Login.Alive.Com redirect

[jharpj]

I copy it, come here and it wont paste.  ???????

 

Something else new is when doing a google search I sometimes get a google error message that my browser is not supported.

Jharpj

***************************************************************

[AdvancedSetup]

Please click on the More Reply Options button and then ATTACH the file to your post.

[jharpj]

File is attached.

[AdvancedSetup]

Sorry, no attachment.  Please try again.

[jharpj]

When I attach the file - the POST button isn't there.

Jharpj

[AdvancedSetup]

To attach a log:

 

 

 

 

If you're currently unable to due to the infection then go ahead and run this scanner.

 

 

Please visit this webpage and read the ComboFix User's Guide:

• Once you've read the article and are ready to use the program you can download it directly from the link below.
• Important! - Please make sure you save combofix to your desktop and do not run it from your browser
• Direct download link for: ComboFix.exe
• Please make sure you disable your security applications before running ComboFix.
• Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
• Please attach that log file to your next reply.
• If needed the file can be located here:  C:\combofix.txt
• NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
  

 

 

[jharpj]

I am unable to paste the content of combofix.txt and when I attach the file there is no POST button. 

Also combofix does not seem to have fixed the IE problem.

Jharpj

[AdvancedSetup]

Did you try resetting IE ?

Maybe try downloading and using another browser at least temporarily

http://www.maxthon.com/

http://www.opera.com/

http://www.mozilla.org/en-US/firefox/new/

[jharpj]

I am able to paste the FRST and addition.txt files using Opera browser but when posting got error message that the post was too long so I'll just post one this time.

Jharpj

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume2

Install Date: 11/2/2012 11:52:39 AM

System Uptime: 10/4/2013 3:31:26 PM (1 hours ago)

.

Motherboard: Gateway |  | EG50_HC_HR

Processor: Intel® Celeron® CPU B820 @ 1.70GHz | U3E1 | 1700/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 280 GiB total, 173.589 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

 clear.fi SDK- Movie 2

 clear.fi SDK - MVP 2

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.04)

Agatha Christie - Death on the Nile

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Ask Toolbar

Ask Toolbar Updater

AUPEO!

Backup Manager V3

Bejeweled 3

Bing Bar

Bonjour

Broadcom Card Reader Driver Installer

Broadcom NetLink Controller

Card & Board Games 3

Card And Board Games 2

Card Games Collection

CCleaner

Chronicles of Albian

Chuzzle Deluxe

Cisco Connect

clear.fi Media

clear.fi Photo

Codecs for Windows 7 Pack 4.0.5

Compatibility Pack for the 2007 Office system

Content Transfer

Cradle of Rome 2

CyberLink MediaEspresso

D3DX10

DigiDo

Dora's World Adventure

eGames GameButler

Elevated Installer

Evernote v. 4.5.2

FATE

Final Drive: Nitro

Fooz Kids

Fooz Kids Platform

Freemake Video Downloader

Galeria de Fotos

Galerie de photos

Galería de fotos

Garmin Express

Garmin Express Tray

Garmin POI Loader

Garmin Update Service

Garmin USB Drivers

Gateway Games

Gateway MyBackup

Gateway Power Management

Gateway Recovery Management

Gateway Registration

Gateway ScreenSaver

Gateway Social Networks

Gateway Updater

GIMP 2.8.4

Google Drive

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Governor of Poker 2 Premium Edition

Hoyle Board Games 2005

Hoyle Card Games 2005

iCloud

Identity Card

Intel® Control Center

Intel® Management Engine Components

Intel® OpenCL CPU Runtime

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® Trusted Connect Service Client

IrfanView (remove only)

iTunes

Jewel Match 3

Jewel Quest Mysteries: The Seventh Gate Collector's Edition

Junk Mail filter update

Launch Manager

McAfee AntiVirus

Media Player Codec Pack 4.2.3

Media Player Codec Pack Packages

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Mouse and Keyboard Center

Microsoft Office File Validation Add-In

Microsoft Office Outlook Connector

Microsoft Office Standard Edition 2003

Microsoft Office Word Viewer 2003

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Works 6-9 Converter

Movie Maker

MSN

MSVCRT

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero DiscSpeed 10

Nero DiscSpeed 10 Help (CHM)

Nero Express 10

Nero Express 10 Help (CHM)

Nero Multimedia Suite 10 Essentials

Nero StartSmart 10

Nero StartSmart 10 Help (CHM)

Nero Update

NOOK for PC

NWZ-E340 WALKMAN Guide

Penguins!

Photo Common

Photo Gallery

Picasa 3

Plants vs. Zombies - Game of the Year

Polar Bowler

Polar Golfer

Qualcomm Atheros Direct Connect

Qualcomm Atheros WiFi Driver Installation

QuickTime

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

RealPlayer

Realtek High Definition Audio Driver

RealUpgrade 1.1

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Shared C Run-time for x64

Skype™ 5.10

Synaptics Pointing Device Driver

Torchlight

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update Installer for WildTangent Games App

Video Web Camera

Virtual Villagers 5 - New Believers

Webroot SecureAnywhere

Welcome Center

WildBit Viewer

WildTangent Games App

Windows 7 Codec Pack 4.0.8

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)

Windows Live

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinMend Folder Hidden 1.4.9

WinPcap 4.1.2

YTD Toolbar v7.6

YTD Video Downloader 4.0

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

9/29/2013 2:48:23 PM, Error: Service Control Manager [7000]  - The McAfee SiteAdvisor Service service failed to start due to the following error:  The executable program that this service is configured to run in does not implement the service.

9/29/2013 12:13:58 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Gateway.

9/29/2013 12:13:58 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

10/4/2013 3:30:33 PM, Error: Service Control Manager [7034]  - The McAfee Scanner service terminated unexpectedly.  It has done this 1 time(s).

10/4/2013 3:18:21 PM, Error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

10/4/2013 3:12:59 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the GREGService service.

10/4/2013 12:57:17 PM, Error: Service Control Manager [7024]  - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

10/4/2013 12:54:48 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the FreemakeVideoCapture service to connect.

10/4/2013 12:54:48 PM, Error: Service Control Manager [7000]  - The FreemakeVideoCapture service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

10/4/2013 12:53:46 PM, Error: Service Control Manager [7024]  - The Windows Firewall service terminated with service-specific error Access is denied..

10/3/2013 7:48:52 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR4.

10/3/2013 7:33:52 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR3.

10/3/2013 7:09:43 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR2.

10/3/2013 12:11:14 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

10/2/2013 8:44:29 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

10/2/2013 8:44:29 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DsiWMIService service.

10/2/2013 6:01:35 PM, Error: Service Control Manager [7031]  - The McAfee McShield service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

10/1/2013 3:22:19 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.

10/1/2013 3:22:19 PM, Error: Service Control Manager [7000]  - The Garmin Core Update Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

 

[jharpj]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013

Ran by JOANS (administrator) on JOANS-PC on 11-10-2013 19:04:24

Running from C:\Users\JOANS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8PKYFL6

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(Webroot) C:\Program Files\Webroot\WRSA.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Webroot) C:\Program Files\Webroot\WRSA.exe

(Affinegy, Inc.) C:\Program Files (x86)\TWC\DigiDo\AffinegyService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe

(Microsoft Corporation) C:\Users\JOANS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Affinegy, Inc.) C:\Program Files (x86)\TWC\DigiDo\TrayApp.exe

(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Affinegy, Inc.) C:\Program Files (x86)\TWC\DigiDo\DigiDo.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

(McAfee, Inc.) C:\Windows\system32\mfevtps.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe

() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

(Intel Corporation) C:\Windows\system32\igfxext.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\MSN\MSNCoreFiles\msn.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Updater\alu.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Farbar) C:\Users\JOANS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8PKYFL6\FRST64[2].exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-13] (Synaptics Incorporated)

HKLM\...\Run: [Power Management] - C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKLM\...\Policies\Explorer: [NoSetTaskbar] 0

HKLM\...\Policies\Explorer: [NoDeletePrinter] 0

HKLM\...\Policies\Explorer: [NoDFSTab] 0

HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0

HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0

HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKLM\...\Policies\Explorer: [NoResolveSearch] 0

HKLM\...\Policies\Explorer: [NoHardwareTab] 0

HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKCU\...\Run: [skyDrive] - C:\Users\JOANS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-07-15] (Microsoft Corporation)

HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)

HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20097696 2013-06-27] (Google)

HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)

HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)

HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)

HKCU\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKCU\...\Policies\Explorer: [NoSetTaskbar] 0

HKCU\...\Policies\Explorer: [NoDeletePrinter] 0

HKCU\...\Policies\Explorer: [NoDFSTab] 0

HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0

HKCU\...\Policies\Explorer: [NoEncryptOnMove] 0

HKCU\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKCU\...\Policies\Explorer: [NoResolveSearch] 0

HKCU\...\Policies\Explorer: [NoHardwareTab] 0

HKCU\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKLM-x32\...\Run: [backupManagerTray] - C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe [289816 2012-01-05] (NTI Corporation)

HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc.)

HKLM-x32\...\Run: [DigiDo] - C:\Program Files (x86)\TWC\DigiDo\TrayApp.exe [1458544 2011-10-17] (Affinegy, Inc.)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [497000 2009-07-30] (Sony Corporation)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-08-02] (RealNetworks, Inc.)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)

HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)

HKLM-x32\...\Run: [WRSVC] - C:\Program Files\Webroot\WRSA.exe [752176 2013-10-09] (Webroot)

HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162408 2011-09-12] ()

HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162408 2011-09-12] ()

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE08A7D6A2AC6CE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/default.aspx?mypg=1&lc=1033

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab

DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

 

Chrome: 

=======

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanbblidcdbjeikekgeniapdeppcbo\7.15.12.0_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0

CHR HKLM-x32\...\Chrome\Extension: [aaaanbblidcdbjeikekgeniapdeppcbo] - C:\Users\JOANS\AppData\Local\APN\GoogleCRXs\aaaanbblidcdbjeikekgeniapdeppcbo_7.15.12.0.crx

CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx

CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx

CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx

CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx

CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx

 

==================== Services (Whitelisted) =================

 

R2 AffinegyService; C:\Program Files (x86)\TWC\DigiDo\AffinegyService.exe [580464 2011-10-17] (Affinegy, Inc.)

S3 DCDhcpService; C:\Program Files (x86)\Gateway\WDAgent\DCDhcpService.exe [111776 2012-01-18] (Atheros Communication Inc.)

R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-05-14] (Ellora Assets Corp.)

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)

S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-10-08] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)

R2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [121616 2013-10-02] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [384048 2013-02-25] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()

R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [752176 2013-10-09] (Webroot)

 

==================== Drivers (Whitelisted) ====================

 

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)

R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-13] (Synaptics Incorporated)

R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [113152 2013-10-09] (Webroot)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [x]

U3 mfeavfk01; No ImagePath

U0 SR; 

U2 srservice; 

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-10-09 23:25 - 2013-09-25 01:22 - 17142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-10-09 23:25 - 2013-09-25 00:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-10-09 23:25 - 2013-09-24 23:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-10-09 23:25 - 2013-09-24 23:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-10-09 23:25 - 2013-09-24 23:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-10-09 23:25 - 2013-09-24 23:29 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-10-09 23:25 - 2013-09-24 23:26 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-10-09 23:25 - 2013-09-24 22:45 - 11223552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-10-09 23:25 - 2013-09-24 21:51 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-10-09 23:25 - 2013-09-24 21:45 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-10-09 23:25 - 2013-09-24 01:48 - 23213568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-10-09 23:25 - 2013-09-24 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-10-09 23:25 - 2013-09-23 23:45 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-10-09 23:25 - 2013-09-23 23:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-10-09 23:25 - 2013-09-23 23:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-10-09 23:25 - 2013-09-23 23:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-10-09 23:25 - 2013-09-23 22:56 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-10-09 23:25 - 2013-09-23 22:07 - 12997632 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-10-09 23:25 - 2013-09-23 21:33 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-10-09 23:25 - 2013-09-23 21:04 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-10-09 15:18 - 2013-09-13 18:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2013-10-09 15:18 - 2013-09-07 19:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-10-09 15:18 - 2013-09-07 19:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2013-10-09 15:18 - 2013-09-07 19:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2013-10-09 15:18 - 2013-08-28 19:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-10-09 15:18 - 2013-08-28 19:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2013-10-09 15:18 - 2013-08-28 19:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2013-10-09 15:18 - 2013-08-28 19:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2013-10-09 15:18 - 2013-08-28 19:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2013-10-09 15:18 - 2013-08-28 18:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-10-09 15:18 - 2013-08-28 18:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-10-09 15:18 - 2013-08-28 18:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2013-10-09 15:18 - 2013-08-28 18:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2013-10-09 15:18 - 2013-08-28 18:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2013-10-09 15:18 - 2013-08-27 18:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-10-09 15:18 - 2013-07-12 03:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2013-10-09 15:18 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2013-10-09 15:18 - 2013-07-04 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2013-10-09 15:18 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2013-10-09 15:18 - 2013-07-04 05:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2013-10-09 15:18 - 2013-07-04 04:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2013-10-09 15:18 - 2013-07-04 04:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2013-10-09 15:18 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2013-10-09 15:18 - 2013-07-04 03:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2013-10-09 15:18 - 2013-07-02 21:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys

2013-10-09 15:18 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2013-10-09 15:18 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2013-10-09 15:18 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2013-10-09 15:18 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2013-10-09 15:18 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2013-10-09 15:18 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2013-10-09 15:18 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2013-10-09 15:18 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2013-10-09 15:18 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2013-10-09 15:18 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2013-10-09 15:18 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2013-10-09 15:18 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2013-10-09 15:18 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2013-10-09 15:17 - 2013-08-28 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2013-10-09 15:17 - 2013-08-28 17:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2013-10-09 15:17 - 2013-08-28 17:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2013-10-09 15:17 - 2013-08-28 17:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2013-10-09 15:17 - 2013-08-28 17:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2013-10-09 15:17 - 2013-08-01 05:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-10-09 15:17 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 15:17 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 15:16 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2013-10-09 07:21 - 2013-10-11 06:26 - 00000000 ____D C:\ProgramData\WRData

2013-10-09 07:21 - 2013-10-09 07:21 - 00152744 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll

2013-10-09 07:21 - 2013-10-09 07:21 - 00113152 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys

2013-10-09 07:21 - 2013-10-09 07:21 - 00103304 _____ (Webroot) C:\Windows\system32\WRusr.dll

2013-10-09 07:21 - 2013-10-09 07:21 - 00000000 ____D C:\Program Files\Webroot

2013-10-09 07:02 - 2013-10-09 07:02 - 00000000 ____D C:\Program Files (x86)\McAfee.com

2013-10-09 07:02 - 2012-04-20 16:40 - 00196440 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

2013-10-09 07:01 - 2013-10-09 07:02 - 00000000 ____D C:\Program Files\McAfee

2013-10-09 07:01 - 2013-10-09 07:02 - 00000000 ____D C:\Program Files\Common Files\McAfee

2013-10-09 07:01 - 2013-10-09 07:01 - 00000000 ____D C:\Program Files\McAfee.com

2013-10-09 07:01 - 2013-02-19 13:59 - 00070112 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys

2013-10-09 07:01 - 2013-02-19 13:55 - 00106552 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mferkdet.sys

2013-10-09 07:01 - 2013-02-19 13:55 - 00010728 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnk.sys

2013-10-09 07:01 - 2013-02-19 13:53 - 00515968 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys

2013-10-09 07:01 - 2013-02-19 13:53 - 00309840 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys

2013-10-09 06:57 - 2013-02-19 13:56 - 00182752 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe

2013-10-08 20:22 - 2013-08-22 14:04 - 00028352 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2013-10-08 20:19 - 2013-10-08 20:19 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-10-08 20:19 - 2013-10-08 20:19 - 01926144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-10-08 20:19 - 2013-10-08 20:19 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-10-08 20:19 - 2013-10-08 20:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-10-08 20:19 - 2013-10-08 20:19 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-10-08 20:19 - 2013-10-08 20:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-10-08 20:19 - 2013-10-08 20:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00263360 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00238784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-10-08 20:19 - 2013-10-08 20:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-10-08 20:19 - 2013-10-08 20:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-10-08 20:15 - 2013-10-08 20:22 - 00008216 _____ C:\Windows\IE11_main.log

2013-10-08 18:06 - 2013-10-08 18:05 - 44335120 _____ (Microsoft Corporation) C:\Users\JOANS\Desktop\IE10-Windows6.1-x64-en-us.exe

2013-10-08 12:07 - 2013-10-08 12:06 - 00659968 _____ C:\Users\JOANS\Desktop\MicrosoftFixit50195.msi

2013-10-06 08:25 - 2013-10-06 08:46 - 00000000 ____D C:\Qoobox

2013-10-06 08:25 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe

2013-10-06 08:25 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe

2013-10-06 08:25 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe

2013-10-06 07:54 - 2013-10-06 08:04 - 00000000 ____D C:\ProgramData\DivX

2013-10-06 07:54 - 2013-10-06 08:04 - 00000000 ____D C:\Program Files\DivX

2013-10-06 07:54 - 2013-10-06 08:04 - 00000000 ____D C:\Program Files (x86)\DSP-worx

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Windows\SysWOW64\searchplugins

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Windows\SysWOW64\Extensions

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\LavFilters

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\CDXReader

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-10-06 07:19 - 2013-10-06 07:55 - 00003232 _____ C:\Windows\System32\Tasks\DigitalSite

2013-10-05 13:04 - 2013-10-05 13:04 - 00000000 ____D C:\FRST

2013-10-05 08:35 - 2013-10-05 08:35 - 00000000 ____D C:\Program Files (x86)\ESET

2013-10-05 08:26 - 2013-10-08 20:10 - 00000000 ____D C:\AdwCleaner

2013-10-05 07:42 - 2013-10-05 07:42 - 00000000 ____D C:\Windows\ERUNT

2013-10-05 06:00 - 2013-10-05 07:08 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-04 16:58 - 2013-10-06 08:45 - 00000000 ____D C:\Windows\ERDNT

2013-10-04 16:57 - 2013-10-04 16:57 - 00000000 ____D C:\Program Files (x86)\ERUNT

2013-10-04 16:38 - 2013-10-08 17:41 - 00000000 ____D C:\Users\JOANS\Desktop\Malwarebites

2013-10-04 15:23 - 2013-10-04 15:23 - 00001790 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-10-04 15:22 - 2013-10-04 15:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-04 13:22 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2013-10-04 13:22 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2013-10-04 13:22 - 2013-08-01 19:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2013-10-04 13:22 - 2013-08-01 19:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2013-10-04 13:22 - 2013-08-01 18:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2013-10-04 13:22 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2013-10-04 13:22 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2013-10-04 13:22 - 2013-07-25 19:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-10-04 13:22 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2013-10-04 13:22 - 2013-07-25 18:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2013-10-04 13:22 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2013-10-04 10:12 - 2013-10-04 10:12 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Nero

2013-10-03 08:31 - 2013-10-03 08:31 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Malwarebytes

2013-10-03 08:25 - 2013-10-03 08:25 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-09-30 12:11 - 2013-10-04 08:15 - 00000000 ___RD C:\Users\JOANS\Dropbox

2013-09-30 12:02 - 2013-10-04 12:26 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2013-09-30 12:02 - 2013-10-04 08:15 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Dropbox

2013-09-15 07:28 - 2013-09-15 07:28 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Windows Live Writer

2013-09-15 07:28 - 2013-09-15 07:28 - 00000000 ____D C:\Users\JOANS\AppData\Local\Windows Live Writer

 

==================== One Month Modified Files and Folders =======

 

2013-10-11 18:48 - 2012-03-19 00:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-11 18:34 - 2012-11-04 07:43 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-11 17:55 - 2009-07-13 21:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-10-11 17:55 - 2009-07-13 21:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-10-11 17:47 - 2013-03-18 14:40 - 00000000 ___RD C:\Users\JOANS\Google Drive

2013-10-11 17:47 - 2012-12-06 07:24 - 00000000 ___RD C:\Users\JOANS\SkyDrive

2013-10-11 17:43 - 2013-03-26 18:25 - 00026114 _____ C:\Windows\setupact.log

2013-10-11 17:43 - 2012-11-04 07:43 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-11 17:43 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-11 08:41 - 2012-06-02 12:49 - 02011895 _____ C:\Windows\WindowsUpdate.log

2013-10-11 06:26 - 2013-10-09 07:21 - 00000000 ____D C:\ProgramData\WRData

2013-10-11 05:45 - 2009-07-13 22:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI

2013-10-10 15:22 - 2013-08-16 05:41 - 00003362 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2183701590-1873992799-1918826727-1000

2013-10-10 15:22 - 2013-08-16 05:41 - 00003228 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2183701590-1873992799-1918826727-1000

2013-10-10 07:58 - 2013-08-05 06:50 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2183701590-1873992799-1918826727-1000

2013-10-10 07:58 - 2013-08-05 06:50 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2183701590-1873992799-1918826727-1000

2013-10-10 05:55 - 2012-11-02 13:46 - 00000000 ___RD C:\Users\JOANS\Desktop\Anti Virus

2013-10-10 05:52 - 2009-07-13 21:45 - 00327032 _____ C:\Windows\system32\FNTCACHE.DAT

2013-10-09 23:42 - 2009-07-13 19:34 - 00000686 _____ C:\Windows\win.ini

2013-10-09 23:39 - 2012-11-19 09:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-10-09 23:39 - 2012-11-19 09:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-10-09 15:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache

2013-10-09 14:49 - 2012-11-02 13:04 - 00000000 ____D C:\ProgramData\McAfee

2013-10-09 14:42 - 2012-11-02 13:39 - 00000000 ____D C:\Program Files (x86)\McAfee

2013-10-09 14:41 - 2013-03-30 12:43 - 00073522 _____ C:\Windows\PFRO.log

2013-10-09 07:48 - 2012-03-19 00:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-10-09 07:48 - 2012-03-19 00:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-10-09 07:48 - 2012-03-19 00:12 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-10-09 07:21 - 2013-10-09 07:21 - 00152744 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll

2013-10-09 07:21 - 2013-10-09 07:21 - 00113152 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys

2013-10-09 07:21 - 2013-10-09 07:21 - 00103304 _____ (Webroot) C:\Windows\system32\WRusr.dll

2013-10-09 07:21 - 2013-10-09 07:21 - 00000000 ____D C:\Program Files\Webroot

2013-10-09 07:02 - 2013-10-09 07:02 - 00000000 ____D C:\Program Files (x86)\McAfee.com

2013-10-09 07:02 - 2013-10-09 07:01 - 00000000 ____D C:\Program Files\McAfee

2013-10-09 07:02 - 2013-10-09 07:01 - 00000000 ____D C:\Program Files\Common Files\McAfee

2013-10-09 07:01 - 2013-10-09 07:01 - 00000000 ____D C:\Program Files\McAfee.com

2013-10-08 20:26 - 2012-11-02 11:55 - 00001424 _____ C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-10-08 20:23 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-10-08 20:22 - 2013-10-08 20:15 - 00008216 _____ C:\Windows\IE11_main.log

2013-10-08 20:19 - 2013-10-08 20:19 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-10-08 20:19 - 2013-10-08 20:19 - 01926144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-10-08 20:19 - 2013-10-08 20:19 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-10-08 20:19 - 2013-10-08 20:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-10-08 20:19 - 2013-10-08 20:19 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-10-08 20:19 - 2013-10-08 20:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-10-08 20:19 - 2013-10-08 20:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00263360 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00238784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-10-08 20:19 - 2013-10-08 20:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-10-08 20:19 - 2013-10-08 20:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-10-08 20:10 - 2013-10-05 08:26 - 00000000 ____D C:\AdwCleaner

2013-10-08 19:35 - 2013-05-06 22:46 - 00011021 _____ C:\Windows\IE10_main.log

2013-10-08 18:05 - 2013-10-08 18:06 - 44335120 _____ (Microsoft Corporation) C:\Users\JOANS\Desktop\IE10-Windows6.1-x64-en-us.exe

2013-10-08 17:41 - 2013-10-04 16:38 - 00000000 ____D C:\Users\JOANS\Desktop\Malwarebites

2013-10-08 12:06 - 2013-10-08 12:07 - 00659968 _____ C:\Users\JOANS\Desktop\MicrosoftFixit50195.msi

2013-10-08 09:06 - 2012-11-04 07:43 - 00000000 ____D C:\Users\JOANS\AppData\Local\Google

2013-10-06 21:47 - 2013-04-02 06:47 - 00000000 ____D C:\ProgramData\Package Cache

2013-10-06 21:46 - 2013-04-02 06:48 - 00000000 ____D C:\ProgramData\Garmin

2013-10-06 21:46 - 2013-04-02 06:48 - 00000000 ____D C:\Program Files (x86)\Garmin

2013-10-06 08:46 - 2013-10-06 08:25 - 00000000 ____D C:\Qoobox

2013-10-06 08:46 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Default

2013-10-06 08:45 - 2013-10-04 16:58 - 00000000 ____D C:\Windows\ERDNT

2013-10-06 08:41 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini

2013-10-06 08:39 - 2009-07-13 19:34 - 72613888 _____ C:\Windows\system32\config\SOFTWARE.bak

2013-10-06 08:39 - 2009-07-13 19:34 - 23330816 _____ C:\Windows\system32\config\SYSTEM.bak

2013-10-06 08:39 - 2009-07-13 19:34 - 00786432 _____ C:\Windows\system32\config\DEFAULT.bak

2013-10-06 08:39 - 2009-07-13 19:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak

2013-10-06 08:39 - 2009-07-13 19:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak

2013-10-06 08:07 - 2012-11-02 11:53 - 00067984 _____ C:\Users\JOANS\AppData\Local\GDIPFONTCACHEV1.DAT

2013-10-06 08:04 - 2013-10-06 07:54 - 00000000 ____D C:\ProgramData\DivX

2013-10-06 08:04 - 2013-10-06 07:54 - 00000000 ____D C:\Program Files\DivX

2013-10-06 08:04 - 2013-10-06 07:54 - 00000000 ____D C:\Program Files (x86)\DSP-worx

2013-10-06 07:55 - 2013-10-06 07:19 - 00003232 _____ C:\Windows\System32\Tasks\DigitalSite

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Windows\SysWOW64\searchplugins

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Windows\SysWOW64\Extensions

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\LavFilters

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\CDXReader

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-10-06 06:43 - 2012-11-28 06:54 - 00000000 ___RD C:\Users\JOANS\Desktop\Extras

2013-10-05 13:04 - 2013-10-05 13:04 - 00000000 ____D C:\FRST

2013-10-05 08:35 - 2013-10-05 08:35 - 00000000 ____D C:\Program Files (x86)\ESET

2013-10-05 07:42 - 2013-10-05 07:42 - 00000000 ____D C:\Windows\ERUNT

2013-10-05 07:08 - 2013-10-05 06:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-05 05:45 - 2012-11-28 04:40 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\U3

2013-10-04 17:51 - 2012-11-02 11:55 - 00000000 ___RD C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-10-04 17:51 - 2012-11-02 11:55 - 00000000 ___RD C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-10-04 17:41 - 2013-08-14 08:13 - 00000000 ____D C:\Windows\system32\MRT

2013-10-04 17:30 - 2012-11-23 07:59 - 00000000 ___RD C:\Users\JOANS\Desktop\Data 02.14.13

2013-10-04 16:57 - 2013-10-04 16:57 - 00000000 ____D C:\Program Files (x86)\ERUNT

2013-10-04 16:47 - 2013-05-13 20:04 - 00037376 ___SH C:\Users\JOANS\Thumbs.db

2013-10-04 15:36 - 2012-12-11 20:19 - 00000000 ____D C:\Users\JOANS\AppData\Local\Apple Computer

2013-10-04 15:23 - 2013-10-04 15:23 - 00001790 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-10-04 15:23 - 2013-10-04 15:22 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-04 15:23 - 2013-09-01 08:56 - 00000000 ____D C:\Program Files\iTunes

2013-10-04 15:23 - 2013-09-01 08:56 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-04 15:22 - 2013-09-01 08:56 - 00000000 ____D C:\Program Files\iPod

2013-10-04 12:53 - 2012-11-02 11:52 - 00000000 ____D C:\Users\JOANS

2013-10-04 12:51 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\Offline Web Pages

2013-10-04 12:51 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2013-10-04 12:51 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Cursors

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\TAPI

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sppui

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Setup

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Recovery

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\ras

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\oobe

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\icsxml

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Dism

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\com

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sppui

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Setup

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\ras

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\oobe

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Msdtc

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\migwiz

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\manifeststore

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\icsxml

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\ias

2013-10-04 12:43 - 2010-11-21 00:17 - 00000000 ____D C:\Program Files\Windows Journal

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\addins

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Sidebar

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Portable Devices

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Public\Libraries

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\zh-HK

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\uk-UA

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\tr-TR

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\th-TH

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sysprep

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sr-Latn-CS

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sl-SI

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sk-SK

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\ro-RO

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\lv-LV

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\lt-LT

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\hr-HR

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\he-IL

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\et-EE

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Dism

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\com

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\System

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Services

2013-10-04 12:42 - 2011-02-11 20:12 - 00000000 ____D C:\Windows\DeployWinRE2

2013-10-04 12:42 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2013-10-04 12:42 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2013-10-04 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\bg-BG

2013-10-04 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\ar-SA

2013-10-04 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\L2Schemas

2013-10-04 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\IME

2013-10-04 12:36 - 2013-02-21 20:46 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2013-10-04 12:36 - 2012-12-11 20:15 - 00000000 ____D C:\Windows\System32\Tasks\Apple

2013-10-04 12:36 - 2012-12-07 07:05 - 00000000 ____D C:\Windows\SysWOW64\C2MP

2013-10-04 12:36 - 2012-06-02 12:53 - 00000000 ____D C:\Windows\SysWOW64\RTCOM

2013-10-04 12:36 - 2012-03-19 00:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2013-10-04 12:36 - 2012-03-19 00:12 - 00000000 ____D C:\Windows\system32\Macromed

2013-10-04 12:36 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\restore

2013-10-04 12:36 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

2013-10-04 12:36 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Speech

2013-10-04 12:36 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\spp

2013-10-04 12:36 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF

2013-10-04 12:34 - 2012-12-06 07:39 - 00000000 ____D C:\Windows\fr

2013-10-04 12:34 - 2012-03-19 00:00 - 00000000 ____D C:\Windows\oem

2013-10-04 12:34 - 2010-11-21 00:16 - 00000000 ____D C:\Windows\ShellNew

2013-10-04 12:34 - 2009-07-13 21:45 - 00000000 ____D C:\Windows\Setup

2013-10-04 12:33 - 2013-05-16 17:40 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2013-10-04 12:33 - 2013-03-01 07:02 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\WildBit Viewer

2013-10-04 12:33 - 2013-02-10 06:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\IrfanView

2013-10-04 12:33 - 2012-12-29 09:39 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\MediaPlayerCodecPackPackages

2013-10-04 12:33 - 2012-12-06 07:41 - 00000000 ____D C:\Windows\en

2013-10-04 12:33 - 2012-12-06 07:39 - 00000000 ____D C:\Windows\es

2013-10-04 12:33 - 2012-11-28 21:36 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\SNS

2013-10-04 12:33 - 2012-11-05 15:46 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\clear.fiMVPSDK20

2013-10-04 12:33 - 2012-11-02 20:36 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\WildTangent

2013-10-04 12:33 - 2012-11-02 13:44 - 00000000 ___RD C:\Users\JOANS\Desktop\Joan's Games

2013-10-04 12:33 - 2012-11-02 12:43 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\MSN6

2013-10-04 12:33 - 2012-11-02 11:52 - 00000000 ___RD C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-04 12:33 - 2012-11-02 11:52 - 00000000 ___RD C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-04 12:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Branding

2013-10-04 12:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat

2013-10-04 12:32 - 2013-08-17 06:24 - 00000000 ____D C:\ProgramData\MSNDynFiles

2013-10-04 12:32 - 2012-12-02 07:06 - 00000000 ____D C:\ProgramData\Real

2013-10-04 12:32 - 2012-11-03 12:20 - 00000000 ____D C:\Users\JOANS\AppData\Local\clear.fi

2013-10-04 12:32 - 2012-06-02 13:08 - 00000000 ____D C:\ProgramData\CyberLink

2013-10-04 12:32 - 2012-03-18 23:28 - 00000000 ____D C:\ProgramData\WildTangent

2013-10-04 12:31 - 2013-09-07 18:13 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center

2013-10-04 12:31 - 2013-07-19 07:21 - 00000000 ____D C:\Program Files (x86)\RealNetworks

2013-10-04 12:31 - 2013-05-29 06:15 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-10-04 12:31 - 2013-05-16 17:40 - 00000000 ____D C:\Program Files\WinPcap

2013-10-04 12:31 - 2013-04-15 07:39 - 00000000 ____D C:\Program Files\DIFX

2013-10-04 12:31 - 2013-03-26 15:33 - 00000000 ____D C:\Program Files\CCleaner

2013-10-04 12:31 - 2013-03-01 07:01 - 00000000 ____D C:\Program Files (x86)\WildBit Viewer

2013-10-04 12:31 - 2013-02-25 18:19 - 00000000 ____D C:\Program Files\GIMP 2

2013-10-04 12:31 - 2013-02-10 06:54 - 00000000 ____D C:\Program Files (x86)\IrfanView

2013-10-04 12:31 - 2012-12-11 20:14 - 00000000 ____D C:\Program Files\Bonjour

2013-10-04 12:31 - 2012-12-06 07:30 - 00000000 ____D C:\Program Files\Windows Live

2013-10-04 12:31 - 2012-12-06 07:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive

2013-10-04 12:31 - 2012-12-02 07:08 - 00000000 ____D C:\Program Files (x86)\Real

2013-10-04 12:31 - 2012-11-18 15:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Works

2013-10-04 12:31 - 2012-11-18 15:54 - 00000000 ____D C:\Program Files (x86)\Microsoft ActiveSync

2013-10-04 12:31 - 2012-11-03 11:55 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-10-04 12:31 - 2012-11-02 14:47 - 00000000 ____D C:\Program Files (x86)\PopCap Games

2013-10-04 12:31 - 2012-11-02 12:35 - 00000000 ____D C:\Program Files (x86)\MSN

2013-10-04 12:31 - 2012-06-02 13:11 - 00000000 ____D C:\Program Files (x86)\Video Web Camera

2013-10-04 12:31 - 2012-06-02 13:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2013-10-04 12:31 - 2012-06-02 13:05 - 00000000 ____D C:\Program Files (x86)\Social Networks

2013-10-04 12:31 - 2012-06-02 13:01 - 00000000 ____D C:\Program Files\Synaptics

2013-10-04 12:31 - 2012-06-02 12:57 - 00000000 ____D C:\Program Files (x86)\Launch Manager

2013-10-04 12:31 - 2012-03-19 00:13 - 00000000 ____D C:\Program Files (x86)\SymSilent

2013-10-04 12:31 - 2012-03-19 00:03 - 00000000 ____D C:\Program Files (x86)\Windows Live

2013-10-04 12:31 - 2012-03-18 23:23 - 00000000 ____D C:\Program Files\Broadcom

2013-10-04 12:31 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Windows NT

2013-10-04 12:31 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-10-04 12:30 - 2013-05-16 17:40 - 00000000 ____D C:\Program Files (x86)\Freemake

2013-10-04 12:30 - 2013-05-15 22:18 - 00000000 ____D C:\b8f07dacb6bf616481

2013-10-04 12:30 - 2013-03-29 05:48 - 00000000 ____D C:\Program Files (x86)\Folder Hidden

2013-10-04 12:30 - 2013-02-28 17:07 - 00000000 ____D C:\hotfix

2013-10-04 12:30 - 2013-02-16 18:19 - 00000000 ____D C:\Program Files (x86)\AUPEO!

2013-10-04 12:30 - 2013-01-09 17:22 - 00000000 ____D C:\Program Files (x86)\GIMP 2

2013-10-04 12:30 - 2012-12-11 20:14 - 00000000 ____D C:\Program Files (x86)\Bonjour

2013-10-04 12:30 - 2012-12-11 20:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

2013-10-04 12:30 - 2012-06-02 13:00 - 00000000 ____D C:\Program Files (x86)\Atheros

2013-10-04 12:30 - 2012-03-19 00:00 - 00000000 ____D C:\OEM

2013-10-04 12:30 - 2012-03-18 23:28 - 00000000 ____D C:\Program Files (x86)\Gateway Games

2013-10-04 12:26 - 2013-09-30 12:02 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2013-10-04 12:17 - 2012-12-15 08:42 - 00000000 _RSHD C:\Winmend~Folder~Hidden

2013-10-04 12:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration

2013-10-04 10:32 - 2012-11-04 07:43 - 00000000 ____D C:\Program Files (x86)\Google

2013-10-04 10:12 - 2013-10-04 10:12 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Nero

2013-10-04 08:15 - 2013-09-30 12:11 - 00000000 ___RD C:\Users\JOANS\Dropbox

2013-10-04 08:15 - 2013-09-30 12:02 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Dropbox

2013-10-03 08:31 - 2013-10-03 08:31 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Malwarebytes

2013-10-03 08:25 - 2013-10-03 08:25 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-10-02 16:56 - 2012-11-30 08:02 - 00568320 ___SH C:\Users\JOANS\Documents\Thumbs.db

2013-09-29 06:45 - 2012-12-11 20:15 - 00000000 ____D C:\Users\JOANS\AppData\Local\Apple

2013-09-26 01:46 - 2012-11-03 08:46 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-09-25 01:22 - 2013-10-09 23:25 - 17142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-09-25 00:10 - 2013-10-09 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-09-24 23:36 - 2013-10-09 23:25 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-09-24 23:35 - 2013-10-09 23:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-09-24 23:30 - 2013-10-09 23:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-09-24 23:29 - 2013-10-09 23:25 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-09-24 23:26 - 2013-10-09 23:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-09-24 22:45 - 2013-10-09 23:25 - 11223552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-09-24 21:51 - 2013-10-09 23:25 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-09-24 21:45 - 2013-10-09 23:25 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-09-24 01:48 - 2013-10-09 23:25 - 23213568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-09-24 00:11 - 2013-10-09 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-09-23 23:45 - 2013-10-09 23:25 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-09-23 23:31 - 2013-10-09 23:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-09-23 23:25 - 2013-10-09 23:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-09-23 23:21 - 2013-10-09 23:25 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-09-23 22:56 - 2013-10-09 23:25 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-09-23 22:07 - 2013-10-09 23:25 - 12997632 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-09-23 21:33 - 2013-10-09 23:25 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-09-23 21:04 - 2013-10-09 23:25 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-09-16 17:15 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\FxsTmp

2013-09-16 06:18 - 2013-03-18 15:54 - 00023552 _____ C:\Users\JOANS\Desktop\POL LINKS.xls

2013-09-15 07:28 - 2013-09-15 07:28 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Windows Live Writer

2013-09-15 07:28 - 2013-09-15 07:28 - 00000000 ____D C:\Users\JOANS\AppData\Local\Windows Live Writer

2013-09-15 07:28 - 2012-12-06 07:19 - 00000000 ____D C:\Users\JOANS\AppData\Local\Windows Live

2013-09-13 18:10 - 2013-10-09 15:18 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

 

Files to move or delete:

====================

C:\Users\JOANS\msndata.dat

 

 

Some content of TEMP:

====================

C:\Users\JOANS\AppData\Local\Temp\Quarantine.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-10-01 08:41

 

==================== End Of Log ============================

[jharpj]

I can't locate the Combofix log.

Should I run it again?

Jharpj

[AdvancedSetup]

The log should be either at C:\combofix.txt  or in the C:\QOOBOX folder
 
The Event Logs say that your hard drive has disk issues that need to be fixed.  Please run a FULL disk check on your C: drive.
 
9/29/2013 12:13:58 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
 

 

 

Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.

On Windows 7 the disk check log is in the Event Logs under Application with a heading source of  Wininit

How to Run Disk Check in Windows 7

How to Run Check Disk at Startup in Vista or Windows 7

How to Read the Event Viewer Log for Check Disk (chkdsk) in Vista, Windows 7, and Windows 8

 

 

[jharpj]

ComboFix 13-10-12.01 - JOANS 10/12/2013   6:07.2.2 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3932.2585 [GMT -7:00]

Running from: c:\users\JOANS\Desktop\Malwarebites\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_ctypes.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_elementtree.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_hashlib.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_multiprocessing.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_socket.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_ssl.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\msvcp100.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\msvcr100.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\pyexpat.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\pysqlite2._sqlite.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\python27.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\pythoncom27.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\PyWinTypes27.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\select.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\unicodedata.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32api.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32com.shell.shell.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32crypt.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32event.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32file.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32inet.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32pdh.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32process.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32profile.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32security.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32ts.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\windows._cacheinvalidation.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._controls_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._core_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._gdi_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._html2.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._misc_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._windows_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._wizard.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxbase294u_net_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxbase294u_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxmsw294u_adv_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxmsw294u_core_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxmsw294u_html_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxmsw294u_webview_vc90.dll

c:\users\JOANS\AppData\Local\Temp\AFF1.tmp\F_IN_BOX.dll

c:\windows\TEMP\WRusr.dll-2725150-1.tmp

.

.

(((((((((((((((((((((((((   Files Created from 2013-09-12 to 2013-10-12  )))))))))))))))))))))))))))))))

.

.

2013-10-12 13:29 . 2013-10-12 13:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-10-09 22:18 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll

2013-10-09 22:17 . 2013-08-29 00:49 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2013-10-09 22:17 . 2013-08-29 01:50 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2013-10-09 22:17 . 2013-08-29 00:49 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2013-10-09 22:17 . 2013-08-29 00:49 7680 ----a-w- c:\windows\SysWow64\instnm.exe

2013-10-09 22:17 . 2013-08-29 00:49 2048 ----a-w- c:\windows\SysWow64\user.exe

2013-10-09 22:17 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 22:17 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 22:17 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-10-09 22:16 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll

2013-10-09 14:02 . 2012-04-20 23:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2013-10-09 14:02 . 2013-10-09 14:02 -------- d-----w- c:\program files (x86)\McAfee.com

2013-10-09 14:01 . 2013-02-19 20:55 10728 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2013-10-09 14:01 . 2013-02-19 20:59 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys

2013-10-09 14:01 . 2013-02-19 20:55 106552 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2013-10-09 14:01 . 2013-02-19 20:53 515968 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2013-10-09 14:01 . 2013-02-19 20:53 309840 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2013-10-09 14:01 . 2013-10-09 14:02 -------- d-----w- c:\program files\Common Files\McAfee

2013-10-09 14:01 . 2013-10-09 14:02 -------- d-----w- c:\program files\McAfee

2013-10-09 13:57 . 2013-02-19 20:56 182752 ----a-w- c:\windows\system32\mfevtps.exe

2013-10-09 03:22 . 2013-08-22 21:04 28352 ----a-w- c:\windows\system32\IEUDINIT.EXE

2013-10-09 01:44 . 2013-10-09 01:44 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E588CB6-5E43-42C8-A3D3-F9C474CDF37A}\offreg.dll

2013-10-08 13:22 . 2013-09-16 07:50 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E588CB6-5E43-42C8-A3D3-F9C474CDF37A}\mpengine.dll

2013-10-06 14:54 . 2013-10-06 15:04 -------- d-----w- c:\program files\DivX

2013-10-06 14:54 . 2013-10-06 15:04 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared

2013-10-06 14:54 . 2013-10-06 14:54 -------- d-----w- c:\windows\SysWow64\searchplugins

2013-10-06 14:54 . 2013-10-06 14:54 -------- d-----w- c:\windows\SysWow64\Extensions

2013-10-06 14:54 . 2013-10-06 15:04 -------- d-----w- c:\program files (x86)\DSP-worx

2013-10-06 14:54 . 2013-10-06 15:04 -------- d-----w- c:\programdata\DivX

2013-10-06 14:54 . 2013-10-06 14:54 -------- d-----w- c:\users\JOANS\AppData\Roaming\LavFilters

2013-10-06 14:54 . 2013-10-06 14:54 -------- d-----w- c:\users\JOANS\AppData\Roaming\CDXReader

2013-10-06 14:19 . 2013-10-06 14:19 -------- d--h--w- c:\programdata\Common Files

2013-10-05 20:04 . 2013-10-05 20:04 -------- d-----w- C:\FRST

2013-10-05 15:35 . 2013-10-05 15:35 -------- d-----w- c:\program files (x86)\ESET

2013-10-05 15:26 . 2013-10-09 03:10 -------- d-----w- C:\AdwCleaner

2013-10-05 14:42 . 2013-10-05 14:42 -------- d-----w- c:\windows\ERUNT

2013-10-05 13:00 . 2013-10-05 14:08 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-10-04 23:57 . 2013-10-04 23:57 -------- d-----w- c:\program files (x86)\ERUNT

2013-10-04 22:22 . 2013-10-04 22:23 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-04 17:12 . 2013-10-04 17:12 -------- d-----w- c:\users\JOANS\AppData\Roaming\Nero

2013-10-03 15:31 . 2013-10-03 15:31 -------- d-----w- c:\users\JOANS\AppData\Roaming\Malwarebytes

2013-10-03 15:25 . 2013-10-03 15:25 -------- d-----w- c:\programdata\Malwarebytes

2013-09-30 19:11 . 2013-10-04 15:15 -------- d-----r- c:\users\JOANS\Dropbox

2013-09-30 19:02 . 2013-10-04 15:15 -------- d-----w- c:\users\JOANS\AppData\Roaming\Dropbox

2013-09-15 14:28 . 2013-09-15 14:28 -------- d-----w- c:\users\JOANS\AppData\Local\Windows Live Writer

2013-09-15 14:28 . 2013-09-15 14:28 -------- d-----w- c:\users\JOANS\AppData\Roaming\Windows Live Writer

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-10-10 23:28 . 2012-11-30 14:22 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2013-10-10 23:28 . 2012-11-30 14:22 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2013-10-10 23:27 . 2012-11-30 14:22 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2013-10-10 23:27 . 2012-11-30 14:22 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2013-10-09 14:48 . 2012-03-19 07:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-09 14:48 . 2012-03-19 07:12 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-09-26 08:46 . 2012-11-03 15:46 80541720 ----a-w- c:\windows\system32\MRT.exe

2013-09-11 23:31 . 2012-12-20 14:10 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2013-09-11 23:30 . 2012-12-20 14:09 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2013-09-11 23:30 . 2012-12-20 14:09 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2013-09-11 23:30 . 2012-12-20 14:09 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2013-08-29 20:34 . 2013-08-29 20:34 39896 ----a-w- c:\windows\SysWow64\DiscHandler.exe

2013-08-29 01:48 . 2013-10-09 22:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-08-07 11:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-08-02 18:14 . 2012-12-18 19:59 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2013-08-02 18:14 . 2012-12-18 19:59 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2013-07-26 13:24 . 2013-07-26 13:24 412336 ----a-w- c:\windows\system32\swscale-lav-2.dll

2013-07-26 13:24 . 2013-07-26 13:24 225456 ----a-w- c:\windows\system32\libbluray.dll

2013-07-26 13:24 . 2013-07-26 13:24 1527984 ----a-w- c:\windows\system32\LAVVideo.ax

2013-07-26 13:24 . 2013-07-26 13:24 6485168 ----a-w- c:\windows\system32\avcodec-lav-55.dll

2013-07-26 13:24 . 2013-07-26 13:24 524976 ----a-w- c:\windows\system32\LAVSplitter.ax

2013-07-26 13:24 . 2013-07-26 13:24 374960 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll

2013-07-26 13:24 . 2013-07-26 13:24 296624 ----a-w- c:\windows\system32\avutil-lav-52.dll

2013-07-26 13:24 . 2013-07-26 13:24 280240 ----a-w- c:\windows\system32\LAVAudio.ax

2013-07-26 13:24 . 2013-07-26 13:24 245936 ----a-w- c:\windows\system32\avfilter-lav-3.dll

2013-07-26 13:24 . 2013-07-26 13:24 160944 ----a-w- c:\windows\system32\avresample-lav-1.dll

2013-07-26 13:24 . 2013-07-26 13:24 1205424 ----a-w- c:\windows\system32\avformat-lav-55.dll

2013-07-26 13:24 . 2013-07-26 13:24 6275760 ----a-w- c:\windows\SysWow64\avcodec-lav-55.dll

2013-07-26 13:24 . 2013-07-26 13:24 431792 ----a-w- c:\windows\SysWow64\LAVSplitter.ax

2013-07-26 13:24 . 2013-07-26 13:24 394416 ----a-w- c:\windows\SysWow64\swscale-lav-2.dll

2013-07-26 13:24 . 2013-07-26 13:24 288944 ----a-w- c:\windows\SysWow64\avutil-lav-52.dll

2013-07-26 13:24 . 2013-07-26 13:24 245936 ----a-w- c:\windows\SysWow64\LAVAudio.ax

2013-07-26 13:24 . 2013-07-26 13:24 235184 ----a-w- c:\windows\SysWow64\avfilter-lav-3.dll

2013-07-26 13:24 . 2013-07-26 13:24 190640 ----a-w- c:\windows\SysWow64\libbluray.dll

2013-07-26 13:24 . 2013-07-26 13:24 150192 ----a-w- c:\windows\SysWow64\avresample-lav-1.dll

2013-07-26 13:24 . 2013-07-26 13:24 1239216 ----a-w- c:\windows\SysWow64\avformat-lav-55.dll

2013-07-26 13:24 . 2013-07-26 13:24 1190064 ----a-w- c:\windows\SysWow64\LAVVideo.ax

2013-07-25 09:25 . 2013-08-14 13:59 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-25 08:57 . 2013-08-14 13:59 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2013-07-19 01:58 . 2013-08-14 13:59 2048 ----a-w- c:\windows\system32\tzres.dll

2013-07-19 01:41 . 2013-08-14 13:59 2048 ----a-w- c:\windows\SysWow64\tzres.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-08-14 13:28 222832 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-08-14 13:28 222832 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-08-14 13:28 222832 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SkyDrive"="c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-07-15 257136]

"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]

"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]

"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-09-19 1093976]

"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]

"AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-09-04 1315144]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"BackupManagerTray"="c:\program files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe" [2012-01-05 289816]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-02 1106512]

"DigiDo"="c:\program files (x86)\TWC\DigiDo\TrayApp.exe" [2011-10-17 1458544]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]

"ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-07-30 497000]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]

"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-08-02 295512]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-01 152392]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-14 1532992]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2013-8-29 48200]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"ConsentPromptBehaviorAdmin"= 5 (0x5)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoDevMgrUpdate"= 0 (0x0)

"NoDFSTab"= 0 (0x0)

"NoEncryptOnMove"= 0 (0x0)

"NoResolveTrack"= 0 (0x0)

"NoStartMenuSubFolders"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDevMgrUpdate"= 0 (0x0)

"NoDFSTab"= 0 (0x0)

"NoEncryptOnMove"= 0 (0x0)

"NoResolveTrack"= 0 (0x0)

"NoStartMenuSubFolders"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"DisableLocalMachineRun"= 0 (0x0)

"DisableLocalMachineRunOnce"= 0 (0x0)

"DisableCurrentUserRun"= 0 (0x0)

"DisableCurrentUserRunOnce"= 0 (0x0)

"NoFile"= 0 (0x0)

"HideClock"= 0 (0x0)

"NoDevMgrUpdate"= 0 (0x0)

"NoDFSTab"= 0 (0x0)

"NoEncryptOnMove"= 0 (0x0)

"NoResolveTrack"= 0 (0x0)

"NoStartMenuSubFolders"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]

R3 DCDhcpService;DCDhcpService;c:\program files (x86)\Gateway\WDAgent\DCDhcpService.exe;c:\program files (x86)\Gateway\WDAgent\DCDhcpService.exe [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]

S2 ePowerSvc;ePower Service;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe [x]

S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]

S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]

S2 GREGService;GREGService;c:\program files (x86)\Gateway\Registration\GREGsvc.exe;c:\program files (x86)\Gateway\Registration\GREGsvc.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 Live Updater Service;Live Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [x]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [x]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe;c:\program files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [x]

S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]

S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]

S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]

S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]

S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]

start [bU]

.

Contents of the 'Scheduled Tasks' folder

.

2013-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-19 14:48]

.

2013-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04 14:43]

.

2013-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04 14:43]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-08-14 13:28 261744 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-08-14 13:28 261744 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-08-14 13:28 261744 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-20 170264]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-20 398616]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-20 440600]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"Power Management"="c:\program files\Gateway\Gateway Power Management\ePowerTray.exe" [2012-02-08 1829768]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 8.8.8.8 8.8.4.4

.

.

------- File Associations -------

.

inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1

JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*

txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\TWC\DigiDo\AffinegyService.exe

c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Launch Manager\LMworker.exe

c:\program files (x86)\Launch Manager\LMutilps32.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\SysWOW64\rundll32.exe

c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2013-10-12  06:50:26 - machine was rebooted

ComboFix-quarantined-files.txt  2013-10-12 13:50

.

Pre-Run: 176,602,505,216 bytes free

Post-Run: 176,817,582,080 bytes free

.

- - End Of File - - F84CD57FC33B4B3F43562FD7435AE7D5

[jharpj]

ComboFix 13-10-12.01 - JOANS 10/12/2013   6:07.2.2 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3932.2585 [GMT -7:00]

Running from: c:\users\JOANS\Desktop\Malwarebites\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_ctypes.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_elementtree.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_hashlib.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_multiprocessing.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_socket.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\_ssl.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\msvcp100.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\msvcr100.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\pyexpat.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\pysqlite2._sqlite.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\python27.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\pythoncom27.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\PyWinTypes27.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\select.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\unicodedata.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32api.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32com.shell.shell.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32crypt.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32event.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32file.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32inet.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32pdh.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32process.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32profile.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32security.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\win32ts.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\windows._cacheinvalidation.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._controls_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._core_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._gdi_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._html2.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._misc_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._windows_.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wx._wizard.pyd

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxbase294u_net_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxbase294u_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxmsw294u_adv_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxmsw294u_core_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxmsw294u_html_vc90.dll

c:\users\JOANS\AppData\Local\Temp\_MEI25682\wxmsw294u_webview_vc90.dll

c:\users\JOANS\AppData\Local\Temp\AFF1.tmp\F_IN_BOX.dll

c:\windows\TEMP\WRusr.dll-2725150-1.tmp

.

.

(((((((((((((((((((((((((   Files Created from 2013-09-12 to 2013-10-12  )))))))))))))))))))))))))))))))

.

.

2013-10-12 13:29 . 2013-10-12 13:29 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-10-09 22:18 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll

2013-10-09 22:17 . 2013-08-29 00:49 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2013-10-09 22:17 . 2013-08-29 01:50 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2013-10-09 22:17 . 2013-08-29 00:49 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2013-10-09 22:17 . 2013-08-29 00:49 7680 ----a-w- c:\windows\SysWow64\instnm.exe

2013-10-09 22:17 . 2013-08-29 00:49 2048 ----a-w- c:\windows\SysWow64\user.exe

2013-10-09 22:17 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 22:17 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 22:17 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-10-09 22:16 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll

2013-10-09 14:02 . 2012-04-20 23:40 196440 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2013-10-09 14:02 . 2013-10-09 14:02 -------- d-----w- c:\program files (x86)\McAfee.com

2013-10-09 14:01 . 2013-02-19 20:55 10728 ----a-w- c:\windows\system32\drivers\mfeclnk.sys

2013-10-09 14:01 . 2013-02-19 20:59 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys

2013-10-09 14:01 . 2013-02-19 20:55 106552 ----a-w- c:\windows\system32\drivers\mferkdet.sys

2013-10-09 14:01 . 2013-02-19 20:53 515968 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2013-10-09 14:01 . 2013-02-19 20:53 309840 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2013-10-09 14:01 . 2013-10-09 14:02 -------- d-----w- c:\program files\Common Files\McAfee

2013-10-09 14:01 . 2013-10-09 14:02 -------- d-----w- c:\program files\McAfee

2013-10-09 13:57 . 2013-02-19 20:56 182752 ----a-w- c:\windows\system32\mfevtps.exe

2013-10-09 03:22 . 2013-08-22 21:04 28352 ----a-w- c:\windows\system32\IEUDINIT.EXE

2013-10-09 01:44 . 2013-10-09 01:44 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E588CB6-5E43-42C8-A3D3-F9C474CDF37A}\offreg.dll

2013-10-08 13:22 . 2013-09-16 07:50 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9E588CB6-5E43-42C8-A3D3-F9C474CDF37A}\mpengine.dll

2013-10-06 14:54 . 2013-10-06 15:04 -------- d-----w- c:\program files\DivX

2013-10-06 14:54 . 2013-10-06 15:04 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared

2013-10-06 14:54 . 2013-10-06 14:54 -------- d-----w- c:\windows\SysWow64\searchplugins

2013-10-06 14:54 . 2013-10-06 14:54 -------- d-----w- c:\windows\SysWow64\Extensions

2013-10-06 14:54 . 2013-10-06 15:04 -------- d-----w- c:\program files (x86)\DSP-worx

2013-10-06 14:54 . 2013-10-06 15:04 -------- d-----w- c:\programdata\DivX

2013-10-06 14:54 . 2013-10-06 14:54 -------- d-----w- c:\users\JOANS\AppData\Roaming\LavFilters

2013-10-06 14:54 . 2013-10-06 14:54 -------- d-----w- c:\users\JOANS\AppData\Roaming\CDXReader

2013-10-06 14:19 . 2013-10-06 14:19 -------- d--h--w- c:\programdata\Common Files

2013-10-05 20:04 . 2013-10-05 20:04 -------- d-----w- C:\FRST

2013-10-05 15:35 . 2013-10-05 15:35 -------- d-----w- c:\program files (x86)\ESET

2013-10-05 15:26 . 2013-10-09 03:10 -------- d-----w- C:\AdwCleaner

2013-10-05 14:42 . 2013-10-05 14:42 -------- d-----w- c:\windows\ERUNT

2013-10-05 13:00 . 2013-10-05 14:08 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-10-04 23:57 . 2013-10-04 23:57 -------- d-----w- c:\program files (x86)\ERUNT

2013-10-04 22:22 . 2013-10-04 22:23 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-04 17:12 . 2013-10-04 17:12 -------- d-----w- c:\users\JOANS\AppData\Roaming\Nero

2013-10-03 15:31 . 2013-10-03 15:31 -------- d-----w- c:\users\JOANS\AppData\Roaming\Malwarebytes

2013-10-03 15:25 . 2013-10-03 15:25 -------- d-----w- c:\programdata\Malwarebytes

2013-09-30 19:11 . 2013-10-04 15:15 -------- d-----r- c:\users\JOANS\Dropbox

2013-09-30 19:02 . 2013-10-04 15:15 -------- d-----w- c:\users\JOANS\AppData\Roaming\Dropbox

2013-09-15 14:28 . 2013-09-15 14:28 -------- d-----w- c:\users\JOANS\AppData\Local\Windows Live Writer

2013-09-15 14:28 . 2013-09-15 14:28 -------- d-----w- c:\users\JOANS\AppData\Roaming\Windows Live Writer

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-10-10 23:28 . 2012-11-30 14:22 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll

2013-10-10 23:28 . 2012-11-30 14:22 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2013-10-10 23:27 . 2012-11-30 14:22 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2013-10-10 23:27 . 2012-11-30 14:22 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2013-10-09 14:48 . 2012-03-19 07:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-09 14:48 . 2012-03-19 07:12 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-09-26 08:46 . 2012-11-03 15:46 80541720 ----a-w- c:\windows\system32\MRT.exe

2013-09-11 23:31 . 2012-12-20 14:10 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2013-09-11 23:30 . 2012-12-20 14:09 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2013-09-11 23:30 . 2012-12-20 14:09 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2013-09-11 23:30 . 2012-12-20 14:09 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2013-08-29 20:34 . 2013-08-29 20:34 39896 ----a-w- c:\windows\SysWow64\DiscHandler.exe

2013-08-29 01:48 . 2013-10-09 22:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-08-07 11:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-08-02 18:14 . 2012-12-18 19:59 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll

2013-08-02 18:14 . 2012-12-18 19:59 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2013-07-26 13:24 . 2013-07-26 13:24 412336 ----a-w- c:\windows\system32\swscale-lav-2.dll

2013-07-26 13:24 . 2013-07-26 13:24 225456 ----a-w- c:\windows\system32\libbluray.dll

2013-07-26 13:24 . 2013-07-26 13:24 1527984 ----a-w- c:\windows\system32\LAVVideo.ax

2013-07-26 13:24 . 2013-07-26 13:24 6485168 ----a-w- c:\windows\system32\avcodec-lav-55.dll

2013-07-26 13:24 . 2013-07-26 13:24 524976 ----a-w- c:\windows\system32\LAVSplitter.ax

2013-07-26 13:24 . 2013-07-26 13:24 374960 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll

2013-07-26 13:24 . 2013-07-26 13:24 296624 ----a-w- c:\windows\system32\avutil-lav-52.dll

2013-07-26 13:24 . 2013-07-26 13:24 280240 ----a-w- c:\windows\system32\LAVAudio.ax

2013-07-26 13:24 . 2013-07-26 13:24 245936 ----a-w- c:\windows\system32\avfilter-lav-3.dll

2013-07-26 13:24 . 2013-07-26 13:24 160944 ----a-w- c:\windows\system32\avresample-lav-1.dll

2013-07-26 13:24 . 2013-07-26 13:24 1205424 ----a-w- c:\windows\system32\avformat-lav-55.dll

2013-07-26 13:24 . 2013-07-26 13:24 6275760 ----a-w- c:\windows\SysWow64\avcodec-lav-55.dll

2013-07-26 13:24 . 2013-07-26 13:24 431792 ----a-w- c:\windows\SysWow64\LAVSplitter.ax

2013-07-26 13:24 . 2013-07-26 13:24 394416 ----a-w- c:\windows\SysWow64\swscale-lav-2.dll

2013-07-26 13:24 . 2013-07-26 13:24 288944 ----a-w- c:\windows\SysWow64\avutil-lav-52.dll

2013-07-26 13:24 . 2013-07-26 13:24 245936 ----a-w- c:\windows\SysWow64\LAVAudio.ax

2013-07-26 13:24 . 2013-07-26 13:24 235184 ----a-w- c:\windows\SysWow64\avfilter-lav-3.dll

2013-07-26 13:24 . 2013-07-26 13:24 190640 ----a-w- c:\windows\SysWow64\libbluray.dll

2013-07-26 13:24 . 2013-07-26 13:24 150192 ----a-w- c:\windows\SysWow64\avresample-lav-1.dll

2013-07-26 13:24 . 2013-07-26 13:24 1239216 ----a-w- c:\windows\SysWow64\avformat-lav-55.dll

2013-07-26 13:24 . 2013-07-26 13:24 1190064 ----a-w- c:\windows\SysWow64\LAVVideo.ax

2013-07-25 09:25 . 2013-08-14 13:59 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL

2013-07-25 08:57 . 2013-08-14 13:59 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL

2013-07-19 01:58 . 2013-08-14 13:59 2048 ----a-w- c:\windows\system32\tzres.dll

2013-07-19 01:41 . 2013-08-14 13:59 2048 ----a-w- c:\windows\SysWow64\tzres.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-08-14 13:28 222832 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-08-14 13:28 222832 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-08-14 13:28 222832 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SkyDrive"="c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-07-15 257136]

"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]

"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-06-27 20097696]

"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-09-19 1093976]

"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]

"AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-09-04 1315144]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"BackupManagerTray"="c:\program files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe" [2012-01-05 289816]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-02 1106512]

"DigiDo"="c:\program files (x86)\TWC\DigiDo\TrayApp.exe" [2011-10-17 1458544]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]

"ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-07-30 497000]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]

"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-08-02 295512]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-01 152392]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-14 1532992]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2013-8-29 48200]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"ConsentPromptBehaviorAdmin"= 5 (0x5)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoDevMgrUpdate"= 0 (0x0)

"NoDFSTab"= 0 (0x0)

"NoEncryptOnMove"= 0 (0x0)

"NoResolveTrack"= 0 (0x0)

"NoStartMenuSubFolders"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoDevMgrUpdate"= 0 (0x0)

"NoDFSTab"= 0 (0x0)

"NoEncryptOnMove"= 0 (0x0)

"NoResolveTrack"= 0 (0x0)

"NoStartMenuSubFolders"= 0 (0x0)

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"DisableLocalMachineRun"= 0 (0x0)

"DisableLocalMachineRunOnce"= 0 (0x0)

"DisableCurrentUserRun"= 0 (0x0)

"DisableCurrentUserRunOnce"= 0 (0x0)

"NoFile"= 0 (0x0)

"HideClock"= 0 (0x0)

"NoDevMgrUpdate"= 0 (0x0)

"NoDFSTab"= 0 (0x0)

"NoEncryptOnMove"= 0 (0x0)

"NoResolveTrack"= 0 (0x0)

"NoStartMenuSubFolders"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]

R3 DCDhcpService;DCDhcpService;c:\program files (x86)\Gateway\WDAgent\DCDhcpService.exe;c:\program files (x86)\Gateway\WDAgent\DCDhcpService.exe [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]

S2 ePowerSvc;ePower Service;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe [x]

S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]

S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]

S2 GREGService;GREGService;c:\program files (x86)\Gateway\Registration\GREGsvc.exe;c:\program files (x86)\Gateway\Registration\GREGsvc.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]

S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

S2 Live Updater Service;Live Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [x]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [x]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]

S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]

S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe;c:\program files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [x]

S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]

S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]

S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]

S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]

S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]

S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]

start [bU]

.

Contents of the 'Scheduled Tasks' folder

.

2013-10-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-19 14:48]

.

2013-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04 14:43]

.

2013-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-04 14:43]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]

@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"

[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]

2013-08-14 13:28 261744 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]

@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"

[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]

2013-08-14 13:28 261744 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]

@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"

[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]

2013-08-14 13:28 261744 ----a-w- c:\users\JOANS\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2013-06-27 23:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-20 170264]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-20 398616]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-20 440600]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

"Power Management"="c:\program files\Gateway\Gateway Power Management\ePowerTray.exe" [2012-02-08 1829768]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 8.8.8.8 8.8.4.4

.

.

------- File Associations -------

.

inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1

JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*

txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\TWC\DigiDo\AffinegyService.exe

c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Launch Manager\LMworker.exe

c:\program files (x86)\Launch Manager\LMutilps32.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\SysWOW64\rundll32.exe

c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2013-10-12  06:50:26 - machine was rebooted

ComboFix-quarantined-files.txt  2013-10-12 13:50

.

Pre-Run: 176,602,505,216 bytes free

Post-Run: 176,817,582,080 bytes free

.

- - End Of File - - F84CD57FC33B4B3F43562FD7435AE7D5

[AdvancedSetup]

Okay, now please run the following

 

Please Run TFC by OldTimer to clear temporary files:

• Download TFC from here and save it to your desktop.
• http://oldtimer.geekstogo.com/TFC.exe
• Close any open programs and Internet browsers.
• Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
• Please be patient as clearing out temp files may take a while.
• Once it completes you may be prompted to restart your computer, please do so.
• Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.
  

 

Then restart the computer and reset IE and let me know if there are any issues resetting IE.

 

How to reset Internet Explorer settings

http://support.microsoft.com/kb/923737

[jharpj]

I have run TFC and reset IE as instructed.

Although IE continues to be redirect free, the favorites folder wont load.

Jharpj

[AdvancedSetup]

Okay, please run a new FRST scan and post that log so I can see what the registry thinks is still going on.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  

 

[jharpj]

The IE favorites will show up after about five minutes and there are multiple copies of each one. One of the favorites has about 50 or so copies in the favorites folder.

Jharpj

[jharpj]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013

Ran by JOANS (administrator) on JOANS-PC on 14-10-2013 20:31:55

Running from C:\Users\JOANS\Desktop\Malwarebites

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(Affinegy, Inc.) C:\Program Files (x86)\TWC\DigiDo\AffinegyService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe

(Microsoft Corporation) C:\Users\JOANS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Affinegy, Inc.) C:\Program Files (x86)\TWC\DigiDo\TrayApp.exe

(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Affinegy, Inc.) C:\Program Files (x86)\TWC\DigiDo\DigiDo.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

(McAfee, Inc.) C:\Windows\system32\mfevtps.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe

() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Intel Corporation) C:\Windows\system32\igfxext.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Microsoft Corporation) C:\Program Files (x86)\MSN\MSNCoreFiles\msn.exe

(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-13] (Synaptics Incorporated)

HKLM\...\Run: [Power Management] - C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKLM\...\Policies\Explorer: [NoSetTaskbar] 0

HKLM\...\Policies\Explorer: [NoDeletePrinter] 0

HKLM\...\Policies\Explorer: [NoDFSTab] 0

HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0

HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0

HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKLM\...\Policies\Explorer: [NoResolveSearch] 0

HKLM\...\Policies\Explorer: [NoHardwareTab] 0

HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKCU\...\Run: [skyDrive] - C:\Users\JOANS\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-07-15] (Microsoft Corporation)

HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)

HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20133824 2013-09-25] (Google)

HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)

HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)

HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)

HKCU\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKCU\...\Policies\Explorer: [NoSetTaskbar] 0

HKCU\...\Policies\Explorer: [NoDeletePrinter] 0

HKCU\...\Policies\Explorer: [NoDFSTab] 0

HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0

HKCU\...\Policies\Explorer: [NoEncryptOnMove] 0

HKCU\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKCU\...\Policies\Explorer: [NoResolveSearch] 0

HKCU\...\Policies\Explorer: [NoHardwareTab] 0

HKCU\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKLM-x32\...\Run: [backupManagerTray] - C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe [289816 2012-01-05] (NTI Corporation)

HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc.)

HKLM-x32\...\Run: [DigiDo] - C:\Program Files (x86)\TWC\DigiDo\TrayApp.exe [1458544 2011-10-17] (Affinegy, Inc.)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [ContentTransferWMDetector.exe] - C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [497000 2009-07-30] (Sony Corporation)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-08-02] (RealNetworks, Inc.)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)

HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)

HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162408 2011-09-12] ()

HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162408 2011-09-12] ()

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/default.aspx?mypg=1&lc=1033

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab

DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

Chrome: 

=======

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanbblidcdbjeikekgeniapdeppcbo\7.15.12.0_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0

CHR Extension: () - C:\Users\JOANS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0

CHR HKLM-x32\...\Chrome\Extension: [aaaanbblidcdbjeikekgeniapdeppcbo] - C:\Users\JOANS\AppData\Local\APN\GoogleCRXs\aaaanbblidcdbjeikekgeniapdeppcbo_7.15.12.0.crx

CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx

CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx

CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx

CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx

CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx

 

==================== Services (Whitelisted) =================

 

R2 AffinegyService; C:\Program Files (x86)\TWC\DigiDo\AffinegyService.exe [580464 2011-10-17] (Affinegy, Inc.)

S3 DCDhcpService; C:\Program Files (x86)\Gateway\WDAgent\DCDhcpService.exe [111776 2012-01-18] (Atheros Communication Inc.)

R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-05-14] (Ellora Assets Corp.)

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)

S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-10-08] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)

R2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [121616 2013-10-02] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [384048 2013-02-25] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()

 

==================== Drivers (Whitelisted) ====================

 

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)

R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [22800 2012-02-13] (Synaptics Incorporated)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [x]

U3 mfeavfk01; No ImagePath

U0 SR; 

U2 srservice; 

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-10-14 18:38 - 2013-10-14 18:38 - 00003544 ____N C:\bootsqm.dat

2013-10-13 06:55 - 2013-10-13 06:55 - 00001140 _____ C:\Users\Public\Desktop\Opera.lnk

2013-10-13 06:55 - 2013-10-13 06:55 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Opera Software

2013-10-13 06:55 - 2013-10-13 06:55 - 00000000 ____D C:\Users\JOANS\AppData\Local\Opera Software

2013-10-13 06:55 - 2013-10-13 06:55 - 00000000 ____D C:\Program Files (x86)\Opera

2013-10-13 06:16 - 2013-10-13 06:17 - 00000000 ___HD C:\Windows\AxInstSV

2013-10-12 17:51 - 2013-10-14 19:53 - 00000448 _____ C:\Windows\setupact.log

2013-10-12 17:51 - 2013-10-12 17:51 - 00000000 _____ C:\Windows\setuperr.log

2013-10-12 06:50 - 2013-10-12 06:50 - 00034643 _____ C:\ComboFix.txt

2013-10-09 23:25 - 2013-09-25 01:22 - 17142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-10-09 23:25 - 2013-09-25 00:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-10-09 23:25 - 2013-09-24 23:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-10-09 23:25 - 2013-09-24 23:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-10-09 23:25 - 2013-09-24 23:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-10-09 23:25 - 2013-09-24 23:29 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-10-09 23:25 - 2013-09-24 23:26 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-10-09 23:25 - 2013-09-24 22:45 - 11223552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-10-09 23:25 - 2013-09-24 21:51 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-10-09 23:25 - 2013-09-24 21:45 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-10-09 23:25 - 2013-09-24 01:48 - 23213568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-10-09 23:25 - 2013-09-24 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-10-09 23:25 - 2013-09-23 23:45 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-10-09 23:25 - 2013-09-23 23:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-10-09 23:25 - 2013-09-23 23:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-10-09 23:25 - 2013-09-23 23:21 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-10-09 23:25 - 2013-09-23 22:56 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-10-09 23:25 - 2013-09-23 22:07 - 12997632 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-10-09 23:25 - 2013-09-23 21:33 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-10-09 23:25 - 2013-09-23 21:04 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-10-09 15:18 - 2013-09-13 18:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2013-10-09 15:18 - 2013-09-07 19:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2013-10-09 15:18 - 2013-09-07 19:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2013-10-09 15:18 - 2013-09-07 19:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2013-10-09 15:18 - 2013-08-28 19:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2013-10-09 15:18 - 2013-08-28 19:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2013-10-09 15:18 - 2013-08-28 19:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2013-10-09 15:18 - 2013-08-28 19:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2013-10-09 15:18 - 2013-08-28 19:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2013-10-09 15:18 - 2013-08-28 18:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-10-09 15:18 - 2013-08-28 18:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-10-09 15:18 - 2013-08-28 18:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2013-10-09 15:18 - 2013-08-28 18:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2013-10-09 15:18 - 2013-08-28 18:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2013-10-09 15:18 - 2013-08-27 18:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2013-10-09 15:18 - 2013-07-12 03:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2013-10-09 15:18 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2013-10-09 15:18 - 2013-07-04 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2013-10-09 15:18 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2013-10-09 15:18 - 2013-07-04 05:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2013-10-09 15:18 - 2013-07-04 04:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2013-10-09 15:18 - 2013-07-04 04:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2013-10-09 15:18 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2013-10-09 15:18 - 2013-07-04 03:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2013-10-09 15:18 - 2013-07-02 21:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys

2013-10-09 15:18 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2013-10-09 15:18 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2013-10-09 15:18 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2013-10-09 15:18 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2013-10-09 15:18 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2013-10-09 15:18 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2013-10-09 15:18 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2013-10-09 15:18 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2013-10-09 15:18 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2013-10-09 15:18 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2013-10-09 15:18 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2013-10-09 15:18 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2013-10-09 15:18 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2013-10-09 15:17 - 2013-08-28 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2013-10-09 15:17 - 2013-08-28 17:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2013-10-09 15:17 - 2013-08-28 17:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2013-10-09 15:17 - 2013-08-28 17:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2013-10-09 15:17 - 2013-08-28 17:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2013-10-09 15:17 - 2013-08-01 05:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2013-10-09 15:17 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 15:17 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 15:16 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2013-10-09 07:02 - 2013-10-09 07:02 - 00000000 ____D C:\Program Files (x86)\McAfee.com

2013-10-09 07:02 - 2012-04-20 16:40 - 00196440 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

2013-10-09 07:01 - 2013-10-09 07:02 - 00000000 ____D C:\Program Files\McAfee

2013-10-09 07:01 - 2013-10-09 07:02 - 00000000 ____D C:\Program Files\Common Files\McAfee

2013-10-09 07:01 - 2013-10-09 07:01 - 00000000 ____D C:\Program Files\McAfee.com

2013-10-09 07:01 - 2013-02-19 13:59 - 00070112 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\cfwids.sys

2013-10-09 07:01 - 2013-02-19 13:55 - 00106552 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mferkdet.sys

2013-10-09 07:01 - 2013-02-19 13:55 - 00010728 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeclnk.sys

2013-10-09 07:01 - 2013-02-19 13:53 - 00515968 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfefirek.sys

2013-10-09 07:01 - 2013-02-19 13:53 - 00309840 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfeavfk.sys

2013-10-09 06:57 - 2013-02-19 13:56 - 00182752 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe

2013-10-08 20:22 - 2013-08-22 14:04 - 00028352 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2013-10-08 20:19 - 2013-10-08 20:19 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-10-08 20:19 - 2013-10-08 20:19 - 01926144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-10-08 20:19 - 2013-10-08 20:19 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-10-08 20:19 - 2013-10-08 20:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-10-08 20:19 - 2013-10-08 20:19 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-10-08 20:19 - 2013-10-08 20:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-10-08 20:19 - 2013-10-08 20:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00263360 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00238784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-10-08 20:19 - 2013-10-08 20:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-10-08 20:19 - 2013-10-08 20:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-10-08 18:06 - 2013-10-08 18:05 - 44335120 _____ (Microsoft Corporation) C:\Users\JOANS\Desktop\IE10-Windows6.1-x64-en-us.exe

