Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-08-2013 03 Ran by jeanne (administrator) on 20-08-2013 09:01:29 Running from C:\Users\jeanne\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (GorMedia, Inc.) C:\Windows\syswow64\MxKsPumper.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe () C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe (BitTorrent Inc.) C:\Users\jeanne\AppData\Roaming\BitTorrent\BitTorrent.exe () C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Dropbox, Inc.) C:\Users\jeanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Google Inc.) C:\Users\jeanne\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Google Inc.) C:\Users\jeanne\AppData\Local\Google\Update\1.3.21.153\GoogleCrashHandler64.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Users\jeanne\AppData\Local\Google\Chrome\Application\chrome.exe (RPA Technology) C:\Program Files (x86)\Air Mouse\Air Mouse\Mobile Mouse Service.exe (Google Inc.) C:\Users\jeanne\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\jeanne\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\jeanne\AppData\Local\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe (Google Inc.) C:\Users\jeanne\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7466600 2011-09-15] (Realtek Semiconductor) HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company) HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation) HKCU\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [812544 2013-02-01] () HKCU\...\Run: [Google Update] - C:\Users\jeanne\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-02-01] (Google Inc.) HKCU\...\Run: [bitTorrent] - C:\Users\jeanne\AppData\Roaming\BitTorrent\BitTorrent.exe [1126488 2013-08-08] (BitTorrent Inc.) HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2011-07-11] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-07-01] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-07-01] (RealNetworks, Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Air Mouse.lnk ShortcutTarget: Air Mouse.lnk -> C:\Program Files (x86)\Air Mouse\Air Mouse\Air Mouse.exe () Startup: C:\Users\jeanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\jeanne\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=714647&fr=spigot-yhp-ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1 HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mifi.admin/ https://selfcare.internet-go.com/overview/ URLSearchHook: (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File URLSearchHook: (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKLM - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.searchya.com/?q={searchTerms}&f=4&a=dnldyho&cd=2XzuyEtN2Y1L1Qzu0EyEtCtCyD0B0FyE0DtDyB0B0CyE0CyCtN0D0Tzu0CyEtCyEtN1L2XzutBtFtBtFtCtFyEyBzztN1L1Czu1Q1G1I1Q2U1M1F&cr=1519142129&ir= SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms} SearchScopes: HKCU - {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Photopos Toolbar - {59509308-4e15-4619-8e8d-0154e1588cdd} - C:\Program Files (x86)\photopostb\photoposDx.dll () BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll No File Toolbar: HKLM-x32 - Photopos Toolbar - {59509308-4e15-4619-8e8d-0154e1588cdd} - C:\Program Files (x86)\photopostb\photoposDx.dll () Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\kfl0cu6i.default FF SelectedSearchEngine: Yahoo FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\jeanne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\jeanne\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\jeanne\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: LWA64Plugin15.7 - C:\Users\jeanne\AppData\Roaming\Mozilla\Plugins\npLWA64Plugin15.7.dll (Microsoft Corporation) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\kfl0cu6i.default\searchplugins\bingp.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\photopostb.xml FF Extension: No Name - C:\Users\jeanne\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com FF Extension: HP Detect - C:\Users\jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\kfl0cu6i.