Jump to content

Cpvrdr redirect problem


Recommended Posts

Hi folks! I've got the cpvrdr redirect malware on my computer. I went to another site that told me to run adwcleaner. Did that, I'll post the report below this paragraph. But step two was download malwarebytes antimalware. That didn't even setup. Kept getting "corrupt copy" error even after trying a copy straight from malwarebytes.com. Tried hitman just for grins. That also would not install. Maybe the malware is blocking these problems? Any help would be greatly appreciated.

Here is the adwcleaner report:

# AdwCleaner v3.011 - Report created 07/11/2013 at 16:19:54

# Updated 03/11/2013 by Xplode

# Operating System : Windows 8.1 Pro (64 bits)

# Username : Steven Alvey - ALVEYLAPTOP

# Running from : C:\Users\Steven Alvey\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess

Folder Deleted : C:\Program Files (x86)\Solid Savings

Folder Deleted : C:\Users\Steven Alvey\AppData\Roaming\pccustubinstaller

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026278.BHO

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026278.BHO.1

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026278.Sandbox

Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0026278.Sandbox.1

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211621178}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222622278}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255625578}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266626678}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244624478}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211621178}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211621178}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211621178}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{418ad5ba-1c21-4a23-8218-3751a782daea}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45e32d3d-628f-4ea5-9f03-e0662bb11c31}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5e1acd7a-8a69-45ba-a5ef-b94f8995ed49}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f1769f7-ede8-46dd-b0cf-78554c5a6f3f}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cb0db35f-b521-4882-afa1-2918670eab07}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255625578}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266626678}

Key Deleted : HKCU\Software\installedbrowserextensions

Key Deleted : HKCU\Software\wecarereminder

Key Deleted : HKCU\Software\Zugo

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKCU\Software\AppDataLow\Software\Solid Savings

Key Deleted : HKLM\Software\Solid Savings

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Solid Savings

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [secondary Start Pages]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Steven Alvey\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4007 octets] - [07/11/2013 16:18:11]

AdwCleaner[s0].txt - [3645 octets] - [07/11/2013 16:19:54]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3705 octets] ##########

Benedicat tibi Dominus,

Steven Alvey

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin....

Link to post
Share on other sites

Here's the FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013

Ran by Steven Alvey (administrator) on ALVEYLAPTOP on 07-11-2013 18:42:32

Running from C:\Users\Steven Alvey\Downloads

Windows 8.1 Pro (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe

(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe

(Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe

() C:\Windows\SysWOW64\SMITSC.exe

(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe

(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe

() C:\ProgramData\GorillaPrice\WatGorp.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe

() C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe

() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe

() C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\IEXPLORE.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor)

HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe"

HKLM\...\Run: [sRS Premium Sound 3D] - C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip [215247 2012-10-22] ()

HKLM\...\Run: [TCrdMain] - C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe [2609064 2012-08-30] ()

HKLM\...\Run: [TecoResident] - C:\Program Files\Toshiba\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] - C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)

HKLM\...\Run: [TSleepSrv] - C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)

HKLM\...\Run: [TODDMain] - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2962232 2012-11-23] (Synaptics Incorporated)

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-09-25] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1820584 2013-10-30] (Valve Corporation)

HKCU\...\Run: [Remote Mouse] - C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [93184 2013-05-15] (RemoteMouse.net)

HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)

HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)

HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

HKCU\...\Run: [GoogleChromeAutoLaunch_D9A64D663E2F4EBADA1AE1D9C9950555] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [844752 2013-10-08] (Google Inc.)

HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)

HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-10-17] (Adobe Systems Incorporated)

AppInit_DLLs: C:\windows\system32\nvinitx.dll [2237328 2013-10-17] ()

Startup: C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: http=127.0.0.1:8080

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com

SearchScopes: HKLM - DefaultScope {A2C3CA22-28B2-4FE2-901B-2547996DB45A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS

SearchScopes: HKLM - {A2C3CA22-28B2-4FE2-901B-2547996DB45A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS

SearchScopes: HKLM-x32 - {A2C3CA22-28B2-4FE2-901B-2547996DB45A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS

SearchScopes: HKCU - DefaultScope {A2C3CA22-28B2-4FE2-901B-2547996DB45A} URL = 

SearchScopes: HKCU - {A2C3CA22-28B2-4FE2-901B-2547996DB45A} URL = 

BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)

Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

 

Chrome: 

=======


CHR Extension: (Google Docs) - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Weebly Dashboard Extension) - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkhpeihpgdipchpfmddkfcigllaaiaki\1.2.1_0

CHR Extension: () - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.38

CHR Extension: (Norton Identity Protection) - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0

CHR Extension: (Google Wallet) - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0

CHR Extension: (Gmail) - C:\Users\STEVEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx

 

==================== Services (Whitelisted) =================

 

S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [533504 2013-09-29] (Microsoft Corporation)

S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1302016 2013-09-29] (Microsoft Corporation)

R2 GorillaPrice; C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe [631808 2013-11-05] ()

S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-08-22] (Microsoft Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2013-09-29] (Microsoft Corporation)

S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [90464 2013-09-29] (Microsoft Corporation)

R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)

R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation)

R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-08-27] (Symantec Corporation)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor)

S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation)

R2 SMITS; C:\Windows\SysWOW64\SMITSC.exe [12800 2013-06-19] ()

S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation)

S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)

R2 WatGorp; C:\ProgramData\GorillaPrice\WatGorp.exe [70144 2013-11-05] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)

S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1581568 2013-09-29] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [76800 2013-08-22] (Microsoft Corporation)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-22] (Symantec Corporation)

R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)

S3 EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (USB Smart Card Reader)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20131106.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-29] (Microsoft Corporation)

S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-29] (Microsoft Corporation)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131107.003\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)

R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20131107.003\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)

R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-11-23] (Synaptics Incorporated)

R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation)

R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\N360x64\1404000.028\SymELAM.sys [23448 2012-11-15] (Symantec Corporation)

R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-17] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)

R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)

S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

NETSVC: lfsvc -> C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation)

NETSVC: MsKeyboardFilter -> C:\Windows\System32\KeyboardFilterSvc.dll (Microsoft Corporation)

 

==================== One Month Created Files and Folders ========

 

2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\FRST

2013-11-07 18:41 - 2013-11-07 18:41 - 01957098 _____ (Farbar) C:\Users\Steven Alvey\Downloads\FRST64.exe

2013-11-07 16:37 - 2013-11-07 16:37 - 01376256 _____ C:\Users\Steven Alvey\Downloads\HitmanPro.exe

2013-11-07 16:28 - 2013-11-07 16:28 - 00080456 _____ (Malwarebytes Corporation) C:\Users\Steven Alvey\Downloads\mbam-clean-1.60.2.0003.exe

2013-11-07 16:26 - 2013-11-07 16:26 - 09609220 _____ (Malwarebytes Corporation                                    ) C:\Users\Steven Alvey\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-11-07 16:26 - 2013-11-07 16:26 - 07988620 _____ (Malwarebytes Corporation                                    ) C:\Users\Steven Alvey\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-07 16:23 - 2013-11-07 16:26 - 07988620 _____ (Malwarebytes Corporation                                    ) C:\Users\Steven Alvey\Desktop\mbam-setup-1.75.0.1300.exe

2013-11-07 16:23 - 2013-11-07 16:23 - 01048576 _____ C:\Users\Steven Alvey\Desktop\HitmanPro_x64.exe

2013-11-07 16:20 - 2013-11-07 16:30 - 00000000 ____D C:\ProgramData\boost_interprocess

2013-11-06 23:55 - 2013-11-06 23:55 - 05582034 _____ C:\Users\Steven Alvey\Downloads\powtoon-dxJVGq9WJOM.mp4

2013-11-06 21:05 - 2013-11-06 20:27 - 06473691 _____ C:\Users\Steven Alvey\Desktop\shoesdavid1 - Copy.mp4

2013-11-06 20:46 - 2013-11-06 20:46 - 00743447 _____ C:\Users\Steven Alvey\Downloads\fbgorilla.zip

2013-11-06 17:56 - 2013-11-06 21:03 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Open Download Manager

2013-11-06 17:56 - 2013-11-06 17:56 - 00000000 ____D C:\ProgramData\GorillaPrice

2013-11-06 17:56 - 2013-11-06 17:56 - 00000000 ____D C:\Program Files (x86)\GorillaPrice

2013-11-06 17:55 - 2013-11-06 21:49 - 00000000 ____D C:\Program Files (x86)\OpenDownloaderManager

2013-11-06 17:55 - 2013-11-06 17:55 - 00507608 _____ (My Company) C:\Users\Steven Alvey\Downloads\Setup_ODM.exe

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\modules

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\js

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\images

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\html

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\css

2013-11-06 11:33 - 2013-11-06 11:24 - 82098591 _____ C:\Users\Steven Alvey\Desktop\duoportsm.mov

