Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Smart Pc Fix Pop Up At Start Up Please Help


  • This topic is locked This topic is locked
27 replies to this topic

#1 djlnyc

djlnyc

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 04 January 2014 - 01:23 AM

I have the same exact same problem as posted by Metamorph69 ,and helped by Gringo ,the only difference is that I have no files of importance I don't know if it makes it easier just to wipe everything ,in which I don't no how to do .My  computer runs fine I believe except for that pop up at boot which comes up on right hand side of screen saying  I have x amount of errors please register to full version at isharpsoft registry cleaner pro to  clean and fix remaining errors on your pc, I have ran malware remover which it did remove  several bad malwares and several antivirus scans to no luck Thanks in advance for your help



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:05 AM

Posted 04 January 2014 - 08:07 PM





Hello djlnyc

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 04 January 2014 - 09:17 PM

okay here we go I hope I have this right, it seemed like the program didn't want to scan halfway thru , but then it continued , also I don't know where this program is now saved cause it didn't give me that option I will search while you reply thanks












Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by kris (administrator) on DAVID on 04-01-2014 21:05:55
Running from C:\Users\kris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3G0TWSM
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\ProgramData\MediaDev\1387324144\mediadev.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\ProgramData\UpdateServer\1388456804\webdev.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6470248 2012-04-24] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [HPSYSDRV] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\Updater.exe
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [684024 2012-04-04] (PDF Complete Inc)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [(default)] - [x]
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.bing.com/search?q=espn&qs=AS&pq=es&sc=8-2&sp=1&FORM=QBLH&cvid=9f1c302bee6f4957810e376dd81e73e3&ghc=1
http://my.msn.com/
SearchScopes: HKLM - {7A7F07A2-47BE-45EE-87C8-340B59CFF5CD} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {7A7F07A2-47BE-45EE-87C8-340B59CFF5CD} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\kris\AppData\Local\Roblox\Versions\version-28a069d7dccb4f92\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Extension: ArcadeParlor - C:\Users\kris\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}
FF Extension: Clear Console - C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\Extensions\clearConsole@penzil.com.xpi
FF Extension: Stylish - C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Norton Identity Protection) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.11.8_0
CHR Extension: (Google Wallet) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R2 MediaDevSrv; C:\ProgramData\MediaDev\1387324144\mediadev.exe [368448 2013-12-17] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-04-04] (PDF Complete Inc)
R2 WinDevSvc; C:\ProgramData\UpdateServer\1388456804\webdev.exe [368960 2013-12-30] ()

==================== Drivers (Whitelisted) ====================

R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-15] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-15] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20140103.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20140104.006\ENG64.SYS [126040 2013-12-15] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20140104.006\EX64.SYS [2099288 2013-12-15] (Symantec Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-08-15] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2013-04-17] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)
S3 cpuz134; \??\C:\Users\kris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 21:04 - 2014-01-04 21:04 - 00000000 ____D C:\FRST
2014-01-04 21:00 - 2014-01-04 21:00 - 00005896 _____ C:\Users\kris\instructions 1.txt
2014-01-04 15:05 - 2014-01-04 15:05 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-04 15:04 - 2014-01-04 20:15 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-04 15:04 - 2014-01-04 19:00 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 15:04 - 2014-01-04 15:10 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-04 15:04 - 2014-01-04 15:10 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-04 15:04 - 2014-01-04 15:05 - 00000000 ____D C:\Users\kris\AppData\Local\Google
2014-01-04 15:04 - 2014-01-04 15:04 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-04 15:02 - 2014-01-04 15:03 - 00819176 _____ (Google Inc.) C:\Users\kris\Downloads\ChromeSetup.exe
2014-01-04 14:02 - 2014-01-04 14:02 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2014-01-04 14:02 - 2014-01-04 14:02 - 00000000 ___HD C:\ProgramData\CanonBJ
2014-01-04 14:01 - 2011-05-23 05:00 - 00385536 _____ (CANON INC.) C:\Windows\system32\CNMLMAQ.DLL
2014-01-04 14:01 - 2011-04-27 11:01 - 00373248 _____ (CANON INC.) C:\Windows\system32\CNC_AQL.dll
2014-01-04 14:01 - 2011-04-27 11:00 - 00323584 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_AQL.dll
2014-01-04 14:01 - 2011-03-31 10:07 - 00302080 _____ (CANON INC.) C:\Windows\system32\CNC_AQC.dll
2014-01-04 14:01 - 2011-03-31 10:07 - 00114688 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_AQU.dll
2014-01-04 14:01 - 2011-03-31 10:06 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNC_AQI.dll
2014-01-04 14:01 - 2010-11-29 09:13 - 00063744 _____ C:\Windows\SysWOW64\CNC1751D.TBL
2014-01-04 14:01 - 2010-11-29 09:13 - 00063744 _____ C:\Windows\system32\CNC1751D.TBL
2014-01-04 14:01 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-01-04 14:01 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-01-02 19:23 - 2014-01-02 19:23 - 02184064 _____ (WiseCleaner.com ) C:\Users\kris\Downloads\WRCFree.exe
2014-01-02 19:07 - 2014-01-02 19:17 - 00000000 ____D C:\Program Files (x86)\SlimCleaner
2014-01-02 19:07 - 2014-01-02 19:07 - 00801088 _____ (SlimWare Utilities, Inc.) C:\Users\kris\Downloads\SlimCleaner-setup.exe
2014-01-02 19:07 - 2014-01-02 19:07 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2014-01-02 19:07 - 2014-01-02 19:07 - 00000000 ____D C:\Users\kris\AppData\Local\SlimWare Utilities Inc
2014-01-02 15:53 - 2014-01-04 18:59 - 00000676 _____ C:\Windows\PFRO.log
2014-01-02 15:53 - 2014-01-04 18:59 - 00000392 _____ C:\Windows\setupact.log
2014-01-02 15:53 - 2014-01-02 15:53 - 00000000 _____ C:\Windows\setuperr.log
2014-01-02 15:48 - 2014-01-02 15:48 - 15627064 _____ (Anvisoft) C:\Users\kris\Downloads\csbsetup.exe
2014-01-01 21:37 - 2014-01-01 21:37 - 00625664 _____ C:\Users\kris\Downloads\dds.scr.txt
2014-01-01 21:27 - 2014-01-01 21:27 - 00688992 ____R (Swearware) C:\Users\kris\Downloads\dds.com
2014-01-01 20:44 - 2014-01-01 20:44 - 26548024 _____ C:\Users\kris\Downloads\asdsetup(3).exe
2014-01-01 19:00 - 2014-01-01 19:00 - 00000000 ____D C:\Users\kris\AppData\Roaming\Malwarebytes
2014-01-01 19:00 - 2014-01-01 19:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 18:59 - 2014-01-01 18:59 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\kris\Downloads\mbam-setup.exe
2014-01-01 15:42 - 2014-01-02 19:16 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2014-01-01 15:42 - 2014-01-02 17:42 - 00000000 ____D C:\Users\kris\AppData\Roaming\Anvisoft
2014-01-01 15:42 - 2014-01-01 15:42 - 00000000 ____D C:\ProgramData\Anvisoft
2014-01-01 15:41 - 2014-01-01 15:41 - 26548024 _____ C:\Users\kris\Downloads\asdsetup(2).exe
2014-01-01 15:40 - 2014-01-01 15:40 - 26548024 _____ C:\Users\kris\Downloads\asdsetup(1).exe
2014-01-01 15:38 - 2014-01-01 15:38 - 26548024 _____ C:\Users\kris\Downloads\asdsetup.exe
2013-12-31 18:08 - 2013-12-31 18:08 - 00000000 ____D C:\Users\kris\AppData\Local\Macromedia
2013-12-31 17:24 - 2014-01-02 15:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-31 17:24 - 2013-12-31 17:25 - 00000000 ____D C:\Users\kris\AppData\Local\Mozilla
2013-12-31 17:24 - 2013-12-31 17:24 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 17:24 - 2013-12-31 17:24 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 17:24 - 2013-12-31 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-31 17:22 - 2013-12-31 17:22 - 00109144 _____ () C:\Users\kris\Downloads\Setup (2).exe
2013-12-31 16:30 - 2013-12-31 16:35 - 00000000 ____D C:\AdwCleaner
2013-12-31 15:46 - 2013-12-31 15:47 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2013-12-31 14:31 - 2013-12-31 14:31 - 00550371 _____ C:\Users\kris\Downloads\Autoruns.zip
2013-12-31 14:29 - 2013-12-31 14:29 - 00000000 ____D C:\Users\kris\AppData\Local\WinZip
2013-12-30 22:22 - 2013-12-30 22:23 - 00000000 ____D C:\Program Files (x86)\Sendori
2013-12-30 22:20 - 2013-12-30 22:20 - 00000000 ____D C:\ProgramData\Real
2013-12-30 21:40 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-12-30 21:40 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-12-30 21:26 - 2013-12-30 21:26 - 00000000 ____D C:\ProgramData\UpdateServer
2013-12-30 21:23 - 2013-12-30 21:23 - 00000000 ____D C:\Users\Public\CyberLink
2013-12-30 21:19 - 2014-01-03 20:58 - 00000000 ____D C:\Users\kris\Documents\Youcam
2013-12-30 21:19 - 2013-12-30 21:19 - 00000000 ____D C:\Users\kris\AppData\Roaming\CyberLink
2013-12-30 21:19 - 2013-12-30 21:19 - 00000000 ____D C:\Users\kris\AppData\Local\CyberLink
2013-12-30 21:11 - 2013-12-30 21:11 - 00000000 ____D C:\Windows\ERUNT
2013-12-30 21:09 - 2013-12-30 21:09 - 00923784 _____ (CNET Download.com) C:\Users\kris\Downloads\cbsidlm-cbsi145-Junkware_Removal_Tool-ORG-75910255.exe
2013-12-30 20:54 - 2013-12-30 20:55 - 25647320 _____ (Microsoft Corporation) C:\Users\kris\Downloads\Windows-KB890830-x64-V5.7 (2).exe
