mymonsters5 Posted November 30, 2013 ID:759419 Share Posted November 30, 2013 Can someone please tell me why this program will not uninstall even though I've completed all of the steps for removal? When I do a scan or a search nothing comes up for anything with the word scorpion in it. Neither Malewarebytes nor Norton is receiving any hits for this piece of maleware. What I don't understand is why it is still showing up in the uninstall programs list. This is the error message that I receive when trying to uninstall: Link to post Share on other sites More sharing options...
mymonsters5 Posted November 30, 2013 Author ID:759421 Share Posted November 30, 2013 I c&p screenshots but they didnt show up in the screen after posting. This was the messages I received after trying to uninstall this program. "The feature you are trying to use is on a network resource that is unavailable. Click OK to try again, or enter an alternate path to a folder containing the installation package 'ScorpionSaver.msi' in the box below. Use source c:\\temp\\ Browse" When I try browsing for an alterative folder that contains the msi file, none of the folders contain the installation package. In fact, there isn't even a folder for Scorpion Saver. When I try closing out of the error message, this is the response I get. "The installation source for this product is not available. Verify that the source exists and that you can access it." If anyone has any advice about how to get this off my computer, I will appreciate the help. I've read all of the other posts for ScorpionSaver but none of them seem to apply to my situation. Link to post Share on other sites More sharing options...
MrCharlie Posted November 30, 2013 ID:759425 Share Posted November 30, 2013 Welcome to the forum, first.....try to uninstall it from your add/remove programs.Then........Lets clean out any adware/spyware now: (this will require a reboot so save all your work)Please download AdwCleaner by Xplode and save to your Desktop.Make sure you click on download buttons that look similar to this, not "sponsored ad links":Double click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As AdministratorClick on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.When it's done you'll see: Pending: Please uncheck elements you don't want removed.Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.Look over the log especially under Files/Folders for any program you want to save.If there's a program you may want to save, just uncheck it from AdwCleaner.If you're not sure, post the log for review. (all items found are adware/spyware/foistware)If you're ready to clean it all up.....click the Clean button.After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.Copy and paste the contents of that logfile in your next reply.A copy of that logfile will also be saved in the C:\AdwCleaner folder.Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\QuarantineTo restore an item that has been deleted:Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.Next..................Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.Make sure that everything is checked, and click Remove Selected.Last......Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system.....Which system am I using?)Please make sure you click download buttons that look similar to this, not "sponsored ad links":Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.MrC Link to post Share on other sites More sharing options...
mymonsters5 Posted November 30, 2013 Author ID:759484 Share Posted November 30, 2013 Someone already had me do a scan with AdwCleaner yesterday so I included the report for both yesterdays and todays. Hopefully that will help because the Scorpion Saver came up on yesterdays scans but not on todays even though it's still shows installed on my computer. ADWCLEANERYesterday's Scan# AdwCleaner v3.013 - Report created 28/11/2013 at 21:44:55# Updated 24/11/2013 by Xplode# Operating System : Windows 8.1 (64 bits)# Username : Mom - MISTY# Running from : C:\Users\Mom\Downloads\adwcleaner.exe# Option : Clean***** [ Services ] ********** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\ConduitFolder Deleted : C:\ProgramData\eSafeFolder Deleted : C:\ProgramData\VisualBeeFolder Deleted : C:\Program Files (x86)\MyPC BackupFolder Deleted : C:\Program Files (x86)\OAppsFolder Deleted : C:\Program Files (x86)\SimilarSitesFolder Deleted : C:\Users\Misty\AppData\Local\ConduitFolder Deleted : C:\Users\Misty\AppData\Local\visualbeeexeFolder Deleted : C:\Users\Misty\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Misty\AppData\LocalLow\SmartbarFolder Deleted : C:\Users\Misty\AppData\Roaming\SearchprotectFolder Deleted : C:\Users\Misty\AppData\Roaming\SimilarSitesFolder Deleted : C:\Users\Misty\AppData\Roaming\Uniblue\DriverScannerFolder Deleted : C:\Users\Misty\AppData\Roaming\Uniblue\SpeedUpMyPCFolder Deleted : C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC BackupFolder Deleted : C:\Users\Mom\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Mom\AppData\LocalLow\SmartbarFolder Deleted : C:\Users\Mom\AppData\Roaming\pccustubinstallerFolder Deleted : C:\Users\Misty\AppData\Roaming\Mozilla\Firefox\Profiles\qsgdzxsg.default\CT3318920Folder Deleted : C:\Users\Misty\AppData\Roaming\Mozilla\Firefox\Profiles\qsgdzxsg.default\Extensions\{ed541409-a451-4021-921f-0b66f3196e57}Folder Deleted : C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbclFolder Deleted : C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnmlFolder Deleted : C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjjFile Deleted : C:\ENDFile Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweettunes_search.xmlFile Deleted : C:\Users\Misty\AppData\Roaming\Mozilla\Firefox\Profiles\qsgdzxsg.default\user.jsFile Deleted : C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\bi8jdxn9.default\user.js***** [ Shortcuts ] *****[x] Not Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk[x] Not Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk[x] Not Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk[x] Not Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk***** [ Registry ] *****Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lesstabs@lesstabs.com]Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.comKey Deleted : HKLM\SOFTWARE\Classes\driverscannerKey Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattributeKey Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanelKey Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarKey Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobjectKey Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystateKey Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuformKey Deleted : HKLM\SOFTWARE\Classes\speedupmypcKey Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvcKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3311875Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3318920Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}Key Deleted : HKCU\Software\IMKey Deleted : HKCU\Software\ImInstallerKey Deleted : HKCU\Software\powerpackKey Deleted : HKCU\Software\AppDataLow\Software\LyricsContainerKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}Key Deleted : HKLM\Software\aartemisSoftwareKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\UniblueKey Deleted : HKLM\Software\visualbeeKey Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks***** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.16384Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [secondary Start Pages]Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [secondary Start Pages]-\\ Mozilla Firefox v25.0.1 (en-US)[ File : C:\Users\Misty\AppData\Roaming\Mozilla\Firefox\Profiles\qsgdzxsg.default\prefs.js ]Line Deleted : user_pref("CT3311875_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384653947801,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");Line Deleted : user_pref("CT3318920.FF19Solved", "true");Line Deleted : user_pref("CT3318920.UserID", "UN28731988601093461");Line Deleted : user_pref("CT3318920.browser.search.defaultthis.engineName", "true");Line Deleted : user_pref("CT3318920.fullUserID", "UN28731988601093461.IN.20131113023453");Line Deleted : user_pref("CT3318920.installDate", "13/11/2013 02:34:58");Line Deleted : user_pref("CT3318920.installSessionId", "{79F66E1C-DC6B-4726-BC47-AD149AEC2202}");Line Deleted : user_pref("CT3318920.installSp", "TRUE");Line Deleted : user_pref("CT3318920.installerVersion", "1.8.0.14");Line Deleted : user_pref("CT3318920.keyword", "true");8&ilc=12&type=293224&p=");Line Deleted : user_pref("CT3318920.originalSearchEngine", "Yahoo");Line Deleted : user_pref("CT3318920.originalSearchEngineName", "Yahoo");Line Deleted : user_pref("CT3318920.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");Line Deleted : user_pref("CT3318920.searchRevert", "false");Line Deleted : user_pref("CT3318920.searchUserMode", "2");Line Deleted : user_pref("CT3318920.smartbar.homepage", "true");Line Deleted : user_pref("CT3318920.toolbarInstallDate", "13-11-2013 02:34:53");Line Deleted : user_pref("CT3318920.versionFromInstaller", "10.21.1.7");Line Deleted : user_pref("CT3318920.xpeMode", "0");ctid=CT3311875&octid=CT3311875&SearchSource=61&CUI=UN32094305553120393&UM=2&UP=SPD86B8F77-2B26-4DCA-8A60-2CE850BD299A");Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");fr=greentree_ff1&ei=utf-8&ilc=12&type=293224&p=");Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3311875");type=nt&ts=1384475708&from=tugs&uid=TOSHIBAXMQ01ABD050_92PQT8Z5TXX92PQT8Z5T");Line Deleted : user_pref("browser.search.defaultthis.engineName", "SweetTunes Customized Web Search");ctid=CT3311875&CUI=UN32094305553120393&UM=2&SearchSource=3&q={searchTerms}");ctid=CT3311875&SearchSource=2&CUI=UN32094305553120393&UM=2&q=");Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3311875");ctid=CT3318920&octid=CT3318920&SearchSource[...]Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3311875");Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3311875");Line Deleted : user_pref("smartbar.machineId", "/HTKMOLY/4ZD8V8X5IZAYN2989WMFEHCGOZMWFXDDJQUCMQIKQANNO+FKUFF0Q33RZNBI7JVAZJXW3KIA3EK/A");ctid=CT3318920&CUI=UN28731988601093461&UM=2&SearchSource=13");[ File : C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\bi8jdxn9.default\prefs.js ]Line Deleted : user_pref("extensions.wajam.affiliate_id", "1401");Line Deleted : user_pref("extensions.wajam.firstrun", "false");Line Deleted : user_pref("extensions.wajam.log_send_info", "false");Line Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...]Line Deleted : user_pref("extensions.wajam.no_trace", "false");Line Deleted : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");Line Deleted : user_pref("extensions.wajam.supported_sites.bing.wajam_yahoo_se_js", "try {window['APP_LABEL_NAME'] ='wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';win[...]Line Deleted : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]Line Deleted : user_pref("extensions.wajam.trace_log", "1372658714612 - processInstallationUpgrade - version set to :1.26\n1372658714613 - processBrowserLoad - Bad mappingListJsonString: null\n1372658716594 - onFla[...]Line Deleted : user_pref("extensions.wajam.unique_id", "028A92FC623B5ADC4E87BB89109B900F");Line Deleted : user_pref("extensions.wajam.user_current_mapping_version", "0");Line Deleted : user_pref("extensions.wajam.version", "1.26");Line Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]Line Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...]Line Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_product_name", "Updater By SweetPacks");-\\ Google Chrome v27.0.1453.116[ File : C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\preferences ]Deleted : homepageDeleted : urls_to_restore_on_startup[ File : C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\preferences ][ File : C:\Users\misty_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]*************************AdwCleaner[R0].txt - [14917 octets] - [28/11/2013 20:54:37]AdwCleaner[s0].txt - [13910 octets] - [28/11/2013 21:44:55]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [13971 octets] ##########MALEWAREBYTESMalwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.11.28.12Windows 8 x64 NTFSInternet Explorer 11.0.9600.16438Mom :: MISTY [administrator]11/28/2013 7:21:01 PMmbam-log-2013-11-28 (19-21-01).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 259594Time elapsed: 5 minute(s), 53 second(s)Memory Processes Detected: 1C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (PUP.Optional.ScorpionSaver) -> 1440 -> Delete on reboot.Memory Modules Detected: 1C:\Program Files\ScorpionSaver Services\PCProxyDLL.dll (PUP.Optional.ScorpionSaver) -> Delete on reboot.Registry Keys Detected: 6HKCR\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.HKCR\Wow6432Node\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.HKCR\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.HKCR\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} (PUP.Optional.ScorpionSaver) -> Quarantined and deletedsuccessfully.HKLM\SYSTEM\CurrentControlSet\Services\AdpeakProxy (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 3C:\Program Files\ScorpionSaver Services (PUP.Optional.ScorpionSaver) -> Delete on reboot.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg(PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0(PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.Files Detected: 22C:\$Recycle.Bin\S-1-5-21-209102890-733556855-160672719-1003\$RYO4NHE.msi (Adware.Adpeak) -> Quarantined and deletedsuccessfully.C:\Program Files\ScorpionSaver Services\AdpeakProxy.dll (PUP.Optional.ScorpionSaver) -> Quarantined and deletedsuccessfully.C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (PUP.Optional.ScorpionSaver) -> Delete on reboot.C:\Program Files\ScorpionSaver Services\AdpeakProxy64.dll (PUP.Optional.ScorpionSaver) -> Quarantined and deletedsuccessfully.C:\Program Files\ScorpionSaver Services\AdpeakWFP64.sys (PUP.Optional.ScorpionSaver) -> Quarantined and deletedsuccessfully.C:\Program Files\ScorpionSaver Services\AdpeakWFPInstaller.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deletedsuccessfully.C:\Program Files\ScorpionSaver Services\Installbat.dll (PUP.Optional.ScorpionSaver) -> Quarantined and deletedsuccessfully.C:\Program Files\ScorpionSaver Services\Installbat64.dll (PUP.Optional.ScorpionSaver) -> Quarantined and deletedsuccessfully.C:\Program Files\ScorpionSaver Services\Microsoft.Deployment.WindowsInstaller.dll (PUP.Optional.ScorpionSaver) ->Quarantined and deleted successfully.C:\Program Files\ScorpionSaver Services\Microsoft.Deployment.WindowsInstaller.xml (PUP.Optional.ScorpionSaver) ->Quarantined and deleted successfully.C:\Program Files\ScorpionSaver Services\PCProxyDLL.dll (PUP.Optional.ScorpionSaver) -> Delete on reboot.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\background.js (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\bootstrap.js (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\bootstrap.js.old (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\icon128.png(PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\icon16.png(PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\icon32.png(PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\icon48.png(PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\icon64.png(PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\icon8.png(PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\manifest.json (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\marcopolo.js (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.(end) Link to post Share on other sites More sharing options...
