Jump to content

Need help for Noob


Recommended Posts

Ok, I had a business associate send us a link through Sendspace. After that, starting getting pop ups whenever we would access the internet. Have resolved that by uninstalling and reinstalling Firefox. But still have a pop up asking to open a F.txt folder and keep getting Malware showing it is blocking website 162.210.192.14.

 

Here are the FRST results: But have no idea what to do next.

Malware is current.

Using Microsoft Security Essentials (thought Trend Micro was good until you try to say goodbye)

Tried spybot to no avail.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Jeff (administrator) on JEFF-PC on 26-06-2014 15:34:28
Running from C:\Users\Jeff\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Alcatel-Lucent) C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\MAHostService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Joyent, Inc) C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\node.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TheGreenBow) C:\Windows\SysWOW64\TgbStarter.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [495616 2012-07-27] (MSI)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3281359548-2077814116-1618568933-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-09-29] (Google Inc.)
HKU\S-1-5-21-3281359548-2077814116-1618568933-1000\...\MountPoints2: J - J:\VZW_Software_upgrade_assistant.exe
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

BHO: Adblocker - {7D0B9976-295C-8484-F27C-F77E6637A7A0} - C:\Program Files (x86)\Adblocker\LDno.x64.dll No File
BHO: save oN - {98F33509-56FE-A847-7D67-8708F327110E} - C:\Program Files (x86)\save oN\wB_hQQ.x64.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\38b6wo2f.default-1403295391412
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\npMotive.dll (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Extension: Motive Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\mcciwbch@motive.com.xpi [2014-06-18]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
CHR Extension: (Google Docs) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-29]
CHR Extension: (Google Drive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-29]
CHR Extension: (YouTube) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-29]
CHR Extension: (TrendMicro BEP Extension) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee [2013-09-29]
CHR Extension: (Google Search) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-29]
CHR Extension: (Motive Extension) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2014-03-24]
CHR Extension: (savve on) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcmebfnfkcpmbhabangeppabhfblellp [2014-06-18]
CHR Extension: (Adblocker) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mofmadjokonpeandfpfadfggaakhlhjl [2014-06-18]
CHR Extension: (Google Wallet) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-29]
CHR Extension: (Gmail) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-29]
CHR Extension: (savve on) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcmebfnfkcpmbhabangeppabhfblellp\2.14 [2014-06-18]
CHR HKLM-x32\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files (x86)\Common Files\Motive\extensions\MotiveRequest.crx [2014-03-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 AT&T Troubleshoot & Resolve; C:\Program Files (x86)\ATT\8.3.1.18\ma\bin\MAHostService.exe [321024 2013-12-02] (Alcatel-Lucent) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-05-16] (Macrovision Europe Ltd.) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [146984 2012-07-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [136704 2012-06-29] (MSI) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 pcCMService; C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [369152 2013-03-02] (Alcatel-Lucent) [File not signed]
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2013-03-02] (Alcatel-Lucent) [File not signed]
R2 psqlWGE; C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [436040 2013-01-08] (Pervasive Software Inc.)
S3 Sage 50 SmartPosting 2014; C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2014.exe [335664 2013-11-07] (Sage Software, Inc.)
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TgbIke Starter; C:\Windows\SysWOW64\TgbStarter.exe [239280 2012-03-21] (TheGreenBow)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 TGBMPEnum; C:\Windows\System32\DRIVERS\TGBMPEnum.sys [40624 2012-03-21] (TheGreenBow)
S3 TGBVPNVirtM; C:\Windows\System32\DRIVERS\TGBVPNVirtM.sys [140976 2012-03-21] (TheGreenBow)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-06-26] ()
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 yeddef64; System32\Drivers\yeddef64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-26 15:34 - 2014-06-26 15:34 - 00017354 _____ () C:\Users\Jeff\Downloads\FRST.txt
2014-06-26 15:33 - 2014-06-26 15:33 - 02082816 _____ (Farbar) C:\Users\Jeff\Downloads\FRST64.exe
2014-06-26 14:52 - 2014-06-26 14:52 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-26 14:52 - 2014-06-26 14:52 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-26 14:52 - 2014-06-26 14:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-26 12:55 - 2014-06-26 13:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-26 12:55 - 2014-06-26 12:55 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-26 12:54 - 2014-06-26 13:12 - 00000000 ____D () C:\Users\Jeff\Desktop\mbar
2014-06-26 12:54 - 2014-06-26 12:54 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-26 12:45 - 2014-06-26 12:54 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Jeff\Downloads\mbar-1.07.0.1012.exe
2014-06-26 10:39 - 2014-06-26 10:39 - 29836648 _____ (Mozilla) C:\Users\Jeff\Downloads\Firefox Setup 30.0.exe
2014-06-26 08:08 - 2014-06-26 08:08 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-06-23 10:24 - 2014-06-23 10:25 - 00043125 _____ () C:\Users\Jeff\Downloads\Addition.txt
2014-06-23 10:23 - 2014-06-26 15:34 - 00000000 ____D () C:\FRST
2014-06-20 16:30 - 2014-06-20 16:30 - 00000000 ____D () C:\Users\Jeff\Desktop\Bids
2014-06-20 15:16 - 2014-06-20 15:16 - 00000000 ____D () C:\Users\Jeff\Desktop\Old Firefox Data
2014-06-20 09:42 - 2009-06-10 16:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140620-094226.backup
2014-06-20 09:07 - 2014-06-20 09:07 - 00000000 ____D () C:\Users\Jeff\Documents\ProcAlyzer Dumps
2014-06-20 08:18 - 2014-06-20 09:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 08:18 - 2014-06-20 08:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-20 08:18 - 2014-06-20 08:18 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 08:18 - 2014-06-20 08:18 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 08:18 - 2014-06-20 08:18 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-20 08:18 - 2014-06-20 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 08:18 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-06-20 08:16 - 2014-06-20 08:17 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Jeff\Downloads\spybot-2.3.exe
2014-06-19 14:45 - 2014-06-19 14:45 - 00000000 __SHD () C:\Users\Jeff\AppData\Local\EmieUserList
2014-06-19 14:45 - 2014-06-19 14:45 - 00000000 __SHD () C:\Users\Jeff\AppData\Local\EmieSiteList
2014-06-18 14:54 - 2014-06-18 14:54 - 42271797 _____ () C:\Users\Jeff\Desktop\Revised Building.zip
2014-06-18 14:54 - 2014-06-18 14:54 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\SendSpace
2014-06-18 14:53 - 2014-06-26 08:08 - 00000446 ____H () C:\Windows\Tasks\SO_Booster-S-996987125.job
2014-06-18 14:53 - 2014-06-19 17:08 - 00000000 ____D () C:\ProgramData\WorldAppIt
2014-06-18 14:53 - 2014-06-19 12:20 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-18 14:53 - 2014-06-18 14:53 - 00002692 _____ () C:\Windows\System32\Tasks\SO_Booster-S-996987125
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Packages
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\ProgramData\b0f0fb5ec32d2008
2014-06-18 14:52 - 2014-06-18 14:54 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-18 09:18 - 2014-06-26 14:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 05:06 - 2014-05-30 05:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 05:06 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 05:06 - 2014-05-30 05:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 05:06 - 2014-05-30 04:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 05:06 - 2014-05-30 04:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 05:06 - 2014-05-30 04:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 05:06 - 2014-05-30 04:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 05:06 - 2014-05-30 04:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 05:06 - 2014-05-30 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 05:06 - 2014-05-30 04:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 05:06 - 2014-05-30 04:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 05:06 - 2014-05-30 04:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 05:06 - 2014-05-30 04:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 05:06 - 2014-05-30 04:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 05:06 - 2014-05-30 04:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 05:06 - 2014-05-30 04:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 05:06 - 2014-05-30 04:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 05:06 - 2014-05-30 04:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 05:06 - 2014-05-30 03:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 05:06 - 2014-05-30 03:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 05:06 - 2014-05-30 03:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 05:06 - 2014-05-30 03:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 05:06 - 2014-05-30 03:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 05:06 - 2014-05-30 03:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 05:06 - 2014-05-30 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 05:06 - 2014-05-30 03:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 05:06 - 2014-05-30 03:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 05:06 - 2014-05-30 03:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 05:06 - 2014-05-30 03:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 05:06 - 2014-05-30 03:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 05:06 - 2014-05-30 03:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 05:06 - 2014-05-30 03:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 05:06 - 2014-05-30 03:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 05:06 - 2014-05-30 03:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 05:06 - 2014-05-30 03:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 05:06 - 2014-05-30 03:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 05:06 - 2014-05-30 03:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 05:06 - 2014-05-30 03:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 05:06 - 2014-05-30 03:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 05:06 - 2014-05-30 03:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 05:06 - 2014-05-30 02:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 05:06 - 2014-05-30 02:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 05:06 - 2014-05-30 02:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 05:06 - 2014-05-30 02:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 05:06 - 2014-05-30 02:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 05:06 - 2014-05-30 02:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 05:06 - 2014-05-30 02:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 05:06 - 2014-05-30 02:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 05:06 - 2014-05-30 02:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 05:06 - 2014-05-30 02:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 05:06 - 2014-05-30 02:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 05:06 - 2014-05-30 02:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 05:06 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 05:06 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 05:06 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 05:06 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 05:06 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 05:06 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 05:06 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 05:06 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 05:06 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 05:06 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 05:06 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 05:06 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 05:05 - 2014-06-08 04:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 05:05 - 2014-06-08 04:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 10:54 - 2014-06-10 10:57 - 00000000 ____D () C:\Users\Jeff\Desktop\Drummond
2014-06-03 15:33 - 2014-06-12 13:06 - 00000000 ____D () C:\Users\Jeff\Desktop\Trucks and Equipment
2014-05-30 14:53 - 2014-05-30 14:53 - 00000100 _____ () C:\Users\Jeff\AppData\Roaming\mbam.context.scan
2014-05-29 15:03 - 2014-05-29 15:16 - 25976245 _____ () C:\Users\Jeff\Downloads\Civil Drawings.zip
2014-05-29 15:03 - 2014-05-29 15:04 - 02372927 _____ () C:\Users\Jeff\Downloads\Supplemental Documents.zip
2014-05-29 14:49 - 2014-05-29 15:03 - 00000172 _____ () C:\Users\Jeff\Downloads\Fuel Drawings.zip

==================== One Month Modified Files and Folders =======

2014-06-26 15:34 - 2014-06-26 15:34 - 00017354 _____ () C:\Users\Jeff\Downloads\FRST.txt
2014-06-26 15:34 - 2014-06-23 10:23 - 00000000 ____D () C:\FRST
2014-06-26 15:34 - 2013-10-21 07:41 - 00000000 ____D () C:\Users\Jeff\Documents\Outlook Files
2014-06-26 15:33 - 2014-06-26 15:33 - 02082816 _____ (Farbar) C:\Users\Jeff\Downloads\FRST64.exe
2014-06-26 15:27 - 2013-10-06 10:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-26 15:24 - 2013-09-29 17:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-26 14:52 - 2014-06-26 14:52 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-26 14:52 - 2014-06-26 14:52 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-26 14:52 - 2014-06-26 14:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-26 14:52 - 2014-06-18 09:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-26 14:24 - 2013-09-29 17:47 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-26 13:12 - 2014-06-26 12:55 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-26 13:12 - 2014-06-26 12:54 - 00000000 ____D () C:\Users\Jeff\Desktop\mbar
2014-06-26 12:55 - 2014-06-26 12:55 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-26 12:54 - 2014-06-26 12:54 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-26 12:54 - 2014-06-26 12:45 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Jeff\Downloads\mbar-1.07.0.1012.exe
2014-06-26 11:20 - 2013-09-29 17:39 - 01361839 _____ () C:\Windows\WindowsUpdate.log
2014-06-26 10:39 - 2014-06-26 10:39 - 29836648 _____ (Mozilla) C:\Users\Jeff\Downloads\Firefox Setup 30.0.exe
2014-06-26 08:16 - 2009-07-13 23:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-26 08:16 - 2009-07-13 23:45 - 00022096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-26 08:14 - 2009-07-14 00:13 - 00784362 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-26 08:08 - 2014-06-26 08:08 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-06-26 08:08 - 2014-06-18 14:53 - 00000446 ____H () C:\Windows\Tasks\SO_Booster-S-996987125.job
2014-06-26 08:08 - 2014-03-24 12:22 - 00000000 ____D () C:\Program Files (x86)\ATT
2014-06-26 08:08 - 2013-10-24 18:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-26 08:08 - 2013-09-29 17:52 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-06-26 08:08 - 2010-11-20 22:47 - 01319264 _____ () C:\Windows\PFRO.log
2014-06-26 08:08 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-26 08:08 - 2009-07-13 23:51 - 00052710 _____ () C:\Windows\setupact.log
2014-06-23 10:25 - 2014-06-23 10:24 - 00043125 _____ () C:\Users\Jeff\Downloads\Addition.txt
2014-06-20 16:30 - 2014-06-20 16:30 - 00000000 ____D () C:\Users\Jeff\Desktop\Bids
2014-06-20 15:16 - 2014-06-20 15:16 - 00000000 ____D () C:\Users\Jeff\Desktop\Old Firefox Data
2014-06-20 09:42 - 2009-07-13 21:34 - 00450709 ____R () C:\Windows\system32\Drivers\etc\hosts.20140623-084250.backup
2014-06-20 09:38 - 2014-06-20 08:18 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 09:07 - 2014-06-20 09:07 - 00000000 ____D () C:\Users\Jeff\Documents\ProcAlyzer Dumps
2014-06-20 08:20 - 2014-06-20 08:18 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-20 08:18 - 2014-06-20 08:18 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 08:18 - 2014-06-20 08:18 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 08:18 - 2014-06-20 08:18 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-20 08:18 - 2014-06-20 08:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 08:17 - 2014-06-20 08:16 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Jeff\Downloads\spybot-2.3.exe
2014-06-19 17:08 - 2014-06-18 14:53 - 00000000 ____D () C:\ProgramData\WorldAppIt
2014-06-19 14:45 - 2014-06-19 14:45 - 00000000 __SHD () C:\Users\Jeff\AppData\Local\EmieUserList
2014-06-19 14:45 - 2014-06-19 14:45 - 00000000 __SHD () C:\Users\Jeff\AppData\Local\EmieSiteList
2014-06-19 14:45 - 2013-09-29 17:47 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Google
2014-06-19 12:20 - 2014-06-18 14:53 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-18 14:54 - 2014-06-18 14:54 - 42271797 _____ () C:\Users\Jeff\Desktop\Revised Building.zip
2014-06-18 14:54 - 2014-06-18 14:54 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\SendSpace
2014-06-18 14:54 - 2014-06-18 14:52 - 00000000 ____D () C:\ProgramData\InstallMate
2014-06-18 14:53 - 2014-06-18 14:53 - 00002692 _____ () C:\Windows\System32\Tasks\SO_Booster-S-996987125
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Packages
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Guest
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\Users\Administrator
2014-06-18 14:53 - 2014-06-18 14:53 - 00000000 ____D () C:\ProgramData\b0f0fb5ec32d2008
2014-06-18 14:53 - 2013-09-29 17:55 - 00000506 __RSH () C:\ProgramData\ntuser.pol
2014-06-18 14:53 - 2013-09-29 17:47 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-18 14:53 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-06-16 11:44 - 2014-01-21 09:08 - 00003128 _____ () C:\Users\Jeff\Desktop\PSI Reports - Shortcut.lnk
2014-06-16 11:44 - 2013-10-22 08:28 - 00003172 _____ () C:\Users\Jeff\Desktop\Server - Shortcut.lnk
2014-06-13 15:39 - 2007-03-26 18:09 - 00000000 ___RD () C:\Users\Jeff\Documents\General Info
2014-06-12 13:06 - 2014-06-03 15:33 - 00000000 ____D () C:\Users\Jeff\Desktop\Trucks and Equipment
2014-06-12 11:39 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 10:51 - 2013-11-19 13:23 - 00000000 ____D () C:\Users\Jeff\Desktop\temp
2014-06-11 16:11 - 2013-09-29 19:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 16:10 - 2013-10-21 07:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 16:10 - 2013-09-29 19:40 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 16:09 - 2014-05-06 17:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-10 10:57 - 2014-06-10 10:54 - 00000000 ____D () C:\Users\Jeff\Desktop\Drummond
2014-06-08 04:13 - 2014-06-11 05:05 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 04:08 - 2014-06-11 05:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 15:34 - 2013-10-06 10:37 - 00000000 ____D () C:\Users\Jeff\Desktop\Shortcuts
2014-06-02 13:43 - 2013-07-24 07:47 - 00000000 ____D () C:\Users\Jeff\Documents\ManualPages
2014-05-30 14:53 - 2014-05-30 14:53 - 00000100 _____ () C:\Users\Jeff\AppData\Roaming\mbam.context.scan
2014-05-30 05:21 - 2014-06-11 05:06 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 05:02 - 2014-06-11 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 05:02 - 2014-06-11 05:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 04:45 - 2014-06-11 05:06 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 04:39 - 2014-06-11 05:06 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 04:39 - 2014-06-11 05:06 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 04:38 - 2014-06-11 05:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 04:28 - 2014-06-11 05:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 04:27 - 2014-06-11 05:06 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 04:24 - 2014-06-11 05:06 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 04:21 - 2014-06-11 05:06 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 04:21 - 2014-06-11 05:06 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 04:20 - 2014-06-11 05:06 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 04:18 - 2014-06-11 05:06 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 04:11 - 2014-06-11 05:06 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 04:08 - 2014-06-11 05:06 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 04:06 - 2014-06-11 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 04:02 - 2014-06-11 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 03:55 - 2014-06-11 05:06 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 03:49 - 2014-06-11 05:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 03:46 - 2014-06-11 05:06 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 03:44 - 2014-06-11 05:06 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 03:44 - 2014-06-11 05:06 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 03:43 - 2014-06-11 05:06 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 03:42 - 2014-06-11 05:06 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 03:38 - 2014-06-11 05:06 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 03:35 - 2014-06-11 05:06 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 03:34 - 2014-06-11 05:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 03:33 - 2014-06-11 05:06 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 03:30 - 2014-06-11 05:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 03:29 - 2014-06-11 05:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 03:28 - 2014-06-11 05:06 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 03:27 - 2014-06-11 05:06 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 03:24 - 2014-06-11 05:06 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 03:23 - 2014-06-11 05:06 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 03:16 - 2014-06-11 05:06 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 03:10 - 2014-06-11 05:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 03:06 - 2014-06-11 05:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 03:04 - 2014-06-11 05:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 03:02 - 2014-06-11 05:06 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 02:56 - 2014-06-11 05:06 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 02:56 - 2014-06-11 05:06 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 02:54 - 2014-06-11 05:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 02:50 - 2014-06-11 05:06 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 02:49 - 2014-06-11 05:06 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 02:43 - 2014-06-11 05:06 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 02:40 - 2014-06-11 05:06 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 02:30 - 2014-06-11 05:06 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 02:21 - 2014-06-11 05:06 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 02:15 - 2014-06-11 05:06 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 02:13 - 2014-06-11 05:06 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 02:13 - 2014-06-11 05:06 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 15:16 - 2014-05-29 15:03 - 25976245 _____ () C:\Users\Jeff\Downloads\Civil Drawings.zip
2014-05-29 15:04 - 2014-05-29 15:03 - 02372927 _____ () C:\Users\Jeff\Downloads\Supplemental Documents.zip
2014-05-29 15:03 - 2014-05-29 14:49 - 00000172 _____ () C:\Users\Jeff\Downloads\Fuel Drawings.zip

Some content of TEMP:
====================
C:\Users\Jeff\AppData\Local\Temp\devcon64.exe
C:\Users\Jeff\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Jeff\AppData\Local\Temp\SETUP_AFTERBURNER.EXE


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 10:19

==================== End Of Log ============================

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.