2013-11-06 11:18 - 2013-11-06 11:12 - 223311260 _____ C:\Users\Steven Alvey\Desktop\duoport720.mov

2013-11-06 03:37 - 2013-11-06 03:38 - 08474084 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (5).mp4

2013-11-06 02:55 - 2013-11-06 03:10 - 00084808 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (5).mp4.sfk

2013-11-06 02:54 - 2013-11-06 02:55 - 10339999 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (5).mp4

2013-11-06 02:54 - 2013-11-06 02:54 - 09574237 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (4).mp4

2013-11-06 02:54 - 2013-11-06 02:54 - 00079304 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (4).mp4.sfk

2013-11-06 02:40 - 2013-11-06 02:42 - 00079304 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (3).mp4.sfk

2013-11-06 02:39 - 2013-11-06 02:40 - 09574237 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (3).mp4

2013-11-06 02:30 - 2013-11-06 02:30 - 09574237 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (2).mp4

2013-11-06 00:36 - 2013-11-06 00:40 - 2434928398 _____ C:\Users\Steven Alvey\Desktop\boom.avi

2013-11-06 00:09 - 2013-11-06 00:09 - 00000000 ____D C:\Users\Steven Alvey\Desktop\60001-4 After Effects Project

2013-11-06 00:06 - 2013-11-06 00:08 - 107568669 _____ C:\Users\Steven Alvey\Downloads\logo-explosion.zip

2013-11-05 23:30 - 2013-11-05 23:33 - 911742796 _____ C:\Users\Steven Alvey\Desktop\anoth2.avi

2013-11-05 23:19 - 2013-11-05 23:22 - 909634456 _____ C:\Users\Steven Alvey\Desktop\anoth1.avi

2013-11-05 22:30 - 2013-11-05 22:33 - 909634456 _____ C:\Users\Steven Alvey\Desktop\anotherreveal.avi

2013-11-05 22:21 - 2013-11-05 22:21 - 05488358 _____ C:\Users\Steven Alvey\Downloads\girlhazel.mp4

2013-11-05 20:42 - 2013-11-05 20:42 - 00000000 ____D C:\Users\Steven Alvey\Desktop\Ball Logo

2013-11-05 20:41 - 2013-11-05 20:41 - 57380460 _____ C:\Users\Steven Alvey\Desktop\ball-logo_ae913.zip

2013-11-05 20:41 - 2013-11-05 20:41 - 00000000 ____D C:\Users\Steven Alvey\Desktop\Logo Pieces After Effects Files

2013-11-05 20:41 - 2013-11-05 20:01 - 124785387 _____ C:\Users\Steven Alvey\Desktop\logo-pieces.zip

2013-11-05 20:40 - 2013-11-05 20:41 - 57380460 _____ C:\Users\Steven Alvey\Downloads\ball-logo_ae913.zip

2013-11-05 19:57 - 2013-11-05 20:01 - 124785387 _____ C:\Users\Steven Alvey\Downloads\logo-pieces.zip

2013-11-05 19:42 - 2013-11-05 19:51 - 542646569 _____ C:\Users\Steven Alvey\Desktop\RENDER HD 1280x720.mov

2013-11-05 18:30 - 2013-11-05 19:33 - 00000000 ____D C:\Users\Steven Alvey\Desktop\Bright Logo Intro

2013-11-05 18:27 - 2013-11-05 18:27 - 00003522 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-AlveyLaptop-Steven Alvey

2013-11-05 18:24 - 2013-11-05 18:24 - 00000000 ____D C:\Users\Steven Alvey\Documents\Adobe

2013-11-05 18:18 - 2013-11-05 18:27 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-11-05 18:18 - 2013-11-05 18:18 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\PDAppFlex

2013-11-05 18:17 - 2013-11-05 18:18 - 51193751 _____ C:\Users\Steven Alvey\Downloads\bright_logo_intro-ae1013.zip

2013-11-05 16:54 - 2013-11-05 17:02 - 00000000 ____D C:\Program Files\Common Files\Adobe

2013-11-05 16:54 - 2013-11-05 17:01 - 00000000 ____D C:\Program Files\Adobe

2013-11-05 16:36 - 2013-11-05 16:36 - 00001094 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2013-11-05 16:34 - 2013-11-05 16:34 - 02841464 _____ (Adobe Systems Incorporated) C:\Users\Steven Alvey\Downloads\CreativeCloudSet-Up.exe

2013-11-05 11:07 - 2013-11-05 11:07 - 07997483 _____ C:\Users\Steven Alvey\Downloads\skeetedre_video_2.mp4

2013-11-04 23:02 - 2013-11-04 23:02 - 00010367 _____ C:\Users\Steven Alvey\AppData\Local\recently-used.xbel

2013-11-04 22:33 - 2013-11-04 22:33 - 08526480 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (4).mp4

2013-11-04 12:23 - 2013-11-07 01:27 - 95762196 _____ C:\Users\Steven Alvey\Downloads\25MRRproducts3.zip

2013-11-04 12:23 - 2013-11-04 12:27 - 88452632 _____ C:\Users\Steven Alvey\Downloads\25MRRproducts4.zip

2013-11-04 12:23 - 2013-11-04 12:27 - 108369774 _____ C:\Users\Steven Alvey\Downloads\25MRRproducts1.zip

2013-11-04 12:23 - 2013-11-04 12:26 - 85317318 _____ C:\Users\Steven Alvey\Downloads\25MRRproducts2.zip

2013-11-04 11:52 - 2013-11-04 11:52 - 05488358 _____ C:\Users\Steven Alvey\Downloads\powtoon-dUNw5dMOPEA.mp4

2013-11-04 11:52 - 2013-11-04 11:52 - 05488358 _____ C:\Users\Steven Alvey\Desktop\girlhazel.mp4

2013-11-04 11:51 - 2013-11-04 11:57 - 147178089 _____ C:\Users\Steven Alvey\Downloads\Audio-Intro-Package.zip

2013-11-04 11:51 - 2013-11-04 11:56 - 59331349 _____ C:\Users\Steven Alvey\Downloads\Christmas-Soundtracks.zip

2013-11-04 11:51 - 2013-11-04 11:56 - 54007307 _____ C:\Users\Steven Alvey\Downloads\Business-Intro-Package.zip

2013-11-04 11:51 - 2013-11-04 11:55 - 214266815 _____ C:\Users\Steven Alvey\Downloads\IM-Music-Package.zip

2013-11-04 11:51 - 2013-11-04 11:53 - 31544162 _____ C:\Users\Steven Alvey\Downloads\Bonus-Tracks-Package.zip

2013-11-04 11:38 - 2013-11-04 11:42 - 00009440 _____ C:\Users\Steven Alvey\Desktop\wwwwwwwwwwwwwwwwwwww.mp3.sfk

2013-11-04 11:37 - 2013-11-04 11:37 - 00913055 _____ C:\Users\Steven Alvey\Desktop\wwwwwwwwwwwwwwwwwwww.mp4

2013-11-04 11:37 - 2013-11-04 11:37 - 00008792 _____ C:\Users\Steven Alvey\Desktop\wwwwwwwwwwwwwwwwwwww.mp4.sfk

2013-11-04 11:35 - 2013-11-04 11:37 - 00005164 _____ C:\Users\Steven Alvey\Desktop\New Recording 5.m4a.sfk

2013-11-04 11:35 - 2013-11-04 11:35 - 00246835 _____ C:\Users\Steven Alvey\Downloads\New Recording 5.m4a

2013-11-04 11:35 - 2013-11-04 11:35 - 00246835 _____ C:\Users\Steven Alvey\Desktop\New Recording 5.m4a

2013-11-04 04:14 - 2013-11-04 04:14 - 08526480 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (3).mp4

2013-11-04 04:04 - 2013-11-04 04:04 - 08512411 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (2).mp4

2013-11-04 04:01 - 2013-11-04 04:01 - 08512411 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (1).mp4

2013-11-04 03:45 - 2013-11-04 03:45 - 30000162 _____ C:\Users\Steven Alvey\Desktop\RR_5681.zip

2013-11-04 03:45 - 2013-11-04 03:45 - 00411210 _____ C:\Users\Steven Alvey\Desktop\LMM_4720.zip

2013-11-04 03:41 - 2013-11-04 03:41 - 08522249 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0.mp4

2013-11-04 00:02 - 2013-11-04 00:02 - 07207406 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (1).mp4

2013-11-03 23:49 - 2013-11-03 23:50 - 07257649 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW.mp4

2013-11-03 22:39 - 2013-11-03 22:39 - 00323781 _____ C:\Users\Steven Alvey\Downloads\rsagreement.zip

2013-11-03 22:39 - 2013-11-03 22:39 - 00311471 _____ C:\Users\Steven Alvey\Downloads\t&c.zip

2013-11-01 22:01 - 2013-11-01 22:01 - 00000000 _____ C:\Users\Steven Alvey\Desktop\New Text Document.txt