mymonsters5 Posted November 30, 2013 Author ID:759487 Share Posted November 30, 2013 Today's Scan# AdwCleaner v3.013 - Report created 30/11/2013 at 11:15:18# Updated 24/11/2013 by Xplode# Operating System : Windows 8.1 (64 bits)# Username : Mom - MISTY# Running from : C:\Users\Mom\Downloads\AdwCleaner(1).exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] *****Folder Deleted : C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj***** [ Shortcuts ] *****Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnkShortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnkShortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnkShortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ***** [ Registry ] ***** ***** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.16384 -\\ Mozilla Firefox v25.0.1 (en-US) [ File : C:\Users\Misty\AppData\Roaming\Mozilla\Firefox\Profiles\qsgdzxsg.default\prefs.js ] [ File : C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\bi8jdxn9.default\prefs.js ] -\\ Google Chrome v27.0.1453.116 [ File : C:\Users\Misty\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\misty_000\AppData\Local\Google\Chrome\User Data\Default\preferences ] *************************AdwCleaner[R0].txt - [14917 octets] - [28/11/2013 20:54:37]AdwCleaner[R1].txt - [2112 octets] - [30/11/2013 11:02:18]AdwCleaner[s0].txt - [14124 octets] - [28/11/2013 21:44:55]AdwCleaner[s1].txt - [1655 octets] - [30/11/2013 11:15:18] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1715 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.11.30.05Windows 8 x64 NTFSInternet Explorer 11.0.9600.16438Mom :: MISTY [administrator]11/30/2013 11:24:27 AMmbam-log-2013-11-30 (11-24-27).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 260533Time elapsed: 4 minute(s), 53 second(s) Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
mymonsters5 Posted November 30, 2013 Author ID:759492 Share Posted November 30, 2013 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-11-2013Ran by Mom (administrator) on MISTY on 30-11-2013 11:41:52Running from C:\Users\Mom\DownloadsWindows 8.1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal==================== Processes (Whitelisted) =================(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Microsoft Corporation) C:\Windows\System32\dasHost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe() C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe(Microsoft Corporation) C:\Windows\splwow64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe"HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-12-10] (Realtek Semiconductor)HKLM\...\Run: [sRS Premium Sound 3D] - C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_PS3D.zip [215248 2012-08-06] ()HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)HKLM\...\Run: [TSleepSrv] - C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)HKLM\...\Run: [TODDMain] - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()HKLM\...\Run: [TecoResident] - C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)HKLM\...\Run: [ThpSrv] - C:\windows\system32\thpsrv /logonHKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2780776 2011-07-19] (CANON INC.)HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)HKLM-x32\...\Winlogon: [userinit] C:\Windows\sysWOW64\userinit.exe [21504 2013-08-21] (Microsoft Corporation)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKCU\...\Run: [pronto] - C:\Program Files (x86)\Blackboard\Blackboard IM\blackboardim.exe [23053400 2012-07-06] ()HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)HKCU\...\Run: [Google Update] - C:\Users\Mom\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-07-11] (Google Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exeHKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-11-14] (RealNetworks, Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)HKU\Misty\...\Run: [backgroundContainer] - "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Misty\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTIONHKU\Misty\...\Run: [GoogleChromeAutoLaunch_97C45A3918E65B98E8CC778E58177546] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [825808 2013-06-14] (Google Inc.)HKU\misty_000\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)AppInit_DLLs: [ ] ()==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.comSearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =SearchScopes: HKLM - {F528362F-2901-4AB6-A93F-1FE742BEEBBE} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJSSearchScopes: HKLM-x32 - {F528362F-2901-4AB6-A93F-1FE742BEEBBE} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJSSearchScopes: HKCU - {F528362F-2901-4AB6-A93F-1FE742BEEBBE} URL =BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: No Name - {1C8501DD-5580-48AB-B25C-6D5DBE835A6A} - No FileBHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No FileToolbar: HKCU - No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1FireFox:========FF ProfilePath: C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\bi8jdxn9.defaultFF Homepage: https://www.google.com/FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No FileFF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Mom\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Mom\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Mom\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()FF Extension: Diccionario de Español/México - C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\bi8jdxn9.default\Extensions\es-MX@dictionaries.addons.mozilla.orgFF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFFFF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFFFF HKLM-x32\...\Firefox\Extensions: [linksicle@linksicle.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.comFF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\ExtFF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\ExtChrome:=======CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No FileCHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Extension: (Google Docs) - C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0CHR Extension: (Google Drive) - C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (RealDownloader) - C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0CHR Extension: (Google Play Books) - C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.9_0CHR Extension: (Simply Recipes) - C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\phkkbopifpbfgacfpbemlgpeimkfdnok\0.2_0CHR Extension: (Gmail) - C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0CHR HKLM-x32\...\Chrome\Extension: [gddejphgogdngaihfpebjpmlkjjhmikc] - C:\Users\Misty\AppData\Local\CRE\gddejphgogdngaihfpebjpmlkjjhmikc.crxCHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crxCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONCHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION==================== Services (Whitelisted) =================R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [512504 2013-11-25] ()S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] ()R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [126392 2012-07-23] (Symantec Corporation)R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-10] (Realtek Semiconductor)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation)==================== Drivers (Whitelisted) ====================S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)R2 AdpeakWFP; C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys [41624 2013-09-26] (Adpeak, Inc.)S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)R3 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [1524824 2013-11-01] (Symantec Corporation)R3 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)R3 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20131128.001\IDSvia64.sys [521816 2013-11-14] (Symantec Corporation)R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-26] (Microsoft Corporation)S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20131129.009\ENG64.SYS [126040 2013-11-13] (Symantec Corporation)R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20131129.009\EX64.SYS [2099288 2013-11-13] (Symantec Corporation)R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)R3 SRTSPX; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-26] (Microsoft Corporation)R3 SymDS; C:\Windows\system32\drivers\NAVx64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)R3 SymEFA; C:\Windows\system32\drivers\NAVx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-13] (Symantec Corporation)R3 SymIRON; C:\Windows\system32\drivers\NAVx64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows ® Win 7 DDK provider)S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-29] (Windows ® Win 7 DDK provider)==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2013-11-30 11:41 - 2013-11-30 11:42 - 00024344 _____ C:\Users\Mom\Downloads\FRST.txt2013-11-30 11:41 - 2013-11-30 11:41 - 00000000 ____D C:\FRST2013-11-30 11:40 - 2013-11-30 11:40 - 01959070 _____ (Farbar) C:\Users\Mom\Downloads\FRST64.exe2013-11-30 11:23 - 2013-11-30 11:39 - 00022686 _____ C:\Users\Mom\Desktop\reports for malewarebytes forum.txt2013-11-30 11:01 - 2013-11-30 11:01 - 01091882 _____ C:\Users\Mom\Downloads\AdwCleaner(1).exe2013-11-28 22:22 - 2013-11-28 22:22 - 00041414 _____ C:\Users\Mom\Desktop\HitmanPro_20131128_2222.log2013-11-28 22:11 - 2013-11-28 