Jump to content

YTDownloader most stubborn malware ever

Ready2Run

By Ready2Run
in Resolved Malware Removal Logs

 Share

Recommended Posts

Ready2Run

Ready2Run

Posted
Posted

I have tried so many times to get this thing completely off my pc but to no avail. And now, whenever I try to uninstall it, it just opens a dialogue box that says all my internet browsers must be closed, even when none are open. This add on has also brought all kinds of popups from supra savings and trovi keeps appearing randomly as well.

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Hello and welome,

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Next,

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
Post back the report which should also be located here:

 

C:\Programdata\RogueKiller\Logs <-------- W7/8

C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <------XP

 

Thank you,

 

Kevin...

Link to post
Share on other sites
Ready2Run

Ready2Run

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2014
Ran by Breanna (administrator) on BREANNA-PC on 28-12-2014 04:54:02
Running from C:\Users\Breanna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W9224H53
Loaded Profile: Breanna (Available profiles: Breanna)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
() C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\pcreg\pcreg.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dell) C:\Users\Breanna\AppData\Local\Apps\2.0\JYG6T0QY.ZLW\N7WVR2RE.8ZD\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Breanna\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5470208 2009-12-16] (Dell Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2122536 2010-05-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2049896 2013-12-20] (YTDownloader)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\Run: [DellSystemDetect] => C:\Users\Breanna\AppData\Local\Apps\2.0\JYG6T0QY.ZLW\N7WVR2RE.8ZD\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe [265280 2014-09-12] (Dell)
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\MountPoints2: {1c85dc4a-bf15-11e3-b85a-806e6f6e6963} - E:\TL-BootStrap.exe
HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\...\MountPoints2: {fa17ffa6-55dc-11e4-843b-f04da2495c9e} - E:\LG_PC_Programs.exe
HKU\S-1-5-18\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1
AppInit_DLLs: C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files => C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files File Not Found
AppInit_DLLs-x32: C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files => "C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files" File Not Found
Startup: C:\Users\Breanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Breanna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2431590467-3914034941-1582923733-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {733032C8-BF8D-4FBF-96B2-8FA696C72BAD} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: HKLM-x32 {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/bingame/isan/default/popcaploader_v6.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-02-23]

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_orinteract_14_52_ie&cd=2XzuyEtN2Y1L1Qzu0FtDyE0D0AtByEzyyD0Czy0E0Bzy0E0DtN0D0Tzu0StCtDzzzztN1L2XzutAtFyCtFtCyDtFtCtN1L1CzutCyEtBzytDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2StBzz0AtBzztA0A0BtGtBzz0EtBtGzzyC0AtAtG0F0B0EtDtGyByDyDzyyCtAtAzyzyyByBtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtByB0E0CtDzz0BtGyCtA0D0BtGyEzz0DtAtGzyzyyD0FtG0F0DtAyDtC0F0AtDzy0D0AtC2Q&cr=390086873&ir="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Breanna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Breanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Breanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (Google Wallet) - C:\Users\Breanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-12]
CHR Extension: (Gmail) - C:\Users\Breanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [525312 2013-02-26] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-25] ()
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2009-12-16] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2013-02-26] (Windows ® Win 7 DDK provider)
R3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-26] (Windows ® Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-12] (NetFilterSDK.com)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 04:54 - 2014-12-28 04:54 - 00027822 _____ () C:\Users\Breanna\Documents\Addition.txt
2014-12-28 04:53 - 2014-12-28 04:53 - 00042297 _____ () C:\Users\Breanna\Documents\FRST.txt
2014-12-28 04:51 - 2014-12-28 04:54 - 00000000 ____D () C:\FRST
2014-12-28 04:45 - 2014-12-28 04:45 - 00000000 ____D () C:\ProgramData\Google
2014-12-28 04:45 - 2014-12-28 04:45 - 00000000 ____D () C:\Program Files\Google
2014-12-28 03:55 - 2014-12-28 04:39 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-28 03:55 - 2014-12-28 03:55 - 00001142 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-28 03:55 - 2014-12-28 03:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-28 03:55 - 2014-12-28 03:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-28 03:55 - 2014-12-28 03:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-28 03:55 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-28 03:55 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-28 03:55 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-28 03:02 - 2014-12-28 03:02 - 00000000 ____D () C:\cefaaf165f6777dc2f9f94e82c8a79
2014-12-28 03:02 - 2014-12-28 03:02 - 00000000 ____D () C:\972ff1e2067f0cbc729e860a1db9a873
2014-12-28 03:02 - 2014-12-28 03:02 - 00000000 ____D () C:\58178dac64a23c9b31
2014-12-28 03:02 - 2014-12-28 03:02 - 00000000 ____D () C:\399d4d8fd66beaf685b5
2014-12-28 03:01 - 2014-12-28 03:01 - 00000000 ____D () C:\6bf6b65f260da93e929b1cff
2014-12-27 14:41 - 2014-12-27 14:41 - 00000000 ____D () C:\6fbcfd641f30e4d5e4e44056ff11473b
2014-12-27 14:41 - 2014-12-27 14:41 - 00000000 ____D () C:\637572784f7ee395b1aa7182
2014-12-27 14:41 - 2014-12-27 14:41 - 00000000 ____D () C:\4e59f738e3f0168cb1955afbcbdaf0
2014-12-27 14:41 - 2014-12-27 14:41 - 00000000 ____D () C:\20ba45b9c751ee94f0
2014-12-27 14:39 - 2014-12-27 14:40 - 00000000 ____D () C:\9dd85b447ac1248af7a37442f9be
2014-12-26 19:50 - 2014-12-12 22:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-26 19:48 - 2014-12-26 19:48 - 00000000 ____D () C:\d1ee3031e8804796e15f
2014-12-26 19:48 - 2014-12-26 19:48 - 00000000 ____D () C:\657f04d39847373acdb7629e7d0b
2014-12-26 19:47 - 2014-12-26 19:48 - 00000000 ____D () C:\1e3977c1f9a5543a853e4ff2a3a479
2014-12-26 19:46 - 2014-12-26 19:47 - 00000000 ____D () C:\a5261cf4cd83f7dc3d37ed84d59d
2014-12-26 19:45 - 2014-12-26 19:46 - 00000000 ____D () C:\fa80521b229ba8b6e03869
2014-12-26 19:45 - 2014-12-26 19:45 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-26 19:26 - 2014-12-26 19:26 - 00000000 ____D () C:\ee9b5d852a5db721e1b7126c716680
2014-12-26 19:26 - 2014-12-26 19:26 - 00000000 ____D () C:\6cdc2cb15a1a57a171864a62b9
2014-12-26 19:25 - 2014-12-26 19:25 - 00000000 ____D () C:\85c3fcfbfb5a94e076775852992d
2014-12-25 08:18 - 2014-12-25 08:18 - 00000000 ____D () C:\Users\Breanna\Documents\Optimizer Pro
2014-12-25 03:00 - 2014-12-25 03:01 - 00000000 ____D () C:\fcb2f6cc6cebedeea31dd34514
2014-12-25 01:42 - 2014-12-25 01:42 - 00000043 _____ () C:\Users\Breanna\AppData\Roaming\WB.CFG
2014-12-25 00:30 - 2014-12-25 00:30 - 00000000 ____D () C:\Users\Breanna\AppData\Roaming\Windows Essentials Codec Pack
2014-12-24 23:47 - 2014-12-24 23:47 - 00000000 ____D () C:\Users\Breanna\AppData\Roaming\OpenSoftwareUpdater
2014-12-24 23:42 - 2014-12-26 19:38 - 00000000 ____D () C:\Program Files (x86)\WSE_Taplika
2014-12-24 23:42 - 2014-12-26 19:38 - 00000000 ____D () C:\Program Files (x86)\OpenSoftwareUpdater
2014-12-24 23:42 - 2014-12-24 23:42 - 00000000 ____D () C:\Users\Breanna\AppData\Roaming\WSE_Taplika
2014-12-24 10:05 - 2014-12-24 10:05 - 00000000 ____D () C:\972d152f6eee9bdb6f938766c2f5a135
2014-12-24 10:05 - 2014-12-24 10:05 - 00000000 ____D () C:\8ce7bcc648f2eb67502fdf5332
2014-12-24 10:04 - 2014-12-24 10:04 - 00000000 ____D () C:\5d549de0eb6005dc6146e9e6e0bf
2014-12-24 10:03 - 2014-12-24 10:04 - 00000000 ____D () C:\507c2e6985229299d4
2014-12-23 10:14 - 2014-12-23 10:14 - 00000000 ____D () C:\Users\Breanna\AppData\Local\LogMeIn Rescue Applet
2014-12-23 03:12 - 2014-12-23 03:12 - 00000000 ____D () C:\dad495c85a9a2a44fe8c53
2014-12-23 03:12 - 2014-12-23 03:12 - 00000000 ____D () C:\bc43123a9441f87c92f5d34c50
2014-12-23 03:12 - 2014-12-23 03:12 - 00000000 ____D () C:\b5aac42296bcdd48d6e31f5f779d
2014-12-23 03:11 - 2014-12-23 03:11 - 00000000 ____D () C:\952316615909ce8dd2b371ca4516
2014-12-22 14:02 - 2014-12-22 14:02 - 00000000 ____D () C:\db0a6822d58c0cb84d4122ee
2014-12-22 14:02 - 2014-12-22 14:02 - 00000000 ____D () C:\bb269f62254a2e9fd80a294f
2014-12-22 14:01 - 2014-12-22 14:01 - 00000000 ____D () C:\ed26661c3ff9a9d156ca3d49d678
2014-12-22 14:01 - 2014-12-22 14:01 - 00000000 ____D () C:\131abb5365186e79702d6005
2014-12-21 08:26 - 2014-12-21 08:26 - 00000000 ____D () C:\deca85f0d0fc71c31ff52af9ca7943
2014-12-21 08:26 - 2014-12-21 08:26 - 00000000 ____D () C:\45b7398d79631c52940004e92ebf
2014-12-21 08:25 - 2014-12-21 08:26 - 00000000 ____D () C:\e6d4eca9739d1317f82ef8ac7c73e7
2014-12-21 08:25 - 2014-12-21 08:25 - 00000000 ____D () C:\02ca9eb90994ac3907f9eb
2014-12-20 10:20 - 2014-12-20 10:20 - 00000000 ____D () C:\86707da889a56ef9fab09f3befa85b
2014-12-20 10:20 - 2014-12-20 10:20 - 00000000 ____D () C:\12d2c6a259e534c2ef73ef
2014-12-20 10:19 - 2014-12-20 10:20 - 00000000 ____D () C:\ec9f82af0ca702822170aee498
2014-12-20 10:19 - 2014-12-20 10:19 - 00000000 ____D () C:\95d23dba5291a3d2abf72d5c5f95
2014-12-17 20:21 - 2014-12-12 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 20:17 - 2014-12-17 20:18 - 00000000 ____D () C:\76255c5902aedf9819a22bd9c4fe41
2014-12-17 20:17 - 2014-12-17 20:17 - 00000000 ____D () C:\a1302073f9151e4bb519
2014-12-17 20:17 - 2014-12-17 20:17 - 00000000 ____D () C:\84c3805b01752d70bc827567c2
2014-12-17 20:17 - 2014-12-17 20:17 - 00000000 ____D () C:\3213e3928659ff3ba0b160
2014-12-17 20:17 - 2014-12-17 20:17 - 00000000 ____D () C:\27761f8c92272d2af7c6b9b921f26115
2014-12-16 09:49 - 2014-12-16 09:49 - 00000000 ____D () C:\f11e6584d2e9f934761d
2014-12-16 09:49 - 2014-12-16 09:49 - 00000000 ____D () C:\679862a21b6f1d5440703bfe5b8ebbb4
2014-12-16 09:49 - 2014-12-16 09:49 - 00000000 ____D () C:\5a0fcbb2e0f41b23bccfad
2014-12-16 09:47 - 2014-12-16 09:48 - 00000000 ____D () C:\c2a412c60d487b4a80232b
2014-12-14 09:24 - 2014-12-14 09:24 - 00433016 _____ () C:\Users\Breanna\Downloads\FlixsterSetup.exe
2014-12-11 10:33 - 2014-12-11 10:33 - 00000000 ____D () C:\71c5edb4613faf6d720a
2014-12-11 10:33 - 2014-12-11 10:33 - 00000000 ____D () C:\548b0e841d3ca50b5e7380a427
2014-12-11 10:33 - 2014-12-11 10:33 - 00000000 ____D () C:\4272398086a2858db2e100
2014-12-11 10:32 - 2014-12-11 10:32 - 00000000 ____D () C:\3b5d354034ccd4827fd8c7c3
2014-12-11 10:32 - 2014-12-11 10:32 - 00000000 ____D () C:\31ddc6386de7ed5389c5
2014-12-11 09:31 - 2014-12-11 09:31 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:40 - 2014-12-11 03:40 - 00000000 ____D () C:\cfa0d5ab82ff3cacbb9b076a0f82f225
2014-12-11 03:40 - 2014-12-11 03:40 - 00000000 ____D () C:\c136ece38165fa3d42dd
2014-12-11 03:40 - 2014-12-11 03:40 - 00000000 ____D () C:\bb4c4e6b3f17697959ae6a08
2014-12-11 03:39 - 2014-12-11 03:39 - 00000000 ____D () C:\9ae397b31d30dc72bf2dd2
2014-12-11 03:39 - 2014-12-11 03:39 - 00000000 ____D () C:\1583e354b5ee83e1ea50e2cc73a8
2014-12-10 12:36 - 2014-12-10 12:36 - 00000000 ____D () C:\Users\Breanna\AppData\Local\Viber
2014-12-10 11:39 - 2014-12-10 11:39 - 00000000 ____D () C:\af20d56187102cd2988ac091e1631490
2014-12-10 11:39 - 2014-12-10 11:39 - 00000000 ____D () C:\6d291defdf61ea44fd01702c0ade
2014-12-10 11:39 - 2014-12-10 11:39 - 00000000 ____D () C:\6588715d564fee73e54a1eac82c9