2013-11-01 15:47 - 2013-11-01 15:47 - 38313650 _____ C:\Users\Steven Alvey\Downloads\butterball3 (1).mp4

2013-11-01 15:33 - 2013-11-01 15:33 - 07599864 _____ C:\Users\Steven Alvey\Downloads\butterball3.mp4

2013-11-01 00:39 - 2013-11-01 00:40 - 06279113 _____ C:\Users\Steven Alvey\Downloads\powtoon-fKKDeESPMB3.mp4

2013-11-01 00:07 - 2013-11-01 00:07 - 05925427 _____ C:\Users\Steven Alvey\Downloads\powtoon-dJ500nb7L7K.mp4

2013-10-31 21:47 - 2013-10-31 21:47 - 10287023 _____ C:\Users\Steven Alvey\Downloads\powtoon-e0nkKX0MvsU.mp4

2013-10-31 20:53 - 2013-10-31 20:53 - 00066759 _____ C:\Users\Steven Alvey\Downloads\just_bear.jpeg

2013-10-31 20:22 - 2013-10-31 20:22 - 05264283 _____ C:\Users\Steven Alvey\Downloads\powtoon-eamShAedtNd.mp4

2013-10-31 19:28 - 2013-10-31 19:29 - 46566130 _____ C:\Users\Steven Alvey\Downloads\StopPaying4StockPhotos.zip

2013-10-31 19:20 - 2013-10-31 19:20 - 06030356 _____ C:\Users\Steven Alvey\Downloads\powtoon-fqfmjTKAg77 (2).mp4

2013-10-31 19:09 - 2013-10-31 19:09 - 05850936 _____ C:\Users\Steven Alvey\Downloads\powtoon-fqfmjTKAg77 (1).mp4

2013-10-31 18:54 - 2013-10-31 18:54 - 05850936 _____ C:\Users\Steven Alvey\Downloads\powtoon-fqfmjTKAg77.mp4

2013-10-31 16:14 - 2013-10-31 16:15 - 06022173 _____ C:\Users\Steven Alvey\Downloads\powtoon-bl2y4OBh9fG.mp4

2013-10-31 15:59 - 2013-10-31 16:00 - 00000000 ____D C:\Users\Steven Alvey\Desktop\VideoCash

2013-10-31 14:38 - 2013-11-05 19:53 - 00000000 ____D C:\Users\Steven Alvey\AppData\Local\Apple Computer

2013-10-31 14:38 - 2013-10-31 14:38 - 00001806 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-10-31 14:38 - 2013-10-31 14:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-31 14:38 - 2013-10-31 14:38 - 00000000 ____D C:\Program Files\iTunes

2013-10-31 14:38 - 2013-10-31 14:38 - 00000000 ____D C:\Program Files\iPod

2013-10-31 14:38 - 2013-10-31 14:38 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-31 14:38 - 2012-08-21 12:01 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

2013-10-31 14:35 - 2013-11-07 00:35 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\ClassicShell

2013-10-31 14:32 - 2013-10-31 14:32 - 00000000 ____D C:\Program Files\Classic Shell

2013-10-29 19:16 - 2013-10-31 15:59 - 00000000 ____D C:\Users\Steven Alvey\Desktop\Graphics

2013-10-29 19:03 - 2013-11-07 13:31 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{46E508AA-F024-4135-AA46-E0BF0D182B18}

2013-10-29 18:47 - 2013-11-06 19:40 - 00000000 ____D C:\Users\Steven Alvey\Desktop\clutter

2013-10-29 09:44 - 2013-10-29 09:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2013-10-29 09:38 - 2013-10-29 09:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360

2013-10-29 08:32 - 2013-10-29 23:00 - 00000000 ___DC C:\WINDOWS\Panther

2013-10-29 08:32 - 2013-10-29 08:32 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2013-10-29 08:32 - 2013-10-29 08:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2013-10-29 08:32 - 2013-10-29 08:32 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2013-10-29 08:31 - 2013-10-29 08:31 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2013-10-29 08:31 - 2013-10-29 08:31 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00262144 _____ C:\WINDOWS\system32\config\userdiff

2013-10-29 08:31 - 2013-10-29 08:31 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00000000 ____D C:\Program Files\Reference Assemblies

2013-10-29 08:31 - 2013-10-29 08:31 - 00000000 ____D C:\Program Files\MSBuild

2013-10-29 08:31 - 2013-10-29 08:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2013-10-29 08:31 - 2013-10-29 08:31 - 00000000 ____D C:\Program Files (x86)\MSBuild

2013-10-29 08:31 - 2013-08-02 22:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2013-10-29 08:31 - 2013-08-02 22:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-29 08:31 - 2013-08-02 22:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2013-10-29 08:31 - 2013-08-02 22:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2013-10-29 08:31 - 2013-08-02 22:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-29 08:31 - 2013-08-02 22:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2013-10-29 08:30 - 2013-10-29 05:33 - 00000000 ____D C:\Recovery

2013-10-29 06:01 - 2013-10-29 06:01 - 00001457 _____ C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-10-29 06:01 - 2013-10-29 06:01 - 00000020 ___SH C:\Users\Steven Alvey\ntuser.ini

2013-10-29 06:01 - 2013-10-29 06:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD

2013-10-29 05:38 - 2013-10-29 05:38 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini

2013-10-29 05:37 - 2013-11-07 17:43 - 01089878 _____ C:\WINDOWS\WindowsUpdate.log

2013-10-29 05:37 - 2013-10-29 05:37 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat

2013-10-29 05:36 - 2013-10-29 05:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia

2013-10-29 05:36 - 2013-10-29 05:36 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help

2013-10-29 05:36 - 2013-10-29 05:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia

2013-10-29 05:36 - 2013-10-29 05:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help

2013-10-29 05:34 - 2013-10-29 06:01 - 00000000 ____D C:\Users\Steven Alvey

2013-10-29 05:34 - 2013-10-29 05:37 - 00032388 _____ C:\WINDOWS\diagwrn.xml

2013-10-29 05:34 - 2013-10-29 05:37 - 00032388 _____ C:\WINDOWS\diagerr.xml

2013-10-29 05:34 - 2013-10-29 05:34 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-29 05:34 - 2013-10-29 05:34 - 00000000 ___RD C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-29 05:34 - 2013-10-29 05:34 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2013-10-29 05:34 - 2013-08-22 09:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-29 05:34 - 2013-08-22 09:36 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-10-29 05:34 - 2013-08-22 09:36 - 00000000 ___RD C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-29 05:34 - 2013-08-22 09:36 - 00000000 ___RD C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2013-10-29 05:34 - 2013-08-22 09:36 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-29 05:34 - 2013-08-22 09:36 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-29 05:33 - 2013-10-29 05:35 - 00000000 ____D C:\Program Files (x86)\Intel

2013-10-29 05:33 - 2013-10-29 05:33 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____D C:\WINDOWS\system32\SRSLabs

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____D C:\Program Files\Synaptics

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____D C:\Program Files\Realtek

2013-10-29 05:33 - 2013-09-21 02:22 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2013-10-29 05:33 - 2013-09-21 02:22 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2013-10-29 05:11 - 2013-10-29 05:37 - 00006611 _____ C:\WINDOWS\comsetup.log

2013-10-28 03:27 - 2013-10-28 03:27 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Sony Creative Software Inc

2013-10-22 21:11 - 2013-11-06 23:48 - 00000000 ____D C:\Users\Steven Alvey\Desktop\GIGZ

2013-10-20 16:47 - 2013-10-20 16:47 - 00329216 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll

2013-10-20 16:46 - 2013-10-20 16:46 - 00268288 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll

2013-10-17 03:30 - 2013-10-17 03:30 - 00000902 _____ C:\Users\Public\Desktop\Video Marketer.lnk

2013-10-17 03:30 - 2013-10-17 03:30 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\com.immortal-marketing.video-marketer

2013-10-17 03:30 - 2013-10-17 03:30 - 00000000 ____D C:\Program Files (x86)\Video Marketer

2013-10-14 15:54 - 2013-10-14 15:54 - 00001197 _____ C:\Users\Public\Desktop\VideoScribe Desktop.lnk

2013-10-14 15:54 - 2013-10-14 15:54 - 00000000 ____D C:\Program Files (x86)\Sparkol

 

==================== One Month Modified Files and Folders =======

 

2013-11-07 18:42 - 2013-11-07 18:42 - 00000000 ____D C:\FRST

2013-11-07 18:41 - 2013-11-07 18:41 - 01957098 _____ (Farbar) C:\Users\Steven Alvey\Downloads\FRST64.exe

2013-11-07 18:02 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\sru

2013-11-07 17:43 - 2013-10-29 05:37 - 01089878 _____ C:\WINDOWS\WindowsUpdate.log

2013-11-07 17:15 - 2013-06-10 14:59 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-11-07 16:44 - 2013-06-03 16:07 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2760563683-2273994061-2419046512-1002