22:22 - 00000000 ____D C:\ProgramData\HitmanPro2013-11-28 22:10 - 2013-11-28 22:11 - 10264904 _____ (SurfRight B.V.) C:\Users\Mom\Downloads\HitmanPro_x64.exe2013-11-28 22:01 - 2013-11-28 22:01 - 00001399 _____ C:\Users\Mom\Desktop\JRT.txt2013-11-28 21:54 - 2013-11-28 21:54 - 00000000 ____D C:\WINDOWS\ERUNT2013-11-28 21:52 - 2013-11-28 21:53 - 01034531 _____ (Thisisu) C:\Users\Mom\Downloads\JRT.exe2013-11-28 20:54 - 2013-11-30 11:15 - 00000000 ____D C:\AdwCleaner2013-11-28 20:53 - 2013-11-28 20:53 - 01091882 _____ C:\Users\Mom\Downloads\adwcleaner.exe2013-11-28 18:40 - 2013-11-30 11:28 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE2F2A77-E12A-49EE-874C-42B9AE3BB82E}2013-11-27 19:11 - 2013-11-27 19:13 - 00000000 ____D C:\Users\Mom\Desktop\amber2013-11-27 19:11 - 2013-11-27 19:12 - 00000000 ____D C:\Users\Mom\Desktop\Desktop Misc Docs2013-11-27 19:10 - 2013-11-27 19:12 - 00000000 ____D C:\Users\Mom\Desktop\Desktop 4 AZVA_Insight2013-11-27 13:53 - 2013-09-26 09:50 - 00041624 _____ (Adpeak, Inc.) C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys2013-11-27 00:38 - 2013-11-28 11:15 - 00000000 ___RD C:\Users\Misty\SkyDrive2013-11-27 00:34 - 2013-11-27 00:34 - 00000608 __RSH C:\Users\Misty\ntuser.pol2013-11-27 00:34 - 2013-11-27 00:34 - 00000020 ___SH C:\Users\Misty\ntuser.ini2013-11-26 13:51 - 2013-11-26 13:51 - 00000000 ____D C:\Program Files\Level Quality Watcher2013-11-26 02:05 - 2013-11-26 02:05 - 00000000 ___RD C:\Users\Mom\Documents\Notes2013-11-26 01:58 - 2013-11-26 21:20 - 00000000 ___DC C:\WINDOWS\Panther2013-11-26 01:58 - 2013-11-26 01:03 - 00000000 __SHD C:\Recovery2013-11-26 01:57 - 2013-11-28 20:20 - 00000000 ____D C:\Windows.old2013-11-26 01:57 - 2013-11-26 01:57 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll2013-11-26 01:57 - 2013-11-26 01:57 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll2013-11-26 01:56 - 2013-11-26 01:56 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll2013-11-26 01:56 - 2013-11-26 01:56 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll2013-11-26 01:56 - 2013-11-26 01:56 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll2013-11-26 01:56 - 2013-11-26 01:56 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll2013-11-26 01:56 - 2013-11-26 01:56 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll2013-11-26 01:56 - 2013-11-26 01:56 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll2013-11-26 01:56 - 2013-11-26 01:56 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll2013-11-26 01:56 - 2013-11-26 01:56 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll2013-11-26 01:56 - 2013-11-26 01:56 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll2013-11-26 01:55 - 2013-11-26 01:55 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll2013-11-26 01:55 - 2013-11-26 01:55 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll2013-11-26 01:55 - 2013-11-26 01:55 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll2013-11-26 01:55 - 2013-11-26 01:55 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2013-11-26 01:54 - 2013-11-26 01:54 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2013-11-26 01:54 - 2013-11-26 01:54 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2013-11-26 01:54 - 2013-11-26 01:54 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2013-11-26 01:54 - 2013-11-26 01:54 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe2013-11-26 01:54 - 2013-11-26 01:54 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll2013-11-26 01:54 - 2013-11-26 01:54 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll2013-11-26 01:54 - 2013-11-26 01:54 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll2013-11-26 01:54 - 2013-11-26 01:54 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2013-11-26 01:54 - 2013-11-26 01:54 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll2013-11-26 01:54 - 2013-11-26 01:54 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll2013-11-26 01:54 - 2013-11-26 01:54 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll2013-11-26 01:54 - 2013-11-26 01:54 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2013-11-26 01:54 - 2013-11-26 01:54 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe2013-11-26 01:54 - 2013-11-26 01:54 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe2013-11-26 01:54 - 2013-11-26 01:54 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2013-11-26 01:54 - 2013-11-26 01:54 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2013-11-26 01:54 - 2013-11-26 01:54 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys2013-11-26 01:54 - 2013-11-26 01:54 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml2013-11-26 01:54 - 2013-11-26 01:54 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS2013-11-26 01:54 - 2013-11-26 01:54 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll2013-11-26 01:52 - 2013-11-26 01:52 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll2013-11-26 01:52 - 2013-11-26 01:52 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll2013-11-26 01:52 - 2013-11-26 01:52 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL2013-11-26 01:52 - 2013-11-26 01:52 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL2013-11-26 01:52 - 2013-11-26 01:52 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys2013-11-26 01:52 - 2013-11-26 01:52 - 00000000 ____D C:\Users\Mom\AppData\Local\Intel_Corporation2013-11-26 01:51 - 2013-11-26 01:51 - 00262144 _____ C:\WINDOWS\system32\config\userdiff2013-11-26 01:48 - 2013-11-26 01:48 - 00000000 ____D C:\Program Files\Reference Assemblies2013-11-26 01:48 - 2013-11-26 01:48 - 00000000 ____D C:\Program Files\MSBuild2013-11-26 01:48 - 2013-11-26 01:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies2013-11-26 01:48 - 2013-11-26 01:48 - 00000000 ____D C:\Program Files (x86)\MSBuild2013-11-26 01:47 - 2013-11-26 01:47 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys2013-11-26 01:47 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll2013-11-26 01:47 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll2013-11-26 01:47 - 2013-08-02 21:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe2013-11-26 01:47 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll2013-11-26 01:47 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll2013-11-26 01:47 - 2013-08-02 21:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe2013-11-26 01:42 - 2013-11-26 01:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus2013-11-26 01:37 - 2013-11-26 01:37 - 00001449 _____ C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-11-26 01:35 - 2013-11-26 21:06 - 00000604 __RSH C:\Users\Mom\ntuser.pol2013-11-26 01:35 - 2013-11-26 01:35 - 00000020 ___SH C:\Users\Mom\ntuser.ini2013-11-26 01:32 - 2013-11-30 11:30 - 01580697 _____ C:\WINDOWS\WindowsUpdate.log2013-11-26 01:31 - 2013-11-26 01:31 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat2013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\KODAK AiO Home Center1488319482013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help2013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default\AppData\Local\Eastman_Kodak_Company2013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center1488319482013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help2013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Eastman_Kodak_Company2013-11-26 01:10 - 2013-11-26 01:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate2013-11-26 01:07 - 2013-11-28 19:12 - 00000000 ____D C:\Users\Mom2013-11-26 01:07 - 2013-11-28 19:01 - 00000000 ____D C:\Users\Misty2013-11-26 01:07 - 2013-11-26 01:22 - 00000000 ____D C:\Users\misty_0002013-11-26 01:07 - 2013-11-26 01:09 - 00000000 ___RD C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2013-11-26 01:07 - 2013-11-26 01:09 - 00000000 ___RD C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2013-11-26 01:07 - 2013-11-26 01:08 - 00000000 ___RD C:\Users\misty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2013-11-26 01:07 - 2013-11-26 01:08 - 00000000 ___RD C:\Users\misty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2013-11-26 01:07 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2013-11-26 01:07 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2013-11-26 01:07 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\misty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2013-11-26 01:07 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2013-11-26 01:07 - 2013-08-22 08:36 - 00000000 ___RD C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2013-11-26 01:07 - 2013-08-22 08:36 - 00000000 ____D C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2013-11-26 01:07 - 2013-08-22 08:36 - 00000000 ____D C:\Users\misty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2013-11-26 01:07 - 2013-08-22 08:36 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2013-11-26 01:06 - 2013-11-26 01:31 - 00043818 _____ C:\WINDOWS\diagwrn.xml2013-11-26 01:06 - 2013-11-26 01:31 - 00043818 _____ C:\WINDOWS\diagerr.xml2013-11-26 01:01 - 2013-11-26 01:12 - 00000000 ____D C:\Program Files (x86)\Intel2013-11-26 01:01 - 2013-11-26 01:01 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____D C:\WINDOWS\system32\SRSLabs2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____D C:\Program Files\Realtek2013-11-26 01:01 - 2013-09-21 03:22 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL2013-11-26 