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} FF Extension: testpilot - C:\Users\jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\kfl0cu6i.default\Extensions\testpilot@labs.mozilla.com.xpi FF Extension: toolbar_ATU4-V7 - C:\Users\jeanne\AppData\Roaming\Mozilla\Firefox\Profiles\kfl0cu6i.default\Extensions\toolbar_ATU4-V7@apn.ask.com.xpi FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ Chrome: ======= CHR RestoreOnStartup: "https://www.facebook.com/" CHR DefaultSearchURL: (Yahoo!) - http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=714647&p={searchTerms} CHR DefaultSuggestURL: (Yahoo!) - http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms} CHR Plugin: (Shockwave Flash) - C:\Users\jeanne\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\jeanne\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\jeanne\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll () CHR Plugin: (Skype Click to Call) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Users\jeanne\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\jeanne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Google Update) - C:\Users\jeanne\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File CHR Extension: (Angry Birds) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0 CHR Extension: (TV) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0 CHR Extension: (VUDU Movies) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\daomabnenlgkenegngdblacoobnncgib\2.0.0.2_0 CHR Extension: (Watch TV Online - Clickplayer.tv) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\flmfboagenlcnkidkjodenlgihdbkipj\6.3_0 CHR Extension: (Bart Simpson Dressup) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbgjplckadbmknaljcodfhoelklhdnoe\1.0.3_0 CHR Extension: (Flixster) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0 CHR Extension: (Crackle) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.7_0 CHR Extension: (RealDownloader) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0 CHR Extension: (World of Solitaire) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbnllnaaaohekjkcpfdllhhjijnidgn\1.0.1_0 CHR Extension: (KIDO'Z TV) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokdeafnhahffanabnbjjjjmoechjklc\2.2_0 CHR Extension: (Word War) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kabpecppkafpeglblchgegjlajhdiidh\1_0 CHR Extension: (Webcam Toy) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.4_0 CHR Extension: (Skype Click to Call) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0 CHR Extension: (Plants vs Zombies) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0 CHR Extension: (Angry Birds) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nllkkflncainlmehooebdaodggehpknh\1.0_0 CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0 CHR Extension: (Find Sponge Bob) - C:\Users\jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppbecpleglieaijnfimdjpdjikfgblab\1.0.2_0 CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\jeanne\AppData\Local\Temp\ccex.crx CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx ==================== Services (Whitelisted) ================= R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) R2 MxKsPumper; C:\Windows\syswow64\MxKsPumper.exe [130976 2011-07-21] (GorMedia, Inc.) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) R2 vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-15] (AVG Secure Search) ==================== Drivers (Whitelisted) ==================== R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-07-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-15] (AVG Technologies) R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MxCamKsFilter; C:\Windows\System32\DRIVERS\MxCamUFilterDrv.sys [14752 2011-07-21] (GorMedia, Inc.) R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) S3 clwvd; system32\DRIVERS\clwvd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-20 09:01 - 2013-08-20 09:01 - 00000000 ____D C:\FRST 2013-08-20 00:33 - 2013-08-20 00:33 - 02347384 _____ (ESET) C:\Users\jeanne\Downloads\esetsmartinstaller_enu.exe 2013-08-20 00:33 - 2013-08-20 00:33 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-20 00:25 - 2013-08-20 00:26 - 00009965 _____ C:\AdwCleaner[s1].txt 2013-08-20 00:25 - 2013-08-20 00:26 - 00000121 _____ C:\Windows\DeleteOnReboot.bat 2013-08-20 00:25 - 2013-08-20 00:25 - 00666633 _____ C:\Users\jeanne\Downloads\AdwCleaner.exe 2013-08-20 00:24 - 2013-08-20 00:24 - 00001081 _____ C:\Users\jeanne\Desktop\Continue Download Helper Installation.lnk 2013-08-20 00:21 - 2013-08-20 00:21 - 00023930 _____ C:\Users\jeanne\Desktop\JRT.txt 2013-08-20 00:10 - 2013-08-20 00:10 - 00000000 ____D C:\Windows\ERUNT 2013-08-19 23:12 - 2013-08-20 00:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-08-19 23:10 - 2013-08-20 00:07 - 00000000 ____D C:\Users\jeanne\Desktop\mbar 2013-08-19 23:08 - 2013-08-19 23:09 - 01018949 _____ (Thisisu) C:\Users\jeanne\Downloads\JRT.exe 2013-08-19 23:07 - 2013-08-19 23:09 - 00000000 ____D C:\Users\jeanne\Desktop\RK_Quarantine 2013-08-19 23:07 - 2013-08-19 23:07 - 12081912 _____ (Malwarebytes Corp.) C:\Users\jeanne\Downloads\mbar-1.06.1.1005.exe 2013-08-19 23:05 - 2013-08-19 23:06 - 03814400 _____ C:\Users\jeanne\Downloads\RogueKillerX64.exe 2013-08-19 23:05 - 2013-08-19 23:05 - 00000000 ____D C:\Windows\ERDNT 2013-08-19 23:04 - 2013-08-19 23:04 - 00000884 _____ C:\Users\jeanne\Desktop\NTREGOPT.lnk 2013-08-19 23:04 - 2013-08-19 23:04 - 00000865 _____ C:\Users\jeanne\Desktop\ERUNT.lnk 2013-08-19 23:04 - 2013-08-19 23:04 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-08-19 22:59 - 2013-08-19 23:00 - 00791393 _____ (Lars Hederer ) C:\Users\jeanne\Downloads\erunt-setup.exe 2013-08-19 21:17 - 2013-08-19 21:19 - 00000000 ____D C:\Users\jeanne\Downloads\Switched at Birth S02E21 HDTV x264-ASAP[ettv] 2013-08-19 21:17 - 2013-08-19 21:18 - 00000000 ____D C:\Users\jeanne\Downloads\Under the Domen S01E09 HDTV x264-LOL[ettv] 2013-08-19 19:15 - 2013-08-19 19:15 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\Malwarebytes 2013-08-19 19:14 - 2013-08-19 19:14 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-19 19:14 - 2013-08-19 19:14 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-19 19:14 - 2013-08-19 19:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-19 19:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-19 19:13 - 2013-08-19 19:14 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jeanne\Downloads\mbam-setup-1.75.0.1300 (1).exe 2013-08-19 19:13 - 2013-08-19 19:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jeanne\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-18 23:28 - 2013-08-19 00:48 - 00000000 ____D C:\Users\jeanne\Downloads\Ray Donovan S01E08 HDTV x264-ASAP[ettv] 2013-08-18 22:14 - 2013-08-18 22:15 - 00000000 ____D C:\Users\jeanne\Downloads\Dexter S08E08 HDTV x264-ASAP[ettv] 2013-08-18 21:08 - 2013-08-18 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-18 20:56 - 2013-08-18 20:58 - 00000000 ____D C:\Users\jeanne\Downloads\True Blood S06E10 Radioactive WEB-DL XviD-FUM[ettv] 2013-08-18 03:21 - 2013-08-18 03:22 - 00000000 ____D C:\Users\jeanne\Downloads\Arctic Monkeys - Suck It And See (2011) (320kbps) DutchReleaseTeam 2013-08-18 03:21 - 2013-08-18 03:21 - 00000000 ____D C:\Users\jeanne\Downloads\Arctic Monkeys - Black Treacle (Single) 2012 2013-08-18 03:11 - 2013-08-18 03:11 - 00001146 _____ C:\Users\Public\Desktop\aTube Catcher.lnk 2013-08-18 03:10 - 2013-06-06 16:41 - 00489392 _____ (Ask Partner Network) C:\Users\jeanne\Documents\APNSetup.exe 2013-08-17 23:30 - 2013-08-17 23:30 - 00000000 ____D C:\Users\jeanne\Downloads\Cedar Cove S01E05 HDTV x264-2HD[ettv] 2013-08-16 22:00 - 2013-08-16 22:08 - 156863116 _____ C:\Users\jeanne\Downloads\Web.Therapy.S03E01.HDTV.x264-EVOLVE.mp4 2013-08-16 22:00 - 2013-08-16 22:04 - 135941844 _____ C:\Users\jeanne\Downloads\Web.Therapy.S03E02.HDTV.x264-EVOLVE.mp4 2013-08-16 22:00 - 2013-08-16 22:03 - 123408770 _____ C:\Users\jeanne\Downloads\Web.Therapy.S03E04.HDTV.x264-ASAP.mp4 2013-08-16 22:00 - 2013-08-16 22:00 - 00000000 ____D C:\Users\jeanne\Downloads\Web.Therapy.S03E03.720p.HDTV.x264-EVOLVE [PublicHD] 2013-08-15 23:19 - 2013-08-20 00:30 - 00003212 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-555411451-2527714722-2404825438-1000 2013-08-15 03:11 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-08-15 03:11 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-08-15 03:11 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-08-15 03:11 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-08-15 03:11 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-08-15 03:11 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-08-15 03:11 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-08-15 03:11 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-08-15 03:11 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-08-15 03:11 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-08-15 03:11 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-08-15 03:11 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-08-15 03:11 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-15 03:11 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-15 03:01 - 2013-08-15 03:01 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 01:15 - 2013-08-15 01:39 - 00000000 ____D C:\Users\jeanne\Downloads\Necessary.Roughness.S03E09.HDTV.XviD-AFG 2013-08-14 21:26 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-14 21:26 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-08-14 21:26 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-14 21:26 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-14 21:26 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-08-14 21:26 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-08-14 21:26 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-08-14 21:26 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2013-08-14 21:26 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2013-08-14 21:26 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-08-14 21:26 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2013-08-14 21:26 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2013-08-14 21:26 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-14 21:26 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-14 21:26 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-08-14 21:26 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2013-08-14 21:26 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2013-08-14 21:26 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-08-14 21:26 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-08-14 21:26 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-08-14 21:26 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-08-14 21:25 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-08-14 21:25 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-08-14 21:25 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-08-14 21:25 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-08-14 21:25 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-08-14 21:25 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2013-08-13 11:49 - 2013-08-13 11:50 - 00000000 ____D C:\Users\jeanne\Downloads\Mythbusters S12 Breaking Bad Special INTERNAL HDTV x264-KILLERS[ettv] 2013-08-12 12:57 - 2013-08-12 12:57 - 00000000 ____D C:\ProgramData\StarApp 2013-08-12 12:55 - 2013-08-12 12:57 - 00000000 ____D C:\ProgramData\InstallMate 2013-08-12 00:49 - 2013-08-12 00:57 - 00000000 ____D C:\Users\jeanne\Downloads\Ray Donovan S01E07 HDTV x264-ASAP[ettv] 2013-08-12 00:18 - 2013-08-12 00:24 - 00000000 ____D C:\Users\jeanne\Downloads\Drop Dead Diva S05E08 HDTV x264-ASAP[ettv] 2013-08-12 00:00 - 2013-08-12 00:09 - 00000000 ____D C:\Users\jeanne\Downloads\Dexter S08E07 HDTV x264-ASAP[ettv] 2013-08-12 00:00 - 2013-08-12 00:01 - 00000000 ____D C:\Users\jeanne\Downloads\True Blood S06E09 Life Matters WEB DL XviD-FUM[ettv] 2013-08-09 21:44 - 2013-08-20 00:30 - 00003344 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-555411451-2527714722-2404825438-1000 2013-08-09 21:20 - 2013-08-09 21:20 - 00012193 _____ C:\Users\jeanne\Downloads\images-2.jpeg 2013-08-09 21:20 - 2013-08-09 21:20 - 00009198 _____ C:\Users\jeanne\Downloads\images-1.jpeg 2013-08-09 21:19 - 2013-08-09 21:19 - 00011309 _____ C:\Users\jeanne\Downloads\images.jpeg 2013-08-09 20:19 - 2013-08-20 00:28 - 00224044 _____ C:\Windows\PFRO.log 2013-08-08 23:38 - 2013-08-09 03:26 - 00000000 ____D C:\Users\jeanne\AppData\Local\DolphinViewer3 2013-08-08 23:38 - 2013-08-08 23:40 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\DolphinViewer3 2013-08-08 12:13 - 2013-08-08 12:13 - 00001227 _____ C:\Users\Public\Desktop\Dolphin Viewer 3.lnk 2013-08-08 12:12 - 2013-08-08 12:13 - 00000000 ____D C:\Program Files (x86)\DolphinViewer3 2013-08-08 02:58 - 2013-08-08 03:09 - 00000000 ____D C:\Users\jeanne\Downloads\Necessary Roughness S03E08 HDTV XviD-FUM[ettv] 2013-08-08 00:41 - 2013-08-08 00:41 - 00000873 _____ C:\Users\jeanne\Desktop\BitTorrent.lnk 2013-08-08 00:41 - 2013-08-08 00:41 - 00000853 _____ C:\Users\jeanne\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk 2013-08-01 19:03 - 2013-08-05 00:06 - 00000000 ____D C:\Users\jeanne\Downloads\The Haves and the Have Nots S01E01 HDTV x264-ASAP[ettv] 2013-07-31 14:41 - 2013-07-31 14:41 - 141932924 _____ C:\Users\jeanne\Downloads\bvideo.mp4 2013-07-29 19:36 - 2013-08-20 00:28 - 00000896 _____ C:\Windows\setupact.log 2013-07-29 19:36 - 2013-07-29 19:36 - 00000000 _____ C:\Windows\setuperr.log 2013-07-27 21:44 - 2013-08-08 00:40 - 00000000 _____ C:\conversation.log 2013-07-27 21:43 - 2013-08-18 02:04 - 00000000 ____D C:\Users\jeanne\AppData\Local\Firestorm 2013-07-27 21:43 - 2013-07-27 21:45 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\Firestorm 2013-07-27 21:39 - 2013-07-27 21:39 - 00001277 _____ C:\Users\Public\Desktop\Firestorm-Release.lnk 2013-07-27 21:37 - 2013-07-27 21:39 - 00000000 ____D C:\Program Files (x86)\Firestorm-Release 2013-07-26 01:59 - 2013-07-26 01:59 - 00002978 _____ C:\Windows\System32\Tasks\{CDE12549-DCC0-4145-B5AB-B154A74E4D21} 2013-07-25 02:19 - 2013-08-08 12:04 - 00000000 ____D C:\Users\jeanne\AppData\Local\SecondLife 2013-07-25 02:19 - 2013-08-08 08:44 - 00000000 ____D C:\Program Files (x86)\SecondLifeViewer 2013-07-25 02:19 - 2013-08-08 00:42 - 00001085 _____ C:\Users\Public\Desktop\Second Life Viewer.lnk 2013-07-25 02:19 - 2013-07-25 02:21 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\SecondLife 2013-07-25 02:03 - 2013-07-25 02:06 - 00700144 _____ C:\Users\jeanne\Downloads\Second_Life_Setup.exe ==================== One Month Modified Files and Folders ======= 2013-08-20 09:01 - 2013-08-20 09:01 - 01576196 _____ (Farbar) C:\Users\jeanne\Downloads\FRST64.exe 2013-08-20 09:01 - 2013-08-20 09:01 - 00000000 ____D C:\FRST 2013-08-20 09:00 - 2012-03-08 04:23 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\BitTorrent 2013-08-20 08:30 - 2012-02-01 14:02 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-555411451-2527714722-2404825438-1000UA.job 2013-08-20 08:20 - 2012-06-10 23:09 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-08-20 02:38 - 2012-01-13 21:26 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2330D4A8-255B-48FC-9702-AF4B8C85E825} 2013-08-20 02:15 - 2011-12-17 06:04 - 01782163 _____ C:\Windows\WindowsUpdate.log 2013-08-20 01:18 - 2012-03-27 19:51 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\Skype 2013-08-20 01:08 - 2012-01-17 10:17 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\vlc 2013-08-20 00:37 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-20 00:37 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-20 