2013-11-07 16:37 - 2013-11-07 16:37 - 01376256 _____ C:\Users\Steven Alvey\Downloads\HitmanPro.exe

2013-11-07 16:37 - 2013-09-29 22:04 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2013-11-07 16:33 - 2013-06-06 21:23 - 00000000 ____D C:\Users\Steven Alvey\AppData\Local\Adobe

2013-11-07 16:32 - 2013-06-10 15:00 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2013-11-07 16:30 - 2013-11-07 16:20 - 00000000 ____D C:\ProgramData\boost_interprocess

2013-11-07 16:30 - 2013-09-29 21:55 - 00047018 _____ C:\WINDOWS\PFRO.log

2013-11-07 16:30 - 2013-08-22 08:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2013-11-07 16:30 - 2013-08-22 07:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2013-11-07 16:30 - 2013-06-10 14:59 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2013-11-07 16:30 - 2013-06-03 20:47 - 00000000 ____D C:\Program Files (x86)\Steam

2013-11-07 16:28 - 2013-11-07 16:28 - 00080456 _____ (Malwarebytes Corporation) C:\Users\Steven Alvey\Downloads\mbam-clean-1.60.2.0003.exe

2013-11-07 16:26 - 2013-11-07 16:26 - 09609220 _____ (Malwarebytes Corporation                                    ) C:\Users\Steven Alvey\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-11-07 16:26 - 2013-11-07 16:26 - 07988620 _____ (Malwarebytes Corporation                                    ) C:\Users\Steven Alvey\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-07 16:26 - 2013-11-07 16:23 - 07988620 _____ (Malwarebytes Corporation                                    ) C:\Users\Steven Alvey\Desktop\mbam-setup-1.75.0.1300.exe

2013-11-07 16:23 - 2013-11-07 16:23 - 01048576 _____ C:\Users\Steven Alvey\Desktop\HitmanPro_x64.exe

2013-11-07 16:14 - 2013-06-04 19:13 - 06324736 ___SH C:\Users\Steven Alvey\Downloads\Thumbs.db

2013-11-07 13:31 - 2013-10-29 19:03 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{46E508AA-F024-4135-AA46-E0BF0D182B18}

2013-11-07 01:27 - 2013-11-04 12:23 - 95762196 _____ C:\Users\Steven Alvey\Downloads\25MRRproducts3.zip

2013-11-07 00:35 - 2013-10-31 14:35 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\ClassicShell

2013-11-07 00:35 - 2013-06-04 18:42 - 02987008 ___SH C:\Users\Steven Alvey\Desktop\Thumbs.db

2013-11-06 23:55 - 2013-11-06 23:55 - 05582034 _____ C:\Users\Steven Alvey\Downloads\powtoon-dxJVGq9WJOM.mp4

2013-11-06 23:48 - 2013-10-22 21:11 - 00000000 ____D C:\Users\Steven Alvey\Desktop\GIGZ

2013-11-06 22:01 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\AppReadiness

2013-11-06 21:50 - 2013-08-22 07:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM

2013-11-06 21:49 - 2013-11-06 17:55 - 00000000 ____D C:\Program Files (x86)\OpenDownloaderManager

2013-11-06 21:49 - 2013-08-22 08:44 - 05145648 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-11-06 21:03 - 2013-11-06 17:56 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Open Download Manager

2013-11-06 20:46 - 2013-11-06 20:46 - 00743447 _____ C:\Users\Steven Alvey\Downloads\fbgorilla.zip

2013-11-06 20:27 - 2013-11-06 21:05 - 06473691 _____ C:\Users\Steven Alvey\Desktop\shoesdavid1 - Copy.mp4

2013-11-06 19:40 - 2013-10-29 18:47 - 00000000 ____D C:\Users\Steven Alvey\Desktop\clutter

2013-11-06 18:02 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\NDF

2013-11-06 17:56 - 2013-11-06 17:56 - 00000000 ____D C:\ProgramData\GorillaPrice

2013-11-06 17:56 - 2013-11-06 17:56 - 00000000 ____D C:\Program Files (x86)\GorillaPrice

2013-11-06 17:55 - 2013-11-06 17:55 - 00507608 _____ (My Company) C:\Users\Steven Alvey\Downloads\Setup_ODM.exe

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\modules

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\js

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\images

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\html

2013-11-06 17:55 - 2013-11-06 17:55 - 00000000 ____D C:\WINDOWS\SysWOW64\css

2013-11-06 17:37 - 2013-06-04 20:06 - 00000000 ____D C:\Users\Steven Alvey\AppData\Local\CrashDumps

2013-11-06 11:24 - 2013-11-06 11:33 - 82098591 _____ C:\Users\Steven Alvey\Desktop\duoportsm.mov

2013-11-06 11:12 - 2013-11-06 11:18 - 223311260 _____ C:\Users\Steven Alvey\Desktop\duoport720.mov

2013-11-06 04:23 - 2013-06-04 19:01 - 00000000 ____D C:\Users\Steven Alvey\Documents\Vegas Movie Studio HD Platinum 11.0 Projects

2013-11-06 03:38 - 2013-11-06 03:37 - 08474084 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (5).mp4

2013-11-06 03:10 - 2013-11-06 02:55 - 00084808 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (5).mp4.sfk

2013-11-06 02:55 - 2013-11-06 02:54 - 10339999 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (5).mp4

2013-11-06 02:54 - 2013-11-06 02:54 - 09574237 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (4).mp4

2013-11-06 02:54 - 2013-11-06 02:54 - 00079304 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (4).mp4.sfk

2013-11-06 02:42 - 2013-11-06 02:40 - 00079304 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (3).mp4.sfk

2013-11-06 02:40 - 2013-11-06 02:39 - 09574237 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (3).mp4

2013-11-06 02:30 - 2013-11-06 02:30 - 09574237 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (2).mp4

2013-11-06 00:40 - 2013-11-06 00:36 - 2434928398 _____ C:\Users\Steven Alvey\Desktop\boom.avi

2013-11-06 00:09 - 2013-11-06 00:09 - 00000000 ____D C:\Users\Steven Alvey\Desktop\60001-4 After Effects Project

2013-11-06 00:08 - 2013-11-06 00:06 - 107568669 _____ C:\Users\Steven Alvey\Downloads\logo-explosion.zip

2013-11-05 23:33 - 2013-11-05 23:30 - 911742796 _____ C:\Users\Steven Alvey\Desktop\anoth2.avi

2013-11-05 23:22 - 2013-11-05 23:19 - 909634456 _____ C:\Users\Steven Alvey\Desktop\anoth1.avi

2013-11-05 22:33 - 2013-11-05 22:30 - 909634456 _____ C:\Users\Steven Alvey\Desktop\anotherreveal.avi

2013-11-05 22:21 - 2013-11-05 22:21 - 05488358 _____ C:\Users\Steven Alvey\Downloads\girlhazel.mp4

2013-11-05 20:42 - 2013-11-05 20:42 - 00000000 ____D C:\Users\Steven Alvey\Desktop\Ball Logo

2013-11-05 20:41 - 2013-11-05 20:41 - 57380460 _____ C:\Users\Steven Alvey\Desktop\ball-logo_ae913.zip

2013-11-05 20:41 - 2013-11-05 20:41 - 00000000 ____D C:\Users\Steven Alvey\Desktop\Logo Pieces After Effects Files

2013-11-05 20:41 - 2013-11-05 20:40 - 57380460 _____ C:\Users\Steven Alvey\Downloads\ball-logo_ae913.zip

2013-11-05 20:01 - 2013-11-05 20:41 - 124785387 _____ C:\Users\Steven Alvey\Desktop\logo-pieces.zip

2013-11-05 20:01 - 2013-11-05 19:57 - 124785387 _____ C:\Users\Steven Alvey\Downloads\logo-pieces.zip

2013-11-05 19:53 - 2013-10-31 14:38 - 00000000 ____D C:\Users\Steven Alvey\AppData\Local\Apple Computer

2013-11-05 19:51 - 2013-11-05 19:42 - 542646569 _____ C:\Users\Steven Alvey\Desktop\RENDER HD 1280x720.mov

2013-11-05 19:33 - 2013-11-05 18:30 - 00000000 ____D C:\Users\Steven Alvey\Desktop\Bright Logo Intro

2013-11-05 18:27 - 2013-11-05 18:27 - 00003522 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-AlveyLaptop-Steven Alvey

2013-11-05 18:27 - 2013-11-05 18:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2013-11-05 18:24 - 2013-11-05 18:24 - 00000000 ____D C:\Users\Steven Alvey\Documents\Adobe

2013-11-05 18:23 - 2013-06-03 16:01 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Adobe

2013-11-05 18:18 - 2013-11-05 18:18 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\PDAppFlex

2013-11-05 18:18 - 2013-11-05 18:17 - 51193751 _____ C:\Users\Steven Alvey\Downloads\bright_logo_intro-ae1013.zip

2013-11-05 17:02 - 2013-11-05 16:54 - 00000000 ____D C:\Program Files\Common Files\Adobe

2013-11-05 17:01 - 2013-11-05 16:54 - 00000000 ____D C:\Program Files\Adobe

2013-11-05 16:55 - 2012-12-03 00:26 - 00000000 ____D C:\ProgramData\Adobe

2013-11-05 16:36 - 2013-11-05 16:36 - 00001094 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2013-11-05 16:35 - 2012-12-03 00:26 - 00000000 ____D C:\Program Files (x86)\Adobe

2013-11-05 16:34 - 2013-11-05 16:34 - 02841464 _____ (Adobe Systems Incorporated) C:\Users\Steven Alvey\Downloads\CreativeCloudSet-Up.exe

2013-11-05 11:07 - 2013-11-05 11:07 - 07997483 _____ C:\Users\Steven Alvey\Downloads\skeetedre_video_2.mp4

2013-11-04 23:30 - 2013-06-05 20:26 - 00000000 ____D C:\Users\Steven Alvey\.gimp-2.8

2013-11-04 23:02 - 2013-11-04 23:02 - 00010367 _____ C:\Users\Steven Alvey\AppData\Local\recently-used.xbel

2013-11-04 22:33 - 2013-11-04 22:33 - 08526480 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (4).mp4

2013-11-04 12:27 - 2013-11-04 12:23 - 88452632 _____ C:\Users\Steven Alvey\Downloads\25MRRproducts4.zip

2013-11-04 12:27 - 2013-11-04 12:23 - 108369774 _____ C:\Users\Steven Alvey\Downloads\25MRRproducts1.zip

2013-11-04 12:26 - 2013-11-04 12:23 - 85317318 _____ C:\Users\Steven Alvey\Downloads\25MRRproducts2.zip

2013-11-04 11:57 - 2013-11-04 11:51 - 147178089 _____ C:\Users\Steven Alvey\Downloads\Audio-Intro-Package.zip

2013-11-04 11:56 - 2013-11-04 11:51 - 59331349 _____ C:\Users\Steven Alvey\Downloads\Christmas-Soundtracks.zip

2013-11-04 11:56 - 2013-11-04 11:51 - 54007307 _____ C:\Users\Steven Alvey\Downloads\Business-Intro-Package.zip

2013-11-04 11:55 - 2013-11-04 11:51 - 214266815 _____ C:\Users\Steven Alvey\Downloads\IM-Music-Package.zip

2013-11-04 11:53 - 2013-11-04 11:51 - 31544162 _____ C:\Users\Steven Alvey\Downloads\Bonus-Tracks-Package.zip

2013-11-04 11:52 - 2013-11-04 11:52 - 05488358 _____ C:\Users\Steven Alvey\Downloads\powtoon-dUNw5dMOPEA.mp4

2013-11-04 11:52 - 2013-11-04 11:52 - 05488358 _____ C:\Users\Steven Alvey\Desktop\girlhazel.mp4

2013-11-04 11:42 - 2013-11-04 11:38 - 00009440 _____ C:\Users\Steven Alvey\Desktop\wwwwwwwwwwwwwwwwwwww.mp3.sfk

2013-11-04 11:37 - 2013-11-04 11:37 - 00913055 _____ C:\Users\Steven Alvey\Desktop\wwwwwwwwwwwwwwwwwwww.mp4

2013-11-04 11:37 - 2013-11-04 11:37 - 00008792 _____ C:\Users\Steven Alvey\Desktop\wwwwwwwwwwwwwwwwwwww.mp4.sfk

2013-11-04 11:37 - 2013-11-04 11:35 - 00005164 _____ C:\Users\Steven Alvey\Desktop\New Recording 5.m4a.sfk

2013-11-04 11:35 - 2013-11-04 11:35 - 00246835 _____ C:\Users\Steven Alvey\Downloads\New Recording 5.m4a

2013-11-04 11:35 - 2013-11-04 11:35 - 00246835 _____ C:\Users\Steven Alvey\Desktop\New Recording 5.m4a

2013-11-04 04:31 - 2013-08-07 22:17 - 24904536 _____ C:\Users\Steven Alvey\Desktop\The_Nuts_And_Bolts.mp4

2013-11-04 04:14 - 2013-11-04 04:14 - 08526480 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (3).mp4

2013-11-04 04:04 - 2013-11-04 04:04 - 08512411 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (2).mp4

2013-11-04 04:01 - 2013-11-04 04:01 - 08512411 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0 (1).mp4

2013-11-04 03:45 - 2013-11-04 03:45 - 30000162 _____ C:\Users\Steven Alvey\Desktop\RR_5681.zip

2013-11-04 03:45 - 2013-11-04 03:45 - 00411210 _____ C:\Users\Steven Alvey\Desktop\LMM_4720.zip

2013-11-04 03:41 - 2013-11-04 03:41 - 08522249 _____ C:\Users\Steven Alvey\Downloads\powtoon-dITIfoWdLA0.mp4

2013-11-04 01:07 - 2012-07-26 02:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP

2013-11-04 00:02 - 2013-11-04 00:02 - 07207406 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW (1).mp4

2013-11-03 23:50 - 2013-11-03 23:49 - 07257649 _____ C:\Users\Steven Alvey\Downloads\powtoon-f1VF7rJIJKW.mp4

2013-11-03 22:39 - 2013-11-03 22:39 - 00323781 _____ C:\Users\Steven Alvey\Downloads\rsagreement.zip

2013-11-03 22:39 - 2013-11-03 22:39 - 00311471 _____ C:\Users\Steven Alvey\Downloads\t&c.zip

2013-11-01 22:01 - 2013-11-01 22:01 - 00000000 _____ C:\Users\Steven Alvey\Desktop\New Text Document.txt

2013-11-01 15:47 - 2013-11-01 15:47 - 38313650 _____ C:\Users\Steven Alvey\Downloads\butterball3 (1).mp4

2013-11-01 15:33 - 2013-11-01 15:33 - 07599864 _____ C:\Users\Steven Alvey\Downloads\butterball3.mp4

2013-11-01 11:00 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\rescache

2013-11-01 00:40 - 2013-11-01 00:39 - 06279113 _____ C:\Users\Steven Alvey\Downloads\powtoon-fKKDeESPMB3.mp4

2013-11-01 00:07 - 2013-11-01 00:07 - 05925427 _____ C:\Users\Steven Alvey\Downloads\powtoon-dJ500nb7L7K.mp4

2013-10-31 22:01 - 2013-06-03 16:01 - 00000000 ____D C:\Users\Steven Alvey\AppData\Local\VirtualStore

2013-10-31 21:47 - 2013-10-31 21:47 - 10287023 _____ C:\Users\Steven Alvey\Downloads\powtoon-e0nkKX0MvsU.mp4

2013-10-31 21:30 - 2013-06-04 19:16 - 00000000 ____D C:\Users\Steven Alvey\AppData\Local\Apple

2013-10-31 20:53 - 2013-10-31 20:53 - 00066759 _____ C:\Users\Steven Alvey\Downloads\just_bear.jpeg

2013-10-31 20:22 - 2013-10-31 20:22 - 05264283 _____ C:\Users\Steven Alvey\Downloads\powtoon-eamShAedtNd.mp4

2013-10-31 19:29 - 2013-10-31 19:28 - 46566130 _____ C:\Users\Steven Alvey\Downloads\StopPaying4StockPhotos.zip

2013-10-31 19:20 - 2013-10-31 19:20 - 06030356 _____ C:\Users\Steven Alvey\Downloads\powtoon-fqfmjTKAg77 (2).mp4

2013-10-31 19:09 - 2013-10-31 19:09 - 05850936 _____ C:\Users\Steven Alvey\Downloads\powtoon-fqfmjTKAg77 (1).mp4

2013-10-31 18:54 - 2013-10-31 18:54 - 05850936 _____ C:\Users\Steven Alvey\Downloads\powtoon-fqfmjTKAg77.mp4

2013-10-31 16:15 - 2013-10-31 16:14 - 06022173 _____ C:\Users\Steven Alvey\Downloads\powtoon-bl2y4OBh9fG.mp4

2013-10-31 16:00 - 2013-10-31 15:59 - 00000000 ____D C:\Users\Steven Alvey\Desktop\VideoCash

2013-10-31 15:59 - 2013-10-29 19:16 - 00000000 ____D C:\Users\Steven Alvey\Desktop\Graphics

2013-10-31 14:38 - 2013-10-31 14:38 - 00001806 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-10-31 14:38 - 2013-10-31 14:38 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-31 14:38 - 2013-10-31 14:38 - 00000000 ____D C:\Program Files\iTunes

2013-10-31 14:38 - 2013-10-31 14:38 - 00000000 ____D C:\Program Files\iPod

2013-10-31 14:38 - 2013-10-31 14:38 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-31 14:38 - 2013-08-06 20:45 - 00000000 ____D C:\Program Files\Common Files\Apple