01:01 - 2013-09-21 03:22 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL2013-11-26 01:00 - 2013-11-26 01:00 - 00000000 ____D C:\Program Files\Synaptics2013-11-26 00:05 - 2013-11-26 01:31 - 00006593 _____ C:\WINDOWS\comsetup.log2013-11-23 21:47 - 2013-11-23 21:47 - 00000523 _____ C:\Users\Mom\Downloads\tandf_wtsq2028_464.ris2013-11-23 21:47 - 2013-11-23 21:47 - 00000424 _____ C:\Users\Mom\Downloads\tandf_wtsq2028_464.bib2013-11-22 23:02 - 2013-11-22 23:02 - 00456593 _____ C:\Users\Mom\Downloads\DLreview_M_Sanders.dotx2013-11-21 20:47 - 2013-11-21 20:47 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk2013-11-21 20:46 - 2013-11-21 20:46 - 00000000 ____D C:\Program Files\iPod2013-11-21 20:45 - 2013-11-21 20:47 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-21 20:45 - 2013-11-21 20:47 - 00000000 ____D C:\Program Files\iTunes2013-11-21 20:45 - 2013-11-21 20:47 - 00000000 ____D C:\Program Files (x86)\iTunes2013-11-20 10:09 - 2013-11-22 23:01 - 00456605 _____ C:\Users\Mom\Downloads\SLIS5740_DLreview_Template.dotx2013-11-18 17:03 - 2013-11-18 17:03 - 00000000 ___HD C:\ProgramData\CanonIJEGV2013-11-18 16:59 - 2013-11-18 16:59 - 00000000 ___HD C:\ProgramData\CanonIJScan2013-11-17 13:27 - 2013-11-27 19:13 - 00000000 ____D C:\Users\Mom\Desktop\UNT2013-11-15 21:09 - 2013-11-15 21:09 - 00000000 ____D C:\Users\Misty\Downloads\New folder2013-11-15 14:40 - 2013-11-15 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-15 12:45 - 2013-11-15 12:45 - 00000000 ____D C:\Users\misty_000\AppData\Roaming\Real2013-11-15 12:45 - 2013-11-15 12:45 - 00000000 ____D C:\Users\misty_000\AppData\Roaming\Canon2013-11-14 19:34 - 2013-11-14 19:34 - 00000000 ____D C:\Users\Mom\AppData\Roaming\DAEMON Tools Lite2013-11-14 18:35 - 2013-11-14 18:35 - 00000000 ____D C:\Users\Mom\AppData\Roaming\RealNetworks2013-11-14 18:34 - 2013-11-17 20:24 - 00000000 ____D C:\Users\Mom\AppData\Roaming\Real2013-11-14 17:19 - 2013-11-28 21:44 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Uniblue2013-11-14 17:09 - 2013-11-14 17:36 - 00000000 ____D C:\Users\Misty\AppData\Roaming\DAEMON Tools Lite2013-11-14 17:08 - 2013-11-14 17:41 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite2013-11-14 15:57 - 2013-11-14 15:57 - 00003334 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-209102890-733556855-160672719-10012013-11-14 15:57 - 2013-11-14 15:57 - 00000000 ____D C:\Users\Misty\AppData\Roaming\RealNetworks2013-11-14 15:55 - 2013-11-14 15:55 - 00001271 _____ C:\Users\Public\Desktop\RealPlayer.lnk2013-11-14 15:55 - 2013-11-14 15:55 - 00000000 ____D C:\Users\Misty\AppData\Local\Real2013-11-14 15:54 - 2013-11-14 15:54 - 00272896 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll2013-11-14 15:54 - 2013-11-14 15:54 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll2013-11-14 15:54 - 2013-11-14 15:54 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll2013-11-14 15:54 - 2013-11-14 15:54 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll2013-11-14 15:54 - 2013-11-14 15:54 - 00000000 ____D C:\ProgramData\RealNetworks2013-11-14 15:54 - 2013-11-14 15:54 - 00000000 ____D C:\Program Files (x86)\RealNetworks2013-11-14 15:54 - 2013-11-14 15:54 - 00000000 ____D C:\Program Files (x86)\Real2013-11-14 15:52 - 2013-11-14 15:55 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Real2013-11-14 15:51 - 2013-11-14 19:46 - 00000000 ____D C:\Users\Misty\AppData\Local\The Weather Channel2013-11-14 15:51 - 2013-11-14 15:54 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll2013-11-14 15:51 - 2013-11-14 15:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll2013-11-14 15:45 - 2013-11-14 15:57 - 00000000 ____D C:\ProgramData\Real2013-11-13 15:57 - 2013-11-14 15:34 - 00002408 _____ C:\Users\Public\Desktop\Norton AntiVirus.lnk2013-11-13 15:48 - 2013-11-13 15:48 - 00000000 ____D C:\Users\Public\Downloads\Norton2013-11-13 07:18 - 2013-11-13 07:18 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Malwarebytes2013-11-13 02:36 - 2013-11-13 02:36 - 00000000 ____D C:\Users\Misty\AppData\Local\NativeMessaging2013-11-13 02:35 - 2013-11-14 17:22 - 00000000 ____D C:\Users\Misty\AppData\Local\CRE2013-11-13 02:34 - 2013-11-13 02:34 - 00000187 _____ C:\Users\Misty\Downloads\password.rar2013-11-13 02:33 - 2013-11-13 02:33 - 00001222 _____ C:\Users\Misty\Desktop\Create Amazing Presentations.lnk2013-11-13 02:33 - 2013-11-13 02:33 - 00001222 _____ C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk2013-11-13 02:33 - 2013-11-13 02:33 - 00000000 ____D C:\Users\Misty\AppData\Local\emaze2013-11-13 02:28 - 2013-11-26 01:17 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR2013-11-13 02:28 - 2013-11-13 02:28 - 00000000 ____D C:\Users\Misty\AppData\Roaming\WinRAR2013-11-13 01:18 - 2013-11-13 01:18 - 00016768 _____ C:\Users\Misty\Downloads\The.Sims.3 -RELOADED-.torrent2013-11-13 01:17 - 2013-11-15 20:58 - 00000000 ____D C:\Users\Misty\AppData\Roaming\uTorrent2013-11-12 21:21 - 2013-11-12 21:21 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Canon2013-11-10 10:44 - 2013-11-10 10:44 - 00003506 _____ C:\WINDOWS\System32\Tasks\RunAsStdUser Task2013-11-10 10:44 - 2013-11-10 10:44 - 00000000 ____D C:\Users\Mom\AppData\Local\Chromium2013-11-10 10:42 - 2013-11-10 10:42 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-11-10 10:42 - 2013-11-10 10:42 - 00000000 ____D C:\Users\Mom\AppData\Roaming\Malwarebytes2013-11-10 10:42 - 2013-11-10 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes2013-11-10 10:42 - 2013-11-10 10:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-10 10:42 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2013-11-10 10:41 - 2013-11-10 10:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mom\Downloads\mbam-setup-1.75.0.1300.exe2013-11-10 10:33 - 2013-11-10 10:33 - 00003244 _____ C:\WINDOWS\System32\Tasks\{B79F186E-4032-4F60-9769-A585CB359316}2013-11-10 10:22 - 2013-11-10 10:22 - 00003244 _____ C:\WINDOWS\System32\Tasks\{BCF203B3-1B27-4265-A78F-D18B1E2E9A96}2013-11-10 09:06 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMB1.DLL2013-11-08 19:46 - 2011-09-21 05:00 - 00302592 _____ (CANON INC.) C:\WINDOWS\system32\CNCALB1.DLL2013-11-08 19:25 - 2013-11-18 16:59 - 00000000 ____D C:\Users\Mom\AppData\Roaming\Canon2013-11-08 19:25 - 2013-11-08 19:25 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX22013-11-08 19:25 - 2013-11-08 19:25 - 00000000 ___HD C:\ProgramData\CanonEPP2013-11-08 19:23 - 2011-11-03 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMXLMB1.DLL2013-11-08 19:22 - 2013-11-08 19:22 - 00000000 ___HD C:\ProgramData\CanonIJFAX2013-11-08 19:22 - 2013-11-08 19:22 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool2013-11-08 19:22 - 2011-10-14 11:57 - 00102912 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B1U.dll2013-11-08 19:22 - 2011-09-22 08:57 - 00316416 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B1L.dll2013-11-08 19:22 - 2011-06-30 13:52 - 00065280 _____ C:\WINDOWS\SysWOW64\CNC175BD.TBL2013-11-08 19:22 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll2013-11-08 19:21 - 2013-11-08 19:21 - 00000000 ____D C:\Program Files\Common Files\CANON2013-11-08 19:20 - 2013-11-08 19:20 - 00002082 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk2013-11-08 19:20 - 2013-11-08 19:20 - 00000000 ____D C:\ProgramData\CanonIJWSpt2013-11-08 19:18 - 2013-11-08 19:18 - 00000000 ____D C:\Program Files\Canon2013-11-08 19:17 - 2013-11-26 01:13 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information2013-11-08 19:17 - 2013-11-08 19:17 - 00002361 _____ C:\Users\Public\Desktop\Canon MX430 series On-screen Manual.lnk2013-11-08 19:17 - 2013-11-08 19:17 - 00000000 ___HD C:\ProgramData\CanonBJ2013-11-08 19:16 - 2013-11-26 01:17 - 00000000 ____D C:\WINDOWS\system32\STRING2013-11-08 19:16 - 2013-11-08 19:16 - 00000000 ___HD C:\Program Files\CanonBJ2013-11-08 19:16 - 2011-08-16 01:30 - 00363520 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL2013-11-08 19:16 - 2011-08-16 01:30 - 00356864 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL2013-11-08 19:16 - 2011-08-16 01:30 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL2013-11-08 19:14 - 2013-11-08 19:25 - 00000000 ____D C:\Program Files (x86)\Canon2013-11-08 17:55 - 2013-11-08 17:55 - 00800824 _____ (Microsoft Corporation) C:\Users\Mom\AppData\Roaming\DPInst.exe2013-11-08 17:55 - 2013-11-08 17:55 - 00106496 _____ (Microsoft Corporation) C:\Users\Mom\AppData\Roaming\gacutil.exe2013-11-08 17:55 - 2013-11-08 17:55 - 00036352 _____ (Microsoft Corporation) C:\Users\Mom\AppData\Roaming\PnPutil.exe2013-11-07 23:33 - 2013-11-07 23:33 - 00009717 _____ C:\Users\Mom\Downloads\nativeplayback (2).jnlp2013-11-07 23:28 - 2013-11-07 23:29 - 00009915 _____ C:\Users\Mom\Downloads\nativeplayback (1).jnlp2013-11-07 23:15 - 2013-11-07 23:16 - 00009915 _____ C:\Users\Mom\Downloads\nativeplayback.jnlp2013-11-01 15:24 - 2013-11-01 15:24 - 00000000 ____D C:\ProgramData\Oracle2013-11-01 15:23 - 2013-11-01 15:23 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe2013-11-01 15:23 - 2013-11-01 15:23 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe2013-11-01 15:23 - 2013-11-01 15:23 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe2013-11-01 15:23 - 2013-11-01 15:23 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll2013-10-31 14:50 - 2013-10-31 14:50 - 00000000 ____D C:\ProgramData\HP Link to post Share on other sites More sharing options...