00:33 - 2013-08-20 00:33 - 02347384 _____ (ESET) C:\Users\jeanne\Downloads\esetsmartinstaller_enu.exe 2013-08-20 00:33 - 2013-08-20 00:33 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-20 00:31 - 2013-04-10 14:44 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\Dropbox 2013-08-20 00:30 - 2013-08-15 23:19 - 00003212 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-555411451-2527714722-2404825438-1000 2013-08-20 00:30 - 2013-08-09 21:44 - 00003344 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-555411451-2527714722-2404825438-1000 2013-08-20 00:30 - 2013-04-10 14:47 - 00000000 ___RD C:\Users\jeanne\Dropbox 2013-08-20 00:29 - 2013-06-07 22:48 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job 2013-08-20 00:29 - 2013-06-05 11:03 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2013-08-20 00:28 - 2013-08-09 20:19 - 00224044 _____ C:\Windows\PFRO.log 2013-08-20 00:28 - 2013-07-29 19:36 - 00000896 _____ C:\Windows\setupact.log 2013-08-20 00:28 - 2012-06-10 23:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-20 00:28 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-20 00:26 - 2013-08-20 00:25 - 00009965 _____ C:\AdwCleaner[s1].txt 2013-08-20 00:26 - 2013-08-20 00:25 - 00000121 _____ C:\Windows\DeleteOnReboot.bat 2013-08-20 00:25 - 2013-08-20 00:25 - 00666633 _____ C:\Users\jeanne\Downloads\AdwCleaner.exe 2013-08-20 00:25 - 2012-01-13 22:17 - 00000000 ____D C:\ProgramData\AVG Secure Search 2013-08-20 00:24 - 2013-08-20 00:24 - 00001081 _____ C:\Users\jeanne\Desktop\Continue Download Helper Installation.lnk 2013-08-20 00:21 - 2013-08-20 00:21 - 00023930 _____ C:\Users\jeanne\Desktop\JRT.txt 2013-08-20 00:14 - 2013-03-03 22:03 - 00000000 ____D C:\ProgramData\Uniblue 2013-08-20 00:10 - 2013-08-20 00:10 - 00000000 ____D C:\Windows\ERUNT 2013-08-20 00:07 - 2013-08-19 23:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-08-20 00:07 - 2013-08-19 23:10 - 00000000 ____D C:\Users\jeanne\Desktop\mbar 2013-08-19 23:58 - 2012-01-18 20:54 - 00000000 ____D C:\Users\jeanne\Documents\Youcam 2013-08-19 23:09 - 2013-08-19 23:08 - 01018949 _____ (Thisisu) C:\Users\jeanne\Downloads\JRT.exe 2013-08-19 23:09 - 2013-08-19 23:07 - 00000000 ____D C:\Users\jeanne\Desktop\RK_Quarantine 2013-08-19 23:07 - 2013-08-19 23:07 - 12081912 _____ (Malwarebytes Corp.) C:\Users\jeanne\Downloads\mbar-1.06.1.1005.exe 2013-08-19 23:06 - 2013-08-19 23:05 - 03814400 _____ C:\Users\jeanne\Downloads\RogueKillerX64.exe 2013-08-19 23:05 - 2013-08-19 23:05 - 00000000 ____D C:\Windows\ERDNT 2013-08-19 23:04 - 2013-08-19 23:04 - 00000884 _____ C:\Users\jeanne\Desktop\NTREGOPT.lnk 2013-08-19 23:04 - 2013-08-19 23:04 - 00000865 _____ C:\Users\jeanne\Desktop\ERUNT.lnk 2013-08-19 23:04 - 2013-08-19 23:04 - 00000000 ____D C:\Program Files (x86)\ERUNT 2013-08-19 23:00 - 2013-08-19 22:59 - 00791393 _____ (Lars Hederer ) C:\Users\jeanne\Downloads\erunt-setup.exe 2013-08-19 21:19 - 2013-08-19 21:17 - 00000000 ____D C:\Users\jeanne\Downloads\Switched at Birth S02E21 HDTV x264-ASAP[ettv] 2013-08-19 21:18 - 2013-08-19 21:17 - 00000000 ____D C:\Users\jeanne\Downloads\Under the Domen S01E09 HDTV x264-LOL[ettv] 2013-08-19 19:15 - 2013-08-19 19:15 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\Malwarebytes 2013-08-19 19:14 - 2013-08-19 19:14 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-08-19 19:14 - 2013-08-19 19:14 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-19 19:14 - 2013-08-19 19:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-19 19:14 - 2013-08-19 19:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jeanne\Downloads\mbam-setup-1.75.0.1300 (1).exe 2013-08-19 19:13 - 2013-08-19 19:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\jeanne\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-19 18:30 - 2012-02-01 14:02 - 00000860 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-555411451-2527714722-2404825438-1000Core.job 2013-08-19 18:05 - 2012-01-13 22:07 - 