2013-10-31 14:38 - 2013-06-04 19:43 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Apple Computer

2013-10-31 14:38 - 2013-06-04 19:16 - 00000000 ____D C:\ProgramData\Apple Computer

2013-10-31 14:38 - 2013-06-04 19:16 - 00000000 ____D C:\ProgramData\Apple

2013-10-31 14:32 - 2013-10-31 14:32 - 00000000 ____D C:\Program Files\Classic Shell

2013-10-30 21:08 - 2013-06-03 16:01 - 00000000 ____D C:\Users\Steven Alvey\AppData\Local\Packages

2013-10-29 23:00 - 2013-10-29 08:32 - 00000000 ___DC C:\WINDOWS\Panther

2013-10-29 10:05 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\restore

2013-10-29 09:44 - 2013-10-29 09:44 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2013-10-29 09:44 - 2013-08-22 08:46 - 00335690 _____ C:\WINDOWS\setupact.log

2013-10-29 09:38 - 2013-10-29 09:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360

2013-10-29 08:32 - 2013-10-29 08:32 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2013-10-29 08:32 - 2013-10-29 08:32 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2013-10-29 08:32 - 2013-10-29 08:32 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2013-10-29 08:32 - 2013-10-29 08:32 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2013-10-29 08:32 - 2013-08-22 09:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2013-10-29 08:32 - 2013-08-22 09:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2013-10-29 08:32 - 2013-08-22 09:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template

2013-10-29 08:31 - 2013-10-29 08:31 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2013-10-29 08:31 - 2013-10-29 08:31 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2013-10-29 08:31 - 2013-10-29 08:31 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00262144 _____ C:\WINDOWS\system32\config\userdiff

2013-10-29 08:31 - 2013-10-29 08:31 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-10-29 08:31 - 2013-10-29 08:31 - 00000000 ____D C:\Program Files\Reference Assemblies

2013-10-29 08:31 - 2013-10-29 08:31 - 00000000 ____D C:\Program Files\MSBuild

2013-10-29 08:31 - 2013-10-29 08:31 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies

2013-10-29 08:31 - 2013-10-29 08:31 - 00000000 ____D C:\Program Files (x86)\MSBuild

2013-10-29 08:31 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\WinStore

2013-10-29 08:31 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\Camera

2013-10-29 06:01 - 2013-10-29 06:01 - 00001457 _____ C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-10-29 06:01 - 2013-10-29 06:01 - 00000020 ___SH C:\Users\Steven Alvey\ntuser.ini

2013-10-29 06:01 - 2013-10-29 06:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD

2013-10-29 06:01 - 2013-10-29 05:34 - 00000000 ____D C:\Users\Steven Alvey

2013-10-29 06:01 - 2013-06-04 18:53 - 00003206 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration

2013-10-29 06:01 - 2013-06-03 16:02 - 00000000 ___RD C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-10-29 06:01 - 2013-06-03 16:02 - 00000000 ___RD C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-10-29 05:38 - 2013-10-29 05:38 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini

2013-10-29 05:38 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\Registration

2013-10-29 05:37 - 2013-10-29 05:37 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat

2013-10-29 05:37 - 2013-10-29 05:34 - 00032388 _____ C:\WINDOWS\diagwrn.xml

2013-10-29 05:37 - 2013-10-29 05:34 - 00032388 _____ C:\WINDOWS\diagerr.xml

2013-10-29 05:37 - 2013-10-29 05:11 - 00006611 _____ C:\WINDOWS\comsetup.log

2013-10-29 05:37 - 2013-08-22 09:36 - 00000000 __RSD C:\WINDOWS\Media

2013-10-29 05:37 - 2013-08-22 09:36 - 00000000 __RHD C:\Users\Public\Libraries

2013-10-29 05:36 - 2013-10-29 05:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia

2013-10-29 05:36 - 2013-10-29 05:36 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help

2013-10-29 05:36 - 2013-10-29 05:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia

2013-10-29 05:36 - 2013-10-29 05:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help

2013-10-29 05:36 - 2013-09-29 21:51 - 00000000 ____D C:\WINDOWS\ShellNew

2013-10-29 05:36 - 2013-09-29 21:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep

2013-10-29 05:36 - 2013-08-22 09:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log

2013-10-29 05:36 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep

2013-10-29 05:36 - 2013-05-25 01:46 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e

2013-10-29 05:36 - 2013-05-25 01:43 - 00000000 ____D C:\WINDOWS\SysWOW64\NV

2013-10-29 05:36 - 2013-05-25 01:43 - 00000000 ____D C:\WINDOWS\system32\NV

2013-10-29 05:36 - 2012-12-03 00:30 - 00000000 ____D C:\WINDOWS\en

2013-10-29 05:36 - 2012-07-25 23:37 - 00000000 ____D C:\Users\Default.migrated

2013-10-29 05:35 - 2013-10-29 05:33 - 00000000 ____D C:\Program Files (x86)\Intel

2013-10-29 05:35 - 2013-09-29 21:48 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN

2013-10-29 05:35 - 2013-09-29 21:48 - 00000000 ____D C:\WINDOWS\system32\WCN

2013-10-29 05:35 - 2013-08-22 09:43 - 00000000 ____D C:\WINDOWS\DigitalLocker

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 __SHD C:\Program Files\Windows Sidebar

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\spool

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\MUI

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\IME

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\Help

2013-10-29 05:35 - 2013-08-22 09:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2013-10-29 05:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI

2013-10-29 05:35 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\oobe

2013-10-29 05:35 - 2013-08-12 19:00 - 00000000 ____D C:\WINDOWS\SysWOW64\dsfpUnzip

2013-10-29 05:35 - 2013-06-04 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\spool

2013-10-29 05:35 - 2013-06-04 16:46 - 00000000 ____D C:\WINDOWS\system32\appmgmt

2013-10-29 05:35 - 2013-06-03 18:01 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin

2013-10-29 05:35 - 2013-05-25 01:47 - 00000000 ____D C:\WINDOWS\SysWOW64\sda

2013-10-29 05:35 - 2013-05-25 01:42 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2013-10-29 05:35 - 2013-05-25 01:42 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2013-10-29 05:35 - 2012-12-03 00:10 - 00000000 ____D C:\ProgramData\PRICache

2013-10-29 05:34 - 2013-10-29 05:34 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-29 05:34 - 2013-10-29 05:34 - 00000000 ___RD C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2013-10-29 05:34 - 2013-10-29 05:34 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate

2013-10-29 05:34 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\Recovery

2013-10-29 05:34 - 2013-06-07 19:14 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2013-10-29 05:34 - 2013-06-03 22:01 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2013-10-29 05:33 - 2013-10-29 08:30 - 00000000 ____D C:\Recovery

2013-10-29 05:33 - 2013-10-29 05:33 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____D C:\WINDOWS\system32\SRSLabs

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____D C:\Program Files\Synaptics

2013-10-29 05:33 - 2013-10-29 05:33 - 00000000 ____D C:\Program Files\Realtek

2013-10-29 05:32 - 2013-08-22 07:36 - 00000000 __RHD C:\Users\Default

2013-10-29 05:29 - 2013-06-03 16:00 - 01059805 _____ C:\WINDOWS\WindowsUpdate (1).log

2013-10-29 04:55 - 2012-07-26 02:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent

2013-10-28 03:27 - 2013-10-28 03:27 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\Sony Creative Software Inc

2013-10-22 03:07 - 2013-06-04 17:55 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-10-22 03:06 - 2013-09-01 08:57 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-10-22 03:05 - 2013-06-04 18:16 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2013-10-22 03:04 - 2012-07-25 23:26 - 00000167 _____ C:\WINDOWS\win.ini

2013-10-21 16:32 - 2013-06-04 19:06 - 00000000 ____D C:\ProgramData\Sony

2013-10-20 16:47 - 2013-10-20 16:47 - 00329216 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll

2013-10-20 16:46 - 2013-10-20 16:46 - 00268288 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll

2013-10-17 03:30 - 2013-10-17 03:30 - 00000902 _____ C:\Users\Public\Desktop\Video Marketer.lnk

2013-10-17 03:30 - 2013-10-17 03:30 - 00000000 ____D C:\Users\Steven Alvey\AppData\Roaming\com.immortal-marketing.video-marketer

2013-10-17 03:30 - 2013-10-17 03:30 - 00000000 ____D C:\Program Files (x86)\Video Marketer

2013-10-14 15:54 - 2013-10-14 15:54 - 00001197 _____ C:\Users\Public\Desktop\VideoScribe Desktop.lnk

2013-10-14 15:54 - 2013-10-14 15:54 - 00000000 ____D C:\Program Files (x86)\Sparkol

2013-10-13 17:10 - 2013-06-10 14:59 - 00003906 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2013-10-13 17:10 - 2013-06-10 14:59 - 00003670 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

 

Some content of TEMP:

====================

C:\Users\Steven Alvey\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys

[2013-08-22 05:40] - [2013-08-22 06:39] - 0312160 ___AC (Microsoft Corporation) 9F9CE33B50611A1C61A46B8911E0B30B

 

 

 

LastRegBack: 2013-10-29 05:32

 

==================== End Of Log ============================

 

It said "post too long" for the addition.txt so I'll put that in the next post.
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013

Ran by Steven Alvey at 2013-11-07 18:43:01

Running from C:\Users\Steven Alvey\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

 

==================== Installed Programs ======================

 

ACID Music Studio 8.0 (x32 Version: 8.0.178)

Adobe After Effects CC (x32 Version: 12.1)

Adobe AIR (x32 Version: 3.9.0.1030)

Adobe Creative Cloud (x32 Version: 2.2.0.248)

Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)

Adobe Reader X (10.1.3) (x32 Version: 10.1.3)

Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.2.0)

Amazon Kindle (HKCU)

Apple Application Support (x32 Version: 2.3.6)

Apple Mobile Device Support (Version: 7.0.0.117)

Apple Software Update (x32 Version: 2.1.3.127)

Arcanum Of Steamworks and Magick Obscura (x32 Version: 2.0.0.15)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.6)

Atheros Driver Installation Program (x32 Version: 10.0)

Bonjour (Version: 3.0.0.10)

BrillKids Little Math (x32 Version: 2.1.660)

BrillKids Little Musician (x32 Version: 1.3.760)

BrillKids Little Reader (x32 Version: 3.2.1400)

Citrix Online Launcher (x32 Version: 1.0.122)

Classic Shell (Version: 4.0.2)

D3DX10 (x32 Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)

DVD Architect Studio 5.0 (x32 Version: 5.0.128)

Fast Mailer Pro (x32)

Fotosizer 2.02 (x32 Version: 2.02.0.532)

Free Picture Resize Starter 4.5 (x32 Version: 5.5.18)

GameFly (x32 Version: 1.2.378)

GIMP 2.8.2 (Version: 2.8.2)

GOG.com Downloader version 3.5.8 (x32 Version: 3.5.8)

Google Chrome (x32 Version: 30.0.1599.101)

Google Update Helper (x32 Version: 1.3.21.165)

GorillaPrice (x32)

GoToMeeting 5.5.0.1132 (HKCU Version: 5.5.0.1132)

IB2 Britannia II Part II (HKCU)

IB2 Britanniae II Expansion (HKCU)

IB2 Britanniae II Part I (HKCU)

iCloud (Version: 3.0.2.163)

Intel® Management Engine Components (x32 Version: 8.1.0.1252)

Intel® Processor Graphics (x32 Version: 10.18.10.3308)

Intel® Rapid Storage Technology (x32 Version: 11.5.2.1001)

Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)

Intel® Trusted Connect Service Client (Version: 1.24.388.1)

iTunes (Version: 11.1.2.32)

Java 7 Update 25 (x32 Version: 7.0.250)

Java Auto Updater (x32 Version: 2.1.9.5)

K-Lite Codec Pack 9.5.0 (Basic) (x32 Version: 9.5.0)

MariusSoft Bulk Image Resizer (x32 Version: 1.0.0)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000)

Microsoft SkyDrive (HKCU Version: 17.0.2010.0530)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Movavi ChiliBurner 3 (x32 Version: 3.03.000)

Movie Maker (x32 Version: 16.4.3503.0728)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT Redists (x32 Version: 1.0)

MSVCRT110 (x32 Version: 16.4.1108.0727)

MSVCRT110_amd64 (Version: 16.4.1108.0727)

Music Ace Deluxe (x32 Version: 5.2)

Norton 360 (x32 Version: 20.4.0.40)

Norton PC Checkup (x32 Version: 3.0.5.38.0)

NVIDIA Control Panel 305.46 (Version: 305.46)

NVIDIA Graphics Driver 305.46 (Version: 305.46)

NVIDIA Install Application (Version: 2.1002.82.513)

NVIDIA Optimus 1.10.8 (Version: 1.10.8)

NVIDIA PhysX (x32 Version: 9.12.0613)

NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613)

NVIDIA Update Components (Version: 1.10.8)

Photo Common (x32 Version: 16.4.3503.0728)

Photo Gallery (x32 Version: 16.4.3503.0728)

PlayReady PC Runtime amd64 (Version: 1.3.0)

PlayReady PC Runtime x86 (x32 Version: 1.3.0)

QuickTime (x32 Version: 7.74.80.86)

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6794)

Realtek PCIE Card Reader (x32 Version: 6.2.8400.29029)

Remote Mouse version 2.02 (x32 Version: 2.02)

Savevid (HKCU Version: 0.0.0.786)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)

Shadow Company (x32)

Sony Vocal Eraser (x32 Version: 1.00)

Sound Forge Audio Studio 10.0 (x32 Version: 10.0.153)

Sparkol VideoScribe (x32 Version: 1.3.31)

SRS Premium Sound Control Panel (Version: 1.12.6000)

Steam (x32 Version: 1.0.0.0)

Synaptics Pointing Device Driver (Version: 16.2.19.4)

The Logo Creator v6.6 (x32 Version: v6.6)

Toshiba App Place (x32 Version: 1.0.6.3)

TOSHIBA Application Installer (x32 Version: 9.0.1.4)

TOSHIBA Blu-ray Disc Player (Version: 1.0.5.130 )

TOSHIBA Desktop Assist (Version: 1.00.08.6402)

TOSHIBA eco Utility (Version: 2.0.0.6415)

TOSHIBA Function Key (Version: 1.00.6625.6402)

TOSHIBA Password Utility (x32 Version: v1.0.0.9)

TOSHIBA PC Health Monitor (Version: 1.8.17.640104)

TOSHIBA Quality Application (x32 Version: 1.0.8)

TOSHIBA Recovery Media Creator (x32 Version: 2.2.0.54043005)

TOSHIBA Resolution+ Plug-in for Windows Media Player (x32 Version: 1.2.2.00)

TOSHIBA Service Station (Version: 2.4.4)

TOSHIBA System Driver (x32 Version: 1.00.0013)

TOSHIBA System Settings (x32 Version: 1.00.0002.32002)

TOSHIBA User's Guide (x32 Version: 1.00.02)

TOSHIBARegistration (x32 Version: 1.1.6)

Universal Video Downloader 1.0 (x32 Version: 1.0)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)

Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)

Vegas Movie Studio HD Platinum 11.0 (x32 Version: 11.0.220)

Video Marketer (x32 Version: 3.0.0)

Video Marketer (x32 Version: 3.0.0.4)

Windows Live Communications Platform (x32 Version: 16.4.3503.0728)

Windows Live Essentials (x32 Version: 16.4.3503.0728)

Windows Live Installer (x32 Version: 16.4.3503.0728)

Windows Live Photo Common (x32 Version: 16.4.3503.0728)

Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)

Windows Live SOXE (x32 Version: 16.4.3503.0728)

Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)

Windows Live UX Platform (x32 Version: 16.4.3503.0728)

Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)

 

==================== Restore Points  =========================

 

05-11-2013 17:49:54 Scheduled Checkpoint

07-11-2013 00:54:10 Removed SavetheChildren Reminder by We-Care.com v4.1.24.4

 

==================== Hosts content: ==========================

 

2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {2F9358ED-5592-4401-B486-807A1EFF5A91} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\wscstub.exe [2013-06-03] (Symantec Corporation)

Task: {334B9950-0C1A-445F-8366-5744F93A820C} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\SymErr.exe

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {449B34A7-63F8-47EB-8312-5E654B55A57B} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation)

Task: {46F685E2-0A65-4F64-B625-317832DAA8F6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {5568FE2A-8293-4338-89D5-4BC23BFECDE5} - System32\Tasks\AdobeAAMUpdater-1.0-AlveyLaptop-Steven Alvey => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2013-09-25] (Adobe Systems Incorporated)

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {7364FC82-D0E1-4FBB-AC2D-E9739A83CCA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)

Task: {76371473-56EB-4D8F-8CF1-CF129FD0B8D7} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\PC Checkup\NLAppLauncher.exe [2013-08-27] (Symantec Corporation)

Task: {85B1020D-901B-4EB9-BD22-91019CD0E230} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-29] (Microsoft Corporation)

Task: {98E57924-3FB9-4FFA-AC70-060B20D6C036} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {C0E3E5DC-92BC-4CF8-9EFC-83EE5CC0A405} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-10] (Google Inc.)