2014-12-10 11:35 - 2014-12-10 11:36 - 00000000 ____D () C:\8a3c7e9bb62716a61fbf07
2014-12-10 11:35 - 2014-10-17 19:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 11:35 - 2014-10-17 18:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 11:35 - 2014-07-06 19:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 11:35 - 2014-07-06 19:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 11:35 - 2014-07-06 19:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 11:35 - 2014-07-06 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 11:35 - 2014-07-06 18:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 11:35 - 2014-07-06 18:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 11:35 - 2014-07-06 18:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 11:35 - 2014-07-06 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 11:34 - 2014-12-10 11:34 - 00000000 ____D () C:\7d52de4a532f6358f82ad68bf040
2014-12-09 22:32 - 2014-12-09 22:32 - 00003294 _____ () C:\Windows\System32\Tasks\{455227C1-0B61-4AB8-AF53-7EECE190B01A}
2014-12-09 22:27 - 2014-12-09 22:27 - 00003310 _____ () C:\Windows\System32\Tasks\{98C99D82-7DBF-49E2-BC06-9AC7A482D9F2}
2014-12-09 22:27 - 2014-12-09 22:27 - 00003230 _____ () C:\Windows\System32\Tasks\{AB44648D-5103-4076-9328-8AC668D0CC97}
2014-12-09 22:27 - 2014-12-09 22:27 - 00003230 _____ () C:\Windows\System32\Tasks\{2BFA41F9-CF3D-46F7-A122-6F0015AB7762}
2014-12-09 22:27 - 2014-12-09 22:27 - 00000043 _____ () C:\Windows\WININIT.INI
2014-12-09 22:00 - 2014-12-03 19:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 22:00 - 2014-12-03 19:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 22:00 - 2014-12-03 19:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 22:00 - 2014-12-03 19:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 22:00 - 2014-12-03 19:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 22:00 - 2014-12-03 19:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 22:00 - 2014-12-03 19:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 22:00 - 2014-12-01 16:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 22:00 - 2014-11-21 19:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 22:00 - 2014-11-21 19:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 22:00 - 2014-11-21 19:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 22:00 - 2014-11-21 18:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 22:00 - 2014-11-10 20:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 22:00 - 2014-11-10 19:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 22:00 - 2014-11-10 18:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 21:59 - 2014-11-26 18:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 21:59 - 2014-11-26 18:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 21:59 - 2014-11-21 20:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 21:59 - 2014-11-21 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 21:59 - 2014-11-21 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 21:59 - 2014-11-21 19:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 21:59 - 2014-11-21 19:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 21:59 - 2014-11-21 19:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 21:59 - 2014-11-21 19:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 21:59 - 2014-11-21 19:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 21:59 - 2014-11-21 19:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 21:59 - 2014-11-21 19:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 21:59 - 2014-11-21 19:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 21:59 - 2014-11-21 19:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 21:59 - 2014-11-21 19:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 21:59 - 2014-11-21 19:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 21:59 - 2014-11-21 19:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 21:59 - 2014-11-21 19:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 21:59 - 2014-11-21 19:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 21:59 - 2014-11-21 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 21:59 - 2014-11-21 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 21:59 - 2014-11-21 19:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 21:59 - 2014-11-21 19:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 21:59 - 2014-11-21 19:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 21:59 - 2014-11-21 19:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 21:59 - 2014-11-21 19:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 21:59 - 2014-11-21 18:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 21:59 - 2014-11-21 18:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 21:59 - 2014-11-21 18:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 21:59 - 2014-11-21 18:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 21:59 - 2014-11-21 18:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 21:59 - 2014-11-21 18:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 21:59 - 2014-11-21 18:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 21:59 - 2014-11-21 18:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 21:59 - 2014-11-21 18:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 21:59 - 2014-11-21 18:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 21:59 - 2014-11-21 18:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 21:59 - 2014-11-21 18:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 21:59 - 2014-11-21 18:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 21:59 - 2014-11-21 18:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 21:59 - 2014-11-21 18:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 21:59 - 2014-11-21 18:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 21:59 - 2014-11-21 18:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 21:59 - 2014-11-21 18:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 21:59 - 2014-11-21 18:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 21:59 - 2014-11-21 18:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 21:59 - 2014-11-21 18:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 21:59 - 2014-11-21 18:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 21:59 - 2014-11-21 17:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 21:59 - 2014-11-21 17:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 21:57 - 2014-11-07 20:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 21:57 - 2014-11-07 19:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 21:57 - 2014-10-29 19:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 21:57 - 2014-10-29 18:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 21:57 - 2014-10-02 19:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 21:57 - 2014-10-02 19:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 21:57 - 2014-10-02 19:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 21:57 - 2014-10-02 19:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 21:57 - 2014-10-02 19:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 21:57 - 2014-10-02 18:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 21:57 - 2014-10-02 18:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 21:57 - 2014-10-02 18:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 21:57 - 2014-10-02 18:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 21:57 - 2014-10-02 18:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 22:03 - 2013-04-09 16:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-12-07 22:03 - 2013-04-02 15:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-12-06 08:54 - 2014-12-28 04:36 - 00001029 _____ () C:\Windows\setupact.log
2014-12-06 08:54 - 2014-12-06 08:54 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 08:25 - 2014-12-06 08:30 - 20312168 _____ (VS Media, Inc.) C:\Users\Breanna\Downloads\VSPerformerSetupV4.exe
2014-12-06 03:58 - 2014-12-06 02:57 - 00017223 _____ () C:\Users\Breanna\Documents\prices.xls_1.ods
2014-12-06 03:05 - 2014-12-06 03:08 - 00000000 ____D () C:\c16ed809e99f7f8fb3dd
2014-12-05 07:42 - 2014-12-06 05:16 - 00008704 _____ () C:\Users\Breanna\Documents\prices.xls
2014-12-05 06:22 - 2014-12-05 07:29 - 00002277 _____ () C:\Users\Breanna\Documents\New Database.odb
2014-12-05 04:04 - 2014-12-05 04:12 - 00000000 ____D () C:\Users\Breanna\biphone
2014-12-05 03:01 - 2014-12-05 03:01 - 00000000 ____D () C:\d42b20f7f329256e00ebc2cfe0
2014-12-05 03:01 - 2014-12-05 03:01 - 00000000 ____D () C:\8f35601e346656b0f8e13183154437db
2014-12-05 03:01 - 2014-12-05 03:01 - 00000000 ____D () C:\5cc9472c08d96c1a62b2c4e52e
2014-12-05 03:00 - 2014-12-05 03:00 - 00000000 ____D () C:\371733d647103945801cdd68eba060c3
2014-12-05 03:00 - 2014-12-05 03:00 - 00000000 ____D () C:\16c831ad30e692d76028bace0637d3