2013-12-30 20:33 - 2013-12-30 20:33 - 00051496 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-30 20:26 - 2013-12-30 20:28 - 00000000 ____D C:\Program Files (x86)\ShowMyPCService
2013-12-30 20:16 - 2013-12-30 20:41 - 00000000 ____D C:\Users\kris\AppData\Local\Deployment
2013-12-30 20:16 - 2013-12-30 20:16 - 00000000 ____D C:\Users\kris\AppData\Local\Apps\2.0
2013-12-30 19:41 - 2013-12-30 19:42 - 55915216 _____ (Microsoft Corporation) C:\Users\kris\Downloads\IE11-Windows6.1-x64-en-us.exe
2013-12-30 19:41 - 2013-12-30 19:42 - 25647320 _____ (Microsoft Corporation) C:\Users\kris\Downloads\Windows-KB890830-x64-V5.7 (1).exe
2013-12-30 19:41 - 2013-12-30 19:41 - 25647320 _____ (Microsoft Corporation) C:\Users\kris\Downloads\Windows-KB890830-x64-V5.7.exe
2013-12-30 19:33 - 2013-12-30 19:33 - 00000000 _____ C:\Users\kris\daemonprocess.txt
2013-12-30 19:08 - 2012-08-23 09:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-12-30 19:08 - 2012-08-23 09:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-12-30 19:08 - 2012-08-23 09:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-12-30 19:08 - 2012-08-23 09:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-12-30 19:08 - 2012-08-23 08:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-12-30 19:08 - 2012-08-23 08:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-12-30 19:08 - 2012-08-23 08:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-30 19:08 - 2012-08-23 08:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-30 19:08 - 2012-08-23 08:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-30 19:08 - 2012-08-23 08:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-12-30 19:08 - 2012-08-23 08:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-12-30 19:08 - 2012-08-23 08:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-12-30 19:08 - 2012-08-23 08:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-30 19:08 - 2012-08-23 07:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-12-30 19:08 - 2012-08-23 06:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-30 19:08 - 2012-08-23 06:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-12-30 19:08 - 2012-08-23 06:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-12-30 19:08 - 2012-08-23 06:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-12-30 19:08 - 2012-08-23 05:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-12-30 19:08 - 2012-08-23 05:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-12-30 19:08 - 2012-08-23 05:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-12-30 19:08 - 2012-08-23 05:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-12-30 19:08 - 2012-08-23 04:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-12-30 19:08 - 2012-08-23 03:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-30 19:08 - 2012-08-23 03:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-30 19:07 - 2013-12-30 19:07 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-30 19:07 - 2013-12-18 19:02 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-12-30 19:07 - 2013-12-15 04:32 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Hewlett-Packard
2013-12-30 19:07 - 2009-07-13 23:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-30 19:07 - 2009-07-13 23:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-30 19:01 - 2013-09-04 07:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-30 19:01 - 2013-09-04 07:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-30 19:01 - 2013-09-04 07:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-30 19:01 - 2013-09-04 07:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-30 19:01 - 2013-09-04 07:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-30 19:01 - 2013-09-04 07:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-30 19:01 - 2013-09-04 07:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-30 19:01 - 2012-05-04 06:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-12-30 19:01 - 2012-05-04 04:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-12-30 18:44 - 2013-12-30 18:44 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-30 18:42 - 2013-12-30 18:42 - 00000000 ____D C:\Users\kris\AppData\Local\BrowserSafeguard
2013-12-30 17:13 - 2014-01-01 15:30 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForkris.job
2013-12-30 17:13 - 2014-01-01 14:29 - 00003176 _____ C:\Windows\System32\Tasks\HPCeeScheduleForkris
2013-12-30 15:49 - 2013-12-30 15:55 - 00000000 ____D C:\Users\kris\AppData\Local\Roblox
2013-12-30 15:44 - 2013-12-30 15:44 - 00000000 ____D C:\ProgramData\SearchDonkey
2013-12-29 16:25 - 2014-01-03 19:11 - 00000000 ____D C:\Windows\pss
2013-12-29 15:24 - 2013-12-30 15:20 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-29 15:23 - 2013-12-29 15:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-28 23:51 - 2013-12-28 23:51 - 00001219 _____ C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-28 23:26 - 2013-12-28 23:26 - 00002119 _____ C:\Users\kris\Desktop\Microsoft Security Essentials.lnk
2013-12-28 23:26 - 2013-12-28 23:26 - 00001945 _____ C:\Windows\epplauncher.mif
2013-12-28 23:26 - 2013-12-28 23:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-28 23:26 - 2013-12-28 23:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-12-28 21:44 - 2013-12-28 21:46 - 00000000 ____D C:\Windows\system32\MRT
2013-12-28 21:44 - 2013-12-01 14:42 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-28 20:53 - 2013-12-28 20:53 - 00000000 ____D C:\Users\kris\hpremote
2013-12-24 18:12 - 2014-01-01 14:26 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-12-24 18:10 - 2013-12-30 14:21 - 00000000 ____D C:\Users\kris\AppData\Roaming\HP Support Assistant
2013-12-20 16:02 - 2013-12-28 18:51 - 00020930 _____ C:\Windows\system32\ScanResults.xml
2013-12-20 16:00 - 2013-12-28 18:48 - 00001056 _____ C:\Windows\system32\SettingsFile
2013-12-18 19:02 - 2014-01-04 19:34 - 00000268 _____ C:\Windows\Tasks\ArcadeParlor.job
2013-12-18 19:02 - 2014-01-02 15:51 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeParlor
2013-12-18 19:02 - 2013-12-31 18:07 - 00000000 ____D C:\Users\kris\AppData\Local\Adobe
2013-12-18 19:02 - 2013-12-18 19:02 - 00003144 _____ C:\Windows\System32\Tasks\ArcadeParlor
2013-12-18 19:02 - 2013-12-18 19:02 - 00000145 _____ C:\out.txt
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\Users\kris\AppData\Roaming\Mozilla
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\ProgramData\Adobe
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-18 19:01 - 2013-12-28 20:50 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-18 18:54 - 2013-12-28 23:10 - 00000000 ____D C:\Users\kris\AppData\Local\StormAlerts
