Jump to content

Windows Expert Console- Didn't know what I was doing.

DcX001

By DcX001
in Resolved Malware Removal Logs

 Share

Recommended Posts

DcX001

DcX001

Posted
Posted

My mom was down loading a song I forget the name, but it downloaded the windows expert console onto my computer. I didn't know what it was at, so i thought deleting the file might make it go away. But as u can tell by this thread it didn't work, and so i went online to find a solution i found the Frst64 and fixlist and tried them but they aren't working. Pasted below are the Frst.txt and fixlog.txt:

 

Frst.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013

Ran by SYSTEM on MININT-LM75440 on 25-11-2013 12:33:53
Running from J:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-05] (PDF Complete Inc)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [switchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2334384 2013-11-21] ()
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296096 2012-07-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [377800 2012-11-05] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Mcx1-ROYALSHUFFLE-HP\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe [343552 2009-07-13] (Microsoft Corporation) <==== ATTENTION 
HKU\Royal Shuffle\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\Royal Shuffle\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1813928 2013-10-08] (Valve Corporation)
HKU\Royal Shuffle\...\Run: [Google Update] - C:\Users\Royal Shuffle\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-16] (Google Inc.)
HKU\Royal Shuffle\...\Run: [DW7] - "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
HKU\Royal Shuffle\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKU\Royal Shuffle\...\Winlogon: [shell] C:\Users\Royal Shuffle\AppData\Roaming\guard-jwby.exe [968032 2013-11-25] () <==== ATTENTION 
 
==================== Services (Whitelisted) =================
 
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-18] (Advanced Micro Devices, Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4579064 2012-09-02] (INCA Internet Co., Ltd.)
S2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.)
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S2 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [265928 2012-09-13] (SpeedBit Ltd.)
S2 vToolbarUpdater17.1.3; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [1643696 2013-11-21] (AVG Secure Search)
S3 xsherlock; C:\Windows\SysWow64\xsherlock.xem [670816 2012-06-27] (Wellbia.com Co., Ltd.)
S2 YNanoService; C:\Program Files (x86)\Yahoo!\YNanoClient\cpn0\YNanoService.exe [157016 2012-07-25] (Yahoo! Inc.)
 