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 04:45 - 2014-04-12 23:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-28 04:45 - 2014-02-24 01:42 - 00000000 ____D () C:\Users\Breanna\AppData\Local\Adobe
2014-12-28 04:45 - 2009-07-13 21:45 - 00029792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-28 04:45 - 2009-07-13 21:45 - 00029792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-28 04:44 - 2014-05-12 03:58 - 00000000 ____D () C:\Program Files\pcreg
2014-12-28 04:44 - 2014-02-17 09:35 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-28 04:44 - 2014-02-17 09:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-28 04:44 - 2014-02-14 16:25 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DE4A1E77-4E5E-4B61-AD9F-7BA0BF77D287}
2014-12-28 04:42 - 2014-02-14 13:08 - 01842126 _____ () C:\Windows\WindowsUpdate.log
2014-12-28 04:42 - 2009-07-13 22:13 - 00781390 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-28 04:39 - 2014-04-04 12:56 - 00000000 ___RD () C:\Users\Breanna\Dropbox
2014-12-28 04:38 - 2014-04-04 12:44 - 00000000 ____D () C:\Users\Breanna\AppData\Roaming\Dropbox
2014-12-28 04:37 - 2014-03-26 19:12 - 00000000 ____D () C:\Users\Breanna\AppData\Roaming\Skype
2014-12-28 04:36 - 2014-06-28 02:47 - 00000000 ____D () C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF
2014-12-28 04:36 - 2014-02-14 13:08 - 00000000 ____D () C:\Users\Breanna
2014-12-28 04:36 - 2010-11-20 20:47 - 00149398 _____ () C:\Windows\PFRO.log
2014-12-28 04:36 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-28 04:34 - 2014-05-12 03:59 - 00000000 ____D () C:\temp
2014-12-28 04:34 - 2014-03-13 06:44 - 00000000 ____D () C:\ProgramData\Conduit
2014-12-28 04:02 - 2014-02-17 09:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-28 03:59 - 2014-04-12 23:41 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-28 03:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-28 00:06 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-26 19:41 - 2014-02-17 08:24 - 00064024 _____ () C:\Users\Breanna\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-26 19:38 - 2011-04-12 01:28 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-26 19:38 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2014-12-14 22:19 - 2014-02-23 17:04 - 00000000 ____D () C:\Users\Breanna\AppData\Local\Apple Computer
2014-12-14 09:18 - 2014-02-17 08:24 - 00000000 ____D () C:\Users\Breanna\AppData\Local\Deployment
2014-12-13 13:21 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 09:31 - 2014-05-08 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 09:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 23:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-09 22:32 - 2014-08-24 21:31 - 00000000 ____D () C:\Program Files (x86)\The Learning Company
2014-12-09 22:31 - 2014-04-12 23:41 - 00000000 ____D () C:\Users\Breanna\AppData\Local\Google
2014-12-09 22:29 - 2014-05-01 13:20 - 00000000 ____D () C:\Users\Breanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-09 22:29 - 2014-05-01 13:20 - 00000000 ____D () C:\Program Files (x86)\Games
2014-12-09 22:28 - 2014-04-27 15:22 - 00000000 ____D () C:\Program Files (x86)\MyHeritage
2014-12-09 11:30 - 2014-04-04 12:56 - 00000995 _____ () C:\Users\Breanna\Desktop\Dropbox.lnk
2014-12-09 11:30 - 2014-04-04 12:54 - 00000000 ____D () C:\Users\Breanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-09 11:05 - 2014-04-12 23:45 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-06 03:28 - 2014-06-29 16:02 - 00000000 ____D () C:\Windows\Minidump

Some content of TEMP:
====================
C:\Users\Breanna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmnvbzc.dll
C:\Users\Breanna\AppData\Local\Temp\soiygu3.exe
C:\Users\Breanna\AppData\Local\Temp\_is3363.exe
C:\Users\Breanna\AppData\Local\Temp\_is3CE4.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-28 00:31

==================== End Of Log ============================

 

Do I just copy and paste the other to logs as well or is there an actual way of "attaching" the files?

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Yes just copy and paste, if they exceed forum character limits you will have to attach them...

 

To attach: Select > "More Reply Options" > The reply box format will change, now you will see "Browse" select that tab and "Explorer" will open, navagate to the file in question. Double click direct onto the file, it will then show under the reply box. now select > "Attach This File" to do just that.

Repeat as many times as needed...

 

Thanks,

 

Kevin....

Link to post
Share on other sites
  • 2 weeks later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.