2013-12-18 18:53 - 2013-12-30 22:28 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-18 06:00 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-18 06:00 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-18 06:00 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-18 06:00 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-18 06:00 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-18 06:00 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-18 06:00 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-18 06:00 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-18 06:00 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-18 06:00 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-18 06:00 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-18 06:00 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-18 06:00 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-18 06:00 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-18 06:00 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-18 06:00 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-18 06:00 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-18 06:00 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-18 06:00 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-18 06:00 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-18 06:00 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-18 06:00 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-18 06:00 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-18 06:00 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-18 06:00 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-18 06:00 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-18 06:00 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-18 06:00 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-18 06:00 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-18 06:00 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-18 06:00 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-18 00:55 - 2014-01-03 20:41 - 00000000 ____D C:\Users\kris\AppData\Local\CrashDumps
2013-12-17 18:49 - 2013-12-17 18:49 - 00000000 ____D C:\ProgramData\MediaDev
2013-12-17 18:44 - 2013-12-17 18:44 - 00000000 ____D C:\ProgramData\UpdateTask
2013-12-17 16:03 - 2013-12-30 19:35 - 00000000 ____D C:\Users\kris\AppData\Local\cache
2013-12-17 16:03 - 2013-12-17 16:03 - 00000000 ____D C:\Users\kris\.android
2013-12-17 16:02 - 2014-01-04 19:00 - 00000404 _____ C:\Windows\Tasks\isharpsoft Task.job
2013-12-17 16:02 - 2013-12-30 19:33 - 00000000 ____D C:\Users\kris\AppData\Local\genienext
2013-12-17 16:02 - 2013-12-28 23:08 - 00000000 ____D C:\Program Files (x86)\iSharpsoft
2013-12-17 16:02 - 2013-12-17 18:33 - 00000000 ____D C:\Users\kris\AppData\Roaming\iSharpsoft
2013-12-17 16:02 - 2013-12-17 16:02 - 00003128 _____ C:\Windows\System32\Tasks\GreatArcadeHits
2013-12-17 16:02 - 2013-12-17 16:02 - 00002828 _____ C:\Windows\System32\Tasks\isharpsoft Task
2013-12-17 15:58 - 2014-01-01 20:17 - 00000000 ____D C:\Users\kris\AppData\Roaming\UpdateServ
2013-12-17 15:58 - 2013-12-17 16:31 - 00000000 ____D C:\ProgramData\UpdateCommon
2013-12-17 15:58 - 2013-12-17 15:58 - 00058016 _____ C:\Users\kris\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-17 15:58 - 2013-12-17 15:58 - 00000000 ____D C:\ProgramData\CDB
2013-12-17 15:57 - 2014-01-01 16:32 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-17 15:56 - 2013-12-17 15:56 - 00000000 ____D C:\Program Files (x86)\Video Downloader
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3CF.tmp
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3CE.tmp
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3AF.tmp
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3A1.tmp
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3A0.tmp
2013-12-17 06:28 - 2013-12-17 06:28 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2013-12-17 06:03 - 2013-10-14 21:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-17 06:02 - 2013-12-17 06:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-17 06:02 - 2013-12-17 06:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-17 06:02 - 2013-12-17 06:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-17 06:02 - 2013-12-17 06:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-17 06:02 - 2013-12-17 06:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-17 06:02 - 2013-12-17 06:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-17 06:02 - 2013-12-17 06:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-16 17:23 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-16 17:23 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-16 17:23 - 2013-04-17 02:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-12-16 17:23 - 2013-04-17 01:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-12-16 17:23 - 2012-02-11 01:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-12-16 17:23 - 2012-02-11 01:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-12-16 07:27 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-16 07:27 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-16 07:27 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-16 07:27 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-16 06:18 - 2012-07-25 22:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-12-16 06:18 - 2012-07-25 22:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-12-16 06:18 - 2012-07-25 22:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-12-16 06:18 - 2012-07-25 22:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-12-16 06:18 - 2012-07-25 22:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-12-16 06:18 - 2012-07-25 21:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-12-16 06:18 - 2012-07-25 21:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-12-16 06:18 - 2012-06-02 09:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-12-16 06:04 - 2012-03-01 01:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-12-16 06:04 - 2012-03-01 01:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-12-16 06:04 - 2012-03-01 00:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-12-16 04:59 - 2013-12-30 14:21 - 00000000 ____D C:\Users\kris\AppData\Roaming\HpUpdate
2013-12-15 06:16 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-15 06:16 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-15 06:16 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-15 06:16 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-12-15 06:16 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-12-15 06:16 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-12-15 06:16 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-12-15 06:16 - 2013-04-12 09:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-12-15 06:16 - 2013-03-19 00:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-12-15 06:16 - 2013-03-19 00:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-12-15 06:16 - 2013-02-27 01:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-12-15 06:16 - 2013-02-27 00:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-12-15 06:16 - 2012-10-09 13:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-12-15 06:16 - 2012-10-09 13:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-12-15 06:16 - 2012-10-09 12:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-12-15 06:16 - 2012-10-09 12:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-12-15 06:16 - 2011-04-09 01:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-12-15 06:16 - 2011-04-09 00:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-12-15 06:15 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-15 06:15 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-15 06:15 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-15 06:15 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-15 06:15 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-15 06:15 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-15 06:15 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-15 06:15 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-15 06:15 - 2013-10-03 21:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-15 06:15 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-15 06:15 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-15 06:15 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-15 06:15 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-15 06:15 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-15 06:15 - 2013-09-27 20:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-15 06:15 - 2013-09-24 21:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-15 06:15 - 2013-09-24 21:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-15 06:15 - 2013-09-24 21:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-15 06:15 - 2013-09-24 21:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-15 06:15 - 2013-09-24 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-15 06:15 - 2013-09-24 21:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-15 06:15 - 2013-09-24 21:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-15 06:15 - 2013-09-24 21:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-15 06:15 - 2013-09-24 20:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-15 06:15 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-15 06:15 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-15 06:15 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-15 06:15 - 2013-09-24 20:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-15 06:15 - 2013-08-04 21:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-12-15 06:15 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-12-15 06:15 - 2013-08-01 21:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-12-15 06:15 - 2013-08-01 21:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-12-15 06:15 - 2013-08-01 20:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-12-15 06:15 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-12-15 06:15 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-12-15 06:15 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-12-15 06:15 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-12-15 06:15 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-12-15 06:15 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-12-15 06:15 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-12-15 06:15 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-12-15 06:15 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-12-15 06:15 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-15 06:15 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-12-15 06:15 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-12-15 06:15 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-12-15 06:15 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-12-15 06:15 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-12-15 06:15 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-12-15 06:15 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-12-15 06:15 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-12-15 06:15 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-12-15 06:15 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-12-15 06:15 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-12-15 06:15 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-15 06:15 - 2013-02-11 23:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-12-15 06:15 - 2012-08-22 13:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-12-15 06:15 - 2012-07-04 15:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-12-15 06:15 - 2012-04-26 00:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2013-12-15 06:15 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-12-15 06:15 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2013-12-15 06:14 - 2013-09-07 21:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-15 06:14 - 2013-09-07 21:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-12-15 06:14 - 2013-09-07 21:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-12-15 06:14 - 2013-07-12 05:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-12-15 06:14 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-12-15 06:14 - 2013-07-09 00:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-12-15 06:14 - 2013-07-08 23:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-12-15 06:14 - 2013-07-04 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-12-15 06:14 - 2013-07-04 07:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-12-15 06:14 - 2013-07-04 06:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-12-15 06:14 - 2013-07-04 06:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-12-15 06:14 - 2013-07-04 05:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-12-15 06:14 - 2013-07-02 23:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-12-15 06:14 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-12-15 06:14 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-12-15 06:14 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-12-15 