Jump to content

PrivitizeVPN + Magnipic possible infection

Zing509
 Share

Recommended Posts

Zing509

Zing509

Posted
Posted

I recently got a random popup about a thing called PrivitzeVPN installing itself on my computer, i tried to stop it and thought i did but when i opened Google Chrome i noticed a second page was opened to what looked like google, i went into the options of chrome and saw it wasn't google but instead a random URL, i deleted that page from my settings so it wouldn't open on start up.

 

i did some searching and realized that PrivitizeVPN + Magnipic are viruses and Magnipic was on my Chrome browser, i deleted the extension and attempted to uninstall it but it said it was in use when no programs were open.  Norton Anti-Virus said that it stopped a trojan but i think my computer is still infected. i'm using Windows 7 64 bit, can anyone help me clean out PrivitizeVPN and Mangipic from my computer?

 

Thanks in advance

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Run the following:

 

Download http://www.bleepingcomputer.com/download/adwcleaner/ by Xplode onto your Desktop.

 

  •   Please close all open programs and internet browsers.
  •   Double click on Adwcleaner.exe to run the tool.
  •   Click on Delete.
  •   Confirm each time with OK.
  •   Your computer will be rebooted automatically. A text file will open after the restart.
  •   Please post the content of that logfile in your reply.
  •   You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

 

Next,

 

download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Post those logs in next reply..

 

Kevin

Link to post
Share on other sites
Zing509

Zing509

Posted
  • Author
Posted

I ran both, This is AdwCleaner's text file

 

# AdwCleaner v2.304 - Logfile created 07/08/2013 at 05:03:54
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : John Myers - JOHNMYERS-HP
# Boot Mode : Normal
# Running from : C:\Users\John Myers\Downloads\AdwCleaner.exe
# Option [Delete]
 
 
***** [services] *****
 
 
***** [Files / Folders] *****
 
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\John Myers\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Deleted : C:\Users\John Myers\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Users\John Myers\Documents\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MagniPic
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\MAygniPic
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAygniPic
Folder Deleted : C:\Users\John Myers\AppData\Local\Conduit
Folder Deleted : C:\Users\John Myers\AppData\Local\PackageAware
Folder Deleted : C:\Users\John Myers\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\John Myers\AppData\LocalLow\FreeOnlineRadioPlayerRecorder
Folder Deleted : C:\Users\John Myers\AppData\Roaming\dvdvideosoftiehelpers
 
***** [Registry] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\FreeOnlineRadioPlayerRecorder
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{079F35A5-8E4E-B46C-7E9A-BE18C79D94DD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2DDB081-10D0-4804-AB95-73C70CBA3805}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{423ACEB9-6343-4088-8FEA-720BB2AC689D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3807E65-8771-4259-9AD3-04C6EC43307F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{079F35A5-8E4E-B46C-7E9A-BE18C79D94DD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F999A48B-1950-4D81-9971-79018F807B4B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB03EF39-C655-D560-FA95-79182B837D64}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FreeOnlineRadioPlayerRecorder Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SP_008a99b9
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F999A48B-1950-4D81-9971-79018F807B4B}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F999A48B-1950-4D81-9971-79018F807B4B}]
 
***** [internet Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16618
 
[OK] Registry is clean.
 
-\\ Google Chrome v27.0.1453.116
 
File : C:\Users\John Myers\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
-\\ Chromium v27.0.1422.0
 
File : C:\Users\John Myers\AppData\Local\Chromium\User Data\Default\Preferences
 
[OK] File is clean.
 
*************************
 
AdwCleaner[s1].txt - [6731 octets] - [08/07/2013 05:03:54]
 
########## EOF - C:\AdwCleaner[s1].txt - [6791 octets] ##########
 
 
 
 
 
This is FRST's text file
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by John Myers (administrator) on 08-07-2013 05:13:42
Running from C:\Users\John Myers\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Google Inc.) C:\Users\John Myers\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\John Myers\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\John Myers\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\system32\systeminfo.exe
(Microsoft Corporation) C:\Windows\system32\find.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, [625416 2010-04-23] (DigitalPersona, Inc.)
HKCU\...\Run: [AdobeBridge]  [x]
HKCU\...\Run: [Google Update] "C:\Users\John Myers\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-02-25] (Google Inc.)
HKCU\...\Run: [F.lux] "C:\Users\John Myers\Local Settings\Apps\F.lux\flux.exe" /noshow [966656 2009-08-29] ()
HKCU\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [GoogleChromeAutoLaunch_72A5EEDECFFD9DEF95D0BA6733215E4F] "C:\Users\John Myers\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window [825808 2013-06-14] (Google Inc.)
HKCU\...\Winlogon: [shell] expstart.exe <==== ATTENTION 
MountPoints2: {94924e8b-fe9e-11e1-b5c4-3c4a9254b4a7} - H:\ToolLauncher-Bootstrap.exe
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe [953232 2011-04-12] (Razer USA Ltd)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [2255184 2013-06-28] (LogMeIn Inc.)
HKU\Default\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
AppInit_DLLs-x32: c:\progra~2\magnipic\assist~1.dll [97280 2009-07-13] ()
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\John Myers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\John Myers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\John Myers\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\John Myers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchou.com/?id=ca5d3c54000000000000ac811223f6c2
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {17E396C0-FE6E-4D66-B6C9-F0A7834B8381} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {E81FD610-8B34-44C3-87B9-668710E5A8C3} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {F301A4A2-4B1B-4731-AD16-E5098900728E} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {17E396C0-FE6E-4D66-B6C9-F0A7834B8381} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {E81FD610-8B34-44C3-87B9-668710E5A8C3} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {F301A4A2-4B1B-4731-AD16-E5098900728E} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {17E396C0-FE6E-4D66-B6C9-F0A7834B8381} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {5935D6F9-E74B-4927-A860-8D0C196E366C} URL = http://searchou.com/?q={searchTerms}&id=ca5d3c54000000000000ac811223f6c2&r=600
SearchScopes: HKCU - {E81FD610-8B34-44C3-87B9-668710E5A8C3} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {F301A4A2-4B1B-4731-AD16-E5098900728E} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.247.24.53 66.189.0.100 24.178.162.3
 
Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\John Myers\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\John Myers\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\John Myers\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
CHR Plugin: (Google Update) - C:\Users\John Myers\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (Skype Click to Call) - C:\Users\John Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (FreeOnlineRadioPlayerRecorder) - C:\Users\John Myers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcmflmkceipgecmhoddphflfndnfbbe\10.14.40.128_0
 