mymonsters5 Posted November 30, 2013 Author ID:759493 Share Posted November 30, 2013 ==================== One Month Modified Files and Folders ======= 2013-11-30 11:42 - 2013-11-30 11:41 - 00024344 _____ C:\Users\Mom\Downloads\FRST.txt2013-11-30 11:42 - 2013-07-21 22:26 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-209102890-733556855-160672719-1003UA.job2013-11-30 11:41 - 2013-11-30 11:41 - 00000000 ____D C:\FRST2013-11-30 11:40 - 2013-11-30 11:40 - 01959070 _____ (Farbar) C:\Users\Mom\Downloads\FRST64.exe2013-11-30 11:39 - 2013-11-30 11:23 - 00022686 _____ C:\Users\Mom\Desktop\reports for malewarebytes forum.txt2013-11-30 11:30 - 2013-11-26 01:32 - 01580697 _____ C:\WINDOWS\WindowsUpdate.log2013-11-30 11:29 - 2013-02-17 22:57 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2013-11-30 11:28 - 2013-11-28 18:40 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE2F2A77-E12A-49EE-874C-42B9AE3BB82E}2013-11-30 11:22 - 2013-02-17 19:44 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-209102890-733556855-160672719-10032013-11-30 11:19 - 2013-02-17 22:57 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-11-30 11:18 - 2013-02-17 22:57 - 00000900 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2013-11-30 11:17 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT2013-11-30 11:16 - 2013-08-22 06:25 - 02097152 ___SH C:\WINDOWS\system32\config\BBI2013-11-30 11:15 - 2013-11-28 20:54 - 00000000 ____D C:\AdwCleaner2013-11-30 11:15 - 2013-02-17 22:24 - 00001068 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk2013-11-30 11:14 - 2013-02-17 23:25 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job2013-11-30 11:01 - 2013-11-30 11:01 - 01091882 _____ C:\Users\Mom\Downloads\AdwCleaner(1).exe2013-11-30 11:00 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\sru2013-11-28 22:22 - 2013-11-28 22:22 - 00041414 _____ C:\Users\Mom\Desktop\HitmanPro_20131128_2222.log2013-11-28 22:22 - 2013-11-28 22:11 - 00000000 ____D C:\ProgramData\HitmanPro2013-11-28 22:11 - 2013-11-28 22:10 - 10264904 _____ (SurfRight B.V.) C:\Users\Mom\Downloads\HitmanPro_x64.exe2013-11-28 22:01 - 2013-11-28 22:01 - 00001399 _____ C:\Users\Mom\Desktop\JRT.txt2013-11-28 21:54 - 2013-11-28 21:54 - 00000000 ____D C:\WINDOWS\ERUNT2013-11-28 21:53 - 2013-11-28 21:52 - 01034531 _____ (Thisisu) C:\Users\Mom\Downloads\JRT.exe2013-11-28 21:44 - 2013-11-14 17:19 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Uniblue2013-11-28 20:53 - 2013-11-28 20:53 - 01091882 _____ C:\Users\Mom\Downloads\adwcleaner.exe2013-11-28 20:31 - 2013-08-22 07:46 - 00367602 _____ C:\WINDOWS\setupact.log2013-11-28 20:20 - 2013-11-26 01:57 - 00000000 ____D C:\Windows.old2013-11-28 19:28 - 2013-09-29 20:55 - 00009382 _____ C:\WINDOWS\PFRO.log2013-11-28 19:20 - 2013-07-01 01:31 - 00000000 ____D C:\Users\Mom\AppData\Local\NPE2013-11-28 19:12 - 2013-11-26 01:07 - 00000000 ____D C:\Users\Mom2013-11-28 19:01 - 2013-11-26 01:07 - 00000000 ____D C:\Users\Misty2013-11-28 13:36 - 2013-07-26 07:03 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-209102890-733556855-160672719-10012013-11-28 11:24 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness2013-11-28 11:15 - 2013-11-27 00:38 - 00000000 ___RD C:\Users\Misty\SkyDrive2013-11-27 19:15 - 2013-02-17 23:25 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater2013-11-27 19:14 - 2013-02-17 20:23 - 00000000 ____D C:\Users\Mom\AppData\Local\Adobe2013-11-27 19:13 - 2013-11-27 19:11 - 00000000 ____D C:\Users\Mom\Desktop\amber2013-11-27 19:13 - 2013-11-17 13:27 - 00000000 ____D C:\Users\Mom\Desktop\UNT2013-11-27 19:12 - 2013-11-27 19:11 - 00000000 ____D C:\Users\Mom\Desktop\Desktop Misc Docs2013-11-27 19:12 - 2013-11-27 19:10 - 00000000 ____D C:\Users\Mom\Desktop\Desktop 4 AZVA_Insight2013-11-27 19:11 - 2013-09-29 21:04 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI2013-11-27 17:40 - 2013-02-17 19:35 - 00000000 ____D C:\Users\Mom\AppData\Local\Packages2013-11-27 00:42 - 2013-07-21 22:26 - 00000860 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-209102890-733556855-160672719-1003Core.job2013-11-27 00:38 - 2013-07-26 06:18 - 00000000 ____D C:\Users\Misty\AppData\Local\Packages2013-11-27 00:36 - 2013-09-23 15:07 - 00051712 ___SH C:\Users\Misty\Desktop\Thumbs.db2013-11-27 00:35 - 2013-07-26 06:20 - 00000000 ___RD C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-11-27 00:35 - 2013-07-26 06:20 - 00000000 ___RD C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-11-27 00:34 - 2013-11-27 00:34 - 00000608 __RSH C:\Users\Misty\ntuser.pol2013-11-27 00:34 - 2013-11-27 00:34 - 00000020 ___SH C:\Users\Misty\ntuser.ini2013-11-26 21:20 - 2013-11-26 01:58 - 00000000 ___DC C:\WINDOWS\Panther2013-11-26 21:06 - 2013-11-26 01:35 - 00000604 __RSH C:\Users\Mom\ntuser.pol2013-11-26 21:04 - 2012-07-26 01:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP2013-11-26 13:51 - 2013-11-26 13:51 - 00000000 ____D C:\Program Files\Level Quality Watcher2013-11-26 09:39 - 2013-03-24 13:26 - 00000000 ____D C:\Users\Mom\AppData\Local\CrashDumps2013-11-26 09:38 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\restore2013-11-26 02:05 - 2013-11-26 02:05 - 00000000 ___RD C:\Users\Mom\Documents\Notes2013-11-26 01:57 - 2013-11-26 01:57 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll2013-11-26 01:57 - 2013-11-26 01:57 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll2013-11-26 01:57 - 2013-08-22 08:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template2013-11-26 01:56 - 2013-11-26 01:56 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll2013-11-26 01:56 - 2013-11-26 01:56 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll2013-11-26 01:56 - 2013-11-26 01:56 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll2013-11-26 01:56 - 2013-11-26 01:56 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll2013-11-26 01:56 - 2013-11-26 01:56 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll2013-11-26 01:56 - 2013-11-26 01:56 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll2013-11-26 01:56 - 2013-11-26 01:56 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll2013-11-26 01:56 - 2013-11-26 01:56 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll2013-11-26 01:56 - 2013-11-26 01:56 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll2013-11-26 01:56 - 2013-11-26 01:56 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll2013-11-26 01:56 - 2013-08-22 08:36 - 00000000 ___RD C:\WINDOWS\ToastData2013-11-26 01:56 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Camera2013-11-26 01:55 - 2013-11-26 01:55 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll2013-11-26 01:55 - 2013-11-26 01:55 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll2013-11-26 01:55 - 2013-11-26 01:55 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll2013-11-26 01:55 - 2013-11-26 01:55 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll2013-11-26 01:55 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\WinStore2013-11-26 01:55 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\migwiz2013-11-26 01:55 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions2013-11-26 01:54 - 2013-11-26 01:54 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2013-11-26 01:54 - 2013-11-26 01:54 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2013-11-26 01:54 - 2013-11-26 01:54 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2013-11-26 01:54 - 2013-11-26 01:54 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2013-11-26 01:54 - 2013-11-26 01:54 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe2013-11-26 01:54 - 2013-11-26 01:54 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll2013-11-26 01:54 - 2013-11-26 01:54 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll2013-11-26 01:54 - 2013-11-26 01:54 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll2013-11-26 01:54 - 2013-11-26 01:54 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2013-11-26 01:54 - 2013-11-26 01:54 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll2013-11-26 01:54 - 2013-11-26 01:54 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll2013-11-26 01:54 - 2013-11-26 01:54 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll2013-11-26 01:54 - 2013-11-26 01:54 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2013-11-26 01:54 - 2013-11-26 01:54 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe2013-11-26 01:54 - 2013-11-26 01:54 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe2013-11-26 01:54 - 2013-11-26 01:54 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl2013-11-26 01:54 - 2013-11-26 01:54 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl2013-11-26 01:54 - 2013-11-26 01:54 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys2013-11-26 01:54 - 2013-11-26 01:54 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml2013-11-26 01:54 - 2013-11-26 01:54 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS2013-11-26 01:54 - 2013-11-26 01:54 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe2013-11-26 01:54 - 2013-11-26 01:54 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll2013-11-26 01:54 - 2013-11-26 01:54 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys2013-11-26 01:54 - 2013-11-26 01:54 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll2013-11-26 01:52 - 2013-11-26 01:52 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll2013-11-26 01:52 - 2013-11-26 01:52 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll2013-11-26 01:52 - 2013-11-26 01:52 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL2013-11-26 01:52 - 2013-11-26 01:52 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL2013-11-26 01:52 - 2013-11-26 01:52 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys2013-11-26 01:52 - 2013-11-26 01:52 - 00000000 ____D C:\Users\Mom\AppData\Local\Intel_Corporation2013-11-26 01:51 - 2013-11-26 01:51 - 00262144 _____ C:\WINDOWS\system32\config\userdiff2013-11-26 01:48 - 2013-11-26 01:48 - 00000000 ____D C:\Program Files\Reference Assemblies2013-11-26 01:48 - 2013-11-26 01:48 - 00000000 ____D C:\Program Files\MSBuild2013-11-26 01:48 - 2013-11-26 01:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies2013-11-26 01:48 - 2013-11-26 01:48 - 00000000 ____D C:\Program Files (x86)\MSBuild2013-11-26 01:47 - 2013-11-26 01:47 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys2013-11-26 01:42 - 2013-11-26 01:42 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus2013-11-26 01:37 - 2013-11-26 01:37 - 00001449 _____ C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-11-26 01:37 - 2013-02-17 19:38 - 00000000 ___RD C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-11-26 01:37 - 2013-02-17 19:38 - 00000000 ___RD C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-11-26 01:36 - 2012-10-30 19:45 - 00003218 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration2013-11-26 01:35 - 2013-11-26 01:35 - 00000020 ___SH C:\Users\Mom\ntuser.ini2013-11-26 01:34 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache2013-11-26 01:31 - 2013-11-26 01:31 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat2013-11-26 01:31 - 2013-11-26 01:06 - 00043818 _____ C:\WINDOWS\diagwrn.xml2013-11-26 01:31 - 2013-11-26 01:06 - 00043818 _____ C:\WINDOWS\diagerr.xml2013-11-26 01:31 - 2013-11-26 00:05 - 00006593 _____ C:\WINDOWS\comsetup.log2013-11-26 01:31 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Registration2013-11-26 01:25 - 2013-08-22 08:36 - 00000000 __RSD C:\WINDOWS\Media2013-11-26 01:25 - 2013-08-22 08:36 - 00000000 __RHD C:\Users\Public\Libraries2013-11-26 01:22 - 2013-11-26 01:07 - 00000000 ____D C:\Users\misty_0002013-11-26 01:19 - 2013-08-22 07:44 - 00474080 _____ C:\WINDOWS\system32\FNTCACHE.DAT2013-11-26 01:17 - 2013-11-13 02:28 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR2013-11-26 01:17 - 2013-11-08 19:16 - 00000000 ____D C:\WINDOWS\system32\STRING2013-11-26 01:17 - 2013-09-29 20:51 - 00000000 ____D C:\WINDOWS\ShellNew2013-11-26 01:17 - 2013-09-29 20:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep2013-11-26 01:17 - 2013-09-28 16:14 - 00000000 ____D C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR2013-11-26 01:17 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep2013-11-26 01:17 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\tr2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\sv2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\sk2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\ru2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\pt2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\pl2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\no2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\nl2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\it2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\hu2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\fr2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\fi2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\es2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\el2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\de2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\da2013-11-26 01:17 - 2012-10-30 19:38 - 00000000 ____D C:\WINDOWS\system32\cs2013-11-26 01:17 - 2012-10-30 19:25 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e2013-11-26 01:17 - 2012-09-10 23:50 - 00000000 ____D C:\WINDOWS\en2013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\KODAK AiO Home Center1488319482013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help2013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default\AppData\Local\Eastman_Kodak_Company2013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center1488319482013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help2013-11-26 01:14 - 2013-11-26 01:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Eastman_Kodak_Company2013-11-26 01:14 - 2013-09-29 20:48 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN2013-11-26 01:14 - 2013-09-29 20:48 - 00000000 ____D C:\WINDOWS\system32\WCN2013-11-26 01:14 - 2013-08-22 08:37 - 00004893 _____ C:\WINDOWS\DtcInstall.log2013-11-26 01:14 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI2013-11-26 01:14 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz2013-11-26 01:14 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME2013-11-26 01:14 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\spool2013-11-26 01:14 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\NDF2013-11-26 01:14 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\MUI2013-11-26 01:14 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\IME2013-11-26 01:14 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI2013-11-26 01:14 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\system32\oobe2013-11-26 01:14 - 2013-03-30 11:57 - 00000000 ____D C:\WINDOWS\system32\kodak2013-11-26 01:14 - 2012-10-30 19:32 - 00000000 ____D C:\WINDOWS\SysWOW64\SDA2013-11-26 01:14 - 2012-07-25 22:37 - 00000000 ____D C:\Users\Default.migrated2013-11-26 01:13 - 2013-11-08 19:17 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information2013-11-26 01:13 - 2013-08-22 08:43 - 00000000 ____D C:\WINDOWS\DigitalLocker2013-11-26 01:13 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\Help2013-11-26 01:13 - 2012-09-10 23:35 - 00000000 ____D C:\ProgramData\PRICache2013-11-26 01:12 - 2013-11-26 01:01 - 00000000 ____D C:\Program Files (x86)\Intel2013-11-26 01:12 - 2013-08-22 08:36 - 00000000 __SHD C:\Program Files\Windows Sidebar2013-11-26 01:12 - 2013-08-22 08:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar2013-11-26 01:12 - 2013-08-22 08:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared2013-11-26 01:10 - 2013-11-26 01:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate2013-11-26 01:10 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Recovery2013-11-26 01:09 - 2013-11-26 01:07 - 00000000 ___RD C:\Users\Mom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2013-11-26 01:09 - 2013-11-26 01:07 - 00000000 ___RD C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2013-11-26 01:08 - 2013-11-26 01:07 - 00000000 ___RD C:\Users\misty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2013-11-26 01:08 - 2013-11-26 01:07 - 00000000 ___RD C:\Users\misty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility2013-11-26 01:08 - 2013-07-24 16:57 - 00000000 ___RD C:\Users\misty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2013-11-26 01:08 - 2013-07-24 16:57 - 00000000 ___RD C:\Users\misty_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools2013-11-26 01:08 - 2013-07-24 16:55 - 00000000 ____D C:\Users\misty_000\AppData\Local\Packages2013-11-26 01:03 - 2013-11-26 01:58 - 00000000 __SHD C:\Recovery2013-11-26 01:01 - 2013-11-26 01:01 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____D C:\WINDOWS\system32\SRSLabs2013-11-26 01:01 - 2013-11-26 01:01 - 00000000 ____D C:\Program Files\Realtek2013-11-26 01:00 - 2013-11-26 01:00 - 00000000 ____D C:\Program Files\Synaptics2013-11-26 00:59 - 2013-08-22 06:36 - 00000000 __RHD C:\Users\Default2013-11-26 00:37 - 2013-07-21 22:26 - 00003854 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-209102890-733556855-160672719-1003UA2013-11-26 00:37 - 2013-07-21 22:26 - 00003474 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-209102890-733556855-160672719-1003Core2013-11-26 00:37 - 2013-02-17 19:34 - 02041078 _____ C:\WINDOWS\WindowsUpdate (1).log2013-11-25 23:32 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent2013-11-23 21:47 - 2013-11-23 21:47 - 00000523 _____ C:\Users\Mom\Downloads\tandf_wtsq2028_464.ris2013-11-23 21:47 - 2013-11-23 21:47 - 00000424 _____ C:\Users\Mom\Downloads\tandf_wtsq2028_464.bib2013-11-22 23:02 - 2013-11-22 23:02 - 00456593 _____ C:\Users\Mom\Downloads\DLreview_M_Sanders.dotx2013-11-22 23:01 - 2013-11-20 10:09 - 00456605 _____ C:\Users\Mom\Downloads\SLIS5740_DLreview_Template.dotx2013-11-21 20:47 - 2013-11-21 20:47 - 00001794 _____ C:\Users\Public\Desktop\iTunes.lnk2013-11-21 20:47 - 2013-11-21 20:45 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-11-21 20:47 - 2013-11-21 20:45 - 00000000 ____D C:\Program Files\iTunes2013-11-21 20:47 - 2013-11-21 20:45 - 00000000 ____D C:\Program Files (x86)\iTunes2013-11-21 20:46 - 2013-11-21 20:46 - 00000000 ____D C:\Program Files\iPod2013-11-18 17:03 - 2013-11-18 17:03 - 00000000 ___HD C:\ProgramData\CanonIJEGV2013-11-18 16:59 - 2013-11-18 16:59 - 00000000 ___HD C:\ProgramData\CanonIJScan2013-11-18 16:59 - 2013-11-08 19:25 - 00000000 ____D C:\Users\Mom\AppData\Roaming\Canon2013-11-17 23:39 - 2013-02-23 18:46 - 00364544 ___SH C:\Users\Mom\Desktop\Thumbs.db2013-11-17 20:24 - 2013-11-14 18:34 - 00000000 ____D C:\Users\Mom\AppData\Roaming\Real2013-11-17 13:40 - 2013-02-17 22:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service2013-11-15 21:09 - 2013-11-15 21:09 - 00000000 ____D C:\Users\Misty\Downloads\New folder2013-11-15 21:05 - 2013-08-14 16:16 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Apple Computer2013-11-15 20:58 - 2013-11-13 01:17 - 00000000 ____D C:\Users\Misty\AppData\Roaming\uTorrent2013-11-15 14:40 - 2013-11-15 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2013-11-15 13:38 - 2013-07-24 16:57 - 00000000 ____D C:\Users\misty_000\AppData\Local\TOSHIBA2013-11-15 12:45 - 2013-11-15 12:45 - 00000000 ____D C:\Users\misty_000\AppData\Roaming\Real2013-11-15 12:45 - 2013-11-15 12:45 - 00000000 ____D C:\Users\misty_000\AppData\Roaming\Canon2013-11-14 19:58 - 2012-09-10 23:44 - 00000000 ____D C:\ProgramData\Norton2013-11-14 19:46 - 2013-11-14 15:51 - 00000000 ____D C:\Users\Misty\AppData\Local\The Weather Channel2013-11-14 19:34 - 2013-11-14 19:34 - 00000000 ____D C:\Users\Mom\AppData\Roaming\DAEMON Tools Lite2013-11-14 18:35 - 2013-11-14 18:35 - 00000000 ____D C:\Users\Mom\AppData\Roaming\RealNetworks2013-11-14 17:41 - 2013-11-14 17:08 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite2013-11-14 17:41 - 2013-07-26 06:19 - 00001643 _____ C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-11-14 17:36 - 2013-11-14 17:09 - 00000000 ____D C:\Users\Misty\AppData\Roaming\DAEMON Tools Lite2013-11-14 17:22 - 2013-11-13 02:35 - 00000000 ____D C:\Users\Misty\AppData\Local\CRE2013-11-14 17:09 - 2013-07-31 20:14 - 00000000 ____D C:\Users\Misty\AppData\Local\CrashDumps2013-11-14 15:57 - 2013-11-14 15:57 - 00003334 _____ C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-209102890-733556855-160672719-10012013-11-14 15:57 - 2013-11-14 15:57 - 00000000 ____D C:\Users\Misty\AppData\Roaming\RealNetworks2013-11-14 15:57 - 2013-11-14 15:45 - 00000000 ____D C:\ProgramData\Real2013-11-14 15:55 - 2013-11-14 15:55 - 00001271 _____ C:\Users\Public\Desktop\RealPlayer.lnk2013-11-14 15:55 - 2013-11-14 15:55 - 00000000 ____D C:\Users\Misty\AppData\Local\Real2013-11-14 15:55 - 2013-11-14 15:52 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Real2013-11-14 15:54 - 2013-11-14 15:54 - 00272896 _____ (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll2013-11-14 15:54 - 2013-11-14 15:54 - 00201872 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll2013-11-14 15:54 - 2013-11-14 15:54 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll2013-11-14 15:54 - 2013-11-14 15:54 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll2013-11-14 15:54 - 2013-11-14 15:54 - 00000000 ____D C:\ProgramData\RealNetworks2013-11-14 15:54 - 2013-11-14 15:54 - 00000000 ____D C:\Program Files (x86)\RealNetworks2013-11-14 15:54 - 2013-11-14 15:54 - 00000000 ____D C:\Program Files (x86)\Real2013-11-14 15:54 - 2013-11-14 15:51 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll2013-11-14 15:54 - 2013-11-14 15:51 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll2013-11-14 15:35 - 2012-10-30 19:45 - 00000000 ____D C:\WINDOWS\system32\Drivers\NAVx642013-11-14 15:34 - 2013-11-13 15:57 - 00002408 _____ C:\Users\Public\Desktop\Norton AntiVirus.lnk2013-11-13 15:57 - 2012-10-30 19:45 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS2013-11-13 15:57 - 2012-10-30 19:45 - 00008222 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT2013-11-13 15:54 - 2012-10-30 19:45 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus2013-11-13 15:48 - 2013-11-13 15:48 - 00000000 ____D C:\Users\Public\Downloads\Norton2013-11-13 