06:14 - 2013-06-14 23:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-12-15 06:14 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-12-15 06:14 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-12-15 06:14 - 2012-12-07 08:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-12-15 06:14 - 2012-12-07 08:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-12-15 06:14 - 2012-12-07 07:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-12-15 06:14 - 2012-12-07 07:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-12-15 06:14 - 2012-12-07 06:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-12-15 06:14 - 2012-12-07 06:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-12-15 06:14 - 2012-12-07 06:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-12-15 06:14 - 2012-12-07 06:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-12-15 06:14 - 2012-12-07 06:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-12-15 06:14 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-12-15 06:14 - 2012-12-07 06:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-12-15 06:14 - 2012-12-07 06:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-12-15 06:14 - 2012-12-07 06:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-12-15 06:14 - 2012-12-07 06:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-12-15 06:14 - 2012-12-07 06:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-12-15 06:14 - 2012-12-07 06:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-12-15 06:14 - 2012-12-07 06:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-12-15 06:14 - 2012-12-07 06:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-12-15 06:14 - 2012-12-07 05:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-12-15 06:14 - 2012-11-28 17:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-12-15 06:14 - 2012-11-28 17:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-12-15 06:14 - 2012-11-28 17:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-12-15 06:14 - 2012-11-22 00:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-12-15 06:14 - 2012-11-21 23:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-12-15 06:14 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-12-15 06:14 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-12-15 06:14 - 2012-11-01 00:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-12-15 06:14 - 2012-11-01 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-12-15 06:14 - 2012-10-31 23:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-12-15 06:14 - 2012-10-31 23:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-12-15 06:14 - 2012-10-03 12:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-12-15 06:14 - 2012-10-03 12:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-12-15 06:14 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-12-15 06:14 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-12-15 06:14 - 2012-10-03 12:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-12-15 06:14 - 2012-10-03 12:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-12-15 06:14 - 2012-10-03 11:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-12-15 06:14 - 2012-10-03 11:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-12-15 06:14 - 2012-10-03 11:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-12-15 06:14 - 2012-10-03 11:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-12-15 06:14 - 2012-08-21 16:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2013-12-15 06:14 - 2012-05-01 00:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-12-15 06:14 - 2012-01-13 02:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-12-15 06:14 - 2010-06-25 22:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-12-15 06:14 - 2010-06-25 22:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-12-15 06:13 - 2013-08-28 21:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-15 06:13 - 2013-08-28 21:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-12-15 06:13 - 2013-08-28 21:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-12-15 06:13 - 2013-08-28 21:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-12-15 06:13 - 2013-08-28 21:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-12-15 06:13 - 2013-08-28 20:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-12-15 06:13 - 2013-08-28 20:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-12-15 06:13 - 2013-08-28 20:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-12-15 06:13 - 2013-08-28 20:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-12-15 06:13 - 2013-08-28 20:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-12-15 06:13 - 2013-08-28 20:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-12-15 06:13 - 2013-08-28 19:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-12-15 06:13 - 2013-08-28 19:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-12-15 06:13 - 2013-08-28 19:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-12-15 06:13 - 2013-08-28 19:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-12-15 06:13 - 2013-07-25 21:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-12-15 06:13 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-12-15 06:13 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-12-15 06:13 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-12-15 06:13 - 2012-11-30 00:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-12-15 06:13 - 2012-11-30 00:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-12-15 06:13 - 2012-11-30 00:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-12-15 06:13 - 2012-11-29 18:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-12-15 06:13 - 2012-11-29 18:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-12-15 06:13 - 2012-09-25 17:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-12-15 06:13 - 2012-09-25 17:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-12-15 06:13 - 2012-08-10 19:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-12-15 06:13 - 2012-08-10 18:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-12-15 06:13 - 2012-04-27 22:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-12-15 06:13 - 2012-04-07 07:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-12-15 06:13 - 2012-04-07 06:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-12-15 06:13 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-12-15 06:12 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-15 06:12 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-15 06:12 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-15 06:12 