra~2\GAMING~2\bar\1.bin\gtbarsvc.exe;c:\progra~2\GAMING~2\bar\1.bin\gtbarsvc.exe [x]S2 MyFunCards_5mService;MyFunCardsService;c:\progra~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe;c:\progra~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe [x]S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe;c:\program files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [x]S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe [x]S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe;c:\program files\Trend Micro\Titanium\TiMiniService.exe [x]S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [x]S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]S3 cpuz134;cpuz134;c:\users\JOHNMA~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\JOHNMA~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]..--- Other Services/Drivers In Memory ---.*NewlyCreated* - CPUZ134.Contents of the 'Scheduled Tasks' folder.2013-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-09 20:33].2013-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-09 20:33].2013-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-441713544-2149509061-1724629917-1000Core.job- c:\users\John Manypenny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-26 02:11].2013-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-441713544-2149509061-1724629917-1000UA.job- c:\users\John Manypenny\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-26 02:11]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]@="{64174815-8D98-4CE6-8646-4C039977D808}"[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-12 168216]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-12 392472]"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-12 416024]"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-03 2226280]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - startToolbar-Locked - (no file)HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exeHKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exeAddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.15.91\diMaster.dll\" /prefetch:1".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.10".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2013-06-19 21:04:42ComboFix-quarantined-files.txt 2013-06-20 02:04.Pre-Run: 150,079,774,720 bytes freePost-Run: 150,520,348,672 bytes free.- - End Of File - - 2657EEBACAC950E2421547D1282D4A1AD41D8CD98F00B204E9800998ECF8427E
  3. Here's the log. It rebooted normally! Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-06-2013 Ran by SYSTEM at 2013-06-17 11:58:45 Run:1 Running from F:\ Boot Mode: Recovery ============================================== HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper => Value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. HKU\John Manypenny\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully. C:\Users\John Manypenny\AppData\Roaming\skype.ini => Moved successfully. C:\Users\John Manypenny\AppData\Roaming\skype.dat => Moved successfully. ==== End of Fixlog ====
  4. My husband has this virus on his laptop. I've downloaded and run the FARBR. Log files are listed. I'm not sure what to do next, so any help is appreciated. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-06-2013 Ran by SYSTEM on 17-06-2013 11:29:19 Running from F:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF" [x] HKLM\...\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [192520 2010-10-12] (Trend Micro Inc.) HKLM\...\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none" [322384 2010-09-17] (Trend Micro Inc.) HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated) HKLM\...\Run: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated) HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.) HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 [2226280 2011-06-02] (Realtek Semiconductor) HKLM\...\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd [x] HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1281512 2013-01-27] (Microsoft Corporation) HKLM-x32\...\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [328992 2008-11-03] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [2018032 2011-04-01] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S [731472 2011-02-23] (ecareme) HKLM-x32\...\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus) HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS) HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] () HKLM-x32\...\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [MyFunCards Search Scope Monitor] "C:\PROGRA~2\MYFUNC~2\bar\1.bin\5msrchmn.exe" /m=2 /w /h [42552 2012-05-13] (MindSpark) HKLM-x32\...\Run: [MyFunCards_5m Browser Plugin Loader] C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbrmon.exe [30096 2012-05-13] (VER_COMPANY_NAME) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [1561768 2012-05-04] (Ask) HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h [42536 2012-08-19] (MindSpark) HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader] C:\PROGRA~2\GAMING~2\bar\1.bin\gtbrmon.exe [30096 2012-08-19] (VER_COMPANY_NAME) HKU\John Manypenny\...\Run: [Google Update] "C:\Users\John Manypenny\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-12-25] (Google Inc.) HKU\John Manypenny\...\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN246BS1BB05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1 [2676584 2011-09-09] (Hewlett-Packard Co.) HKU\John Manypenny\...\Winlogon: [shell] explorer.exe,C:\Users\John Manypenny\AppData\Roaming\skype.dat [117248 2011-11-16] (PremiumSoft CyberTech Ltd.) <==== ATTENTION Startup: C:\ProgramData\Start Menu\Programs\Startup\AsusVibeLauncher.lnk ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.) Startup: C:\ProgramData\Start Menu\Programs\Startup\FancyStart daemon.lnk ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe () ==================== Services (Whitelisted) ================= S2 GamingWonderlandService; C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe [42504 2012-08-19] (COMPANYVERS_NAME) S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation) S2 MyFunCards_5mService; C:\PROGRA~2\MYFUNC~2\bar\1.bin\5mbarsvc.exe [42528 2012-05-13] (COMPANYVERS_NAME) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation) S2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-04-03] (Symantec Corporation) S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.91\ccSvcHst.exe [126392 2011-09-29] (Symantec Corporation) S2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.) S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x] ==================== Drivers (Whitelisted) ==================== S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( ) S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation) S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation) S2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.) S2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.) S2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.) S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.) S2 X5XSEx; C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [55400 2010-11-22] (Exent Technologies Ltd.) S2 X5XSEx; C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [55400 2010-11-22] (Exent Technologies Ltd.