==================== Services (Whitelisted) =================
 
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-29] (CyberLink)
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-01-09] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-03-08] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-14] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20130705.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20130705.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-03-08] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20130707.005\ENG64.SYS [126040 2013-07-04] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20130707.005\ENG64.SYS [126040 2013-07-04] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20130707.005\EX64.SYS [2098776 2013-07-04] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20130707.005\EX64.SYS [2098776 2013-07-04] (Symantec Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2011-03-31] (Razer USA Ltd)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1207010.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1207010.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1207010.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1207010.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-05-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1207010.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1207010.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-07-08 05:13 - 2013-07-08 05:13 - 00000000 ____D C:\FRST
2013-07-08 05:11 - 2013-07-08 05:11 - 01934636 ____A (Farbar) C:\Users\John Myers\Downloads\FRST64.exe
2013-07-08 05:03 - 2013-07-08 05:04 - 00006854 ____A C:\AdwCleaner[s1].txt
2013-07-08 04:57 - 2013-07-08 04:57 - 00650027 ____A C:\Users\John Myers\Downloads\AdwCleaner.exe
2013-07-08 04:43 - 2013-07-08 04:43 - 00002288 ____A C:\{5F703DF2-39D8-4CB3-B420-ABD084F6DDF1}
2013-07-08 04:08 - 2013-07-08 04:09 - 83293072 ____A (Blizzard Entertainment) C:\Users\John Myers\Downloads\World-of-Warcraft-Setup-enUS.exe
2013-07-08 03:05 - 2013-07-08 03:05 - 00000000 ____D C:\ProgramData\StarApp
2013-07-08 01:38 - 2013-07-08 01:38 - 00001216 ____A C:\Users\John Myers\B.T.R.xpaddercontroller
2013-07-08 01:27 - 2013-07-08 01:27 - 00000000 ____D C:\Users\John Myers\AppData\Local\BIT.TRIP RUNNER
2013-07-07 22:59 - 2013-07-07 22:59 - 00000221 ____A C:\Users\John Myers\Desktop\BIT.TRIP RUNNER.url
2013-07-07 22:46 - 2013-07-07 22:46 - 00000198 ____A C:\Users\John Myers\Desktop\Thomas Was Alone.url
2013-07-07 19:24 - 2013-07-07 19:24 - 00000221 ____A C:\Users\John Myers\Desktop\FINAL FANTASY VII.url
2013-07-07 17:05 - 2013-07-08 04:21 - 00000000 ____D C:\Users\John Myers\Desktop\Random
2013-07-07 15:30 - 2013-07-07 19:48 - 00001216 ____A C:\Users\John Myers\SSBF.xpaddercontroller
2013-07-07 15:25 - 2013-07-07 15:27 - 157993629 ____A C:\Users\John Myers\Downloads\SSF2DemoV0_9.zip
2013-07-03 16:53 - 2013-07-03 16:53 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-03 02:52 - 2013-07-03 02:52 - 00110391 ____A C:\Users\John Myers\Downloads\SaveConverterV2.0.0.zip
2013-07-03 00:34 - 2013-07-03 00:34 - 00098114 ____A C:\Users\John Myers\Downloads\TooManyItems2013_07_02_1.6.1.zip
2013-07-03 00:31 - 2013-07-03 00:31 - 01082179 ____A C:\Users\John Myers\Downloads\SinglePlayerCommands-MC1.5.2_V4.8.jar
2013-07-02 22:27 - 2013-07-02 22:27 - 00484992 ____A C:\Users\John Myers\Downloads\Minecraft.exe
2013-06-28 21:41 - 2010-06-18 01:10 - 00645632 ____N (IDT, Inc.) C:\Windows\System32\stapi64.dll
2013-06-28 21:40 - 2010-06-18 01:10 - 12800512 ____A (IDT, Inc.) C:\Windows\System32\idtcpl64.cpl
2013-06-28 21:40 - 2010-06-18 01:10 - 03467264 ____A (IDT, Inc.) C:\Windows\System32\stlang64.dll
2013-06-28 21:40 - 2010-06-18 01:10 - 00487424 ____A (IDT, Inc.) C:\Windows\sttray64.exe
2013-06-28 21:40 - 2010-06-18 01:10 - 00220672 ____A (IDT, Inc.) C:\Windows\System32\HPToneCtrls64.dll
2013-06-28 21:40 - 2010-04-01 18:11 - 00162304 ____A (Andrea Electronics Corporation) C:\Windows\System32\AESTAC64.dll
2013-06-28 21:40 - 2009-10-10 04:45 - 00442368 ____A (Andrea Electronics Corporation) C:\Windows\System32\AESTEC64.dll
2013-06-28 21:40 - 2009-03-03 05:58 - 00068608 ____A (Andrea Electronics Corporation) C:\Windows\System32\AESTAR64.dll
2013-06-28 21:40 - 2009-03-03 05:47 - 00090624 ____A (Andrea Electronics Corporation) C:\Windows\System32\AESTCo64.dll
2013-06-24 12:10 - 2013-07-08 05:03 - 00000753 ____A C:\Users\John Myers\(Untitled profile).xpadderprofile
2013-06-23 21:52 - 2013-06-23 22:34 - 386718079 ____A C:\Users\John Myers\Downloads\EQG (CROPPED, FIXED, MINIMAL SHAKING).mp4
2013-06-21 22:22 - 2013-06-21 22:22 - 00001122 ____A C:\Users\John Myers\Xbox_to_mouse.xpaddercontroller
2013-06-20 10:42 - 2013-06-20 10:42 - 02593660 ____A C:\Users\John Myers\Downloads\torchlight_manual.zip
2013-06-19 13:19 - 2013-06-19 13:19 - 00000000 ____D C:\Users\John Myers\AppData\Roaming\runic games
2013-06-18 21:37 - 2013-06-18 21:37 - 00002059 ____A C:\Users\Public\Desktop\Torchlight.lnk
2013-06-18 21:31 - 2013-06-18 21:35 - 439046419 ____A (GOG.com                                                     ) C:\Users\John Myers\Downloads\setup_torchlight_1.0.2.10.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-18 13:23 - 2013-06-18 13:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-18 13:23 - 2013-06-18 13:23 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-18 13:23 - 2013-06-18 13:23 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-18 13:23 - 2013-06-18 13:23 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-18 13:23 - 2013-06-18 13:23 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-18 13:23 - 2013-06-18 13:23 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-18 13:23 - 2013-06-18 13:23 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-18 13:23 - 2013-06-18 13:23 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-18 13:23 - 2013-06-18 13:23 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-18 13:23 - 2013-06-18 13:23 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-18 13:19 - 2013-06-18 13:29 - 00009347 ____A C:\Windows\IE10_main.log
2013-06-17 01:20 - 2013-06-17 01:20 - 00175184 ____A C:\Users\John Myers\Downloads\f8a117f6-ff4c-4be0-83f7-52ccd58696d7.vtf
2013-06-17 01:20 - 2013-06-17 01:20 - 00000183 ____A C:\Users\John Myers\Downloads\f8a117f6-ff4c-4be0-83f7-52ccd58696d7.vmt
2013-06-17 01:16 - 2013-06-17 01:16 - 00350160 ____A C:\Users\John Myers\Downloads\81368c5c-d7ab-4143-85e6-93ec75ad9f2b.vtf
2013-06-17 01:16 - 2013-06-17 01:16 - 00000183 ____A C:\Users\John Myers\Downloads\81368c5c-d7ab-4143-85e6-93ec75ad9f2b.vmt
2013-06-17 01:12 - 2013-06-17 01:12 - 00175184 ____A C:\Users\John Myers\Downloads\f0031a2d-4e19-4aa4-8c36-30dd7eba2625.vtf
2013-06-17 01:12 - 2013-06-17 01:12 - 00000183 ____A C:\Users\John Myers\Downloads\f0031a2d-4e19-4aa4-8c36-30dd7eba2625.vmt
2013-06-14 15:42 - 2013-06-14 15:42 - 00000000 ____D C:\Users\John Myers\Downloads\e3torquel_e_windows_x86
2013-06-14 14:22 - 2013-06-14 14:22 - 00000000 ____D C:\ProgramData\SystemRequirementsLab
2013-06-11 22:16 - 2013-05-08 02:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-11 22:15 - 2013-05-13 01:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-11 22:15 - 2013-05-13 01:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-11 22:15 - 2013-05-13 01:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-11 22:15 - 2013-05-13 01:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-11 22:15 - 2013-05-13 00:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-11 22:15 - 2013-05-13 00:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-11 22:15 - 2013-05-13 00:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-11 22:15 - 2013-05-12 23:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-11 22:15 - 2013-05-12 23:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-11 22:15 - 2013-05-12 23:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-11 22:15 - 2013-05-10 01:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-11 22:15 - 2013-05-09 23:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-11 22:15 - 2013-04-26 01:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-11 22:15 - 2013-04-26 00:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 22:15 - 2013-04-25 19:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-11 22:15 - 2013-04-17 03:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-11 22:15 - 2013-04-17 02:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-11 22:15 - 2013-03-31 18:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-08 15:59 - 2013-06-08 16:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-08 15:59 - 2013-06-08 16:00 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 15:59 - 2013-06-08 16:00 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-08 15:59 - 2013-06-08 15:59 - 00000000 ____D C:\Program Files\iPod
2013-06-08 15:46 - 2013-06-08 15:46 - 00000000 ____D C:\Users\John Myers\Downloads\Rainbow & Rooted - Four's Fall Down
 