==================== Drivers (Whitelisted) ====================
 
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-21] (AVG Technologies)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20110519.002\BHDrvx64.sys [1143416 2011-05-13] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20110519.031\IDSVia64.sys [488056 2011-05-13] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20110607.003\ENG64.SYS [117880 2011-06-07] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20110607.003\EX64.SYS [2011768 2011-06-07] (Symantec Corporation)
S3 NPIDS; C:\Windows\system32\NpIdsVt64.sys [55904 2010-05-13] (INCA Internet Co., Ltd.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [40696 2013-05-17] (Windows ® Win 7 DDK provider)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-05-16] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-27] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [159160 2013-07-13] (TENCENT)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 uqk; \??\C:\koramgame\STOnline\avital\wyqku64.sys [x]
S3 vtany; \??\C:\Windows\vtany.sys [x]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S3 X6va005; \??\C:\Users\ROYALS~1\AppData\Local\Temp\00596B4.tmp [x]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [x]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-25 12:25 - 2013-11-25 12:25 - 00057840 _____ C:\Users\Royal Shuffle\Downloads\speed-hack-dll.zip
2013-11-25 12:01 - 2013-11-25 12:01 - 00002369 _____ C:\Users\Royal Shuffle\Downloads\fixlist (1).txt
2013-11-25 01:51 - 2013-11-25 00:16 - 00968032 ____R C:\Users\Royal Shuffle\AppData\Roaming\guard-jwby.exe
2013-11-25 01:10 - 2013-11-25 01:10 - 00002369 _____ C:\Users\Royal Shuffle\Downloads\fixlist.txt
2013-11-25 01:02 - 2013-11-25 01:02 - 00000000 ____D C:\FRST
2013-11-25 00:43 - 2013-11-25 12:22 - 00002763 _____ C:\ProgramData\connector.swf
2013-11-25 00:27 - 2013-11-25 00:27 - 00003100 _____ C:\Windows\System32\Tasks\{A8F629D7-3BDF-4CEC-AF32-9A1A2F58FE0E}
2013-11-25 00:25 - 2013-11-25 00:25 - 00002209 _____ C:\Users\Royal Shuffle\AppData\Roaming\result1.db
2013-11-24 17:04 - 2013-11-25 12:19 - 00000408 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Royal Shuffle.job
2013-11-24 17:04 - 2013-11-24 17:45 - 00000402 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Royal Shuffle.job
2013-11-24 17:04 - 2013-11-24 17:45 - 00000398 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Royal Shuffle.job
2013-11-24 17:04 - 2013-11-24 17:04 - 00003658 _____ C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Royal Shuffle
2013-11-24 17:04 - 2013-11-24 17:04 - 00003022 _____ C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Royal Shuffle
2013-11-24 17:04 - 2013-11-24 17:04 - 00003018 _____ C:\Windows\System32\Tasks\ReclaimerUpdateXML_Royal Shuffle
2013-11-24 17:04 - 2013-11-24 17:04 - 00002726 _____ C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Royal Shuffle
2013-11-21 14:43 - 2013-11-21 14:44 - 00000000 ____D C:\Program Files (x86)\PasswordBox
2013-11-13 17:20 - 2013-11-13 17:20 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 17:20 - 2013-11-13 17:20 - 02332160 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 17:20 - 2013-11-13 17:20 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 01394176 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 17:20 - 2013-11-13 17:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 17:20 - 2013-11-13 17:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 17:20 - 2013-11-13 17:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 23212032 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 12995584 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 05765120 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-11-13 17:19 - 2013-11-13 17:19 - 01993728 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-11-13 17:19 - 2013-11-13 17:19 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-11-13 17:19 - 2013-11-13 17:19 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-11-13 17:19 - 2013-11-13 17:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-11-13 17:19 - 2013-11-13 17:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2013-11-13 17:18 - 2013-11-13 17:23 - 00008344 _____ C:\Windows\IE11_main.log
2013-11-13 12:38 - 2013-11-25 12:27 - 00000000 ____D C:\Users\Royal Shuffle\Downloads\bharathi song list
2013-11-12 21:50 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-11-12 21:50 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-12 21:50 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-12 21:50 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\credui.dll
2013-11-12 21:50 - 2013-10-03 18:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-11-12 21:50 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:50 - 2013-10-03 17:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-12 21:50 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-12 21:50 - 2013-09-24 18:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-11-12 21:50 - 2013-09-24 18:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-11-12 21:50 - 2013-09-24 18:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-11-12 21:50 - 2013-09-24 18:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-11-12 21:50 - 2013-09-24 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-11-12 21:50 - 2013-09-24 18:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-11-12 21:50 - 2013-09-24 18:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-11-12 21:50 - 2013-09-24 18:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-11-12 21:50 - 2013-09-24 17:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-12 21:50 - 2013-09-24 17:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-12 21:50 - 2013-09-24 17:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-12 21:50 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-12 21:50 - 2013-09-24 17:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-11-12 21:50 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-11-12 21:49 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-11-12 21:49 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-11-12 21:49 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-11-12 21:49 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-12 21:49 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 21:49 - 2013-10-02 18:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-11-12 21:49 - 2013-10-02 18:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 21:49 - 2013-09-27 17:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-11-10 21:31 - 2013-11-25 12:19 - 00000388 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-11-10 21:31 - 2013-11-10 21:31 - 00003424 _____ C:\Windows\System32\Tasks\AmiUpdXp
2013-11-10 21:31 - 2013-11-10 21:31 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Local\SwvUpdater
2013-11-10 21:30 - 2013-11-10 21:30 - 00337960 _____ (Amônétízé Ltd) C:\Users\Royal Shuffle\Downloads\FlashPlayer__4166_i128136107_il3740201.exe
2013-11-09 22:48 - 2013-11-09 22:48 - 00000000 ____D C:\Users\Royal Shuffle\Documents\Firefall
2013-11-09 14:54 - 2013-11-09 14:54 - 01455528 _____ C:\Users\Royal Shuffle\Downloads\SystemCheck_enUS.exe
2013-11-09 09:53 - 2013-11-09 09:53 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-09 09:52 - 2013-11-09 09:53 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-09 09:52 - 2013-11-09 09:53 - 00000000 ____D C:\Program Files\iTunes
2013-11-09 09:52 - 2013-11-09 09:53 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-09 09:52 - 2013-11-09 09:52 - 00000000 ____D C:\Program Files\iPod
2013-11-09 09:46 - 2013-11-09 09:46 - 00001807 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-11-09 09:46 - 2013-11-09 09:46 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-11-05 17:24 - 2013-11-05 17:24 - 39401336 _____ (Apple Inc.) C:\Users\Royal Shuffle\Downloads\QuickTimeInstaller.exe
2013-11-03 22:26 - 2013-11-13 12:38 - 00000000 ____D C:\Users\Royal Shuffle\Downloads\The.Wedding.Video.2012.1080p.BluRay.x264.anoXmous
2013-11-03 22:25 - 2013-11-03 22:25 - 00000000 ____D C:\Users\Royal Shuffle\Downloads\The Big Wedding (2013) 1080p MKV x264 DTS BluRay-SilverTorrentHD
2013-10-31 15:30 - 2013-10-31 15:30 - 00000000 ____D C:\Users\Royal Shuffle\Desktop\New folder
2013-10-28 13:35 - 2013-10-28 13:35 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\Yahoo!
2013-10-28 13:35 - 2013-10-28 13:35 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-10-28 13:33 - 2013-10-28 13:33 - 00000000 ____D C:\Windows\SysWOW64\spool
2013-10-28 13:33 - 2013-10-28 13:33 - 00000000 ____D C:\ProgramData\HP Product Assistant
2013-10-28 13:32 - 2013-10-28 13:32 - 00000000 ____D C:\Windows\hpoj4500g510a-f
2013-10-28 13:30 - 2013-10-28 13:34 - 00171432 _____ C:\Windows\hpwins27.dat
2013-10-28 13:30 - 2009-10-01 21:29 - 00000385 ____N C:\Windows\hpwmdl27.dat
2013-10-28 13:11 - 2013-10-28 13:25 - 222094656 _____ C:\Users\Royal Shuffle\Downloads\OJ4500vG510a-f_Full_13_en.exe
2013-10-27 12:16 - 2013-10-27 12:16 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\AVG2014
2013-10-27 12:11 - 2013-10-27 12:14 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-27 12:09 - 2013-11-07 10:12 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Local\Avg2014
2013-10-26 12:07 - 2013-10-26 12:07 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\Unity
 
==================== One Month Modified Files and Folders =======
 
2013-11-25 12:31 - 2012-02-20 17:02 - 01456855 _____ C:\Windows\WindowsUpdate.log
2013-11-25 12:29 - 2012-06-23 13:00 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Local\Adobe
2013-11-25 12:27 - 2013-11-13 12:38 - 00000000 ____D C:\Users\Royal Shuffle\Downloads\bharathi song list
2013-11-25 12:26 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-25 12:26 - 2009-07-13 20:45 - 00024608 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-25 12:25 - 2013-11-25 12:25 - 00057840 _____ C:\Users\Royal Shuffle\Downloads\speed-hack-dll.zip
2013-11-25 12:24 - 2012-02-20 17:58 - 00000000 ____D C:\ProgramData\MFAData
2013-11-25 12:23 - 2009-07-13 21:13 - 00783424 _____ C:\Windows\System32\PerfStringBackup.INI
2013-11-25 12:22 - 2013-11-25 00:43 - 00002763 _____ C:\ProgramData\connector.swf
2013-11-25 12:20 - 2012-07-30 00:33 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-25 12:19 - 2013-11-24 17:04 - 00000408 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Royal Shuffle.job
2013-11-25 12:19 - 2013-11-10 21:31 - 00000388 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-11-25 12:19 - 2013-02-22 23:28 - 00000430 _____ C:\Windows\Tasks\Quick PC Booster64 startups.job
2013-11-25 12:19 - 2012-11-15 03:34 - 00003370 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1370019927-2296632720-3596961847-1000
2013-11-25 12:19 - 2012-08-07 14:11 - 00074517 _____ C:\Windows\setupact.log
2013-11-25 12:19 - 2012-07-30 00:33 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-25 12:19 - 2011-09-01 10:49 - 00000000 ____D C:\ProgramData\PDFC
2013-11-25 12:19 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-25 12:18 - 2012-02-20 17:09 - 00000000 _____ C:\Windows\System32\Drivers\lvuvc.hs
2013-11-25 12:03 - 2012-07-23 12:34 - 01423872 ___SH C:\Users\Royal Shuffle\Downloads\Thumbs.db
2013-11-25 12:02 - 2012-02-20 17:09 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{11AC0D5E-51F3-43CA-9256-1CE8DABD6EFE}
2013-11-25 12:01 - 2013-11-25 12:01 - 00002369 _____ C:\Users\Royal Shuffle\Downloads\fixlist (1).txt
2013-11-25 01:16 - 2012-09-16 23:36 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1370019927-2296632720-3596961847-1000UA.job
2013-11-25 01:16 - 2012-09-16 23:36 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1370019927-2296632720-3596961847-1000Core.job
2013-11-25 01:10 - 2013-11-25 01:10 - 00002369 _____ C:\Users\Royal Shuffle\Downloads\fixlist.txt
2013-11-25 01:08 - 2012-04-09 06:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-25 01:02 - 2013-11-25 01:02 - 00000000 ____D C:\FRST
2013-11-25 00:27 - 2013-11-25 00:27 - 00003100 _____ C:\Windows\System32\Tasks\{A8F629D7-3BDF-4CEC-AF32-9A1A2F58FE0E}
2013-11-25 00:25 - 2013-11-25 00:25 - 00002209 _____ C:\Users\Royal Shuffle\AppData\Roaming\result1.db
2013-11-25 00:18 - 2012-02-20 19:45 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Local\CrashDumps
2013-11-25 00:18 - 2010-11-20 19:47 - 00888934 _____ C:\Windows\PFRO.log
2013-11-25 00:16 - 2013-11-25 01:51 - 00968032 ____R C:\Users\Royal Shuffle\AppData\Roaming\guard-jwby.exe
2013-11-24 22:39 - 2013-01-02 10:47 - 00000364 _____ C:\Windows\Tasks\HPCeeScheduleForRoyal Shuffle.job
2013-11-24 22:20 - 2012-02-20 17:46 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Local\PMB Files
2013-11-24 22:20 - 2012-02-20 17:46 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-24 18:00 - 2012-11-15 22:10 - 00000482 _____ C:\Windows\Tasks\ParetoLogic Registration.job
2013-11-24 17:46 - 2013-02-02 02:58 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-24 17:46 - 2012-02-20 18:26 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\Skype
2013-11-24 17:45 - 2013-11-24 17:04 - 00000402 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Royal Shuffle.job
2013-11-24 17:45 - 2013-11-24 17:04 - 00000398 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Royal Shuffle.job
2013-11-24 17:04 - 2013-11-24 17:04 - 00003658 _____ C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Royal Shuffle
2013-11-24 17:04 - 2013-11-24 17:04 - 00003022 _____ C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Royal Shuffle
2013-11-24 17:04 - 2013-11-24 17:04 - 00003018 _____ C:\Windows\System32\Tasks\ReclaimerUpdateXML_Royal Shuffle
2013-11-24 17:04 - 2013-11-24 17:04 - 00002726 _____ C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Royal Shuffle
2013-11-22 23:51 - 2012-05-22 20:51 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\vlc
2013-11-22 12:51 - 2012-02-20 18:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-22 12:51 - 2012-02-20 18:26 - 00000000 ____D C:\ProgramData\Skype
2013-11-21 14:44 - 2013-11-21 14:43 - 00000000 ____D C:\Program Files (x86)\PasswordBox
2013-11-21 14:43 - 2013-01-27 14:24 - 00046368 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-11-21 14:43 - 2013-01-27 14:23 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-11-20 10:39 - 2013-01-02 10:47 - 00003234 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRoyal Shuffle
2013-11-20 10:39 - 2012-05-23 09:19 - 00000000 _____ C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-20 10:39 - 2012-02-22 16:58 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-11-20 10:38 - 2012-02-22 16:56 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\HP Support Assistant
2013-11-20 10:38 - 2012-02-21 17:26 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\HpUpdate
2013-11-14 19:59 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-11-13 17:25 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-13 17:23 - 2013-11-13 17:18 - 00008344 _____ C:\Windows\IE11_main.log