00000000 ____D C:\ProgramData\MFAData 2013-08-19 00:48 - 2013-08-18 23:28 - 00000000 ____D C:\Users\jeanne\Downloads\Ray Donovan S01E08 HDTV x264-ASAP[ettv] 2013-08-18 22:15 - 2013-08-18 22:14 - 00000000 ____D C:\Users\jeanne\Downloads\Dexter S08E08 HDTV x264-ASAP[ettv] 2013-08-18 21:08 - 2013-08-18 21:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-18 20:58 - 2013-08-18 20:56 - 00000000 ____D C:\Users\jeanne\Downloads\True Blood S06E10 Radioactive WEB-DL XviD-FUM[ettv] 2013-08-18 03:22 - 2013-08-18 03:21 - 00000000 ____D C:\Users\jeanne\Downloads\Arctic Monkeys - Suck It And See (2011) (320kbps) DutchReleaseTeam 2013-08-18 03:21 - 2013-08-18 03:21 - 00000000 ____D C:\Users\jeanne\Downloads\Arctic Monkeys - Black Treacle (Single) 2012 2013-08-18 03:11 - 2013-08-18 03:11 - 00001146 _____ C:\Users\Public\Desktop\aTube Catcher.lnk 2013-08-18 03:11 - 2013-03-05 20:19 - 00002074 _____ C:\Users\Public\Desktop\Video Search.lnk 2013-08-18 03:10 - 2013-03-05 20:18 - 00000000 ____D C:\Program Files (x86)\DsNET Corp 2013-08-18 02:04 - 2013-07-27 21:43 - 00000000 ____D C:\Users\jeanne\AppData\Local\Firestorm 2013-08-17 23:30 - 2013-08-17 23:30 - 00000000 ____D C:\Users\jeanne\Downloads\Cedar Cove S01E05 HDTV x264-2HD[ettv] 2013-08-16 22:08 - 2013-08-16 22:00 - 156863116 _____ C:\Users\jeanne\Downloads\Web.Therapy.S03E01.HDTV.x264-EVOLVE.mp4 2013-08-16 22:04 - 2013-08-16 22:00 - 135941844 _____ C:\Users\jeanne\Downloads\Web.Therapy.S03E02.HDTV.x264-EVOLVE.mp4 2013-08-16 22:03 - 2013-08-16 22:00 - 123408770 _____ C:\Users\jeanne\Downloads\Web.Therapy.S03E04.HDTV.x264-ASAP.mp4 2013-08-16 22:00 - 2013-08-16 22:00 - 00000000 ____D C:\Users\jeanne\Downloads\Web.Therapy.S03E03.720p.HDTV.x264-EVOLVE [PublicHD] 2013-08-15 05:34 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2013-08-15 04:33 - 2007-01-01 21:25 - 00000000 ____D C:\Windows\Panther 2013-08-15 03:07 - 2009-07-14 01:13 - 00794606 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-15 03:05 - 2013-08-15 03:01 - 00000000 ____D C:\Windows\system32\MRT 2013-08-15 03:01 - 2012-01-16 04:06 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-08-15 01:39 - 2013-08-15 01:15 - 00000000 ____D C:\Users\jeanne\Downloads\Necessary.Roughness.S03E09.HDTV.XviD-AFG 2013-08-15 01:07 - 2013-07-01 21:17 - 00003715 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml 2013-08-15 01:07 - 2012-09-07 13:09 - 00045856 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys 2013-08-13 11:50 - 2013-08-13 11:49 - 00000000 ____D C:\Users\jeanne\Downloads\Mythbusters S12 Breaking Bad Special INTERNAL HDTV x264-KILLERS[ettv] 2013-08-12 12:57 - 2013-08-12 12:57 - 00000000 ____D C:\ProgramData\StarApp 2013-08-12 12:57 - 2013-08-12 12:55 - 00000000 ____D C:\ProgramData\InstallMate 2013-08-12 00:57 - 2013-08-12 00:49 - 00000000 ____D C:\Users\jeanne\Downloads\Ray Donovan S01E07 HDTV x264-ASAP[ettv] 2013-08-12 00:24 - 2013-08-12 00:18 - 00000000 ____D C:\Users\jeanne\Downloads\Drop Dead Diva S05E08 HDTV x264-ASAP[ettv] 2013-08-12 00:09 - 2013-08-12 00:00 - 00000000 ____D C:\Users\jeanne\Downloads\Dexter S08E07 HDTV x264-ASAP[ettv] 2013-08-12 00:01 - 2013-08-12 00:00 - 00000000 ____D C:\Users\jeanne\Downloads\True Blood S06E09 Life Matters WEB DL XviD-FUM[ettv] 2013-08-11 21:37 - 2012-01-26 10:36 - 00000000 ____D C:\Users\jeanne\AppData\Local\CrashDumps 2013-08-09 21:20 - 2013-08-09 21:20 - 00012193 _____ C:\Users\jeanne\Downloads\images-2.jpeg 2013-08-09 21:20 - 2013-08-09 21:20 - 00009198 _____ C:\Users\jeanne\Downloads\images-1.jpeg 2013-08-09 21:19 - 2013-08-09 21:19 - 00011309 _____ C:\Users\jeanne\Downloads\images.jpeg 2013-08-09 03:26 - 2013-08-08 23:38 - 00000000 ____D C:\Users\jeanne\AppData\Local\DolphinViewer3 2013-08-08 23:40 - 2013-08-08 23:38 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\DolphinViewer3 2013-08-08 12:13 - 2013-08-08 12:13 - 00001227 _____ C:\Users\Public\Desktop\Dolphin Viewer 3.lnk 2013-08-08 12:13 - 2013-08-08 12:12 - 00000000 ____D C:\Program Files (x86)\DolphinViewer3 2013-08-08 12:04 - 2013-07-25 02:19 - 00000000 ____D C:\Users\jeanne\AppData\Local\SecondLife 2013-08-08 08:44 - 2013-07-25 02:19 - 00000000 ____D C:\Program Files (x86)\SecondLifeViewer 2013-08-08 03:09 - 2013-08-08 02:58 - 00000000 ____D C:\Users\jeanne\Downloads\Necessary Roughness S03E08 HDTV XviD-FUM[ettv] 2013-08-08 00:42 - 2013-07-25 02:19 - 00001085 _____ C:\Users\Public\Desktop\Second Life Viewer.lnk 2013-08-08 00:41 - 2013-08-08 00:41 - 00000873 _____ C:\Users\jeanne\Desktop\BitTorrent.lnk 2013-08-08 00:41 - 2013-08-08 00:41 - 00000853 _____ C:\Users\jeanne\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk 2013-08-08 00:40 - 2013-07-27 21:44 - 00000000 _____ C:\conversation.log 2013-08-05 00:06 - 2013-08-01 19:03 - 00000000 ____D C:\Users\jeanne\Downloads\The Haves and the Have Nots S01E01 HDTV x264-ASAP[ettv] 2013-08-01 12:51 - 2012-05-14 20:58 - 00000000 ____D C:\Users\jeanne\Downloads\pdf 2013-07-31 14:41 - 2013-07-31 14:41 - 141932924 _____ C:\Users\jeanne\Downloads\bvideo.mp4 2013-07-30 20:14 - 2013-04-03 15:11 - 00000925 _____ C:\Users\Public\Desktop\AVG 2013.lnk 2013-07-29 19:36 - 2013-07-29 19:36 - 00000000 _____ C:\Windows\setuperr.log 2013-07-28 21:27 - 2012-02-04 00:48 - 00000000 ____D C:\Program Files (x86)\Opera 2013-07-27 22:25 - 2012-05-16 01:48 - 00000000 ____D C:\Users\jeanne\AppData\Local\Windows Live 2013-07-27 21:45 - 2013-07-27 21:43 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\Firestorm 2013-07-27 21:39 - 2013-07-27 21:39 - 00001277 _____ C:\Users\Public\Desktop\Firestorm-Release.lnk 2013-07-27 21:39 - 2013-07-27 21:37 - 00000000 ____D C:\Program Files (x86)\Firestorm-Release 2013-07-26 01:59 - 2013-07-26 01:59 - 00002978 _____ C:\Windows\System32\Tasks\{CDE12549-DCC0-4145-B5AB-B154A74E4D21} 2013-07-26 01:13 - 2013-08-15 03:11 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-07-26 01:13 - 2013-08-15 03:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-07-26 01:13 - 2013-08-15 03:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-07-26 01:12 - 2013-08-15 03:11 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-07-26 01:12 - 2013-08-15 03:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-07-26 01:11 - 2012-06-21 23:34 - 00468592 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\pskill.exe 2013-07-26 01:09 - 2012-03-06 11:38 - 00000000 ____D C:\Users\jeanne\AppData\Local\CutePDF Writer 2013-07-25 23:35 - 2013-08-15 03:11 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-07-25 23:13 - 2013-08-15 03:11 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-07-25 23:13 - 2013-08-15 03:11 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-07-25 23:12 - 2013-08-15 03:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-07-25 23:11 - 2013-08-15 03:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-07-25 23:11 - 2013-08-15 03:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-07-25 22:49 - 2013-08-15 03:11 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-07-25 22:39 - 2013-08-15 03:11 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-07-25 21:59 - 2013-08-15 03:11 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-07-25 05:25 - 2013-08-14 21:26 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-07-25 04:57 - 2013-08-14 21:26 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2013-07-25 02:21 - 2013-07-25 02:19 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\SecondLife 2013-07-25 02:07 - 2012-01-14 01:14 - 00000000 ____D C:\Users\jeanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-07-25 02:06 - 2013-07-25 02:03 - 00700144 _____ C:\Users\jeanne\Downloads\Second_Life_Setup.exe 2013-07-24 08:54 - 2012-03-27 19:50 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-07-24 08:54 - 2012-03-27 19:50 - 00000000 ____D C:\ProgramData\Skype ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-12 15:27 ==================== End Of Log ============================