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-15 06:12 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-15 06:12 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-15 06:12 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-15 06:12 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-15 06:12 - 2013-10-02 21:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-15 06:12 - 2013-10-02 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-15 06:12 - 2013-08-01 07:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-15 06:12 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-15 06:12 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-15 06:12 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-12-15 06:12 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-12-15 06:12 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-12-15 06:12 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-12-15 06:12 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-12-15 06:12 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-12-15 06:12 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-12-15 06:12 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-12-15 06:12 - 2013-04-10 01:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-12-15 06:12 - 2013-01-24 01:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-12-15 06:12 - 2013-01-03 01:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-12-15 06:12 - 2012-11-22 22:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-12-15 06:12 - 2012-08-22 13:12 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-12-15 06:12 - 2012-07-04 17:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-12-15 06:12 - 2012-07-04 17:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2013-12-15 06:12 - 2012-07-04 17:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2013-12-15 06:12 - 2012-07-04 16:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-12-15 06:12 - 2012-07-04 16:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-12-15 06:12 - 2012-05-14 00:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-12-15 06:12 - 2012-05-05 03:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-12-15 06:12 - 2012-05-05 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-12-15 06:12 - 2011-02-22 23:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2013-12-15 06:12 - 2011-02-03 06:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-12-15 06:11 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-15 06:11 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-15 06:11 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-15 06:11 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-15 06:11 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-15 06:11 - 2013-08-27 20:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-12-15 06:11 - 2012-06-06 01:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2013-12-15 06:11 - 2012-06-06 00:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2013-12-15 04:36 - 2013-12-15 04:36 - 00000000 ____D C:\Users\kris\AppData\Roaming\Macromedia
2013-12-15 04:35 - 2014-01-03 16:42 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9B39F78F-24A9-4F49-AFA1-9EA142A8302C}
2013-12-15 04:35 - 2013-12-30 19:59 - 00000000 ____D C:\Users\kris\AppData\Local\PDFC
2013-12-15 04:35 - 2013-12-30 19:37 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-15 04:35 - 2013-12-18 19:02 - 00000000 ____D C:\Users\kris\AppData\Roaming\Adobe
2013-12-15 04:35 - 2013-12-17 14:39 - 00001415 _____ C:\Users\kris\Desktop\Internet Explorer.lnk
2013-12-15 04:35 - 2013-12-16 15:01 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-15 04:35 - 2013-12-15 04:35 - 00000000 ____D C:\Users\kris\AppData\Local\VirtualStore
2013-12-15 04:34 - 2013-12-30 21:24 - 00000000 ____D C:\Users\kris\AppData\Roaming\Hewlett-Packard
2013-12-15 04:32 - 2013-12-15 04:32 - 00000000 ____D C:\Users\kris\AppData\Local\RemEngine
2013-12-15 04:32 - 2013-12-15 04:32 - 00000000 ____D C:\Users\kris\AppData\Local\Hewlett-Packard_Company
2013-12-15 04:32 - 2013-12-15 04:32 - 00000000 ____D C:\Users\Default\AppData\Local\Hewlett-Packard
2013-12-15 04:32 - 2013-12-15 04:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Hewlett-Packard
2013-12-15 04:32 - 2013-04-17 10:40 - 00002260 _____ C:\Users\Public\Desktop\HP Marketplace.lnk
2013-12-15 04:32 - 2013-04-17 10:40 - 00002180 _____ C:\Users\Public\Desktop\HP+.lnk
2013-12-15 04:31 - 2014-01-04 21:00 - 00000000 ____D C:\Users\kris
2013-12-15 04:31 - 2013-12-30 21:27 - 00000000 ____D C:\Users\kris\AppData\Local\Hewlett-Packard
2013-12-15 04:31 - 2013-12-15 04:31 - 00003290 _____ C:\Windows\System32\Tasks\RMCreator
2013-12-15 04:31 - 2013-12-15 04:31 - 00000020 ___SH C:\Users\kris\ntuser.ini
2013-12-15 04:31 - 2013-12-15 04:31 - 00000000 ____D C:\Users\kris\AppData\Local\TouchSmartData
2013-12-15 04:31 - 2013-12-15 04:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Mathematics
2013-12-15 04:31 - 2012-06-02 18:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-12-15 04:31 - 2012-06-02 18:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-12-15 04:31 - 2012-06-02 17:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-15 04:31 - 2012-06-02 17:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-12-15 04:31 - 2012-06-02 17:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-15 04:31 - 2012-06-02 17:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-12-15 04:31 - 2012-06-02 17:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-12-15 04:31 - 2012-06-02 17:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-15 04:31 - 2012-06-02 17:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-12-15 04:31 - 2009-07-13 23:54 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-15 04:31 - 2009-07-13 23:49 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-15 04:30 - 2014-01-04 20:44 - 01283500 _____ C:\Windows\WindowsUpdate.log
2013-12-15 04:20 - 2013-12-17 18:29 - 00000000 ____D C:\ProgramData\Recovery
2013-12-15 03:26 - 2013-12-15 04:32 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cPC_23-1014_Y53316J_0U_Q3CR225_E12NA2ARW602_4A_I2AED_SPEGATRON CORPORATION_V1.02_B7.01_T120521_W73-1_L409_M4053_J1000_7Intel_86A7_92.80_#130417_N10EC8168;1814539B_Z_G10DE1058_Ohp DV-W28S-W_DHWP4211.MRK
2013-12-15 03:26 - 2013-12-15 04:32 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cPC_23-1014_Y53316J_0U_Q3CR225_E12NA2ARW602_4A_I2AED_SPEGATRON CORPORATION_V1.02_B7.01_T120521_W73-1_L409_M4053_J1000_7Intel_86A7_92.80_#130417_N10EC8168;1814539B_Z_G10DE1058_Ohp DV-W28S-W_DHWP4211.MRK