==================== One Month Modified Files and Folders =======
 
2013-07-08 05:13 - 2013-07-08 05:13 - 00000000 ____D C:\FRST
2013-07-08 05:11 - 2013-07-08 05:11 - 01934636 ____A (Farbar) C:\Users\John Myers\Downloads\FRST64.exe
2013-07-08 05:10 - 2010-12-26 22:16 - 00000000 ____D C:\Users\John Myers\AppData\Local\Deployment
2013-07-08 05:09 - 2012-09-11 23:41 - 00000000 ____D C:\Users\John Myers\AppData\Roaming\Skype
2013-07-08 05:09 - 2012-05-14 20:11 - 00000000 ____D C:\Users\John Myers\AppData\Roaming\Dropbox
2013-07-08 05:08 - 2012-05-14 20:13 - 00000000 ___RD C:\Users\John Myers\Dropbox
2013-07-08 05:07 - 2012-01-09 21:00 - 00000000 ____D C:\Users\John Myers\AppData\Local\LogMeIn Hamachi
2013-07-08 05:06 - 2012-11-20 23:22 - 12842458 ____A C:\Windows\PFRO.log
2013-07-08 05:06 - 2012-07-24 09:34 - 00009937 ____A C:\Windows\setupact.log
2013-07-08 05:06 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-08 05:05 - 2010-09-16 04:58 - 01286362 ____A C:\Windows\WindowsUpdate.log
2013-07-08 05:04 - 2013-07-08 05:03 - 00006854 ____A C:\AdwCleaner[s1].txt
2013-07-08 05:03 - 2013-06-24 12:10 - 00000753 ____A C:\Users\John Myers\(Untitled profile).xpadderprofile
2013-07-08 05:02 - 2010-12-26 17:13 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-08 04:57 - 2013-07-08 04:57 - 00650027 ____A C:\Users\John Myers\Downloads\AdwCleaner.exe
2013-07-08 04:43 - 2013-07-08 04:43 - 00002288 ____A C:\{5F703DF2-39D8-4CB3-B420-ABD084F6DDF1}
2013-07-08 04:40 - 2011-02-25 21:02 - 00000928 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2137569329-3992277926-1705040876-1001UA.job
2013-07-08 04:38 - 2012-07-01 05:41 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 04:21 - 2013-07-07 17:05 - 00000000 ____D C:\Users\John Myers\Desktop\Random
2013-07-08 04:09 - 2013-07-08 04:08 - 83293072 ____A (Blizzard Entertainment) C:\Users\John Myers\Downloads\World-of-Warcraft-Setup-enUS.exe
2013-07-08 03:13 - 2011-09-03 15:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-08 03:05 - 2013-07-08 03:05 - 00000000 ____D C:\ProgramData\StarApp
2013-07-08 01:38 - 2013-07-08 01:38 - 00001216 ____A C:\Users\John Myers\B.T.R.xpaddercontroller
2013-07-08 01:38 - 2010-12-26 02:22 - 00000000 ____D C:\users\John Myers
2013-07-08 01:27 - 2013-07-08 01:27 - 00000000 ____D C:\Users\John Myers\AppData\Local\BIT.TRIP RUNNER
2013-07-08 01:27 - 2011-07-16 02:20 - 00466456 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2013-07-08 01:27 - 2011-07-16 02:20 - 00444952 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-07-08 01:27 - 2011-07-16 02:20 - 00122904 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2013-07-08 01:27 - 2011-07-16 02:20 - 00109080 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-07-08 01:27 - 2011-02-19 22:54 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-07-07 22:59 - 2013-07-07 22:59 - 00000221 ____A C:\Users\John Myers\Desktop\BIT.TRIP RUNNER.url
2013-07-07 22:46 - 2013-07-07 22:46 - 00000198 ____A C:\Users\John Myers\Desktop\Thomas Was Alone.url
2013-07-07 19:48 - 2013-07-07 15:30 - 00001216 ____A C:\Users\John Myers\SSBF.xpaddercontroller
2013-07-07 19:48 - 2011-12-26 13:19 - 00000000 ____D C:\Users\John Myers\Documents\Square Enix
2013-07-07 19:24 - 2013-07-07 19:24 - 00000221 ____A C:\Users\John Myers\Desktop\FINAL FANTASY VII.url
2013-07-07 16:40 - 2011-02-25 21:02 - 00000876 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2137569329-3992277926-1705040876-1001Core.job
2013-07-07 15:27 - 2013-07-07 15:25 - 157993629 ____A C:\Users\John Myers\Downloads\SSF2DemoV0_9.zip
2013-07-05 16:03 - 2011-09-09 22:03 - 00000000 ____D C:\Users\John Myers\AppData\Roaming\.minecraft
2013-07-04 16:20 - 2011-01-03 20:18 - 00000000 ____D C:\Users\John Myers\AppData\Local\CrashDumps
2013-07-03 21:49 - 2011-10-02 17:59 - 00000000 ____D C:\Users\John Myers\AppData\Roaming\TS3Client
2013-07-03 17:04 - 2009-07-14 00:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-03 17:04 - 2009-07-14 00:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-03 16:53 - 2013-07-03 16:53 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-03 02:52 - 2013-07-03 02:52 - 00110391 ____A C:\Users\John Myers\Downloads\SaveConverterV2.0.0.zip
2013-07-03 00:34 - 2013-07-03 00:34 - 00098114 ____A C:\Users\John Myers\Downloads\TooManyItems2013_07_02_1.6.1.zip
2013-07-03 00:31 - 2013-07-03 00:31 - 01082179 ____A C:\Users\John Myers\Downloads\SinglePlayerCommands-MC1.5.2_V4.8.jar
2013-07-02 22:27 - 2013-07-02 22:27 - 00484992 ____A C:\Users\John Myers\Downloads\Minecraft.exe
2013-06-29 12:53 - 2010-12-25 12:51 - 00882344 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-29 12:53 - 2009-07-14 01:13 - 00882344 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-23 22:34 - 2013-06-23 21:52 - 386718079 ____A C:\Users\John Myers\Downloads\EQG (CROPPED, FIXED, MINIMAL SHAKING).mp4
2013-06-22 17:46 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-06-21 22:22 - 2013-06-21 22:22 - 00001122 ____A C:\Users\John Myers\Xbox_to_mouse.xpaddercontroller
2013-06-20 10:42 - 2013-06-20 10:42 - 02593660 ____A C:\Users\John Myers\Downloads\torchlight_manual.zip
2013-06-19 13:19 - 2013-06-19 13:19 - 00000000 ____D C:\Users\John Myers\AppData\Roaming\runic games
2013-06-18 21:37 - 2013-06-18 21:37 - 00002059 ____A C:\Users\Public\Desktop\Torchlight.lnk
2013-06-18 21:36 - 2012-12-23 15:02 - 00000000 ____D C:\Program Files (x86)\GOG.com
2013-06-18 21:35 - 2013-06-18 21:31 - 439046419 ____A (GOG.com                                                     ) C:\Users\John Myers\Downloads\setup_torchlight_1.0.2.10.exe
2013-06-18 13:51 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-18 13:29 - 2013-06-18 13:19 - 00009347 ____A C:\Windows\IE10_main.log
2013-06-18 13:23 - 2013-06-18 13:23 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-18 13:23 - 2013-06-18 13:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-18 13:23 - 2013-06-18 13:23 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-18 13:23 - 2013-06-18 13:23 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-18 13:23 - 2013-06-18 13:23 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-18 13:23 - 2013-06-18 13:23 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-06-18 13:23 - 2013-06-18 13:23 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-18 13:23 - 2013-06-18 13:23 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-18 13:23 - 2013-06-18 13:23 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-06-18 13:23 - 2013-06-18 13:23 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-18 13:23 - 2013-06-18 13:23 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-18 13:23 - 2013-06-18 13:23 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-06-18 13:23 - 2013-06-18 13:23 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-17 11:46 - 2013-05-29 15:54 - 00000000 ____D C:\Users\John Myers\Documents\chrome-win32
2013-06-17 01:20 - 2013-06-17 01:20 - 00175184 ____A C:\Users\John Myers\Downloads\f8a117f6-ff4c-4be0-83f7-52ccd58696d7.vtf
2013-06-17 01:20 - 2013-06-17 01:20 - 00000183 ____A C:\Users\John Myers\Downloads\f8a117f6-ff4c-4be0-83f7-52ccd58696d7.vmt
2013-06-17 01:16 - 2013-06-17 01:16 - 00350160 ____A C:\Users\John Myers\Downloads\81368c5c-d7ab-4143-85e6-93ec75ad9f2b.vtf
2013-06-17 01:16 - 2013-06-17 01:16 - 00000183 ____A C:\Users\John Myers\Downloads\81368c5c-d7ab-4143-85e6-93ec75ad9f2b.vmt
2013-06-17 01:12 - 2013-06-17 01:12 - 00175184 ____A C:\Users\John Myers\Downloads\f0031a2d-4e19-4aa4-8c36-30dd7eba2625.vtf
2013-06-17 01:12 - 2013-06-17 01:12 - 00000183 ____A C:\Users\John Myers\Downloads\f0031a2d-4e19-4aa4-8c36-30dd7eba2625.vmt
2013-06-14 15:42 - 2013-06-14 15:42 - 00000000 ____D C:\Users\John Myers\Downloads\e3torquel_e_windows_x86
2013-06-14 14:22 - 2013-06-14 14:22 - 00000000 ____D C:\ProgramData\SystemRequirementsLab
2013-06-14 14:22 - 2011-06-10 15:39 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-06-12 13:39 - 2010-12-28 11:50 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 13:37 - 2010-07-20 03:21 - 00000000 ____D C:\ProgramData\Skype
2013-06-12 13:36 - 2012-09-11 23:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-11 22:45 - 2012-04-10 14:48 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-11 22:45 - 2011-07-19 02:28 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 22:44 - 2011-05-17 17:07 - 00000000 ____D C:\Users\John Myers\AppData\Local\Adobe
2013-06-08 16:04 - 2010-12-25 12:52 - 00000000 ____D C:\Users\John Myers\AppData\Roaming\SoftGrid Client
2013-06-08 16:00 - 2013-06-08 15:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-08 16:00 - 2013-06-08 15:59 - 00000000 ____D C:\Program Files\iTunes
2013-06-08 16:00 - 2013-06-08 15:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-08 15:59 - 2013-06-08 15:59 - 00000000 ____D C:\Program Files\iPod
2013-06-08 15:54 - 2013-02-04 20:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-08 15:46 - 2013-06-08 15:46 - 00000000 ____D C:\Users\John Myers\Downloads\Rainbow & Rooted - Four's Fall Down
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-05-04 18:17
 
==================== End Of Log ============================
 
Addition.txt is too long for this post, making a second one
Link to post
Share on other sites
Zing509

Zing509

Posted
  • Author
Posted
This is Addition.txt

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013

Ran by John Myers at 2013-07-08 05:16:49

Running from C:\Users\John Myers\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Installed Programs =======================

 

10,000,000 (x32)

4500_G510gm_Help (x32 Version: 000.0.439.000)

4500G510gm (x32 Version: 000.0.423.000)

4500G510gm_Software_Min (x32 Version: 000.0.423.000)

64 Bit HP CIO Components Installer (Version: 6.2.1)

Acrobat.com (x32 Version: 1.6.65)

Adobe AIR (x32 Version: 3.2.0.2070)

Adobe Download Assistant (x32 Version: 1.2)

Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)

Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)

Adobe Flash Professional CS6 (x32 Version: 12.0)

Adobe Help Manager (x32 Version: 4.0.244)

Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)

Adobe Shockwave Player 11.5 (x32 Version: 11.5.7.609)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.4.634)

Amazon MP3 Downloader 1.0.17 (x32 Version: 1.0.17)

AMD APP SDK Runtime (Version: 10.0.851.4)

AMD Catalyst Install Manager (Version: 3.0.859.0)

Amnesia: The Dark Descent (x32)

And Yet It Moves (x32)

Antichamber (x32)

Apple Application Support (x32 Version: 2.3.4)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (x32 Version: 2.1.3.127)

Assassin's Creed (x32 Version: 1.02)

Atom Zombie Smasher  (x32)

Audacity 1.3.12 (Unicode) (x32)

Audacity 2.0.2 (x32 Version: 2.0.2)

Audiosurf (x32)

Bad Rats (x32)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)

Best Buy pc app (HKCU Version: 3.5.752.2)

Best Buy pc app (Version: 3.5.1.2)

Best Buy pc app (x32 Version: 3.5.1.2)

Bing Bar (x32 Version: 7.0.609.0)

Bing Rewards Client Installer (x32 Version: 16.0.345.0)

BIT.TRIP RUNNER (x32)

Blackhawk Striker 2 (x32 Version: 2.2.0.95)

Blocks That Matter (x32)

BlueJ 3.0.4 (x32)

Bonjour (Version: 3.0.0.10)

Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)

Bryce 7.1 (x32 Version: 7.1.0.109)

BufferChm (x32 Version: 130.0.331.000)

Build-a-lot 2 (x32 Version: 2.2.0.95)

Canon DIGITAL CAMERA Solution Disk Software Guide (x32 Version: 1.4.0.1)

CANON iMAGE GATEWAY MyCamera Download Plugin (x32 Version: 3.1.1.2)

CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.9.0.9)

Canon MOV Decoder (x32 Version: 1.8.0.7)

Canon MOV Encoder (x32 Version: 1.6.0.1)

Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.7.0.4)

Canon PowerShot ELPH 100 HS_IXUS 115 HS Camera User Guide (x32 Version: 1.0.0.1)