07:18 - 2013-11-13 07:18 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Malwarebytes2013-11-13 02:42 - 2013-07-31 16:51 - 00335872 ___SH C:\Users\Misty\Downloads\Thumbs.db2013-11-13 02:36 - 2013-11-13 02:36 - 00000000 ____D C:\Users\Misty\AppData\Local\NativeMessaging2013-11-13 02:34 - 2013-11-13 02:34 - 00000187 _____ C:\Users\Misty\Downloads\password.rar2013-11-13 02:33 - 2013-11-13 02:33 - 00001222 _____ C:\Users\Misty\Desktop\Create Amazing Presentations.lnk2013-11-13 02:33 - 2013-11-13 02:33 - 00001222 _____ C:\Users\Misty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk2013-11-13 02:33 - 2013-11-13 02:33 - 00000000 ____D C:\Users\Misty\AppData\Local\emaze2013-11-13 02:28 - 2013-11-13 02:28 - 00000000 ____D C:\Users\Misty\AppData\Roaming\WinRAR2013-11-13 01:18 - 2013-11-13 01:18 - 00016768 _____ C:\Users\Misty\Downloads\The.Sims.3 -RELOADED-.torrent2013-11-12 21:55 - 2013-02-17 21:08 - 00000000 ____D C:\ProgramData\Microsoft Help2013-11-12 21:53 - 2013-08-14 12:31 - 00000000 ____D C:\WINDOWS\system32\MRT2013-11-12 21:49 - 2013-02-17 20:06 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2013-11-12 21:21 - 2013-11-12 21:21 - 00000000 ____D C:\Users\Misty\AppData\Roaming\Canon2013-11-10 10:44 - 2013-11-10 10:44 - 00003506 _____ C:\WINDOWS\System32\Tasks\RunAsStdUser Task2013-11-10 10:44 - 2013-11-10 10:44 - 00000000 ____D C:\Users\Mom\AppData\Local\Chromium2013-11-10 10:42 - 2013-11-10 10:42 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2013-11-10 10:42 - 2013-11-10 10:42 - 00000000 ____D C:\Users\Mom\AppData\Roaming\Malwarebytes2013-11-10 10:42 - 2013-11-10 10:42 - 00000000 ____D C:\ProgramData\Malwarebytes2013-11-10 10:42 - 2013-11-10 10:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-10 10:41 - 2013-11-10 10:41 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Mom\Downloads\mbam-setup-1.75.0.1300.exe2013-11-10 10:33 - 2013-11-10 10:33 - 00003244 _____ C:\WINDOWS\System32\Tasks\{B79F186E-4032-4F60-9769-A585CB359316}2013-11-10 10:22 - 2013-11-10 10:22 - 00003244 _____ C:\WINDOWS\System32\Tasks\{BCF203B3-1B27-4265-A78F-D18B1E2E9A96}2013-11-08 19:25 - 2013-11-08 19:25 - 00000000 ___HD C:\ProgramData\CanonIJEPPEX22013-11-08 19:25 - 2013-11-08 19:25 - 00000000 ___HD C:\ProgramData\CanonEPP2013-11-08 19:25 - 2013-11-08 19:14 - 00000000 ____D C:\Program Files (x86)\Canon2013-11-08 19:22 - 2013-11-08 19:22 - 00000000 ___HD C:\ProgramData\CanonIJFAX2013-11-08 19:22 - 2013-11-08 19:22 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool2013-11-08 19:21 - 2013-11-08 19:21 - 00000000 ____D C:\Program Files\Common Files\CANON2013-11-08 19:20 - 2013-11-08 19:20 - 00002082 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk2013-11-08 19:20 - 2013-11-08 19:20 - 00000000 ____D C:\ProgramData\CanonIJWSpt2013-11-08 19:18 - 2013-11-08 19:18 - 00000000 ____D C:\Program Files\Canon2013-11-08 19:17 - 2013-11-08 19:17 - 00002361 _____ C:\Users\Public\Desktop\Canon MX430 series On-screen Manual.lnk2013-11-08 19:17 - 2013-11-08 19:17 - 00000000 ___HD C:\ProgramData\CanonBJ2013-11-08 19:16 - 2013-11-08 19:16 - 00000000 ___HD C:\Program Files\CanonBJ2013-11-08 17:55 - 2013-11-08 17:55 - 00800824 _____ (Microsoft Corporation) C:\Users\Mom\AppData\Roaming\DPInst.exe2013-11-08 17:55 - 2013-11-08 17:55 - 00106496 _____ (Microsoft Corporation) C:\Users\Mom\AppData\Roaming\gacutil.exe2013-11-08 17:55 - 2013-11-08 17:55 - 00036352 _____ (Microsoft Corporation) C:\Users\Mom\AppData\Roaming\PnPutil.exe2013-11-08 17:55 - 2013-03-30 11:55 - 00000000 ____D C:\Users\Mom\AppData\Local\Eastman_Kodak_Company2013-11-08 17:55 - 2013-02-17 21:00 - 00000000 ____D C:\ProgramData\Kodak2013-11-07 23:33 - 2013-11-07 23:33 - 00009717 _____ C:\Users\Mom\Downloads\nativeplayback (2).jnlp2013-11-07 23:29 - 2013-11-07 23:28 - 00009915 _____ C:\Users\Mom\Downloads\nativeplayback (1).jnlp2013-11-07 23:16 - 2013-11-07 23:15 - 00009915 _____ C:\Users\Mom\Downloads\nativeplayback.jnlp2013-11-05 22:59 - 2013-08-14 10:52 - 00000000 ____D C:\Users\Misty\Desktop\AZVA2013-11-05 16:31 - 2013-08-22 08:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe2013-11-05 16:31 - 2013-08-22 08:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl2013-11-01 15:24 - 2013-11-01 15:24 - 00000000 ____D C:\ProgramData\Oracle2013-11-01 15:23 - 2013-11-01 15:23 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe2013-11-01 15:23 - 2013-11-01 15:23 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe2013-11-01 15:23 - 2013-11-01 15:23 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe2013-11-01 15:23 - 2013-11-01 15:23 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll2013-10-31 14:50 - 2013-10-31 14:50 - 00000000 ____D C:\ProgramData\HP Files to move or delete:====================C:\Users\Mom\jagex_cl_loginapplet_LIVE.datC:\Users\Mom\jagex_cl_runescape_LIVE.datC:\Users\Mom\random.dat Some content of TEMP:====================C:\Users\Mom\AppData\Local\Temp\HitmanPro.exeC:\Users\Mom\AppData\Local\Temp\install_flashplayer11x32au_mssd_aaa_aih_1.exeC:\Users\Mom\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-26 00:59 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2013Ran by Mom at 2013-11-30 11:43:03Running from C:\Users\Mom\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ========================AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202} ==================== Installed Programs ====================== Adobe Digital Editions 2.0 (x32 Version: 2.0)Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)Adobe Reader X (10.1.8) (x32 Version: 10.1.8)Apple Application Support (x32 Version: 2.3.6)Apple Mobile Device Support (Version: 7.0.0.117)Apple Software Update (x32 Version: 2.1.3.127)Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7)Bejeweled 3 (x32 Version: 2.2.0.97)Blackboard IM 4.1.0-C (x32 Version: 4.1.0-C)Bonjour (Version: 3.0.0.10)Canon Easy-PhotoPrint EX (x32)Canon Easy-WebPrint EX (x32 Version: 1.3.5.0)Canon IJ Network Scanner Selector EX (x32)Canon IJ Network Tool (x32)Canon MP Navigator EX 5.1 (x32)Canon MX430 series MP DriversCanon MX430 series On-screen Manual (x32)Canon MX430 series User Registration (x32)Canon My Printer (x32)Canon Solution Menu EX (x32)Canon Speed Dial Utility (x32)D3DX10 (x32 Version: 15.4.2368.0902)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)ExamGuard (x32 Version: 1.02.0001)Farmscapes (x32 Version: 2.2.0.98)FATE (x32 Version: 2.2.0.97)GIMP 2.8.6 (Version: 2.8.6)Google Chrome (x32 Version: 27.0.1453.116)Google Earth (x32 Version: 7.1.1.1580)Google Talk Plugin (x32 Version: 4.2.1.14031)Google Update Helper (x32 Version: 1.3.21.165)iCloud (Version: 3.0.2.163)Intel PROSet WirelessIntel® Management Engine Components (x32 Version: 8.1.0.1252)Intel® Processor Graphics (x32 Version: 10.18.10.3308)Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.5.6.0460)Intel® Rapid Storage Technology (x32 Version: 11.5.2.1001)Intel® SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)Intel® WiDi (Version: 3.5.41.0)Intel® PROSet/Wireless WiFi Software (Version: 15.05.6000.1657)Intel® Trusted Connect Service Client (Version: 1.24.388.1)iTunes (Version: 11.1.3.8)Java 7 Update 45 (x32 Version: 7.0.450)Java Auto Updater (x32 Version: 2.1.9.8)JMicron Flash Media Controller Driver (x32 Version: 1.0.72.4)Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Professional 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000)Microsoft Silverlight (Version: 5.1.20913.0)Microsoft SkyDrive (HKCU Version: 17.0.2006.0314)Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)Movie Maker (x32 Version: 16.4.3503.0728)Mozilla Firefox 25.0.1 (x86 en-US) (x32 Version: 25.0.1)Mozilla Maintenance Service (x32 Version: 25.0.1)MSVCRT (x32 Version: 15.4.2862.0708)MSVCRT110 (x32 Version: 16.4.1108.0727)MSVCRT110_amd64 (Version: 16.4.1108.0727)Norton AntiVirus (x32 Version: 21.1.0.18)Norton PC Checkup (x32 Version: 2.0.18.15)Norton Security Dashboard (x32 Version: 1.1.1.9)Origin (x32 Version: 8.6.3.49)OverDrive Media Console (x32 Version: 3.2.20)Penguins! (x32 Version: 2.2.0.98)Photo Common (x32 Version: 16.4.3503.0728)Photo Gallery (x32 Version: 16.4.3503.0728)Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)PlayReady PC Runtime amd64 (Version: 1.3.0)PlayReady PC Runtime x86 (x32 Version: 1.3.0)Polar Bowler (x32 Version: 2.2.0.97)PreReq (x32 Version: 6.2.4.0)PrintProjects (x32 Version: 1.0.0.9282)QuickShare (x32 Version: 1.148.60.12560)QuickTime (x32 Version: 7.74.80.86)RealDownloader (x32 Version: 1.3.3)RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)RealPlayer (x32 Version: 16.0.3)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6794)RealUpgrade 1.1 (x32 Version: 1.1.0)ScorpionSaver (x32 Version: 1.0.0.0) <==== ATTENTIONService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)Skype™ 6.7 (x32 Version: 6.7.102)SRS Premium Sound Control Panel (Version: 1.12.4700)Synaptics Pointing Device Driver (Version: 16.2.10.5)TOSHIBA Application Installer (x32 Version: 9.0.1.4)Toshiba Book Place (x32 Version: 3.3.9679)TOSHIBA Desktop Assist (Version: 1.00.0007.00002)TOSHIBA eco Utility (Version: 2.0.0.6415)TOSHIBA Function Key (Version: 1.00.6425)TOSHIBA HDD Protection (Version: 2.5.1.1)TOSHIBA Password Utility (Version: 0.0.64.19B)TOSHIBA PC Health Monitor (Version: 1.8.17.640104)TOSHIBA Quality Application (x32 Version: 1.0.8)TOSHIBA Recovery Media Creator (x32 Version: 2.2.0.54043005)TOSHIBA Resolution+ Plug-in for Windows Media Player (x32 Version: 1.2.2.00)TOSHIBA Service Station (Version: 2.6.8)TOSHIBA System Driver (x32 Version: 1.00.0012)TOSHIBA System Settings (x32 Version: 1.00.0002.32002)TOSHIBA User's Guide (x32 Version: 1.00.02)TOSHIBA VIDEO PLAYER (Version: 5.3.18.82 )TOSHIBARegistration (x32 Version: 1.1.6)Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)Update for Microsoft en-us Dictionary (Version: 16.1.627.1)Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)Update Installer for WildTangent Games App (x32)Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97)WildTangent Games (x32 Version: 1.0.3.0)WildTangent Games App (Toshiba Games) (x32 Version: 4.0.10.15)Windows Live Communications Platform (x32 Version: 16.4.3503.0728)Windows Live Essentials (x32 Version: 16.4.3503.0728)Windows Live Installer (x32 Version: 16.4.3503.0728)Windows Live Photo Common (x32 Version: 16.4.3503.0728)Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)Windows Live SOXE (x32 Version: 16.4.3503.0728)Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)Windows Live UX Platform (x32 Version: 16.4.3503.0728)Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)WinRAR 5.00 (64-bit) (Version: 5.00.0) ==================== Restore Points ========================= 26-11-2013 16:38:24 Removed ScorpionSaver29-11-2013 02:51:47 Removed ScorpionSaver Services==================== Hosts content: ==========================2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTaskTask: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTaskTask: {072BF131-A4C4-42CD-83E4-BFA8636FBF57} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)Task: {19AE4487-547A-44D2-BFB0-E65C439E8F58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-209102890-733556855-160672719-1003UA => C:\Users\Mom\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-11] (Google Inc.)Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulateTask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)Task: {3883AAFF-50D0-4351-AE30-1A3607668FC0} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)Task: {4025EC7E-4525-4509-89A0-904695C1B576} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalanceTask: {66457ADE-206A-4561-9A9C-5673302A7810} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play CleanupTask: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance TaskTask: {71334A22-8707-4738-8A46-9F591A661BCC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {8338D8BD-5830-4B22-911F-E898BE1716A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-17] (Google Inc.)Task: {8485C157-A743-40BE-AC83-A14A8929B3E5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance TaskTask: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-29] (Microsoft Corporation)Task: {8ED6C6CD-F6C7-471F-8A25-51456BE6AD34} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.8.0.32\SymErr.exeTask: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance WorkTask: {C3E4B186-C2AE-489A-8767-D2E70F4973E7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {C46EFB37-B63C-4E0C-A9B8-2213C227069D} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.8.0.32\SymErr.exeTask: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTaskTask: {D41FAB46-2745-4154-B844-1F529C39DB61} - System32\Tasks\RunAsStdUser Task => C:\Users\Mom\AppData\Local\Oxy\Application\oxy.exeTask: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon SynchronizationTask: {E1C809CB-BEAF-4872-8CD9-1B2CDC31141B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-209102890-733556855-160672719-1001 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRETask: {E760B798-E78C-4D34-80BC-9C40AFB7592D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-209102890-733556855-160672719-1003Core => C:\Users\Mom\AppData\Local\Google\Update\GoogleUpdate.exe [2013-07-11] (Google Inc.)Task: {EC9A6F32-FFBC-44AB-BEDC-F77726A8D0DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-27] (Adobe Systems Incorporated)Task: {F146DA2A-38CF-4F42-BE05-EAB2E056A02A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-17] (Google Inc.)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-209102890-733556855-160672719-1003Core.job => C:\Users\Mom\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-209102890-733556855-160672719-1003UA.job => C:\Users\Mom\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe==================== Loaded Modules (whitelisted) =============2013-09-21 03:22 - 2013-09-21 03:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll2012-07-18 18:38 - 2012-07-18 18:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll2012-08-13 19:13 - 2012-08-13 19:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll2013-01-28 11:08 - 2013-01-28 11:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2013-01-28 11:08 - 2013-01-28 11:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2012-10-30 19:20 - 2012-06-26 01:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll2013-11-15 14:40 - 2013-11-15 14:40 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Misty\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => ""="service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakWFP => ""="Driver"==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (11/30/2013 09:21:05 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (11/30/2013 00:09:26 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1094 Error: (11/30/2013 00:09:26 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1094Error: (11/30/2013 00:09:26 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/30/2013 00:09:24 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (11/29/2013 11:31:06 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2655000 Error: (11/29/2013 11:31:06 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2655000Error: (11/29/2013 11:31:06 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/29/2013 10:00:11 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 5875Error: (11/29/2013 10:00:11 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 5875 System errors:=============Error: (11/30/2013 11:20:13 AM) (Source: DCOM) (User: NT AUTHORITY)Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (11/30/2013 10:00:29 AM) (Source: DCOM) (User: NT AUTHORITY)Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/30/2013 09:22:04 AM) (Source: DCOM) (User: Misty)Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/30/2013 09:21:34 AM) (Source: DCOM) (User: Misty)Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}Error: (11/30/2013 08:02:39 AM) (Source: DCOM) (User: Misty)Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/29/2013 05:34:47 PM) (Source: DCOM) (User: NT AUTHORITY)Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/28/2013 09:49:57 PM) (Source: DCOM) (User: NT AUTHORITY)Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (11/28/2013 09:45:58 PM) (Source: DCOM) (User: Misty)Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}Error: (11/28/2013 09:44:58 PM) (Source: DCOM) (User: Misty)Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (11/28/2013 09:44:57 PM) (Source: DCOM) (User: Misty)Description: 1084WSearchUnavailable{9E175B6D-F52A-11D8-B9A5-505054503030} Microsoft Office Sessions:=========================Error: (11/30/2013 09:21:05 AM) (Source: SideBySide)(User: )Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exeError: (11/30/2013 00:09:26 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1094 Error: (11/30/2013 00:09:26 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 1094Error: (11/30/2013 00:09:26 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/30/2013 00:09:24 AM) (Source: SideBySide)(User: )Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exeError: (11/29/2013 11:31:06 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2655000 Error: (11/29/2013 11:31:06 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 2655000Error: (11/29/2013 11:31:06 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/29/2013 10:00:11 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 5875Error: (11/29/2013 10:00:11 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 5875 ==================== Memory info ===========================Percentage of memory in use: 43%Total physical RAM: 3997.84 MBAvailable physical RAM: 2267.21 MBTotal Pagefile: 5405.84 MBAvailable Pagefile: 3598.79 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.79 MB==================== Drives ================================Drive c: (TI10650100G) (Fixed) (Total:455.22 GB) (Free:407.53 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 466 GB) (Disk ID: 00000000) Partition: GPT Partition Type==================== End Of Log ============================ Link to post Share on other sites More sharing options...
MrCharlie Posted November 30, 2013 ID:759499 Share Posted November 30, 2013 Download the attached fixlist.txt to the same folder as FRST. Run FRST.exe and click Fix only once and wait The tool will create a log (Fixlog.txt) in the folder, please post it to your reply. Then...... Re-scan with AdwCleaner and Malwarebytes, that should wipe it all out. Let me know...MrC Link to post Share on other sites More sharing options...
mymonsters5 Posted November 30, 2013 Author ID:759519 Share Posted November 30, 2013 Here you go. Hopefully it's gone.AdwCleanerR2.txtfrst fix log.txtmbam-log-2013-11-30 (13-43-44).txt Link to post Share on other sites More sharing options...
mymonsters5 Posted November 30, 2013 Author ID:759558 Share Posted November 30, 2013 Should the program be still showing in programs and features in the control panel? It is still there. Link to post Share on other sites More sharing options...
MrCharlie Posted December 1, 2013 ID:759620 Share Posted December 1, 2013 No, it's just a left over registry entry, lets see if we can find it:Please download SystemLook from the link below and save it to your Desktop.http://jpshortstuff.247fixes.com/SystemLook_x64.exeDouble-click SystemLook.exe to run it.Copy the content of the following codebox into the main textfield::regfindScorpionClick the Look button to start the scan.When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.Note: The log can also be found on your Desktop entitled SystemLook.txtMrC Link to post Share on other sites More sharing options...
mymonsters5 Posted December 1, 2013 Author ID:759636 Share Posted December 1, 2013 DoneSystemLook.txt Link to post Share on other sites More sharing options...
MrCharlie Posted December 1, 2013 ID:759669 Share Posted December 1, 2013 Please back up the registry with ERUNT before continuing: http://www.geekstogo.com/forum/topic/208859-backing-up-the-registry-using-erunt/ Now download and unzip the attached FXX.zip (FXX.reg) Now double click on it (FXX.reg) and allow it to merge into the registry. Reboot and it should be gone, MrC Link to post Share on other sites More sharing options...
mymonsters5 Posted December 1, 2013 Author ID:759752 Share Posted December 1, 2013 Thanks MrCharlie. It is finally gone. Can I safely delete any of the programs you had me install now? I shouldn't need them anymore other than malewarebytes? Especially Erunt because it didn't actuallybackup my registry like it was supposed to because I have windows 8 so I'm glad there wasn't any major issues. I should have said something before running it when I saw it was for older versions. Link to post Share on other sites More sharing options...
MrCharlie Posted December 1, 2013 ID:759837 Share Posted December 1, 2013 OK, sorry about ERUNT.....I missed the W8 operating system! A little clean up to do.... Please download OTC to your desktop. (This will clean up most of the tools and logs) http://oldtimer.geekstogo.com/OTC.exe Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator") Click on the CleanUp! button and follow the prompts. (If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.) You will be asked to reboot the machine to finish the Cleanup process, choose Yes. After the reboot all the tools we used should be gone. Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind. Any other programs or logs you can manually delete. IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall. Note: If you used FRST and can't delete the quarantine folder: Download the fixlist.txt to the same folder as FRST.exe. Run FRST.exe and click Fix only once and wait That will delete the quarantine folder created by FRST. The rest you can manually delete. ------------------------------- Any questions...please post back. If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed. Take a look at My Preventive Maintenance to avoid being infected again. Good Luck and Thanks for using the forum, MrC Link to post Share on other sites More sharing options...
Maurice Naggar Posted December 3, 2013 ID:760365 Share Posted December 3, 2013 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts