Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with MAL/ZAccConf-A and Sophos says it must be removed manually


  • Please log in to reply
9 replies to this topic

#1 rw1984

rw1984

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 29 September 2013 - 05:30 PM

Hello,

 

My computer is infected with the MAL/ZAccConf-A and Sophos says it must be removed manually.

 

I've followed other posts and run the Farbar Recovery Scan Tool and saved it to my desktop.

 

Then I've performed a scan and posted the results from the (FRST.txt) file and attached the (Addition.txt) file.

 

Please help me if possible.  Thanks is advance for your time.

 

Thanks

Russ

 

Output of FRST.txt file:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
Ran by Russ (administrator) on DESKTOP-W7-JW on 28-09-2013 19:00:31
Running from C:\Users\Russ\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Sunbelt Software) C:\Program Files (x86)\Sunbelt Software\SBEAgent\SBPIMSvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
() C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_175_ActiveX.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavMain.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-22] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-22] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-09-27] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-05-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] - C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] - C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] - C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-09-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SBAMTray] - C:\Program Files (x86)\Sunbelt Software\SBEAgent\SBAMTray.exe [1332560 2010-09-23] (Sunbelt Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-27] (Microsoft Corp.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [929272 2013-09-15] (Sophos Limited)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL [217672 2013-09-12] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL [275352 2013-09-12] (Sophos Limited)
Startup: C:\Users\glenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9MSE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} -  No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -  No File
Handler-x32: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 8.0\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [89592] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [134136] (Sophos Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

Chrome:
=======

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Russ\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Russ\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Russ\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Russ\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [271760 2009-04-15] ()
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [289064 2013-09-12] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [206328 2013-07-10] (Sophos Limited)
S2 SBAMSvc; C:\Program Files (x86)\Sunbelt Software\SBEAgent\SBAMSvc.exe [2763080 2010-09-23] (Sunbelt Software)
R2 SBPIMSvc; C:\Program Files (x86)\Sunbelt Software\SBEAgent\SBPIMSvc.exe [181584 2010-09-23] (Sunbelt Software)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [237048 2013-09-15] (Sophos Limited)
R3 Sophos Device Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe [655144 2013-09-12] (Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [328696 2013-09-15] (Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [809976 2013-09-15] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [357400 2013-07-10] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3109880 2013-07-10] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2012152 2013-07-10] (Sophos Limited)
R2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe [167936 2008-06-26] ()

==================== Drivers (Whitelisted) ====================

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2013-09-12] (Sophos Limited)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [64600 2010-06-14] (Sunbelt Software)
S1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [49752 2010-03-22] (Sunbelt Software)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [94296 2010-07-27] (Sunbelt Software, Inc.)
R3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2013-09-12] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2013-09-12] (Sophos Limited)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-28 19:00 - 2013-09-28 19:00 - 00000000 ____D C:\FRST
2013-09-28 18:54 - 2013-09-28 18:54 - 01953880 _____ (Farbar) C:\Users\Russ\Desktop\FRST64.exe
2013-09-15 21:21 - 2013-09-15 21:21 - 00000000 ____D C:\Users\Russ\AppData\Local\Sophos
2013-09-15 21:19 - 2013-09-12 09:17 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll
2013-09-15 21:19 - 2013-09-12 09:17 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
2013-09-15 21:19 - 2013-09-12 09:17 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys
2013-09-15 21:19 - 2013-09-12 09:17 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe
2013-09-15 21:19 - 2013-09-12 09:17 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys
2013-09-15 21:05 - 2013-09-15 21:20 - 00000000 ____D C:\ProgramData\Sophos
2013-09-15 21:05 - 2013-09-15 21:19 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-09-14 03:10 - 2013-08-09 22:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-14 03:10 - 2013-08-09 22:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-14 03:10 - 2013-08-09 22:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-14 03:10 - 2013-08-09 22:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-14 03:10 - 2013-08-09 22:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-14 03:10 - 2013-08-09 22:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-14 03:10 - 2013-08-09 22:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-14 03:10 - 2013-08-09 22:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-14 03:10 - 2013-08-09 22:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-14 03:10 - 2013-08-09 22:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-14 03:10 - 2013-08-09 22:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-14 03:10 - 2013-08-09 22:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-14 03:10 - 2013-08-09 22:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-14 03:10 - 2013-08-09 22:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-14 03:10 - 2013-08-09 20:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-14 03:10 - 2013-08-09 20:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-14 03:10 - 2013-08-09 20:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-14 03:10 - 2013-08-09 20:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-14 03:10 - 2013-08-09 20:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-14 03:10 - 2013-08-09 19:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-14 03:10 - 2013-08-09 19:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 07:40 - 2013-08-07 18:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 07:40 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 07:40 - 2013-08-01 19:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 07:40 - 2013-08-01 19:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 07:40 - 2013-08-01 19:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 07:40 - 2013-08-01 19:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 07:40 - 2013-08-01 19:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 07:40 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 07:40 - 2013-08-01 19:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 07:40 - 2013-08-01 19:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 07:40 - 2013-08-01 19:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 07:40 - 2013-08-01 18:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 07:40 - 2013-08-01 18:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 07:40 - 2013-08-01 18:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 07:40 - 2013-08-01 18:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 07:40 - 2013-08-01 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 07:40 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 07:40 - 2013-08-01 17:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 07:40 - 2013-08-01 17:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 07:40 - 2013-08-01 17:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 07:40 - 2013-08-01 17:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 07:40 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 07:40 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 07:40 - 2013-07-25 19:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 07:40 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 07:40 - 2013-07-25 18:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 07:40 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-07 06:35 - 2013-09-28 19:00 - 00000318 ____H C:\Windows\Tasks\{C02A094C-A8A7-4A22-B0B3-B8F480BE9B58}.job
2013-09-07 06:35 - 2013-09-15 22:34 - 00000000 ____D C:\Users\Jen\AppData\Local\2433eade-a2cc-4fd7-9733-081105f4b185ad
2013-09-07 06:34 - 2013-09-07 06:34 - 00000000 ____D C:\Users\Jen\AppData\Local\Google
2013-09-07 06:34 - 2013-09-07 06:34 - 00000000 _____ C:\Users\Jen\jqs.exe
2013-09-07 06:34 - 2013-09-07 06:34 - 00000000 _____ C:\Users\Jen\acrobatreader.exe
2013-09-06 21:39 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 2958495932.job
2013-09-06 21:39 - 2013-09-06 21:39 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 2958495932
2013-09-06 21:39 - 2013-09-06 21:39 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Caathit
2013-09-06 21:38 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 4267155770.job
2013-09-06 21:38 - 2013-09-06 21:38 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 4267155770
2013-09-06 21:38 - 2013-09-06 21:38 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Veuguhiz
2013-09-06 21:37 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 1636518791.job
2013-09-06 21:37 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 461378757.job
2013-09-06 21:37 - 2013-09-06 21:37 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 1636518791
2013-09-06 21:37 - 2013-09-06 21:37 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 461378757
2013-09-06 21:37 - 2013-09-06 21:37 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yxysybu
2013-09-06 21:37 - 2013-09-06 21:37 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Reybaf
2013-09-06 21:36 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 756139940.job
2013-09-06 21:36 - 2013-09-06 21:36 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 756139940
2013-09-06 21:36 - 2013-09-06 21:36 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nyapvoa
2013-09-06 21:35 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2306003538.job
2013-09-06 21:35 - 2013-09-28 19:00 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 2097853385.job
2013-09-06 21:35 - 2013-09-06 21:35 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2306003538
2013-09-06 21:35 - 2013-09-06 21:35 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 2097853385
2013-09-06 21:35 - 2013-09-06 21:35 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ybysov
2013-09-06 21:35 - 2013-09-06 21:35 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Naizedax
2013-09-06 21:34 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2056631449.job
2013-09-06 21:34 - 2013-09-06 21:34 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2056631449
2013-09-06 21:34 - 2013-09-06 21:34 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Pozisar
2013-09-06 21:33 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 3663684449.job
2013-09-06 21:33 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 4167153802.job
2013-09-06 21:33 - 2013-09-06 21:33 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 3663684449
2013-09-06 21:33 - 2013-09-06 21:33 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 4167153802
2013-09-06 21:33 - 2013-09-06 21:33 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yneruhi
2013-09-06 21:33 - 2013-09-06 21:33 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ipudqyek
2013-09-06 21:32 - 2013-09-28 19:00 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 1850238962.job
2013-09-06 21:32 - 2013-09-06 21:32 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 957562367
2013-09-06 21:32 - 2013-09-06 21:32 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 1850238962
2013-09-06 21:32 - 2013-09-06 21:32 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Puaqar
2013-09-06 21:31 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 2068755457.job
2013-09-06 21:31 - 2013-09-28 19:00 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 957562367.job
2013-09-06 21:31 - 2013-09-06 21:31 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 2068755457
2013-09-06 21:31 - 2013-09-06 21:31 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Attoez
2013-09-06 21:31 - 2013-09-06 21:31 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Absusiv
2013-09-06 21:30 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2420476744.job
2013-09-06 21:30 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2175736147.job
2013-09-06 21:30 - 2013-09-06 21:30 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2420476744
2013-09-06 21:30 - 2013-09-06 21:30 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2175736147
2013-09-06 21:30 - 2013-09-06 21:30 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Sihiexes
2013-09-06 21:30 - 2013-09-06 21:30 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Obmoilo
2013-09-06 21:29 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 1326802327.job
2013-09-06 21:29 - 2013-09-06 21:29 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 1326802327
2013-09-06 21:29 - 2013-09-06 21:29 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yzyviz
2013-09-06 21:28 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 2327601636.job
2013-09-06 21:28 - 2013-09-06 21:28 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 2327601636
2013-09-06 21:28 - 2013-09-06 21:28 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ariropac
2013-09-06 21:27 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 2188343789.job
2013-09-06 21:27 - 2013-09-28 19:00 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 3899209170.job
2013-09-06 21:27 - 2013-09-06 21:27 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 2188343789
2013-09-06 21:27 - 2013-09-06 21:27 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 3899209170
2013-09-06 21:27 - 2013-09-06 21:27 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Sialil
2013-09-06 21:27 - 2013-09-06 21:27 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cazuozyq
2013-09-06 21:26 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 1705832872.job
2013-09-06 21:26 - 2013-09-06 21:26 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 1705832872
2013-09-06 21:26 - 2013-09-06 21:26 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Zaaxveyr
2013-09-06 21:25 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 1776608764.job
2013-09-06 21:25 - 2013-09-06 21:25 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2720116036
2013-09-06 21:25 - 2013-09-06 21:25 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 1776608764
2013-09-06 21:25 - 2013-09-06 21:25 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Eksymay
2013-09-06 21:24 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2720116036.job
2013-09-06 21:24 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 1878295012.job
2013-09-06 21:24 - 2013-09-06 21:24 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 1412830517
2013-09-06 21:24 - 2013-09-06 21:24 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 1878295012
2013-09-06 21:24 - 2013-09-06 21:24 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ocucans
2013-09-06 21:24 - 2013-09-06 21:24 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cyivogu
2013-09-06 21:23 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 1412830517.job
2013-09-06 21:23 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 998237004.job
2013-09-06 21:23 - 2013-09-06 21:23 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 998237004
2013-09-06 21:23 - 2013-09-06 21:23 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Rebaewmu
2013-09-06 21:23 - 2013-09-06 21:23 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cyreuvib
2013-09-06 21:22 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 1500958381.job
2013-09-06 21:22 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 2250947989.job
2013-09-06 21:22 - 2013-09-06 21:22 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 1500958381
2013-09-06 21:22 - 2013-09-06 21:22 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 2250947989
2013-09-06 21:22 - 2013-09-06 21:22 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Xyiqxoin
2013-09-06 21:22 - 2013-09-06 21:22 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Necybygu
2013-09-06 21:21 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 2312919216.job
2013-09-06 21:21 - 2013-09-06 21:21 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 2312919216
2013-09-06 21:21 - 2013-09-06 21:21 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Lunyvy
2013-09-06 21:20 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 512966443.job
2013-09-06 21:20 - 2013-09-06 21:20 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 512966443
2013-09-06 21:20 - 2013-09-06 21:20 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Iczeoh
2013-09-06 21:19 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 436091950.job
2013-09-06 21:19 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 317079989.job
2013-09-06 21:19 - 2013-09-06 21:19 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 436091950
2013-09-06 21:19 - 2013-09-06 21:19 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 317079989
2013-09-06 21:19 - 2013-09-06 21:19 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Xouqky
2013-09-06 21:19 - 2013-09-06 21:19 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Wibuzyy
2013-09-06 21:18 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 3257591667.job
2013-09-06 21:18 - 2013-09-06 21:18 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 3257591667
2013-09-06 21:18 - 2013-09-06 21:18 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 2303382278
2013-09-06 21:18 - 2013-09-06 21:18 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Abocihux
2013-09-06 21:17 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 2303382278.job
2013-09-06 21:17 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 1358299583.job
2013-09-06 21:17 - 2013-09-06 21:17 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 1358299583
2013-09-06 21:17 - 2013-09-06 21:17 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Tygicaew
2013-09-06 21:17 - 2013-09-06 21:17 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Liyqgo
2013-09-06 21:16 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 3262656918.job
2013-09-06 21:16 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2104277565.job
2013-09-06 21:16 - 2013-09-06 21:16 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 3262656918
2013-09-06 21:16 - 2013-09-06 21:16 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2104277565
2013-09-06 21:16 - 2013-09-06 21:16 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Usfauho
2013-09-06 21:15 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 207862107.job
2013-09-06 21:15 - 2013-09-06 21:15 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 207862107
2013-09-06 21:15 - 2013-09-06 21:15 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Zexegiit
2013-09-06 21:15 - 2013-09-06 21:15 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yqoderw
2013-09-06 21:14 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2764331351.job
2013-09-06 21:14 - 2013-09-06 21:14 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2764331351
2013-09-06 21:14 - 2013-09-06 21:14 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Etedwiw
2013-09-06 21:13 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 1952799042.job
2013-09-06 21:13 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 3559017158.job
2013-09-06 21:13 - 2013-09-06 21:13 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 1952799042
2013-09-06 21:13 - 2013-09-06 21:13 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 3559017158
2013-09-06 21:13 - 2013-09-06 21:13 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Puuqoqtu
2013-09-06 21:13 - 2013-09-06 21:13 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Azsata
2013-09-06 21:12 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 1174573529.job
2013-09-06 21:12 - 2013-09-06 21:12 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 1174573529
2013-09-06 21:12 - 2013-09-06 21:12 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nowoze
2013-09-06 21:11 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 1072648813.job
2013-09-06 21:11 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 2445642297.job
2013-09-06 21:11 - 2013-09-06 21:11 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 1072648813
2013-09-06 21:11 - 2013-09-06 21:11 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 2445642297
2013-09-06 21:11 - 2013-09-06 21:11 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Obeqbeyd
2013-09-06 21:11 - 2013-09-06 21:11 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cauzol
2013-09-06 21:10 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 861691317.job
2013-09-06 21:10 - 2013-09-06 21:10 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 861691317
2013-09-06 21:10 - 2013-09-06 21:10 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Pyosatxa
2013-09-06 21:09 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 2354935031.job
2013-09-06 21:09 - 2013-09-28 19:00 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 2709240886.job
2013-09-06 21:09 - 2013-09-06 21:09 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 2354935031
2013-09-06 21:09 - 2013-09-06 21:09 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 2709240886
2013-09-06 21:09 - 2013-09-06 21:09 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Woydtaex
2013-09-06 21:09 - 2013-09-06 21:09 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Okyvpa
2013-09-06 21:08 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 4277417415.job
2013-09-06 21:08 - 2013-09-06 21:08 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 4277417415
2013-09-06 21:08 - 2013-09-06 21:08 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ufwaom
2013-09-06 21:07 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 1602191808.job
2013-09-06 21:07 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 7736320.job
2013-09-06 21:07 - 2013-09-06 21:07 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 1602191808
2013-09-06 21:07 - 2013-09-06 21:07 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 7736320
2013-09-06 21:07 - 2013-09-06 21:07 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ixefhaat
2013-09-06 21:07 - 2013-09-06 21:07 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Baacowm
2013-09-06 21:06 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 410314510.job
2013-09-06 21:06 - 2013-09-06 21:06 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 410314510
2013-09-06 21:06 - 2013-09-06 21:06 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Kuolbos
2013-09-06 21:05 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2483410912.job
2013-09-06 21:05 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 1811009751.job
2013-09-06 21:05 - 2013-09-06 21:05 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2483410912
2013-09-06 21:05 - 2013-09-06 21:05 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 1811009751
2013-09-06 21:05 - 2013-09-06 21:05 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-06 21:05 - 2013-09-06 21:05 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Uxpiole
2013-09-06 21:05 - 2013-09-06 21:05 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nixetewi
2013-09-06 21:04 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 4010662562.job
2013-09-06 21:04 - 2013-09-06 21:04 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 4010662562
2013-09-06 21:04 - 2013-09-06 21:04 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Boiqviga
2013-09-06 21:03 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 815212442.job
2013-09-06 21:03 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 3103644780.job
2013-09-06 21:03 - 2013-09-06 21:03 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 815212442
2013-09-06 21:03 - 2013-09-06 21:03 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 3103644780
2013-09-06 21:03 - 2013-09-06 21:03 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Zudyav
2013-09-06 21:03 - 2013-09-06 21:03 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nuguzoi
2013-09-06 21:02 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 3049059183.job
2013-09-06 21:02 - 2013-09-06 21:02 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 48522159
2013-09-06 21:02 - 2013-09-06 21:02 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 3049059183
2013-09-06 21:02 - 2013-09-06 21:02 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Rofewilu
2013-09-06 21:01 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 48522159.job
2013-09-06 21:01 - 2013-09-28 19:00 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 3832257528.job
2013-09-06 21:01 - 2013-09-06 21:01 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 3832257528
2013-09-06 21:01 - 2013-09-06 21:01 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Vaqema
2013-09-06 21:01 - 2013-09-06 21:01 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Qypootna
2013-09-06 21:00 - 2013-09-28 19:00 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 3764052194.job
2013-09-06 21:00 - 2013-09-06 21:00 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 3764052194
2013-09-06 21:00 - 2013-09-06 21:00 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ohfieh
2013-09-06 20:59 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2744053575.job
2013-09-06 20:59 - 2013-09-28 19:00 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 3268121896.job
2013-09-06 20:59 - 2013-09-06 20:59 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2744053575
2013-09-06 20:59 - 2013-09-06 20:59 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 3268121896
2013-09-06 20:59 - 2013-09-06 20:59 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Wadiuwla
2013-09-06 20:59 - 2013-09-06 20:59 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Igroku
2013-09-06 20:58 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 1768316705.job
2013-09-06 20:58 - 2013-09-06 20:58 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 1768316705
2013-09-06 20:58 - 2013-09-06 20:58 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Otxubua
2013-09-06 20:57 - 2013-09-28 19:00 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 2592702691.job
2013-09-06 20:57 - 2013-09-06 20:57 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 2592702691
2013-09-06 20:57 - 2013-09-06 20:57 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Visonihy
2013-09-06 20:56 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 926383550.job
2013-09-06 20:56 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 1375377969.job
2013-09-06 20:56 - 2013-09-06 20:56 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 926383550
2013-09-06 20:56 - 2013-09-06 20:56 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 1375377969
2013-09-06 20:56 - 2013-09-06 20:56 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Sykyoqke
2013-09-06 20:56 - 2013-09-06 20:56 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Olelebeg
2013-09-06 20:55 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 2794404240.job
2013-09-06 20:55 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 624355523.job
2013-09-06 20:55 - 2013-09-06 20:55 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 2794404240
2013-09-06 20:55 - 2013-09-06 20:55 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 624355523
2013-09-06 20:55 - 2013-09-06 20:55 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Pyleuxx
2013-09-06 20:55 - 2013-09-06 20:55 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Epawve
2013-09-06 20:54 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 3975673622.job
2013-09-06 20:54 - 2013-09-06 20:54 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 3975673622
2013-09-06 20:54 - 2013-09-06 20:54 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Uzohivd
2013-09-06 20:53 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 4132678621.job
2013-09-06 20:53 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 3029809891.job
2013-09-06 20:53 - 2013-09-06 20:53 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 4132678621
2013-09-06 20:53 - 2013-09-06 20:53 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 3029809891
2013-09-06 20:53 - 2013-09-06 20:53 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Imsyhyyc
2013-09-06 20:53 - 2013-09-06 20:53 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Dioded
2013-09-06 20:52 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 594842397.job
2013-09-06 20:52 - 2013-09-06 20:52 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 594842397
2013-09-06 20:52 - 2013-09-06 20:52 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Caaklyw
2013-09-06 20:51 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 3799062137.job
2013-09-06 20:51 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2944247778.job
2013-09-06 20:51 - 2013-09-06 20:52 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 3799062137
2013-09-06 20:51 - 2013-09-06 20:51 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2944247778
2013-09-06 20:51 - 2013-09-06 20:51 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yqgoabiq
2013-09-06 20:51 - 2013-09-06 20:51 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Feweib
2013-09-06 20:50 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 4125787655.job
2013-09-06 20:50 - 2013-09-06 20:50 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 4125787655
2013-09-06 20:50 - 2013-09-06 20:50 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Duinleu
2013-09-06 20:49 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 3015263958.job
2013-09-06 20:49 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 3583485564.job
2013-09-06 20:49 - 2013-09-06 20:49 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 3015263958
2013-09-06 20:49 - 2013-09-06 20:49 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 3583485564
2013-09-06 20:49 - 2013-09-06 20:49 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ilikepq
2013-09-06 20:49 - 2013-09-06 20:49 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ilafypv
2013-09-06 20:48 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 1949446088.job
2013-09-06 20:48 - 2013-09-06 20:48 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 1949446088
2013-09-06 20:48 - 2013-09-06 20:48 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ahbyiqre
2013-09-06 20:47 - 2013-09-28 19:00 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2459820325.job
2013-09-06 20:47 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 1318040586.job
2013-09-06 20:47 - 2013-09-06 20:47 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2459820325
2013-09-06 20:47 - 2013-09-06 20:47 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 1318040586
2013-09-06 20:47 - 2013-09-06 20:47 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ytwysaug
2013-09-06 20:47 - 2013-09-06 20:47 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Fylyibe
2013-09-06 20:46 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 2343475725.job
2013-09-06 20:46 - 2013-09-06 20:46 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 2343475725
2013-09-06 20:46 - 2013-09-06 20:46 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Apwuxaom
2013-09-06 20:45 - 2013-09-28 19:00 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 890258685.job
2013-09-06 20:45 - 2013-09-06 20:45 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 890258685
2013-09-06 20:45 - 2013-09-06 20:45 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Gyocud
2013-09-06 20:44 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 829855573.job
2013-09-06 20:44 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 4116225267.job
2013-09-06 20:44 - 2013-09-06 20:44 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 829855573
2013-09-06 20:44 - 2013-09-06 20:44 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 4116225267
2013-09-06 20:44 - 2013-09-06 20:44 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Eczedio
2013-09-06 20:44 - 2013-09-06 20:44 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cuysebo
2013-09-06 20:43 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 3905433383.job
2013-09-06 20:43 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 3518494677.job
2013-09-06 20:43 - 2013-09-06 20:43 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 3905433383
2013-09-06 20:43 - 2013-09-06 20:43 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 3518494677
2013-09-06 20:43 - 2013-09-06 20:43 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Vecyiqg
2013-09-06 20:43 - 2013-09-06 20:43 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nylaivb
2013-09-06 20:42 - 2013-09-28 19:00 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 763091383.job
2013-09-06 20:42 - 2013-09-06 20:42 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 763091383
2013-09-06 20:42 - 2013-09-06 20:42 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Fupavaow
2013-09-06 20:41 - 2013-09-28 19:00 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 729071299.job
2013-09-06 20:41 - 2013-09-06 20:41 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 729071299
2013-09-06 20:41 - 2013-09-06 20:41 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Fuyktie
2013-08-29 20:34 - 2013-08-29 20:34 - 00000000 ____D C:\Users\Grayson\AppData\Local\Spoon

==================== One Month Modified Files and Folders =======

2013-09-28 19:00 - 2013-09-28 19:00 - 00000000 ____D C:\FRST
2013-09-28 19:00 - 2013-09-07 06:35 - 00000318 ____H C:\Windows\Tasks\{C02A094C-A8A7-4A22-B0B3-B8F480BE9B58}.job
2013-09-28 19:00 - 2013-09-06 21:39 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 2958495932.job
2013-09-28 19:00 - 2013-09-06 21:38 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 4267155770.job
2013-09-28 19:00 - 2013-09-06 21:37 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 1636518791.job
2013-09-28 19:00 - 2013-09-06 21:37 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 461378757.job
2013-09-28 19:00 - 2013-09-06 21:36 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 756139940.job
2013-09-28 19:00 - 2013-09-06 21:35 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2306003538.job
2013-09-28 19:00 - 2013-09-06 21:35 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 2097853385.job
2013-09-28 19:00 - 2013-09-06 21:34 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2056631449.job
2013-09-28 19:00 - 2013-09-06 21:33 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 3663684449.job
2013-09-28 19:00 - 2013-09-06 21:33 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 4167153802.job
2013-09-28 19:00 - 2013-09-06 21:32 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 1850238962.job
2013-09-28 19:00 - 2013-09-06 21:31 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 2068755457.job
2013-09-28 19:00 - 2013-09-06 21:31 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 957562367.job
2013-09-28 19:00 - 2013-09-06 21:30 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2420476744.job
2013-09-28 19:00 - 2013-09-06 21:30 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2175736147.job
2013-09-28 19:00 - 2013-09-06 21:29 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 1326802327.job
2013-09-28 19:00 - 2013-09-06 21:28 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 2327601636.job
2013-09-28 19:00 - 2013-09-06 21:27 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 2188343789.job
2013-09-28 19:00 - 2013-09-06 21:27 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 3899209170.job
2013-09-28 19:00 - 2013-09-06 21:26 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 1705832872.job
2013-09-28 19:00 - 2013-09-06 21:25 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 1776608764.job
2013-09-28 19:00 - 2013-09-06 21:24 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2720116036.job
2013-09-28 19:00 - 2013-09-06 21:24 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 1878295012.job
2013-09-28 19:00 - 2013-09-06 21:23 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 1412830517.job
2013-09-28 19:00 - 2013-09-06 21:23 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 998237004.job
2013-09-28 19:00 - 2013-09-06 21:22 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 1500958381.job
2013-09-28 19:00 - 2013-09-06 21:22 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 2250947989.job
2013-09-28 19:00 - 2013-09-06 21:21 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 2312919216.job
2013-09-28 19:00 - 2013-09-06 21:20 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 512966443.job
2013-09-28 19:00 - 2013-09-06 21:19 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 436091950.job
2013-09-28 19:00 - 2013-09-06 21:19 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 317079989.job
2013-09-28 19:00 - 2013-09-06 21:18 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 3257591667.job
2013-09-28 19:00 - 2013-09-06 21:17 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 2303382278.job
2013-09-28 19:00 - 2013-09-06 21:17 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 1358299583.job
2013-09-28 19:00 - 2013-09-06 21:16 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 3262656918.job
2013-09-28 19:00 - 2013-09-06 21:16 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2104277565.job
2013-09-28 19:00 - 2013-09-06 21:15 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 207862107.job
2013-09-28 19:00 - 2013-09-06 21:14 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2764331351.job
2013-09-28 19:00 - 2013-09-06 21:13 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 1952799042.job
2013-09-28 19:00 - 2013-09-06 21:13 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 3559017158.job
2013-09-28 19:00 - 2013-09-06 21:12 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 1174573529.job
2013-09-28 19:00 - 2013-09-06 21:11 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 1072648813.job
2013-09-28 19:00 - 2013-09-06 21:11 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 2445642297.job
2013-09-28 19:00 - 2013-09-06 21:10 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 861691317.job
2013-09-28 19:00 - 2013-09-06 21:09 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 2354935031.job
2013-09-28 19:00 - 2013-09-06 21:09 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 2709240886.job
2013-09-28 19:00 - 2013-09-06 21:08 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 4277417415.job
2013-09-28 19:00 - 2013-09-06 21:07 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 1602191808.job
2013-09-28 19:00 - 2013-09-06 21:07 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 7736320.job
2013-09-28 19:00 - 2013-09-06 21:06 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 410314510.job
2013-09-28 19:00 - 2013-09-06 21:05 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2483410912.job
2013-09-28 19:00 - 2013-09-06 21:05 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 1811009751.job
2013-09-28 19:00 - 2013-09-06 21:04 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 4010662562.job
2013-09-28 19:00 - 2013-09-06 21:03 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 815212442.job
2013-09-28 19:00 - 2013-09-06 21:03 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 3103644780.job
2013-09-28 19:00 - 2013-09-06 21:02 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 3049059183.job
2013-09-28 19:00 - 2013-09-06 21:01 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 48522159.job
2013-09-28 19:00 - 2013-09-06 21:01 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 3832257528.job
2013-09-28 19:00 - 2013-09-06 21:00 - 00000784 _____ C:\Windows\Tasks\Security Center Update - 3764052194.job
2013-09-28 19:00 - 2013-09-06 20:59 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2744053575.job
2013-09-28 19:00 - 2013-09-06 20:59 - 00000786 _____ C:\Windows\Tasks\Security Center Update - 3268121896.job
2013-09-28 19:00 - 2013-09-06 20:58 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 1768316705.job
2013-09-28 19:00 - 2013-09-06 20:57 - 00000796 _____ C:\Windows\Tasks\Security Center Update - 2592702691.job
2013-09-28 19:00 - 2013-09-06 20:56 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 926383550.job
2013-09-28 19:00 - 2013-09-06 20:56 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 1375377969.job
2013-09-28 19:00 - 2013-09-06 20:55 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 2794404240.job
2013-09-28 19:00 - 2013-09-06 20:55 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 624355523.job
2013-09-28 19:00 - 2013-09-06 20:54 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 3975673622.job
2013-09-28 19:00 - 2013-09-06 20:53 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 4132678621.job
2013-09-28 19:00 - 2013-09-06 20:53 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 3029809891.job
2013-09-28 19:00 - 2013-09-06 20:52 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 594842397.job
2013-09-28 19:00 - 2013-09-06 20:51 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 3799062137.job
2013-09-28 19:00 - 2013-09-06 20:51 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 2944247778.job
2013-09-28 19:00 - 2013-09-06 20:50 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 4125787655.job
2013-09-28 19:00 - 2013-09-06 20:49 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 3015263958.job
2013-09-28 19:00 - 2013-09-06 20:49 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 3583485564.job
2013-09-28 19:00 - 2013-09-06 20:48 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 1949446088.job
2013-09-28 19:00 - 2013-09-06 20:47 - 00000794 _____ C:\Windows\Tasks\Security Center Update - 2459820325.job
2013-09-28 19:00 - 2013-09-06 20:47 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 1318040586.job
2013-09-28 19:00 - 2013-09-06 20:46 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 2343475725.job
2013-09-28 19:00 - 2013-09-06 20:45 - 00000788 _____ C:\Windows\Tasks\Security Center Update - 890258685.job
2013-09-28 19:00 - 2013-09-06 20:44 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 829855573.job
2013-09-28 19:00 - 2013-09-06 20:44 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 4116225267.job
2013-09-28 19:00 - 2013-09-06 20:43 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 3905433383.job
2013-09-28 19:00 - 2013-09-06 20:43 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 3518494677.job
2013-09-28 19:00 - 2013-09-06 20:42 - 00000792 _____ C:\Windows\Tasks\Security Center Update - 763091383.job
2013-09-28 19:00 - 2013-09-06 20:41 - 00000790 _____ C:\Windows\Tasks\Security Center Update - 729071299.job
2013-09-28 18:58 - 2009-07-13 21:45 - 00013984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-28 18:58 - 2009-07-13 21:45 - 00013984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-28 18:54 - 2013-09-28 18:54 - 01953880 _____ (Farbar) C:\Users\Russ\Desktop\FRST64.exe
2013-09-28 18:45 - 2012-12-19 10:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-28 18:42 - 2010-08-02 15:27 - 01130957 _____ C:\Windows\WindowsUpdate.log
2013-09-28 18:41 - 2011-07-18 09:42 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-28 14:39 - 2011-07-18 09:42 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-28 11:30 - 2012-07-25 13:41 - 00000000 ____D C:\Users\Gigi
2013-09-28 11:30 - 2012-07-24 10:40 - 00000000 ____D C:\Users\Hannah
2013-09-28 11:30 - 2012-07-24 09:28 - 00000000 ____D C:\Users\Grayson
2013-09-28 11:30 - 2012-05-07 13:34 - 00000000 ____D C:\Users\testaccount
2013-09-28 11:30 - 2012-04-30 12:13 - 00000000 ____D C:\Users\CWadmin
2013-09-28 11:30 - 2010-12-28 16:41 - 00000000 ____D C:\Users\jwilkins
2013-09-28 11:30 - 2010-12-28 09:49 - 00000000 ____D C:\Users\glenn
2013-09-28 11:30 - 2010-12-28 09:43 - 00000000 ____D C:\Users\rwilkins
2013-09-28 11:30 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-09-28 11:24 - 2012-07-29 11:58 - 00000000 ____D C:\Users\Sarah
2013-09-28 11:24 - 2012-07-25 18:05 - 00000000 ____D C:\Users\Jen
2013-09-28 11:11 - 2011-07-18 10:12 - 00000400 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2013-09-28 10:47 - 2009-07-13 22:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-28 10:43 - 2012-07-16 22:33 - 00000000 ____D C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2013-09-28 10:41 - 2011-08-10 03:05 - 00027219 _____ C:\Windows\setupact.log
2013-09-28 10:41 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-28 10:34 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-09-28 10:31 - 2012-07-16 22:33 - 00000000 ____D C:\Users\Russ
2013-09-24 18:44 - 2012-07-25 18:05 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2013-09-22 18:59 - 2013-02-04 21:35 - 00001457 _____ C:\Users\Sarah\Sti_Trace.log
2013-09-22 18:58 - 2012-07-29 11:59 - 00000000 ___RD C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-22 18:58 - 2012-07-29 11:59 - 00000000 ___RD C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-22 18:58 - 2012-07-29 11:58 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LG Power Tools
2013-09-22 13:47 - 2012-12-19 10:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-22 13:47 - 2012-12-19 10:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-22 13:47 - 2011-07-18 09:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-15 22:34 - 2013-09-07 06:35 - 00000000 ____D C:\Users\Jen\AppData\Local\2433eade-a2cc-4fd7-9733-081105f4b185ad
2013-09-15 21:21 - 2013-09-15 21:21 - 00000000 ____D C:\Users\Russ\AppData\Local\Sophos
2013-09-15 21:20 - 2013-09-15 21:05 - 00000000 ____D C:\ProgramData\Sophos
2013-09-15 21:19 - 2013-09-15 21:05 - 00000000 ____D C:\Program Files (x86)\Sophos
2013-09-15 20:43 - 2012-07-16 22:34 - 00000000 ___RD C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-15 20:43 - 2012-07-16 22:34 - 00000000 ___RD C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-15 20:23 - 2012-08-12 21:22 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2013-09-15 20:23 - 2012-07-25 18:34 - 00000000 ____D C:\Users\Jen\AppData\Local\Apple Computer
2013-09-15 20:23 - 2012-07-25 18:06 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Apple Computer
2013-09-15 20:20 - 2012-07-25 18:05 - 00000000 ___RD C:\Users\Jen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-15 20:20 - 2012-07-25 18:05 - 00000000 ___RD C:\Users\Jen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-15 20:20 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-09-14 04:06 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-09-14 03:29 - 2012-04-12 09:22 - 00033350 _____ C:\Windows\PFRO.log
2013-09-14 03:29 - 2009-07-13 21:45 - 00433264 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-14 03:11 - 2010-12-28 11:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-14 03:10 - 2013-08-15 03:01 - 00000000 ____D C:\Windows\system32\MRT
2013-09-14 03:06 - 2010-12-27 16:25 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 09:17 - 2013-09-15 21:19 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll
2013-09-12 09:17 - 2013-09-15 21:19 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
2013-09-12 09:17 - 2013-09-15 21:19 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys
2013-09-12 09:17 - 2013-09-15 21:19 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe
2013-09-12 09:17 - 2013-09-15 21:19 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys
2013-09-07 06:34 - 2013-09-07 06:34 - 00000000 ____D C:\Users\Jen\AppData\Local\Google
2013-09-07 06:34 - 2013-09-07 06:34 - 00000000 _____ C:\Users\Jen\jqs.exe
2013-09-07 06:34 - 2013-09-07 06:34 - 00000000 _____ C:\Users\Jen\acrobatreader.exe
2013-09-06 21:39 - 2013-09-06 21:39 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 2958495932
2013-09-06 21:39 - 2013-09-06 21:39 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Caathit
2013-09-06 21:38 - 2013-09-06 21:38 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 4267155770
2013-09-06 21:38 - 2013-09-06 21:38 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Veuguhiz
2013-09-06 21:37 - 2013-09-06 21:37 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 1636518791
2013-09-06 21:37 - 2013-09-06 21:37 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 461378757
2013-09-06 21:37 - 2013-09-06 21:37 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yxysybu
2013-09-06 21:37 - 2013-09-06 21:37 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Reybaf
2013-09-06 21:36 - 2013-09-06 21:36 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 756139940
2013-09-06 21:36 - 2013-09-06 21:36 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nyapvoa
2013-09-06 21:35 - 2013-09-06 21:35 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2306003538
2013-09-06 21:35 - 2013-09-06 21:35 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 2097853385
2013-09-06 21:35 - 2013-09-06 21:35 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ybysov
2013-09-06 21:35 - 2013-09-06 21:35 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Naizedax
2013-09-06 21:34 - 2013-09-06 21:34 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2056631449
2013-09-06 21:34 - 2013-09-06 21:34 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Pozisar
2013-09-06 21:33 - 2013-09-06 21:33 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 3663684449
2013-09-06 21:33 - 2013-09-06 21:33 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 4167153802
2013-09-06 21:33 - 2013-09-06 21:33 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yneruhi
2013-09-06 21:33 - 2013-09-06 21:33 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ipudqyek
2013-09-06 21:32 - 2013-09-06 21:32 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 957562367
2013-09-06 21:32 - 2013-09-06 21:32 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 1850238962
2013-09-06 21:32 - 2013-09-06 21:32 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Puaqar
2013-09-06 21:31 - 2013-09-06 21:31 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 2068755457
2013-09-06 21:31 - 2013-09-06 21:31 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Attoez
2013-09-06 21:31 - 2013-09-06 21:31 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Absusiv
2013-09-06 21:30 - 2013-09-06 21:30 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2420476744
2013-09-06 21:30 - 2013-09-06 21:30 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2175736147
2013-09-06 21:30 - 2013-09-06 21:30 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Sihiexes
2013-09-06 21:30 - 2013-09-06 21:30 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Obmoilo
2013-09-06 21:29 - 2013-09-06 21:29 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 1326802327
2013-09-06 21:29 - 2013-09-06 21:29 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yzyviz
2013-09-06 21:28 - 2013-09-06 21:28 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 2327601636
2013-09-06 21:28 - 2013-09-06 21:28 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ariropac
2013-09-06 21:27 - 2013-09-06 21:27 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 2188343789
2013-09-06 21:27 - 2013-09-06 21:27 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 3899209170
2013-09-06 21:27 - 2013-09-06 21:27 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Sialil
2013-09-06 21:27 - 2013-09-06 21:27 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cazuozyq
2013-09-06 21:26 - 2013-09-06 21:26 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 1705832872
2013-09-06 21:26 - 2013-09-06 21:26 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Zaaxveyr
2013-09-06 21:25 - 2013-09-06 21:25 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2720116036
2013-09-06 21:25 - 2013-09-06 21:25 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 1776608764
2013-09-06 21:25 - 2013-09-06 21:25 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Eksymay
2013-09-06 21:24 - 2013-09-06 21:24 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 1412830517
2013-09-06 21:24 - 2013-09-06 21:24 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 1878295012
2013-09-06 21:24 - 2013-09-06 21:24 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ocucans
2013-09-06 21:24 - 2013-09-06 21:24 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cyivogu
2013-09-06 21:23 - 2013-09-06 21:23 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 998237004
2013-09-06 21:23 - 2013-09-06 21:23 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Rebaewmu
2013-09-06 21:23 - 2013-09-06 21:23 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cyreuvib
2013-09-06 21:22 - 2013-09-06 21:22 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 1500958381
2013-09-06 21:22 - 2013-09-06 21:22 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 2250947989
2013-09-06 21:22 - 2013-09-06 21:22 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Xyiqxoin
2013-09-06 21:22 - 2013-09-06 21:22 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Necybygu
2013-09-06 21:21 - 2013-09-06 21:21 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 2312919216
2013-09-06 21:21 - 2013-09-06 21:21 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Lunyvy
2013-09-06 21:20 - 2013-09-06 21:20 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 512966443
2013-09-06 21:20 - 2013-09-06 21:20 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Iczeoh
2013-09-06 21:19 - 2013-09-06 21:19 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 436091950
2013-09-06 21:19 - 2013-09-06 21:19 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 317079989
2013-09-06 21:19 - 2013-09-06 21:19 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Xouqky
2013-09-06 21:19 - 2013-09-06 21:19 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Wibuzyy
2013-09-06 21:18 - 2013-09-06 21:18 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 3257591667
2013-09-06 21:18 - 2013-09-06 21:18 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 2303382278
2013-09-06 21:18 - 2013-09-06 21:18 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Abocihux
2013-09-06 21:17 - 2013-09-06 21:17 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 1358299583
2013-09-06 21:17 - 2013-09-06 21:17 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Tygicaew
2013-09-06 21:17 - 2013-09-06 21:17 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Liyqgo
2013-09-06 21:16 - 2013-09-06 21:16 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 3262656918
2013-09-06 21:16 - 2013-09-06 21:16 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2104277565
2013-09-06 21:16 - 2013-09-06 21:16 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Usfauho
2013-09-06 21:15 - 2013-09-06 21:15 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 207862107
2013-09-06 21:15 - 2013-09-06 21:15 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Zexegiit
2013-09-06 21:15 - 2013-09-06 21:15 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yqoderw
2013-09-06 21:14 - 2013-09-06 21:14 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2764331351
2013-09-06 21:14 - 2013-09-06 21:14 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Etedwiw
2013-09-06 21:13 - 2013-09-06 21:13 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 1952799042
2013-09-06 21:13 - 2013-09-06 21:13 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 3559017158
2013-09-06 21:13 - 2013-09-06 21:13 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Puuqoqtu
2013-09-06 21:13 - 2013-09-06 21:13 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Azsata
2013-09-06 21:12 - 2013-09-06 21:12 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 1174573529
2013-09-06 21:12 - 2013-09-06 21:12 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nowoze
2013-09-06 21:11 - 2013-09-06 21:11 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 1072648813
2013-09-06 21:11 - 2013-09-06 21:11 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 2445642297
2013-09-06 21:11 - 2013-09-06 21:11 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Obeqbeyd
2013-09-06 21:11 - 2013-09-06 21:11 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cauzol
2013-09-06 21:10 - 2013-09-06 21:10 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 861691317
2013-09-06 21:10 - 2013-09-06 21:10 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Pyosatxa
2013-09-06 21:09 - 2013-09-06 21:09 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 2354935031
2013-09-06 21:09 - 2013-09-06 21:09 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 2709240886
2013-09-06 21:09 - 2013-09-06 21:09 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Woydtaex
2013-09-06 21:09 - 2013-09-06 21:09 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Okyvpa
2013-09-06 21:08 - 2013-09-06 21:08 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 4277417415
2013-09-06 21:08 - 2013-09-06 21:08 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ufwaom
2013-09-06 21:07 - 2013-09-06 21:07 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 1602191808
2013-09-06 21:07 - 2013-09-06 21:07 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 7736320
2013-09-06 21:07 - 2013-09-06 21:07 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ixefhaat
2013-09-06 21:07 - 2013-09-06 21:07 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Baacowm
2013-09-06 21:06 - 2013-09-06 21:06 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 410314510
2013-09-06 21:06 - 2013-09-06 21:06 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Kuolbos
2013-09-06 21:05 - 2013-09-06 21:05 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2483410912
2013-09-06 21:05 - 2013-09-06 21:05 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 1811009751
2013-09-06 21:05 - 2013-09-06 21:05 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-06 21:05 - 2013-09-06 21:05 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Uxpiole
2013-09-06 21:05 - 2013-09-06 21:05 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nixetewi
2013-09-06 21:04 - 2013-09-06 21:04 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 4010662562
2013-09-06 21:04 - 2013-09-06 21:04 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Boiqviga
2013-09-06 21:03 - 2013-09-06 21:03 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 815212442
2013-09-06 21:03 - 2013-09-06 21:03 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 3103644780
2013-09-06 21:03 - 2013-09-06 21:03 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Zudyav
2013-09-06 21:03 - 2013-09-06 21:03 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nuguzoi
2013-09-06 21:02 - 2013-09-06 21:02 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 48522159
2013-09-06 21:02 - 2013-09-06 21:02 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 3049059183
2013-09-06 21:02 - 2013-09-06 21:02 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Rofewilu
2013-09-06 21:01 - 2013-09-06 21:01 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 3832257528
2013-09-06 21:01 - 2013-09-06 21:01 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Vaqema
2013-09-06 21:01 - 2013-09-06 21:01 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Qypootna
2013-09-06 21:00 - 2013-09-06 21:00 - 00003788 _____ C:\Windows\System32\Tasks\Security Center Update - 3764052194
2013-09-06 21:00 - 2013-09-06 21:00 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ohfieh
2013-09-06 20:59 - 2013-09-06 20:59 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2744053575
2013-09-06 20:59 - 2013-09-06 20:59 - 00003790 _____ C:\Windows\System32\Tasks\Security Center Update - 3268121896
2013-09-06 20:59 - 2013-09-06 20:59 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Wadiuwla
2013-09-06 20:59 - 2013-09-06 20:59 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Igroku
2013-09-06 20:58 - 2013-09-06 20:58 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 1768316705
2013-09-06 20:58 - 2013-09-06 20:58 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Otxubua
2013-09-06 20:57 - 2013-09-06 20:57 - 00003800 _____ C:\Windows\System32\Tasks\Security Center Update - 2592702691
2013-09-06 20:57 - 2013-09-06 20:57 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Visonihy
2013-09-06 20:56 - 2013-09-06 20:56 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 926383550
2013-09-06 20:56 - 2013-09-06 20:56 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 1375377969
2013-09-06 20:56 - 2013-09-06 20:56 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Sykyoqke
2013-09-06 20:56 - 2013-09-06 20:56 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Olelebeg
2013-09-06 20:55 - 2013-09-06 20:55 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 2794404240
2013-09-06 20:55 - 2013-09-06 20:55 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 624355523
2013-09-06 20:55 - 2013-09-06 20:55 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Pyleuxx
2013-09-06 20:55 - 2013-09-06 20:55 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Epawve
2013-09-06 20:54 - 2013-09-06 20:54 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 3975673622
2013-09-06 20:54 - 2013-09-06 20:54 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Uzohivd
2013-09-06 20:53 - 2013-09-06 20:53 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 4132678621
2013-09-06 20:53 - 2013-09-06 20:53 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 3029809891
2013-09-06 20:53 - 2013-09-06 20:53 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Imsyhyyc
2013-09-06 20:53 - 2013-09-06 20:53 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Dioded
2013-09-06 20:52 - 2013-09-06 20:52 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 594842397
2013-09-06 20:52 - 2013-09-06 20:52 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Caaklyw
2013-09-06 20:52 - 2013-09-06 20:51 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 3799062137
2013-09-06 20:51 - 2013-09-06 20:51 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 2944247778
2013-09-06 20:51 - 2013-09-06 20:51 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Yqgoabiq
2013-09-06 20:51 - 2013-09-06 20:51 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Feweib
2013-09-06 20:50 - 2013-09-06 20:50 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 4125787655
2013-09-06 20:50 - 2013-09-06 20:50 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Duinleu
2013-09-06 20:49 - 2013-09-06 20:49 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 3015263958
2013-09-06 20:49 - 2013-09-06 20:49 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 3583485564
2013-09-06 20:49 - 2013-09-06 20:49 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ilikepq
2013-09-06 20:49 - 2013-09-06 20:49 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ilafypv
2013-09-06 20:48 - 2013-09-06 20:48 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 1949446088
2013-09-06 20:48 - 2013-09-06 20:48 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ahbyiqre
2013-09-06 20:47 - 2013-09-06 20:47 - 00003798 _____ C:\Windows\System32\Tasks\Security Center Update - 2459820325
2013-09-06 20:47 - 2013-09-06 20:47 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 1318040586
2013-09-06 20:47 - 2013-09-06 20:47 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Ytwysaug
2013-09-06 20:47 - 2013-09-06 20:47 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Fylyibe
2013-09-06 20:46 - 2013-09-06 20:46 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 2343475725
2013-09-06 20:46 - 2013-09-06 20:46 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Apwuxaom
2013-09-06 20:45 - 2013-09-06 20:45 - 00003792 _____ C:\Windows\System32\Tasks\Security Center Update - 890258685
2013-09-06 20:45 - 2013-09-06 20:45 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Gyocud
2013-09-06 20:44 - 2013-09-06 20:44 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 829855573
2013-09-06 20:44 - 2013-09-06 20:44 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 4116225267
2013-09-06 20:44 - 2013-09-06 20:44 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Eczedio
2013-09-06 20:44 - 2013-09-06 20:44 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Cuysebo
2013-09-06 20:43 - 2013-09-06 20:43 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 3905433383
2013-09-06 20:43 - 2013-09-06 20:43 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 3518494677
2013-09-06 20:43 - 2013-09-06 20:43 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Vecyiqg
2013-09-06 20:43 - 2013-09-06 20:43 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Nylaivb
2013-09-06 20:42 - 2013-09-06 20:42 - 00003796 _____ C:\Windows\System32\Tasks\Security Center Update - 763091383
2013-09-06 20:42 - 2013-09-06 20:42 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Fupavaow
2013-09-06 20:41 - 2013-09-06 20:41 - 00003794 _____ C:\Windows\System32\Tasks\Security Center Update - 729071299
2013-09-06 20:41 - 2013-09-06 20:41 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Fuyktie
2013-09-06 20:41 - 2012-12-08 12:44 - 00000000 ____D C:\Users\Jen\AppData\Roaming\Epson
2013-08-29 20:34 - 2013-08-29 20:34 - 00000000 ____D C:\Users\Grayson\AppData\Local\Spoon

Alureon:
C:\Users\Jen\AppData\Local\Temp\sfpsifp\spqobwt\wow.dll

Alureon:
C:\Users\Sarah\AppData\Local\Temp\srcqtub\sifapke\wow.dll

Files to move or delete:
====================
ZeroAccess:
C:\Users\Jen\AppData\Local\Google\Desktop\Install
C:\Users\Jen\acrobatreader.exe
C:\Users\Jen\jqs.exe
C:\Windows\Tasks\{C02A094C-A8A7-4A22-B0B3-B8F480BE9B58}.job

Some content of TEMP:
====================
C:\Users\Grayson\AppData\Local\Temp\ahocebbnrfgraenmcat.bfg
C:\Users\Grayson\AppData\Local\Temp\DownloadManager.exe
C:\Users\Jen\AppData\Local\Temp\616081815.exe
C:\Users\Jen\AppData\Local\Temp\avdsdoij.exe
C:\Users\Jen\AppData\Local\Temp\F7CC.exe
C:\Users\Jen\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Sarah\AppData\Local\Temp\6A8.exe
C:\Users\Sarah\AppData\Local\Temp\wfbftajwyjtxrrlucjn.bfg

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-09-14 03:59

==================== End Of Log ============================


 

Attached Files



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:25 AM

Posted 29 September 2013 - 06:46 PM

:welcome:

 

I am reviewing your log. Will post promptly.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:25 AM

Posted 29 September 2013 - 06:53 PM

Download the enclosed file.

 

Save it next to FRST64.

 

Run FRST and this time around, click on the Fix button and wait.

 

The tool will make a log next to FRST (Fixlog.txt) please post it to your reply.

 

Re-Scan with FRST and post the new FRST.txt report.
 


Edited by JSntgRvr, 29 September 2013 - 06:54 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#4 rw1984

rw1984
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 29 September 2013 - 07:47 PM

JSntgRvr

 

Thank you for taking my case.  I've run the processes you've recommended and attached specified output.

 

I wait to see if you believe anything else should be done.

 

Thanks

RG

Attached Files



#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:25 AM

Posted 29 September 2013 - 08:02 PM

Download the enclosed file.
 
Save it next to FRST64, overwriting the existing one.
 
Run FRST and this time around, click on the Fix button and wait.
 
The tool will make a log next to FRST (Fixlog.txt) please post it to your reply.
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

bf_new.gif Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:25 AM

Posted 29 September 2013 - 08:08 PM

Run also this fix:

 

Download the enclosed file.
 
Save it next to FRST64, overwriting the existing one.
 
Run FRST and this time around, click on the Fix button and wait.
 
The tool will make a log next to FRST (Fixlog.txt) please post it to your reply.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 rw1984

rw1984
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 29 September 2013 - 09:10 PM

Here's the fixlog.txt from the 1.42 KB fixlist.txt (the 2nd one you gave)

 

I'm going to do the other steps now

 

 

Attached Files



#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:25 AM

Posted 29 September 2013 - 10:32 PM

:thumbup2:


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 rw1984

rw1984
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:25 AM

Posted 29 September 2013 - 10:33 PM

Okay, here are the other log files from:

 

Junkware Removal (attached)

AdwCleaner (attached)

Malwarebytes (cut and pasted below)

FRST64 (attached)

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.30.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Russ :: DESKTOP-W7-JW [administrator]

9/29/2013 8:01:25 PM
mbam-log-2013-09-29 (20-01-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 495234
Time elapsed: 14 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Jen\AppData\Roaming\Epson\WIN236E.exe (Trojan.Agent.DE) -> Quarantined and deleted successfully.
C:\Users\Grayson\AppData\Local\Temp\is1373634743\MyBabylonTB.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Grayson\Local Settings\Temporary Internet Files\Content.IE5\62UQMKHF\Pconverter_B3.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)

 

Anything else?

 

Thanks

RG

Attached Files



#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:25 AM

Posted 29 September 2013 - 10:42 PM

Lets empty the temp folders:

Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.  Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

 

 

Scan with Sophos and let me know the outcome.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users