2013-10-08 12:07 - 2013-10-08 12:06 - 00659968 _____ C:\Users\JOANS\Desktop\MicrosoftFixit50195.msi

2013-10-06 08:25 - 2013-10-12 06:51 - 00000000 ____D C:\Qoobox

2013-10-06 08:25 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe

2013-10-06 08:25 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe

2013-10-06 08:25 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe

2013-10-06 08:25 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe

2013-10-06 07:54 - 2013-10-06 08:04 - 00000000 ____D C:\ProgramData\DivX

2013-10-06 07:54 - 2013-10-06 08:04 - 00000000 ____D C:\Program Files\DivX

2013-10-06 07:54 - 2013-10-06 08:04 - 00000000 ____D C:\Program Files (x86)\DSP-worx

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Windows\SysWOW64\searchplugins

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Windows\SysWOW64\Extensions

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\LavFilters

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\CDXReader

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-10-06 07:19 - 2013-10-06 07:55 - 00003232 _____ C:\Windows\System32\Tasks\DigitalSite

2013-10-05 13:04 - 2013-10-05 13:04 - 00000000 ____D C:\FRST

2013-10-05 08:35 - 2013-10-05 08:35 - 00000000 ____D C:\Program Files (x86)\ESET

2013-10-05 08:26 - 2013-10-08 20:10 - 00000000 ____D C:\AdwCleaner

2013-10-05 07:42 - 2013-10-05 07:42 - 00000000 ____D C:\Windows\ERUNT

2013-10-05 06:00 - 2013-10-05 07:08 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-04 16:58 - 2013-10-06 08:45 - 00000000 ____D C:\Windows\ERDNT

2013-10-04 16:57 - 2013-10-04 16:57 - 00000000 ____D C:\Program Files (x86)\ERUNT

2013-10-04 16:38 - 2013-10-14 20:31 - 00000000 ____D C:\Users\JOANS\Desktop\Malwarebites

2013-10-04 15:23 - 2013-10-04 15:23 - 00001790 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-10-04 15:22 - 2013-10-04 15:23 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-04 13:22 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2013-10-04 13:22 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2013-10-04 13:22 - 2013-08-01 19:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2013-10-04 13:22 - 2013-08-01 19:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2013-10-04 13:22 - 2013-08-01 18:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2013-10-04 13:22 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2013-10-04 13:22 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2013-10-04 13:22 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2013-10-04 13:22 - 2013-07-25 19:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2013-10-04 13:22 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2013-10-04 13:22 - 2013-07-25 18:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2013-10-04 13:22 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2013-10-04 10:12 - 2013-10-04 10:12 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Nero

2013-10-03 08:31 - 2013-10-03 08:31 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Malwarebytes

2013-10-03 08:25 - 2013-10-03 08:25 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-09-30 12:11 - 2013-10-04 08:15 - 00000000 ___RD C:\Users\JOANS\Dropbox

2013-09-30 12:02 - 2013-10-04 12:26 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2013-09-30 12:02 - 2013-10-04 08:15 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Dropbox

2013-09-15 07:28 - 2013-09-15 07:28 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Windows Live Writer

2013-09-15 07:28 - 2013-09-15 07:28 - 00000000 ____D C:\Users\JOANS\AppData\Local\Windows Live Writer

 

==================== One Month Modified Files and Folders =======

 

2013-10-14 20:31 - 2013-10-04 16:38 - 00000000 ____D C:\Users\JOANS\Desktop\Malwarebites

2013-10-14 20:02 - 2009-07-13 21:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-10-14 20:02 - 2009-07-13 21:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-10-14 19:59 - 2013-03-18 14:40 - 00000000 ___RD C:\Users\JOANS\Google Drive

2013-10-14 19:58 - 2012-12-06 07:24 - 00000000 ___RD C:\Users\JOANS\SkyDrive

2013-10-14 19:58 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF

2013-10-14 19:53 - 2013-10-12 17:51 - 00000448 _____ C:\Windows\setupact.log

2013-10-14 19:53 - 2012-11-04 07:43 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-10-14 19:53 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-10-14 19:52 - 2012-06-02 12:49 - 01136633 _____ C:\Windows\WindowsUpdate.log

2013-10-14 19:48 - 2012-03-19 00:12 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-10-14 19:34 - 2012-11-04 07:43 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-10-14 19:28 - 2012-12-06 07:19 - 00000000 ____D C:\Users\JOANS\AppData\Local\Windows Live

2013-10-14 18:38 - 2013-10-14 18:38 - 00003544 ____N C:\bootsqm.dat

2013-10-14 15:51 - 2009-07-13 22:08 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2013-10-13 06:55 - 2013-10-13 06:55 - 00001140 _____ C:\Users\Public\Desktop\Opera.lnk

2013-10-13 06:55 - 2013-10-13 06:55 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Opera Software

2013-10-13 06:55 - 2013-10-13 06:55 - 00000000 ____D C:\Users\JOANS\AppData\Local\Opera Software

2013-10-13 06:55 - 2013-10-13 06:55 - 00000000 ____D C:\Program Files (x86)\Opera

2013-10-13 06:17 - 2013-10-13 06:16 - 00000000 ___HD C:\Windows\AxInstSV

2013-10-12 17:51 - 2013-10-12 17:51 - 00000000 _____ C:\Windows\setuperr.log

2013-10-12 17:44 - 2007-07-11 18:49 - 00000000 ____D C:\Windows\Panther

2013-10-12 17:14 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache

2013-10-12 06:51 - 2013-10-06 08:25 - 00000000 ____D C:\Qoobox

2013-10-12 06:50 - 2013-10-12 06:50 - 00034643 _____ C:\ComboFix.txt

2013-10-12 06:32 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini

2013-10-11 05:45 - 2009-07-13 22:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI

2013-10-10 15:22 - 2013-08-16 05:41 - 00003362 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2183701590-1873992799-1918826727-1000

2013-10-10 15:22 - 2013-08-16 05:41 - 00003228 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2183701590-1873992799-1918826727-1000

2013-10-10 07:58 - 2013-08-05 06:50 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2183701590-1873992799-1918826727-1000

2013-10-10 07:58 - 2013-08-05 06:50 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2183701590-1873992799-1918826727-1000

2013-10-10 05:55 - 2012-11-02 13:46 - 00000000 ___RD C:\Users\JOANS\Desktop\Anti Virus

2013-10-10 05:52 - 2009-07-13 21:45 - 00327032 _____ C:\Windows\system32\FNTCACHE.DAT

2013-10-09 23:42 - 2009-07-13 19:34 - 00000686 _____ C:\Windows\win.ini

2013-10-09 23:39 - 2012-11-19 09:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2013-10-09 23:39 - 2012-11-19 09:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2013-10-09 14:49 - 2012-11-02 13:04 - 00000000 ____D C:\ProgramData\McAfee

2013-10-09 14:42 - 2012-11-02 13:39 - 00000000 ____D C:\Program Files (x86)\McAfee

2013-10-09 07:48 - 2012-03-19 00:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-10-09 07:48 - 2012-03-19 00:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-10-09 07:48 - 2012-03-19 00:12 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2013-10-09 07:02 - 2013-10-09 07:02 - 00000000 ____D C:\Program Files (x86)\McAfee.com

2013-10-09 07:02 - 2013-10-09 07:01 - 00000000 ____D C:\Program Files\McAfee

2013-10-09 07:02 - 2013-10-09 07:01 - 00000000 ____D C:\Program Files\Common Files\McAfee

2013-10-09 07:01 - 2013-10-09 07:01 - 00000000 ____D C:\Program Files\McAfee.com

2013-10-08 20:26 - 2012-11-02 11:55 - 00001424 _____ C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-10-08 20:23 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-10-08 20:19 - 2013-10-08 20:19 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-10-08 20:19 - 2013-10-08 20:19 - 01926144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-10-08 20:19 - 2013-10-08 20:19 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-10-08 20:19 - 2013-10-08 20:19 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-10-08 20:19 - 2013-10-08 20:19 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-10-08 20:19 - 2013-10-08 20:19 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-10-08 20:19 - 2013-10-08 20:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00263360 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00238784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-10-08 20:19 - 2013-10-08 20:19 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-10-08 20:19 - 2013-10-08 20:19 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-10-08 20:19 - 2013-10-08 20:19 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-10-08 20:19 - 2013-10-08 20:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-10-08 20:10 - 2013-10-05 08:26 - 00000000 ____D C:\AdwCleaner

2013-10-08 18:05 - 2013-10-08 18:06 - 44335120 _____ (Microsoft Corporation) C:\Users\JOANS\Desktop\IE10-Windows6.1-x64-en-us.exe

2013-10-08 12:06 - 2013-10-08 12:07 - 00659968 _____ C:\Users\JOANS\Desktop\MicrosoftFixit50195.msi

2013-10-08 09:06 - 2012-11-04 07:43 - 00000000 ____D C:\Users\JOANS\AppData\Local\Google

2013-10-06 21:47 - 2013-04-02 06:47 - 00000000 ____D C:\ProgramData\Package Cache

2013-10-06 21:46 - 2013-04-02 06:48 - 00000000 ____D C:\ProgramData\Garmin

2013-10-06 21:46 - 2013-04-02 06:48 - 00000000 ____D C:\Program Files (x86)\Garmin

2013-10-06 08:46 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Default

2013-10-06 08:45 - 2013-10-04 16:58 - 00000000 ____D C:\Windows\ERDNT

2013-10-06 08:39 - 2009-07-13 19:34 - 72613888 _____ C:\Windows\system32\config\SOFTWARE.bak

2013-10-06 08:39 - 2009-07-13 19:34 - 23330816 _____ C:\Windows\system32\config\SYSTEM.bak

2013-10-06 08:39 - 2009-07-13 19:34 - 00786432 _____ C:\Windows\system32\config\DEFAULT.bak

2013-10-06 08:39 - 2009-07-13 19:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak

2013-10-06 08:39 - 2009-07-13 19:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak

2013-10-06 08:07 - 2012-11-02 11:53 - 00067984 _____ C:\Users\JOANS\AppData\Local\GDIPFONTCACHEV1.DAT

2013-10-06 08:04 - 2013-10-06 07:54 - 00000000 ____D C:\ProgramData\DivX

2013-10-06 08:04 - 2013-10-06 07:54 - 00000000 ____D C:\Program Files\DivX

2013-10-06 08:04 - 2013-10-06 07:54 - 00000000 ____D C:\Program Files (x86)\DSP-worx

2013-10-06 07:55 - 2013-10-06 07:19 - 00003232 _____ C:\Windows\System32\Tasks\DigitalSite

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Windows\SysWOW64\searchplugins

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Windows\SysWOW64\Extensions

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\LavFilters

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\CDXReader

2013-10-06 07:54 - 2013-10-06 07:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-10-06 06:43 - 2012-11-28 06:54 - 00000000 ___RD C:\Users\JOANS\Desktop\Extras

2013-10-05 13:04 - 2013-10-05 13:04 - 00000000 ____D C:\FRST

2013-10-05 08:35 - 2013-10-05 08:35 - 00000000 ____D C:\Program Files (x86)\ESET

2013-10-05 07:42 - 2013-10-05 07:42 - 00000000 ____D C:\Windows\ERUNT

2013-10-05 07:08 - 2013-10-05 06:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2013-10-05 05:45 - 2012-11-28 04:40 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\U3

2013-10-04 17:51 - 2012-11-02 11:55 - 00000000 ___RD C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-10-04 17:51 - 2012-11-02 11:55 - 00000000 ___RD C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2013-10-04 17:41 - 2013-08-14 08:13 - 00000000 ____D C:\Windows\system32\MRT

2013-10-04 17:30 - 2012-11-23 07:59 - 00000000 ___RD C:\Users\JOANS\Desktop\Data 02.14.13

2013-10-04 16:57 - 2013-10-04 16:57 - 00000000 ____D C:\Program Files (x86)\ERUNT

2013-10-04 16:47 - 2013-05-13 20:04 - 00037376 ___SH C:\Users\JOANS\Thumbs.db

2013-10-04 15:36 - 2012-12-11 20:19 - 00000000 ____D C:\Users\JOANS\AppData\Local\Apple Computer

2013-10-04 15:23 - 2013-10-04 15:23 - 00001790 _____ C:\Users\Public\Desktop\iTunes.lnk

2013-10-04 15:23 - 2013-10-04 15:22 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-04 15:23 - 2013-09-01 08:56 - 00000000 ____D C:\Program Files\iTunes

2013-10-04 15:23 - 2013-09-01 08:56 - 00000000 ____D C:\Program Files (x86)\iTunes

2013-10-04 15:22 - 2013-09-01 08:56 - 00000000 ____D C:\Program Files\iPod

2013-10-04 12:53 - 2012-11-02 11:52 - 00000000 ____D C:\Users\JOANS

2013-10-04 12:51 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\Offline Web Pages

2013-10-04 12:51 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2013-10-04 12:51 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Cursors

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\TAPI

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sppui

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Setup

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Recovery

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\ras

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\oobe

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\icsxml

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Dism

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\com

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sppui

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Setup

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\ras

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\oobe

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Msdtc

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\migwiz

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\manifeststore

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\icsxml

2013-10-04 12:44 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\ias

2013-10-04 12:43 - 2010-11-21 00:17 - 00000000 ____D C:\Program Files\Windows Journal

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\addins

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Sidebar

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Portable Devices

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar

2013-10-04 12:43 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Public\Libraries

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\zh-HK

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\uk-UA

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\tr-TR

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\th-TH

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sysprep

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sr-Latn-CS

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sl-SI

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\sk-SK

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\ro-RO

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\lv-LV

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\lt-LT

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\hr-HR

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\he-IL

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\et-EE

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Dism

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\com

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\System

2013-10-04 12:43 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Services

2013-10-04 12:42 - 2011-02-11 20:12 - 00000000 ____D C:\Windows\DeployWinRE2

2013-10-04 12:42 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2013-10-04 12:42 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2013-10-04 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\bg-BG

2013-10-04 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\ar-SA

2013-10-04 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\L2Schemas

2013-10-04 12:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\IME

2013-10-04 12:36 - 2013-02-21 20:46 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform

2013-10-04 12:36 - 2012-12-11 20:15 - 00000000 ____D C:\Windows\System32\Tasks\Apple

2013-10-04 12:36 - 2012-12-07 07:05 - 00000000 ____D C:\Windows\SysWOW64\C2MP

2013-10-04 12:36 - 2012-06-02 12:53 - 00000000 ____D C:\Windows\SysWOW64\RTCOM

2013-10-04 12:36 - 2012-03-19 00:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2013-10-04 12:36 - 2012-03-19 00:12 - 00000000 ____D C:\Windows\system32\Macromed

2013-10-04 12:36 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\restore

2013-10-04 12:36 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

2013-10-04 12:36 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\SysWOW64\Speech

2013-10-04 12:36 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\spp

2013-10-04 12:34 - 2012-12-06 07:39 - 00000000 ____D C:\Windows\fr

2013-10-04 12:34 - 2012-03-19 00:00 - 00000000 ____D C:\Windows\oem

2013-10-04 12:34 - 2010-11-21 00:16 - 00000000 ____D C:\Windows\ShellNew

2013-10-04 12:34 - 2009-07-13 21:45 - 00000000 ____D C:\Windows\Setup

2013-10-04 12:33 - 2013-05-16 17:40 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake

2013-10-04 12:33 - 2013-03-01 07:02 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\WildBit Viewer

2013-10-04 12:33 - 2013-02-10 06:54 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\IrfanView

2013-10-04 12:33 - 2012-12-29 09:39 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\MediaPlayerCodecPackPackages

2013-10-04 12:33 - 2012-12-06 07:41 - 00000000 ____D C:\Windows\en

2013-10-04 12:33 - 2012-12-06 07:39 - 00000000 ____D C:\Windows\es

2013-10-04 12:33 - 2012-11-28 21:36 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\SNS

2013-10-04 12:33 - 2012-11-05 15:46 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\clear.fiMVPSDK20

2013-10-04 12:33 - 2012-11-02 20:36 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\WildTangent

2013-10-04 12:33 - 2012-11-02 13:44 - 00000000 ___RD C:\Users\JOANS\Desktop\Joan's Games

2013-10-04 12:33 - 2012-11-02 12:43 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\MSN6

2013-10-04 12:33 - 2012-11-02 11:52 - 00000000 ___RD C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2013-10-04 12:33 - 2012-11-02 11:52 - 00000000 ___RD C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2013-10-04 12:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Branding

2013-10-04 12:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat

2013-10-04 12:32 - 2013-08-17 06:24 - 00000000 ____D C:\ProgramData\MSNDynFiles

2013-10-04 12:32 - 2012-12-02 07:06 - 00000000 ____D C:\ProgramData\Real

2013-10-04 12:32 - 2012-11-03 12:20 - 00000000 ____D C:\Users\JOANS\AppData\Local\clear.fi

2013-10-04 12:32 - 2012-06-02 13:08 - 00000000 ____D C:\ProgramData\CyberLink

2013-10-04 12:32 - 2012-03-18 23:28 - 00000000 ____D C:\ProgramData\WildTangent

2013-10-04 12:31 - 2013-09-07 18:13 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center

2013-10-04 12:31 - 2013-07-19 07:21 - 00000000 ____D C:\Program Files (x86)\RealNetworks

2013-10-04 12:31 - 2013-05-29 06:15 - 00000000 ____D C:\Program Files (x86)\QuickTime

2013-10-04 12:31 - 2013-05-16 17:40 - 00000000 ____D C:\Program Files\WinPcap

2013-10-04 12:31 - 2013-04-15 07:39 - 00000000 ____D C:\Program Files\DIFX

2013-10-04 12:31 - 2013-03-26 15:33 - 00000000 ____D C:\Program Files\CCleaner

2013-10-04 12:31 - 2013-03-01 07:01 - 00000000 ____D C:\Program Files (x86)\WildBit Viewer

2013-10-04 12:31 - 2013-02-25 18:19 - 00000000 ____D C:\Program Files\GIMP 2

2013-10-04 12:31 - 2013-02-10 06:54 - 00000000 ____D C:\Program Files (x86)\IrfanView

2013-10-04 12:31 - 2012-12-11 20:14 - 00000000 ____D C:\Program Files\Bonjour

2013-10-04 12:31 - 2012-12-06 07:30 - 00000000 ____D C:\Program Files\Windows Live

2013-10-04 12:31 - 2012-12-06 07:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SkyDrive

2013-10-04 12:31 - 2012-12-02 07:08 - 00000000 ____D C:\Program Files (x86)\Real

2013-10-04 12:31 - 2012-11-18 15:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Works

2013-10-04 12:31 - 2012-11-18 15:54 - 00000000 ____D C:\Program Files (x86)\Microsoft ActiveSync

2013-10-04 12:31 - 2012-11-03 11:55 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-10-04 12:31 - 2012-11-02 14:47 - 00000000 ____D C:\Program Files (x86)\PopCap Games

2013-10-04 12:31 - 2012-11-02 12:35 - 00000000 ____D C:\Program Files (x86)\MSN

2013-10-04 12:31 - 2012-06-02 13:11 - 00000000 ____D C:\Program Files (x86)\Video Web Camera

2013-10-04 12:31 - 2012-06-02 13:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2013-10-04 12:31 - 2012-06-02 13:05 - 00000000 ____D C:\Program Files (x86)\Social Networks

2013-10-04 12:31 - 2012-06-02 13:01 - 00000000 ____D C:\Program Files\Synaptics

2013-10-04 12:31 - 2012-06-02 12:57 - 00000000 ____D C:\Program Files (x86)\Launch Manager

2013-10-04 12:31 - 2012-03-19 00:13 - 00000000 ____D C:\Program Files (x86)\SymSilent

2013-10-04 12:31 - 2012-03-19 00:03 - 00000000 ____D C:\Program Files (x86)\Windows Live

2013-10-04 12:31 - 2012-03-18 23:23 - 00000000 ____D C:\Program Files\Broadcom

2013-10-04 12:31 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Windows NT

2013-10-04 12:31 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-10-04 12:30 - 2013-05-16 17:40 - 00000000 ____D C:\Program Files (x86)\Freemake

2013-10-04 12:30 - 2013-05-15 22:18 - 00000000 ____D C:\b8f07dacb6bf616481

2013-10-04 12:30 - 2013-03-29 05:48 - 00000000 ____D C:\Program Files (x86)\Folder Hidden

2013-10-04 12:30 - 2013-02-28 17:07 - 00000000 ____D C:\hotfix

2013-10-04 12:30 - 2013-02-16 18:19 - 00000000 ____D C:\Program Files (x86)\AUPEO!

2013-10-04 12:30 - 2013-01-09 17:22 - 00000000 ____D C:\Program Files (x86)\GIMP 2

2013-10-04 12:30 - 2012-12-11 20:14 - 00000000 ____D C:\Program Files (x86)\Bonjour

2013-10-04 12:30 - 2012-12-11 20:14 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

2013-10-04 12:30 - 2012-06-02 13:00 - 00000000 ____D C:\Program Files (x86)\Atheros

2013-10-04 12:30 - 2012-03-19 00:00 - 00000000 ____D C:\OEM

2013-10-04 12:30 - 2012-03-18 23:28 - 00000000 ____D C:\Program Files (x86)\Gateway Games

2013-10-04 12:26 - 2013-09-30 12:02 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2013-10-04 12:17 - 2012-12-15 08:42 - 00000000 _RSHD C:\Winmend~Folder~Hidden

2013-10-04 12:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration

2013-10-04 10:32 - 2012-11-04 07:43 - 00000000 ____D C:\Program Files (x86)\Google

2013-10-04 10:12 - 2013-10-04 10:12 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Nero

2013-10-04 08:15 - 2013-09-30 12:11 - 00000000 ___RD C:\Users\JOANS\Dropbox

2013-10-04 08:15 - 2013-09-30 12:02 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Dropbox

2013-10-03 08:31 - 2013-10-03 08:31 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Malwarebytes

2013-10-03 08:25 - 2013-10-03 08:25 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-10-02 16:56 - 2012-11-30 08:02 - 00568320 ___SH C:\Users\JOANS\Documents\Thumbs.db

2013-09-29 06:45 - 2012-12-11 20:15 - 00000000 ____D C:\Users\JOANS\AppData\Local\Apple

2013-09-26 01:46 - 2012-11-03 08:46 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-09-25 01:22 - 2013-10-09 23:25 - 17142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-09-25 00:10 - 2013-10-09 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-09-24 23:36 - 2013-10-09 23:25 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-09-24 23:35 - 2013-10-09 23:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-09-24 23:30 - 2013-10-09 23:25 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-09-24 23:29 - 2013-10-09 23:25 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-09-24 23:26 - 2013-10-09 23:25 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-09-24 22:45 - 2013-10-09 23:25 - 11223552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-09-24 21:51 - 2013-10-09 23:25 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-09-24 21:45 - 2013-10-09 23:25 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-09-24 01:48 - 2013-10-09 23:25 - 23213568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-09-24 00:11 - 2013-10-09 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-09-23 23:45 - 2013-10-09 23:25 - 02763776 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-09-23 23:31 - 2013-10-09 23:25 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-09-23 23:25 - 2013-10-09 23:25 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-09-23 23:21 - 2013-10-09 23:25 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-09-23 22:56 - 2013-10-09 23:25 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-09-23 22:07 - 2013-10-09 23:25 - 12997632 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-09-23 21:33 - 2013-10-09 23:25 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-09-23 21:04 - 2013-10-09 23:25 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-09-16 17:15 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\FxsTmp

2013-09-16 06:18 - 2013-03-18 15:54 - 00023552 _____ C:\Users\JOANS\Desktop\POL LINKS.xls

2013-09-15 07:28 - 2013-09-15 07:28 - 00000000 ____D C:\Users\JOANS\AppData\Roaming\Windows Live Writer

2013-09-15 07:28 - 2013-09-15 07:28 - 00000000 ____D C:\Users\JOANS\AppData\Local\Windows Live Writer

 

Files to move or delete:

====================

C:\Users\JOANS\msndata.dat

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-10-12 17:02

 

==================== End Of Log ============================

[jharpj]

No addition.txt file is found.

Jharpj

[AdvancedSetup]

There is some kind of error accessing the Google Chrome settings. If you've tried resetting the browser per my previous steps then you probably need to look at uninstalling Chrome.
Fire try to backup your bookmarks if using Chrome and then uninstall it and tell it to remove everything.

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

The log also shows that you either did not run the reset tool from Microsoft or it failed as it did not reset the browser.



Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

[jharpj]

Your instructions regarding Chrome:

Over previous months I have had problems with chrome and removed it prior to involving Malwarebytes in my problems. Chrome does not appear in the "control panel/remove a program" window but a search did come up with these two files:

chrome 26.1410.50

chrome 25.1364.124

Should I delete them?

 

Your instructions regarding preferences.

I don't know how to do this> "Please check "preferences" file for possible corruption."

 

Your instructions regarding the "reset tool".

I have ran the reset tool several times over the last week.

 

Your instructions regarding "Please download the attached fixlist.txt file and save it to the Desktop."

You failed to provide a link for downloading fixlist. Also - you said "fixlist.txt", did you mean to say fixlist.exe?

 

I'll need clarification regarding fixlist before I can proceed.

 

Jharpj

[AdvancedSetup]

We'll use another tool to help us clear out the Chrome a little later on.  Don't delete any Chrome files just yet.

 

The "Please check preferences" was not a request - that was just a copy/paste of an entry in the log you posted (nothing for you do do on that)

 

Okay on running the reset but the logs seem to indicate it was  not run so I assume it failed and did not run for some reason

 

The fixlist.txt file is attached as shown in the image below.  Are you not seeing the attached file yourself?

 

 

 

[jharpj]

Okay, going into the malwarebytes website I do see it but it wants to save it as - Name: post-2065-0-94828300-1381879101 and as a PNG image.

Somehow that doesn't seem right. I mean an image isn't an executable file.

??????????

Jharpj

[AdvancedSetup]

No, you need to go back up to post #46 and download the file.  I simply attached an image to show you that it is there in my browser.