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D90A830C-AA50-47CE-AA0A-ABACDEA1BD58} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\SymErr.exe

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E1F21F24-F6A3-4F41-AFA4-D6095DF0774D} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-23] (Synaptics Incorporated)

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {ED5C3995-CF95-499C-A681-B1A863438219} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll

2013-09-21 02:22 - 2013-09-21 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll

2012-07-18 19:38 - 2012-07-18 19:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll

2012-08-13 20:13 - 2012-08-13 20:13 - 00018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll

2013-08-22 01:19 - 2013-08-22 00:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd

2013-08-22 01:19 - 2013-08-22 00:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd

2013-08-22 01:19 - 2013-08-22 00:54 - 00030208 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd

2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-06-17 01:46 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll

2013-04-23 17:30 - 2013-10-24 11:45 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2013-05-03 14:35 - 2013-10-30 13:25 - 01123240 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2013-03-26 15:16 - 2013-10-23 14:07 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2012-12-11 08:51 - 2013-06-14 17:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll

2012-12-11 08:51 - 2013-06-14 17:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll

2012-12-11 08:51 - 2013-06-14 17:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll

2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll

2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

2013-10-18 06:17 - 2013-10-08 18:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll

2013-10-18 06:17 - 2013-10-08 18:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll

2013-10-18 06:17 - 2013-10-08 18:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll

2013-10-18 06:17 - 2013-10-08 18:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll

2013-10-18 06:17 - 2013-10-08 18:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll

2013-06-17 01:46 - 2012-05-30 08:51 - 00699280 ____R () C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\wincfi39.dll

2013-10-17 16:45 - 2013-10-17 16:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll

2013-03-13 13:42 - 2013-06-05 14:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll

2013-05-25 01:41 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2013-10-18 06:17 - 2013-10-08 18:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker => ""="Service"

 

==================== Faulty Device Manager Devices =============

 

Name: Microsoft Basic Display Adapter

Description: Microsoft Basic Display Adapter

Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standard display types)

Service: BasicDisplay

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (11/07/2013 06:06:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6469

 

Error: (11/07/2013 06:06:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6469

 

Error: (11/07/2013 06:06:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/07/2013 06:06:11 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5313

 

Error: (11/07/2013 06:06:11 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5313

 

Error: (11/07/2013 06:06:11 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/07/2013 06:06:10 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4172

 

Error: (11/07/2013 06:06:10 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 4172

 

Error: (11/07/2013 06:06:10 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/07/2013 06:06:09 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3172

 

 

System errors:

=============

Error: (11/07/2013 05:28:56 PM) (Source: DCOM) (User: AlveyLaptop)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

 

Error: (11/07/2013 04:45:05 PM) (Source: DCOM) (User: AlveyLaptop)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

 

Error: (11/07/2013 04:44:35 PM) (Source: DCOM) (User: AlveyLaptop)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

 

Error: (11/07/2013 04:33:29 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (11/07/2013 04:23:59 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (11/07/2013 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY)

Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (11/07/2013 05:47:24 AM) (Source: DCOM) (User: AlveyLaptop)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

 

Error: (11/07/2013 05:46:54 AM) (Source: DCOM) (User: AlveyLaptop)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

 

Error: (11/06/2013 09:52:43 PM) (Source: DCOM) (User: NT AUTHORITY)

Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

 

Error: (11/06/2013 09:49:20 PM) (Source: DCOM) (User: AlveyLaptop)

Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

 

 

Microsoft Office Sessions:

=========================

Error: (11/07/2013 06:06:12 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6469

 

Error: (11/07/2013 06:06:12 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6469

 

Error: (11/07/2013 06:06:12 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/07/2013 06:06:11 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5313

 

Error: (11/07/2013 06:06:11 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5313

 

Error: (11/07/2013 06:06:11 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/07/2013 06:06:10 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4172

 

Error: (11/07/2013 06:06:10 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 4172

 

Error: (11/07/2013 06:06:10 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/07/2013 06:06:09 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3172

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-07-18 17:25:35.442

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvinitx.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 17:25:35.422

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvinitx.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 17:25:35.222

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvinitx.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 17:25:35.203

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvinitx.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 17:25:35.182

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvinitx.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 17:25:35.162

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvinitx.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 17:25:35.133

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvinitx.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 15:20:31.308

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Toshiba Shared\TosQEP64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 15:20:31.281

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\nvinitx.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-07-18 15:20:30.993

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Common Files\Toshiba Shared\TosQEP64.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 11%

Total physical RAM: 32652.21 MB

Available physical RAM: 28987.15 MB

Total Pagefile: 37516.21 MB

Available Pagefile: 33576.77 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

 

==================== Drives ================================

 

Drive c: (TI10658600D) (Fixed) (Total:107.54 GB) (Free:13.24 GB) NTFS

Drive e: (1TB SSHD Storage Drive) (Fixed) (Total:931.51 GB) (Free:904.4 GB) NTFS

Drive f: () (Removable) (Total:30.22 GB) (Free:14.61 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 119 GB) (Disk ID: 00000000)

 

Partition: GPT Partition Type

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2D53EC72)

Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

 

========================================================

Disk: 2 (Size: 30 GB) (Disk ID: 00000000)

Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)

 

==================== End Of Log ============================

 

 

Thanks!

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.


The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download and save mbam-clean.exe and save to your desktop from the following:

 

http://www.malwarebytes.org/mbam-clean.exe

 

Now do the following:

 

  •   
       
  • Click on Start and select Control Panel
       
  • Open Uninstall a Program
       
  • Uninstall Malwarebytes' Anti-Malware
       
  • Restart your computer, very important to do that!!
       
  • Run mbam-clean.exe
       
  • It will ask to restart your computer, please allow it to do so, very important!!
     
    Next, D/L and install Malwarebytes again and update as follows :-
     
    mbamicontw5.gif Please download Malwarebytes Anti-Malware and save it to your desktop.
     
    Double Click mbam-setup.exe to install the application.
     
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

 

Extra Note:

 

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

Kevin...

 

fixlist.txt

Link to post
Share on other sites

Here you go!

 

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.11.08.01

 

Windows 8 x64 NTFS

Internet Explorer 11.0.9600.16384

Steven Alvey :: ALVEYLAPTOP [administrator]

 

Protection: Enabled

 

11/7/2013 8:22:40 PM

mbam-log-2013-11-07 (20-22-40).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 231842

Time elapsed: 2 minute(s), 4 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 1

C:\Users\Steven Alvey\AppData\Local\Updater26278 (PUP.Optional.SolidSavings.A) -> Quarantined and deleted successfully.

 

Files Detected: 1

C:\Users\Steven Alvey\AppData\Local\Updater26278\Updater26278.exe (PUP.Optional.SolidSavings.A) -> Quarantined and deleted successfully.

 

(end)
Link to post
Share on other sites

You got log from FRST fix?

 

Next,

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system, this scan can take several hours to complete, it is very thorough and well worth running, please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report here

 

Finally,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop.

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Kevin

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

eset came back clean.  Here is the other txt report:

 

 Results of screen317's Security Check version 0.99.76  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
Norton 360         
 WMI entry may not exist for antivirus; attempting automatic 
 
update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 25  
 Java version out of Date! 
 Adobe Flash Player 11.8.800.168  
 Adobe Reader 10.1.3 Adobe Reader out of Date!  
 Google Chrome 29.0.1547.76  
 Google Chrome 30.0.1599.101  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 ESET ESET Online Scanner OnlineScannerApp.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

How is your system responding, any remaining issues or concerns?

 

Adobe Reader is outdated...

Visit http://get.adobe.com/uk/reader/otherversions/ and download the latest version of Acrobat Reader

 

Step 1 - Select your Operating System.

Step 2 - Select your Langauge.

Step 3 - Select latest version.

 

Untick the option for any security scanner or toolbar if offered.

 

Download and install.

 

Having the latest updates ensures there are no security vulnerabilities in your system.

 

Next,

 

Your Java javaicon.gif is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them.

 

Kevin....

Link to post
Share on other sites

Kevin,

 

You fixed my problem.  System seems clean - thanks very much.  I easily could have payed $100 to leave this at a local place to get fixed.  As a token of my appreciation I've made a $16 donation to your paypal link.  Additionally, the great help you've given me here reflects well upon malwarebytes.org and encouraged me to purchase their pro plan a couple days ago which I hope will help me prevent/deal with these things in the future.  

 

I'm very grateful for your generous and courteous assistance.

 

-James

Link to post
Share on other sites

Thank you for the very kind gesture, if all is good with no issues do the following:

 

We need to remove FRST, first it is very important to deal with its Quarantine folder using FRST itself..

OK, we continue:

Delete any fixlist.txt file previously used, continue:

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). That will confirm the removal action, delete if successful. 

Next,

 

Delete FRST.exe from your Desktop or the folder it was saved to, navigate to and delete its folder C:\FRST

 

Next,

 

Uninstall adwcleaner.exe

  •   Please close all open programs and internet browsers.
  •   Double click on adwcleaner.exe to run the tool.
  •   Click on Uninstall
  • Click Yes at Would you like to Uninstall Adwcleaner

 

Next,

 

Any other tools used can be deleted from the Desktop or downloads folder.....

 

Next,

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Kevin....

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.