2013-11-13 17:20 - 2013-11-13 17:20 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 17:20 - 2013-11-13 17:20 - 02332160 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 17:20 - 2013-11-13 17:20 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 01394176 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 17:20 - 2013-11-13 17:20 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 17:20 - 2013-11-13 17:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 17:20 - 2013-11-13 17:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 17:20 - 2013-11-13 17:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-11-13 17:20 - 2013-11-13 17:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 23212032 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 12995584 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 05765120 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-11-13 17:19 - 2013-11-13 17:19 - 01993728 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-11-13 17:19 - 2013-11-13 17:19 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-11-13 17:19 - 2013-11-13 17:19 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-11-13 17:19 - 2013-11-13 17:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-11-13 17:19 - 2013-11-13 17:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-11-13 17:19 - 2013-11-13 17:19 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-11-13 17:19 - 2013-11-13 17:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2013-11-13 12:38 - 2013-11-03 22:26 - 00000000 ____D C:\Users\Royal Shuffle\Downloads\The.Wedding.Video.2012.1080p.BluRay.x264.anoXmous
2013-11-13 03:04 - 2013-07-16 01:58 - 00000000 ____D C:\Windows\System32\MRT
2013-11-13 03:01 - 2012-02-26 12:27 - 82896128 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-11-10 21:31 - 2013-11-10 21:31 - 00003424 _____ C:\Windows\System32\Tasks\AmiUpdXp
2013-11-10 21:31 - 2013-11-10 21:31 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Local\SwvUpdater
2013-11-10 21:30 - 2013-11-10 21:30 - 00337960 _____ (Amônétízé Ltd) C:\Users\Royal Shuffle\Downloads\FlashPlayer__4166_i128136107_il3740201.exe
2013-11-09 22:48 - 2013-11-09 22:48 - 00000000 ____D C:\Users\Royal Shuffle\Documents\Firefall
2013-11-09 14:54 - 2013-11-09 14:54 - 01455528 _____ C:\Users\Royal Shuffle\Downloads\SystemCheck_enUS.exe
2013-11-09 09:53 - 2013-11-09 09:53 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-09 09:53 - 2013-11-09 09:52 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-09 09:53 - 2013-11-09 09:52 - 00000000 ____D C:\Program Files\iTunes
2013-11-09 09:53 - 2013-11-09 09:52 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-09 09:52 - 2013-11-09 09:52 - 00000000 ____D C:\Program Files\iPod
2013-11-09 09:46 - 2013-11-09 09:46 - 00001807 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-11-09 09:46 - 2013-11-09 09:46 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-11-07 10:12 - 2013-10-27 12:09 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Local\Avg2014
2013-11-06 00:12 - 2012-02-26 13:54 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\SoftGrid Client
2013-11-05 21:03 - 2012-02-20 17:06 - 00059368 _____ C:\Users\Royal Shuffle\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-05 17:24 - 2013-11-05 17:24 - 39401336 _____ (Apple Inc.) C:\Users\Royal Shuffle\Downloads\QuickTimeInstaller.exe
2013-11-03 22:27 - 2012-03-03 10:05 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\uTorrent
2013-11-03 22:25 - 2013-11-03 22:25 - 00000000 ____D C:\Users\Royal Shuffle\Downloads\The Big Wedding (2013) 1080p MKV x264 DTS BluRay-SilverTorrentHD
2013-10-31 15:30 - 2013-10-31 15:30 - 00000000 ____D C:\Users\Royal Shuffle\Desktop\New folder
2013-10-29 08:37 - 2009-07-13 20:45 - 04892024 _____ C:\Windows\System32\FNTCACHE.DAT
2013-10-28 13:35 - 2013-10-28 13:35 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\Yahoo!
2013-10-28 13:35 - 2013-10-28 13:35 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2013-10-28 13:34 - 2013-10-28 13:30 - 00171432 _____ C:\Windows\hpwins27.dat
2013-10-28 13:34 - 2011-09-01 10:38 - 00000000 ____D C:\Program Files (x86)\Hp
2013-10-28 13:33 - 2013-10-28 13:33 - 00000000 ____D C:\Windows\SysWOW64\spool
2013-10-28 13:33 - 2013-10-28 13:33 - 00000000 ____D C:\ProgramData\HP Product Assistant
2013-10-28 13:33 - 2012-03-21 18:53 - 00000000 ____D C:\ProgramData\HP
2013-10-28 13:32 - 2013-10-28 13:32 - 00000000 ____D C:\Windows\hpoj4500g510a-f
2013-10-28 13:30 - 2012-03-21 18:54 - 00002976 _____ C:\ProgramData\hpzinstall.log
2013-10-28 13:25 - 2013-10-28 13:11 - 222094656 _____ C:\Users\Royal Shuffle\Downloads\OJ4500vG510a-f_Full_13_en.exe
2013-10-27 12:16 - 2013-10-27 12:16 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\AVG2014
2013-10-27 12:15 - 2012-02-23 02:03 - 00000000 ___HD C:\$AVG
2013-10-27 12:14 - 2013-10-27 12:11 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-27 12:11 - 2012-02-20 18:06 - 00000000 ____D C:\Program Files (x86)\AVG
2013-10-26 12:07 - 2013-10-26 12:07 - 00000000 ____D C:\Users\Royal Shuffle\AppData\Roaming\Unity
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
C:\Users\Public\AlexaNSISPlugin.3548.dll
C:\Users\Royal Shuffle\jagex_cl_speccollect_LIVE.dat
C:\Users\Royal Shuffle\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Royal Shuffle\AppData\Local\Temp\Updater.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
4
Restore point made on: 2013-11-13 00:33:12
Restore point made on: 2013-11-13 03:00:34
Restore point made on: 2013-11-13 17:17:48
Restore point made on: 2013-11-21 00:36:06
 