Canon Utilities CameraWindow DC 8 (x32 Version: 8.4.0.3)

Canon Utilities CameraWindow Launcher (x32 Version: 7.5.0.2)

Canon Utilities Movie Uploader for YouTube (x32 Version: 1.2.0.7)

Canon Utilities MyCamera (x32 Version: 7.4.0.2)

Canon Utilities PhotoStitch (x32 Version: 3.1.22.46)

Canon Utilities ZoomBrowser EX (x32 Version: 6.7.0.24)

Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.5.0.9)

Castle Crashers (x32)

CCleaner (Version: 3.20)

Cheat Engine 6.2 (x32)

Chuzzle Deluxe (x32 Version: 2.2.0.95)

CinemaNow Media Manager (x32 Version: 1.9.1.105)

Cogs (x32)

Contents (x32 Version: 1.6.0.286)

ControlMK 0.232 (x32 Version: 0.232)

Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000)

Corel PaintShop Photo Pro X3 (x32 Version: 1.6.1.116)

Corel VideoStudio Pro X3 (x32 Version: 1.6.0.286)

Counter-Strike (x32)

Crayon Physics Deluxe (x32)

Critical Mass Demo (x32)

Curse Client (HKCU Version: 5.1.1.792)

CyberLink DVD Suite (x32 Version: 7.0.3003)

D3DX10 (x32 Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)

Defy Gravity (x32)

Destinations (x32 Version: 130.0.0.0)

DeviceDiscovery (x32 Version: 130.0.372.000)

DeviceIO (x32 Version: 1.6.0.286)

Diablo III Beta (x32 Version: 0.11.0.9359)

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)

DocMgr (x32 Version: 130.0.000.000)

DocProc (x32 Version: 13.0.0.0)

Don't Starve (x32)

Dora's Carnival Adventure (x32 Version: 2.2.0.95)

Dropbox (HKCU Version: 2.0.22)

Dungeons & Dragons Online ®:  Eberron Unlimited ™ v01.17.01.801 (x32 Version: 01.17.01.8018)

DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121)

Dwarfs!? (x32)

Energy Star Digital Logo (x32 Version: 1.0.1)

Escape Rosecliff Island (x32 Version: 2.2.0.95)

ESU for Microsoft Windows 7 (x32 Version: 1.0.0)

Euro Truck Simulator 2 (x32)

F.lux (HKCU)

Façade (x32 Version: 1.1.2)

Fallout (x32)

Fallout 2 (x32)

Fallout 3 - Game of the Year Edition (x32)

Fallout: New Vegas (x32)

FATE (x32 Version: 2.2.0.95)

Fax (x32 Version: 130.0.418.000)

Feedback Tool (x32 Version: 1.1.0)

Feedback Tool (x32 Version: 1.2.0)

FEZ (x32)

FFsplit version Alpha (x32 Version: Alpha)

Final Drive Nitro (x32 Version: 2.2.0.95)

FINAL FANTASY VII (x32)

Fraps (x32)

Free MP3 WMA OGG Converter 9.0.1 (x32)

Free YouTube to MP3 Converter version 3.10.815 (x32)

FTL: Faster Than Light (x32)

GameMaker 8.1 (HKCU)

Garry's Mod (x32)

Garry's Mod 13 (x32)

Gateways (x32)

Google Chrome (HKCU Version: 27.0.1453.116)

GPBaseService2 (x32 Version: 130.0.371.000)

Grand Theft Auto: Vice City (x32)

Gunpoint (x32)

Half-Life (x32)

Half-Life 2 (x32)

Half-Life 2: Deathmatch (x32)

Half-Life 2: Episode One (x32)

Half-Life 2: Episode Two (x32)

Half-Life 2: Lost Coast (x32)

Half-Life Deathmatch: Source (x32)

Half-Life: Blue Shift (x32)

Half-Life: Opposing Force (x32)

Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95)

HLSW v1.4.0.2 (x32)

HP 3D DriveGuard (Version: 4.0.5.1)

HP Advisor (x32 Version: 3.4.10262.3295)

HP Customer Experience Enhancements (x32 Version: 6.0.1.4)

HP Customer Participation Program 13.0 (Version: 13.0)

HP Document Manager 2.0 (Version: 2.0)

HP Documentation (x32 Version: 1.1.2.0)

HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43)

HP Game Console (x32)

HP Games (x32 Version: 1.0.1.3)

HP Imaging Device Functions 13.0 (Version: 13.0)

HP MediaSmart CinemaNow 2.0 (x32 Version: 2.0)

HP MediaSmart DVD (x32 Version: 4.1.4229)

HP MediaSmart Movies and TV (Version: 1.0.0.10)

HP MediaSmart Music (x32 Version: 4.1.4215)

HP MediaSmart Photo (x32 Version: 4.1.4211)

HP MediaSmart SmartMenu (Version: 3.1.1.12)

HP MediaSmart Video (x32 Version: 4.1.4214)

HP MediaSmart Webcam (x32 Version: 4.1.3024)

HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.9.0)

HP Officejet 4500 G510g-m (Version: 13.0)

HP Photo Creations (x32 Version: 1.0.0.3611)

HP Power Manager (x32 Version: 1.4.4)

HP Quick Launch (x32 Version: 2.3.6)

HP Setup (x32 Version: 8.1.4186.3400)

HP SimplePass Identity Protection (Version: 5.10.175)

HP Smart Web Printing 4.5 (Version: 4.5)

HP Software Framework (x32 Version: 4.1.13.1)

HP Solution Center 13.0 (Version: 13.0)

HP Update (x32 Version: 4.000.011.006)

HP Wireless Assistant (Version: 4.0.9.0)

HPProductAssistant (x32 Version: 130.0.371.000)

HPSSupply (x32 Version: 130.0.371.000)

Hulu Desktop (HKCU Version: 0.9.13)

ICA (x32 Version: 1.6.0.286)

ICA (x32 Version: 1.6.1.116)

IDT Audio (x32 Version: 1.0.6289.0)

Intel® Management Engine Components (x32 Version: 6.0.0.1179)

Intel® Rapid Storage Technology (x32 Version: 9.6.2.1001)

IPM_PSP_Pro (x32 Version: 1.00.0000)

IPM_VS_Pro (x32 Version: 13.0)

ISCOM (x32 Version: 1.6.0.286)

ISCOM (x32 Version: 1.6.1.116)

iTunes (Version: 11.0.4.4)

Java 7 Update 15 (64-bit) (Version: 7.0.150)

Java 7 Update 21 (x32 Version: 7.0.210)

Java Auto Updater (x32 Version: 2.1.9.5)

Java SE Development Kit 7 Update 15 (64-bit) (Version: 1.7.0.150)

Java 6 Update 23 (64-bit) (Version: 6.0.230)

Java 6 Update 31 (x32 Version: 6.0.310)

Java SE Development Kit 6 Update 23 (64-bit) (Version: 1.6.0.230)

JavaFX 2.1.1 (x32 Version: 2.1.1)

Jewel Quest 3 (x32 Version: 2.2.0.95)

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

LabelPrint (x32 Version: 2.5.2907)

League of Legends (x32 Version: 1.3)

Left 4 Dead 2 (x32)

Legend of Grimrock (x32)

LightScribe System Software (x32 Version: 1.18.16.1)

Little Inferno (x32)

LogMeIn Hamachi (x32 Version: 2.1.0.374)

Magic: The Gathering - Duels of the Planeswalkers 2013 (x32)

Magic: The Gathering - Duels of the Planeswalkers 2013 Demo (x32)

Magicka (x32)

MagniPic (Version: 1.0)

Mark of the Ninja (x32)

MarketResearch (x32 Version: 130.0.374.000)

Mesh Runtime (x32 Version: 15.4.5722.2)

Messenger Companion (x32 Version: 15.4.3502.0922)

Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)

Microsoft .NET Framework 1.1 (x32)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319)

Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)

Microsoft Default Manager (x32 Version: 2.2.114.0)

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)

Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)

Microsoft Help Viewer 1.0 (Version: 1.0.30319)

Microsoft Office 2010 (x32 Version: 14.0.4763.1000)

Microsoft Office 2010 Service Pack 1 (SP1) (x32)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)

Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)

Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000)

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)

Microsoft Silverlight (Version: 5.1.20125.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft SQL Server 2008 (64-bit)

Microsoft SQL Server 2008 Browser (x32 Version: 10.1.2531.0)

Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)

Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)

Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)

Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)

Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)

Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1447.4)

Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)

Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)

Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)

Microsoft SQL Server System CLR Types (x32 Version: 10.50.1447.4)

Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)

Microsoft Visual Basic 2010 Express - ENU (x32 Version: 10.0.30319)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.30319)

Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.30319)

Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)

Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)

Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)

Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)

mIRC (x32 Version: 7.29)

Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

Mumble and Murmur (x32 Version: 1.2.2)

My Game Long Name

Network64 (Version: 130.0.374.000)

Norton AntiVirus (x32 Version: 18.7.1.3)

Norton Online Backup (x32 Version: 2.1.17869)

Notepad++ (x32 Version: 5.9.2)

NVIDIA PhysX (x32 Version: 9.10.0224)

OCR Software by I.R.I.S. 13.0 (Version: 13.0)

OpenAL (x32)

Orcs Must Die! (x32)

Orcs Must Die! 2 (x32)

Paint.NET v3.5.8 (Version: 3.58.0)

Pando Media Booster (x32 Version: 2.6.0.8)

PC Gamer (x32)

PDF Settings CS6 (x32 Version: 11.0)

Penguins! (x32 Version: 2.2.0.95)

pH Scale (HKCU)

PhotoNow! (x32 Version: 1.1.6904)

Plants vs. Zombies (x32 Version: 2.2.0.95)

Plants vs. Zombies: Game of the Year (x32)

Poker Night 2 (x32)

Poker Night at the Inventory (x32)

Poker Superstars III (x32 Version: 2.2.0.95)

Polar Bowler (x32 Version: 2.2.0.95)

Polar Golfer (x32 Version: 2.2.0.95)

Portal (x32)

Portal 2 (x32)

Power2Go (x32 Version: 6.1.4204)

PowerDirector (x32 Version: 8.0.3003)

Project64 1.6 (x32 Version: 1.6)

Project64 1.7.0.49 (x32)

PSPPContent (x32 Version: 1.00.0000)

PSPPRO_DCRAW (x32 Version: 13.0.0)

Psychonauts (x32)

PunkBuster Services (x32 Version: 0.991)

PureHD (x32 Version: 1.6.0.286)

PX Profile Update (x32 Version: 1.00.1.)

QuickTime (x32 Version: 7.74.80.86)

Razer Naga (x32 Version: 3.02.05)

Really Big Sky (x32)

Realm of the Mad God (x32)

Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.17.304.2010)

Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30111)

Recovery Manager (x32 Version: 5.5.3023)

Reus (x32)

Revo Uninstaller 1.94 (x32 Version: 1.94)

RIFT (x32 Version: 0.1.10)

Roxio CinemaNow 2.0 (x32 Version: 1.0.284)

Scan (x32 Version: 13.0.0.0)

Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0)

Setup (x32 Version: 1.6.0.286)

Setup (x32 Version: 1.6.1.116)

Share (x32 Version: 1.6.0.286)

Share64 (Version: 1.6.0.286)

Shop for HP Supplies (Version: 13.0)

Sid Meier's Civilization V (x32)

Skype Click to Call (x32 Version: 6.9.12585)

Skype™ 6.5 (x32 Version: 6.5.158)

SmartWebPrinting (x32 Version: 130.0.373.000)

SolutionCenter (x32 Version: 130.0.373.000)

Sonic Adventure DX (x32)

Sonic Adventure™ 2  (x32)

Sonic Generations (x32)

Source SDK Base 2007 (x32)

SpaceChem (x32)

Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)

Star Wars - Battlefront II (x32)

StarCraft (x32)

StarCraft II (x32 Version: 2.0.6.25180)

Status (x32 Version: 130.0.373.000)

Stealth Bastard Deluxe (x32)

Steam (x32 Version: 1.0.0.0)

Sumotori Dreams (x32)

Super Hexagon (x32)

Super Meat Boy (x32)

Surgeon Simulator 2013 (x32)

swMSM (x32 Version: 12.0.0.1)

Synaptics Pointing Device Driver (Version: 15.3.29.0)

Synergy (x32)

System Requirements Lab CYRI (x32 Version: 6.0.3.0)

Team Fortress 2 (x32)

Team Fortress Classic (x32)

TeamSpeak 3 Client (Version: 3.0.10.1)

Terraria (x32)

The Basement Collection (x32)

The Binding Of Isaac (x32)

The Elder Scrolls III: Morrowind (x32)

The Elder Scrolls IV: Oblivion  (x32)

The Elder Scrolls V: Skyrim (x32)

Thomas Was Alone (x32)

TigerGame XBOX+PS2+GC Game Controller Adapter 2.0.1.0 (x32)

Times Reader (x32 Version: 2.061)

Toolbox (x32 Version: 130.0.648.000)

Torchlight (x32)

Tower Wars (x32)

TrayApp (x32 Version: 130.0.376.000)

Ubisoft Game Launcher (x32 Version: 1.0.0.0)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)

Update for Microsoft Office 2010 (KB2494150) (x32)

Update for Microsoft Office 2010 (KB2553065) (x32)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2566458) (x32)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)

Validity Sensors DDK (Version: 4.1.139.0)

Ventrilo Client (x32 Version: 3.0.7)

VIO (x32 Version: 1.6.0.286)

Virtual Families (x32 Version: 2.2.0.95)

Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (x32 Version: 4.0.8080.0)

VSClassic (x32 Version: 1.6.0.286)

VSPro (x32 Version: 1.6.0.286)

VTFEdit 1.2.5 (x32)

VVVVVV (x32)

Warcraft III (x32)

WebReg (x32 Version: 130.0.132.017)

Wheel of Fortune 2 (x32 Version: 2.2.0.95)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Family Safety (Version: 15.4.3502.0922)

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3502.0922)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Mesh (x32 Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)

Windows Live Messenger (x32 Version: 15.4.3502.0922)

Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3502.0922)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live Sync (x32 Version: 14.0.8117.416)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

Windows Media Encoder 9 Series (x32 Version: 9.00.2980)

Windows Media Encoder 9 Series (x32)

WinRAR archiver

World of Goo (x32)

Xiph QuickTime Components (x32)

XSplit (x32 Version: 1.2.1301.2501)

Yahoo! Toolbar (x32)

Your Doodles Are Bugged! (x32)

Zuma Deluxe (x32 Version: 2.2.0.95)

 

==================== Restore Points  =========================

 

08-07-2013 07:10:46 Removed Façade

 

==================== Hosts content: ==========================

 