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-17 11:29 - 2013-06-17 11:29 - 00000000 ____D C:\FRST 2013-06-13 13:02 - 2013-06-17 08:13 - 00000004 ____A C:\Users\John Manypenny\AppData\Roaming\skype.ini 2013-06-11 08:48 - 2013-06-11 08:48 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-11 08:48 - 2013-06-11 08:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-11 08:48 - 2013-06-11 08:48 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-06-11 08:48 - 2013-06-11 08:48 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-06-11 08:48 - 2013-06-11 08:48 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-06-11 08:48 - 2013-06-11 08:48 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-06-11 08:48 - 2013-06-11 08:48 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-06-11 08:48 - 2013-06-11 08:48 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-06-11 08:48 - 2013-06-11 08:48 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-06-11 08:48 - 2013-06-11 08:48 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-06-11 08:48 - 2013-06-11 08:48 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-06-11 08:45 - 2013-06-11 08:45 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-11 08:41 - 2013-06-11 08:51 - 00007985 ____A C:\Windows\IE10_main.log 2013-05-30 12:45 - 2013-05-30 12:45 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2013-05-25 14:54 - 2013-05-25 14:54 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf ==================== One Month Modified Files and Folders ======= 2013-06-17 11:29 - 2013-06-17 11:29 - 00000000 ____D C:\FRST 2013-06-17 08:23 - 2011-10-29 15:55 - 01116945 ____A C:\Windows\WindowsUpdate.log 2013-06-17 08:23 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-17 08:23 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-17 08:15 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-17 08:15 - 2009-07-13 20:51 - 00056520 ____A C:\Windows\setupact.log 2013-06-17 08:13 - 2013-06-13 13:02 - 00000004 ____A C:\Users\John Manypenny\AppData\Roaming\skype.ini 2013-06-17 08:12 - 2012-01-09 12:33 - 00000914 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-06-17 08:12 - 2011-12-25 18:11 - 00000944 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-441713544-2149509061-1724629917-1000UA.job 2013-06-13 13:19 - 2012-01-09 12:33 - 00000910 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-06-13 13:19 - 2011-12-16 11:26 - 00000000 ___HD C:\ASUS.DAT 2013-06-13 13:05 - 2011-12-16 11:26 - 00045056 ____A C:\Windows\System32\acovcnt.exe 2013-06-13 11:10 - 2011-12-25 18:11 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-441713544-2149509061-1724629917-1000Core.job 2013-06-11 09:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK 2013-06-11 09:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR 2013-06-11 09:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK 2013-06-11 09:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR 2013-06-11 09:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-06-11 08:51 - 2013-06-11 08:41 - 00007985 ____A C:\Windows\IE10_main.log 2013-06-11 08:48 - 2013-06-11 08:48 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-11 08:48 - 2013-06-11 08:48 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-11 08:48 - 2013-06-11 08:48 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-06-11 08:48 - 2013-06-11 08:48 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-06-11 08:48 - 2013-06-11 08:48 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-06-11 08:48 - 2013-06-11 08:48 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-06-11 08:48 - 2013-06-11 08:48 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-06-11 08:48 - 2013-06-11 08:48 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-06-11 08:48 - 2013-06-11 08:48 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-06-11 08:48 - 2013-06-11 08:48 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-06-11 08:48 - 2013-06-11 08:48 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-06-11 08:48 - 2013-06-11 08:48 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-06-11 08:48 - 2013-06-11 08:48 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-06-11 08:45 - 2013-06-11 08:45 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-11 08:45 - 2013-06-11 08:45 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-06-06 10:24 - 2011-12-25 18:13 - 00002418 ____A C:\Users\John Manypenny\Desktop\Google Chrome.lnk 2013-06-01 16:02 - 2011-04-01 20:17 - 00134150 ____A C:\Windows\PFRO.log 2013-05-30 12:46 - 2011-12-16 11:41 - 00000000 ____D C:\ProgramData\Google 2013-05-30 12:46 - 2011-04-01 20:36 - 00000000 ____D C:\Program Files\Google 2013-05-30 12:46 - 2011-04-01 20:36 - 00000000 ____D C:\Program Files (x86)\Google 2013-05-30 12:45 - 2013-05-30 12:45 - 00000000 ____D C:\Windows\SysWOW64\Adobe 2013-05-25 14:54 - 2013-05-25 14:54 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2013-05-23 03:58 - 2009-07-13 20:45 - 00268856 ____A C:\Windows\System32\FNTCACHE.DAT 2013-05-19 04:39 - 2009-07-13 21:13 - 00757328 ____A C:\Windows\System32\PerfStringBackup.INI Files to move or delete: ==================== C:\Users\John Manypenny\AppData\Roaming\skype.dat C:\Users\John Manypenny\AppData\Roaming\skype.ini ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-05-03 06:22:48 Restore point made on: 2013-05-07 07:20:14 Restore point made on: 2013-05-11 10:49:24 Restore point made on: 2013-05-16 06:04:56 Restore point made on: 2013-05-19 04:33:50 Restore point made on: 2013-05-23 03:06:29 Restore point made on: 2013-05-26 14:34:27 Restore point made on: 2013-05-30 11:45:58 Restore point made on: 2013-06-02 13:27:18 Restore point made on: 2013-06-06 06:03:47 Restore point made on: 2013-06-09 11:31:50 Restore point made on: 2013-06-11 08:40:53 ==================== Memory info =========================== Percentage of memory in use: 14% Total physical RAM: 4000.13 MB Available physical RAM: 3427.05 MB Total Pagefile: 3998.27 MB Available Pagefile: 3423.51 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:138.63 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:254.34 GB) NTFS (Disk=0 Partition=3) Drive f: () (Removable) (Total:14.9 GB) (Free:14.77 GB) FAT32 (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 496B9619) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=186 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=254 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 15 GB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=15 GB) - (Type=0C) LastRegBack: 2013-04-17 17:30 ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.