==================== Memory info =========================== 
 
Percentage of memory in use: 26%
Total physical RAM: 3570.82 MB
Available physical RAM: 2634.42 MB
Total Pagefile: 3569.02 MB
Available Pagefile: 2625.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:919.67 GB) (Free:422.28 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:11.74 GB) (Free:1.44 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (NEW) (CDROM) (Total:1.98 GB) (Free:0 GB) UDF
Drive j: () (Removable) (Total:29.8 GB) (Free:29.79 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.12 GB) (Free:0.12 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: CD247F5A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
 
========================================================
Disk: 4 (Size: 30 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)
 
 
LastRegBack: 2013-11-20 00:08
 
==================== End Of Log ============================
 
fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-11-2013
Ran by SYSTEM at 2013-11-25 12:35:32 Run:4
Running from J:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
HKU\Sokolow Family\...\Winlogon: [shell] C:\Users\Sokolow Family\AppData\Roaming\guard-lhyu.exe [968032 2013-11-24] 
C:\Users\Sokolow Family\Desktop\family-feud-sounds
C:\Users\Sokolow Family\Desktop\family-feud-sounds.zip
C:\Users\Sokolow Family\AppData\Roaming\guard-lhyu.exe
C:\Users\Sokolow Family\AppData\Local\Temp\air1709.exe
C:\Users\Sokolow Family\AppData\Local\Temp\air402B.exe
C:\Users\Sokolow Family\AppData\Local\Temp\airDE4E.exe
C:\Users\Sokolow Family\AppData\Local\Temp\ARCompanionForSession1.exe
C:\Users\Sokolow Family\AppData\Local\Temp\checktbexist.exe
C:\Users\Sokolow Family\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Sokolow Family\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Sokolow Family\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Sokolow Family\AppData\Local\Temp\launcher.exe
C:\Users\Sokolow Family\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Sokolow Family\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Sokolow Family\AppData\Local\Temp\nsaC747.exe
C:\Users\Sokolow Family\AppData\Local\Temp\nst53FC.exe
C:\Users\Sokolow Family\AppData\Local\Temp\nstE813.exe
C:\Users\Sokolow Family\AppData\Local\Temp\nsy6EEE.exe
C:\Users\Sokolow Family\AppData\Local\Temp\nsyDF0B.exe
C:\Users\Sokolow Family\AppData\Local\Temp\Offercast2802_MYC_.exe
C:\Users\Sokolow Family\AppData\Local\Temp\ose00000.exe
C:\Users\Sokolow Family\AppData\Local\Temp\o_1-jnlg.dll
C:\Users\Sokolow Family\AppData\Local\Temp\QuickStores_Unlocker.exe
C:\Users\Sokolow Family\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sokolow Family\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Sokolow Family\AppData\Local\Temp\SPStub.exe
C:\Users\Sokolow Family\AppData\Local\Temp\tbMix0.dll
C:\Users\Sokolow Family\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\Sokolow Family\AppData\Local\Temp\uninstall.exe
C:\Users\Sokolow Family\AppData\Local\Temp\VidSaver15_20120508.exe
 
 
*****************
 
HKU\Sokolow Family\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
"C:\Users\Sokolow Family\Desktop\family-feud-sounds" => File/Directory not found.
"C:\Users\Sokolow Family\Desktop\family-feud-sounds.zip" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Roaming\guard-lhyu.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\air1709.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\air402B.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\airDE4E.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\ARCompanionForSession1.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\checktbexist.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\iv_uninstall.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\launcher.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\mconduitinstaller.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\MSETUP4.EXE" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\nsaC747.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\nst53FC.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\nstE813.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\nsy6EEE.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\nsyDF0B.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\Offercast2802_MYC_.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\ose00000.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\o_1-jnlg.dll" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\QuickStores_Unlocker.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\SkypeSetup.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\SpotifyUpgrader.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\SPStub.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\tbMix0.dll" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\ToolbarHelper.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\uninstall.exe" => File/Directory not found.
"C:\Users\Sokolow Family\AppData\Local\Temp\VidSaver15_20120508.exe" => File/Directory not found.
 
==== End of Fixlog ====
 
 
Link to post
Share on other sites
  • Staff
gringo_pr

gringo_pr

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.