2012-05-14 23:23 - 2010-05-13 17:53 - 00001204 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

127.0.0.1 activate.adobe.com

127.0.0.1 3dns-3.adobe.com

127.0.0.1 adobe-dns-2.adobe.com

127.0.0.1 adobe-dns-3.adobe.com

127.0.0.1 ereg.wip3.adobe.com

127.0.0.1 activate-sea.adobe.com

127.0.0.1 wip3.adobe.com

127.0.0.1 wwis-dubc1-vip60.adobe.com

127.0.0.1 activate-sjc0.adobe.com

127.0.0.1 practivate.adobe.com

127.0.0.1 ereg.adobe.com

127.0.0.1 activate.wip3.adobe.com

127.0.0.1 3dns-2.adobe.com

127.0.0.1 adobe-dns.adobe.com 

 

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {23D49ABA-FFC0-4F1F-B404-FAE49BF55C4B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-25] (CyberLink)

Task: {46CF26CF-61BF-49EF-BDF8-5BCB46C1B67B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {541A3D09-1EAE-4970-8F16-EB6C811155DA} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.1.3 => C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\SymErr.exe [2012-03-27] (Symantec Corporation)

Task: {61C39E30-B802-4D0D-A2CA-6299F6B0DA93} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => C:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe No File

Task: {687A44F6-8754-423F-8B19-D5F6F8217D96} - System32\Tasks\Symantec\Norton Error Processor 18.7.1.3 => C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\SymErr.exe [2012-03-27] (Symantec Corporation)

Task: {753204A8-BE77-4186-9FE6-2EF5874BCD7D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)

Task: {81F021B5-6366-49B3-88A6-402CE2F008B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)

Task: {85B8547E-4D95-4A82-937A-C020A1B00278} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => C:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe No File

Task: {A5804155-7EA0-46C5-A35C-C49872F7FD67} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)

Task: {AFD4B0F2-FD89-4810-870E-BE0901A8EB1C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: {C2F2313B-FEFD-4541-9ECD-12477BF69A59} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2137569329-3992277926-1705040876-1001Core => C:\Users\John Myers\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-25] (Google Inc.)

Task: {DB37CA71-51D0-4AED-9EDF-116A5791CD14} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2137569329-3992277926-1705040876-1001UA => C:\Users\John Myers\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-25] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2137569329-3992277926-1705040876-1001Core.job => C:\Users\John Myers\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2137569329-3992277926-1705040876-1001UA.job => C:\Users\John Myers\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Faulty Device Manager Devices =============

 

Name: Officejet 4500 G510g-m

Description: Officejet 4500 G510g-m

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Officejet J4680 series

Description: Officejet J4680 series

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Photosmart C4700 series

Description: Photosmart C4700 series

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/08/2013 03:05:24 AM) (Source: Application Hang) (User: )

Description: The program PrivitizeVPN_1.0.0.5_install_config.exe version 1.0.0.5 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 328

 

Start Time: 01ce7ba9507857b8

 

Termination Time: 4

 

Application Path: C:\Users\JOHNMY~1\AppData\Local\Temp\nshEAB4.tmp\PrivitizeVPN_1.0.0.5_install_config.exe

 

Report Id:

 

Error: (07/07/2013 08:57:18 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

 

Error: (07/07/2013 08:57:18 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1014

 

Error: (07/07/2013 08:57:18 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/07/2013 02:27:34 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

 

Error: (07/07/2013 02:27:34 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 4009

 

Error: (07/07/2013 02:27:34 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/07/2013 02:27:33 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

 

Error: (07/07/2013 02:27:33 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 3011

 

Error: (07/07/2013 02:27:33 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

 

System errors:

=============

Error: (07/08/2013 05:15:57 AM) (Source: Service Control Manager) (User: )

Description: The Intel® Management & Security Application User Notification Service service hung on starting.

 

Error: (07/08/2013 05:13:56 AM) (Source: Service Control Manager) (User: )

Description: The Windows Update service hung on starting.

 

Error: (07/08/2013 05:07:58 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

 

Error: (07/08/2013 05:07:23 AM) (Source: Service Control Manager) (User: )

Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error: 

%%1053

 

Error: (07/08/2013 05:07:23 AM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

 

Error: (07/07/2013 06:08:30 PM) (Source: volsnap) (User: )

Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

 

Error: (07/03/2013 04:55:55 PM) (Source: Service Control Manager) (User: )

Description: The Windows Update service hung on starting.

 

Error: (07/03/2013 04:54:54 PM) (Source: Service Control Manager) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

 

Error: (07/03/2013 04:54:27 PM) (Source: Service Control Manager) (User: )

Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: 

%%1053

 

Error: (07/03/2013 04:54:27 PM) (Source: Service Control Manager) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

 

 

Microsoft Office Sessions:

=========================

Error: (07/08/2013 03:05:24 AM) (Source: Application Hang)(User: )

Description: PrivitizeVPN_1.0.0.5_install_config.exe1.0.0.532801ce7ba9507857b84C:\Users\JOHNMY~1\AppData\Local\Temp\nshEAB4.tmp\PrivitizeVPN_1.0.0.5_install_config.exe

 

Error: (07/07/2013 08:57:18 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

 

Error: (07/07/2013 08:57:18 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1014

 

Error: (07/07/2013 08:57:18 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/07/2013 02:27:34 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

 

Error: (07/07/2013 02:27:34 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 4009

 

Error: (07/07/2013 02:27:34 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/07/2013 02:27:33 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

 

Error: (07/07/2013 02:27:33 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 3011

 

Error: (07/07/2013 02:27:33 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-03-13 23:11:17.059

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-03-13 23:11:16.846

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-03-13 23:11:00.276

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-03-13 23:11:00.123

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-03-13 23:10:35.893

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-03-13 23:10:35.713

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2011-08-22 23:55:38.908

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2011-08-22 23:55:38.868

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2011-08-22 23:55:28.323

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2011-08-22 23:55:28.269

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 33%

Total physical RAM: 6077.86 MB

Available physical RAM: 4030.25 MB

Total Pagefile: 12153.9 MB

Available Pagefile: 10076.9 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:443.56 GB) (Free:51.42 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)]

Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:465.57 GB) NTFS (Disk=1 Partition=1)

Drive e: (RECOVERY) (Fixed) (Total:21.91 GB) (Free:3.18 GB) NTFS (Disk=0 Partition=3) ==>[system with boot components (obtained from reading drive)]

Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32 (Disk=0 Partition=4)

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 2FBFE761)

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=444 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=22 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C6EC3D9C)

Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Download attached fixlist.txt file and save it to the Desktop.

 

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST/FRST64 and press the Fix button just once and wait.

 

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Open Malwarebytes, check for updates then run Quick scan. Full instructions follow if  Malwarebytes is not installed:

 

Download Malwarebytes from one of the following links and save it to your desktop.:

 

 

http://www.malwarebytes.org/mbam.php 

http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml[/url]

http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

 

Double Click mbam-setup.exe to install the application.

 

  •  

     

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.

     

     

  • If an update is found, it will download and install the latest version.

     

     

  • Once the program has loaded, select "Perform Quick Scan", then click Scan.

     

     

  • The scan may take some time to finish,so please be patient.

     

     

  • When the scan is complete, click OK, then Show Results to view the results.

     

     

  • Make sure that everything is checked, and click Remove Selected.

     

     

  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)

     

     

  • Please save the log to a location you will remember.

     

     

  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

     

     

  • Copy and paste the entire report in your next reply.

     

     

 

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

Next,

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go Eset web page http://www.eset.com/home/products/online-scanner/ to run an online scanner from ESET.

 

 

 

When the scan is complete

 

 

 

If threats were found

 

 

 

close program

copy and paste the report here

 

Post hose logs in your reply, also give update on any remaining isues or concerns...

 

Kevin

fixlist.txt

Link to post
Share on other sites
Zing509

Zing509

Posted
  • Author
Posted

MalwareBytes Log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.08.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
John Myers :: JOHNMYERS-HP [administrator]

7/8/2013 12:04:21
mbam-log-2013-07-08 (12-04-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219158
Time elapsed: 7 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\John Myers\Downloads\CS6-AMTLIB-32-bit.rar (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\Users\John Myers\Local Settings\Temporary Internet Files\Content.IE5\Q30QTSFY\51da64ac1d73c[1].exe (PUP.Adware.MultiPlug) -> Quarantined and deleted successfully.

(end)

 

 

ESET SCAN log:

 

C:\Users\John Myers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGU0F3S5\83d40c46e2e299805a76468bd373429a[1].exe a variant of Win32/SProtector.A application
C:\Users\John Myers\AppData\Local\Temp\nshF252.tmp\setup_magnipic.exe Win32/InstalleRex.J application

 

 

 

 

Both the speed and wifi of my computer are normal
 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

That is good news, ok continue:

 

Download OTM from either of the following links and save to your Desktop:

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe  

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion....

  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :FilesC:\Users\John Myers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGU0F3S5\83d40c46e2e299805a76468bd373429a[1].exeC:\Users\John Myers\AppData\Local\Temp\nshF252.tmp\setup_magnipic.exe:Commands[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red btnmoveit.png button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop.

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites
Zing509

Zing509

Posted
  • Author
Posted

This is OMT's log:

 

 

All processes killed
========== FILES ==========
C:\Users\John Myers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGU0F3S5\83d40c46e2e299805a76468bd373429a[1].exe moved successfully.
C:\Users\John Myers\AppData\Local\Temp\nshF252.tmp\setup_magnipic.exe moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: John Myers
->Temp folder emptied: 430171581 bytes
->Temporary Internet Files folder emptied: 210528352 bytes
->Java cache emptied: 10251136 bytes
->Google Chrome cache emptied: 357336440 bytes
->Flash cache emptied: 160106 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 308880443 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 38780 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42310724 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1,297.00 mb
 
 
OTM by OldTimer - Version 3.1.21.0 log created on 07082013_160108
 
Files moved on Reboot...
C:\Users\John Myers\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\John Myers\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
 
Registry entries deleted on Reboot...
 

 

 

 

 

This is Security Check's log:

 

 

 Results of screen317's Security Check version 0.99.68  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Norton AntiVirus   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 JavaFX 2.1.1    
 Java 6 Update 31  
 Java 7 Update 21  
 Java version out of Date! 
 Adobe Flash Player 11.7.700.224  
 Adobe Reader XI  
 Google Chrome 27.0.1453.110  
 Google Chrome 27.0.1453.116  
 Google Chrome Plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Norton AntiVirus Engine 18.7.1.3 ccSvcHst.exe 
 Symantec Norton Online Backup NOBuAgent.exe  
 Symantec Norton Online Backup NOBuClient.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, If the following are still present remove them:

 

Java™ 6 Update 31  

Java 7 Update 21
 
Let me know if you have any remaining issues or concerns, if all ok we can clean up... Also you never posted the log from fixlist.txt run of FRST as per my instruction in reply 5, can I see that log...
 
Kevin
Link to post
Share on other sites
Zing509

Zing509

Posted
  • Author
Posted

Here is the Fixlog, sorry for forgetting it.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013
Ran by John Myers at 2013-07-08 12:01:30 Run:1
Running from C:\Users\John Myers\Downloads
Boot Mode: Normal
==============================================
 
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F301A4A2-4B1B-4731-AD16-E5098900728E} => Key deleted successfully.
HKCR\CLSID\{F301A4A2-4B1B-4731-AD16-E5098900728E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{F301A4A2-4B1B-4731-AD16-E5098900728E} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{F301A4A2-4B1B-4731-AD16-E5098900728E} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F301A4A2-4B1B-4731-AD16-E5098900728E} => Key deleted successfully.
HKCR\CLSID\{F301A4A2-4B1B-4731-AD16-E5098900728E} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
C:\ProgramData\hash.dat => Moved successfully.
 
==== End of Fixlog ====
 
 
Everything seems to be back to normal, i cannot thank you enough!
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Good news, we like that. OK we continue...

 

Uninstall adwcleaner.exe

  •   Please close all open programs and internet browsers.
  •   Double click on adwcleaner.exe to run the tool.
  •   Click on Uninstall
  • Click Yes at Would you like to Uninstall Adwcleaner

 

Next,

 

Remove ESET online scanner  (Only If installed):

 


Click Start, type Uninstall a Program into the Search programs and files box, and then press ENTER.
Click to select ESET Online Scanner from the listing of installed products, and then click Uninstall/Change from the bar that displays the available tasks. Uninstall ESETonline Scanner, only re-boot if prompted.

 

Next,

 

Navigate to and Delete the following:

 

C:\FRST
C:\Users\John Myers\Downloads\FRST64.exe
 

Next,

 

  • Download OTC by OldTimer from here http://oldtimer.geekstogo.com/OTC.exe or here http://www.itxassociates.com/OT-Tools/OTC.exe and save to your Desktop.
  • Double click OTC_Icon.jpg icon to start the program.
    If you are using Vista or Windows 7 accept UAC
  • Then Click the big CleanUp.jpg button.
  • You will get a prompt saying "Begining Cleanup Process". Please select Yes.
  • Restart your computer when prompted.
  • This will remove tools we have used and itself.

 

Any tools/logs remaining on the Desktop can be deleted.

 

If those steps complete and you have no more issues you should be good to go.. I give my own security set up, maybe you can find this usefull..

 

Windows own Firewall, Microsoft Security Essentials and Malwarebytes Pro. Windows FW and MSE are free, MB does also have a free version, however I prefer the pro version as it provides auto updates and realtime protection. Cost is about £20 for a lifetime license.

 

As an extra layer I also use WinPatrol, the free version is adeqaute for general home use. Available here: http://www.winpatrol.com/download.html

 

For my browser I use Firefox with these addons: Web of Trust, Adblock Plus, Flash Block, NoScipt, Ghostery. When Firefox is open select these keys together :- Ctrl - Shift - A that will access Addons manger, this gives access to find addons, use, start, stop or disable those features etc....

Before using NoScript read from this link http://noscript.net/ makes it easy to understand....

 

Understanding Windows 7 Firewall - http://windows.microsoft.com/en-GB/windows7/Understanding-Windows-Firewall-settings

 

Understanding Microsoft Security Essentials - http://www.microsoft.com/en-gb/security/pc-security/mse.aspx

 

Understanding Malwarebytes, how to create an exclusion in MSE - http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=162100entry162100

 

Understanding WinPatrol - http://www.winpatrol.com/features.html

 

I also use the Professional version of Sandboxie, I believe there is also free version available. Visit this link http://www.sandboxie.com/ for access to d/l, also make sure to use the "Help and FAQ" option to understand its uses, specifically how to run your browser sandboxed!.

 

Let me know if all is ok to close out..

 

Kevin...

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.