==================== One Month Modified Files and Folders =======

2014-01-04 21:06 - 2009-07-13 23:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 21:06 - 2009-07-13 23:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 21:04 - 2014-01-04 21:04 - 00000000 ____D C:\FRST
2014-01-04 21:00 - 2014-01-04 21:00 - 00005896 _____ C:\Users\kris\instructions 1.txt
2014-01-04 21:00 - 2013-12-15 04:31 - 00000000 ____D C:\Users\kris
2014-01-04 20:44 - 2013-12-15 04:30 - 01283500 _____ C:\Windows\WindowsUpdate.log
2014-01-04 20:40 - 2013-04-17 10:33 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 20:15 - 2014-01-04 15:04 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-04 19:34 - 2013-12-18 19:02 - 00000268 _____ C:\Windows\Tasks\ArcadeParlor.job
2014-01-04 19:04 - 2009-07-14 00:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 19:00 - 2014-01-04 15:04 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 19:00 - 2013-12-17 16:02 - 00000404 _____ C:\Windows\Tasks\isharpsoft Task.job
2014-01-04 19:00 - 2013-04-17 10:37 - 00000000 ____D C:\ProgramData\PDFC
2014-01-04 18:59 - 2014-01-02 15:53 - 00000676 _____ C:\Windows\PFRO.log
2014-01-04 18:59 - 2014-01-02 15:53 - 00000392 _____ C:\Windows\setupact.log
2014-01-04 18:59 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 15:10 - 2014-01-04 15:04 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-04 15:10 - 2014-01-04 15:04 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-04 15:05 - 2014-01-04 15:05 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-04 15:05 - 2014-01-04 15:04 - 00000000 ____D C:\Users\kris\AppData\Local\Google
2014-01-04 15:04 - 2014-01-04 15:04 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-04 15:03 - 2014-01-04 15:02 - 00819176 _____ (Google Inc.) C:\Users\kris\Downloads\ChromeSetup.exe
2014-01-04 14:02 - 2014-01-04 14:02 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2014-01-04 14:02 - 2014-01-04 14:02 - 00000000 ___HD C:\ProgramData\CanonBJ
2014-01-04 14:01 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2014-01-03 20:58 - 2013-12-30 21:19 - 00000000 ____D C:\Users\kris\Documents\Youcam
2014-01-03 20:41 - 2013-12-18 00:55 - 00000000 ____D C:\Users\kris\AppData\Local\CrashDumps
2014-01-03 19:11 - 2013-12-29 16:25 - 00000000 ____D C:\Windows\pss
2014-01-03 16:42 - 2013-12-15 04:35 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9B39F78F-24A9-4F49-AFA1-9EA142A8302C}
2014-01-02 19:23 - 2014-01-02 19:23 - 02184064 _____ (WiseCleaner.com ) C:\Users\kris\Downloads\WRCFree.exe
2014-01-02 19:17 - 2014-01-02 19:07 - 00000000 ____D C:\Program Files (x86)\SlimCleaner
2014-01-02 19:16 - 2014-01-01 15:42 - 00000000 ____D C:\Program Files (x86)\Anvisoft
2014-01-02 19:09 - 2011-02-11 12:00 - 00000000 ____D C:\Windows\Panther
2014-01-02 19:07 - 2014-01-02 19:07 - 00801088 _____ (SlimWare Utilities, Inc.) C:\Users\kris\Downloads\SlimCleaner-setup.exe
2014-01-02 19:07 - 2014-01-02 19:07 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2014-01-02 19:07 - 2014-01-02 19:07 - 00000000 ____D C:\Users\kris\AppData\Local\SlimWare Utilities Inc
2014-01-02 17:42 - 2014-01-01 15:42 - 00000000 ____D C:\Users\kris\AppData\Roaming\Anvisoft
2014-01-02 15:53 - 2014-01-02 15:53 - 00000000 _____ C:\Windows\setuperr.log
2014-01-02 15:52 - 2013-12-31 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 15:51 - 2013-12-18 19:02 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeParlor
2014-01-02 15:48 - 2014-01-02 15:48 - 15627064 _____ (Anvisoft) C:\Users\kris\Downloads\csbsetup.exe
2014-01-01 21:37 - 2014-01-01 21:37 - 00625664 _____ C:\Users\kris\Downloads\dds.scr.txt
2014-01-01 21:27 - 2014-01-01 21:27 - 00688992 ____R (Swearware) C:\Users\kris\Downloads\dds.com
2014-01-01 20:44 - 2014-01-01 20:44 - 26548024 _____ C:\Users\kris\Downloads\asdsetup(3).exe
2014-01-01 20:17 - 2013-12-17 15:58 - 00000000 ____D C:\Users\kris\AppData\Roaming\UpdateServ
2014-01-01 19:00 - 2014-01-01 19:00 - 00000000 ____D C:\Users\kris\AppData\Roaming\Malwarebytes
2014-01-01 19:00 - 2014-01-01 19:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-01 18:59 - 2014-01-01 18:59 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\kris\Downloads\mbam-setup.exe
2014-01-01 16:32 - 2013-12-17 15:57 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-01 15:42 - 2014-01-01 15:42 - 00000000 ____D C:\ProgramData\Anvisoft
2014-01-01 15:41 - 2014-01-01 15:41 - 26548024 _____ C:\Users\kris\Downloads\asdsetup(2).exe
2014-01-01 15:40 - 2014-01-01 15:40 - 26548024 _____ C:\Users\kris\Downloads\asdsetup(1).exe
2014-01-01 15:38 - 2014-01-01 15:38 - 26548024 _____ C:\Users\kris\Downloads\asdsetup.exe
2014-01-01 15:30 - 2013-12-30 17:13 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForkris.job
2014-01-01 14:40 - 2013-04-17 10:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-01 14:40 - 2013-04-17 10:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-01 14:40 - 2013-04-17 10:33 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-01 14:29 - 2013-12-30 17:13 - 00003176 _____ C:\Windows\System32\Tasks\HPCeeScheduleForkris
2014-01-01 14:26 - 2013-12-24 18:12 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-12-31 18:08 - 2013-12-31 18:08 - 00000000 ____D C:\Users\kris\AppData\Local\Macromedia
2013-12-31 18:07 - 2013-12-18 19:02 - 00000000 ____D C:\Users\kris\AppData\Local\Adobe
2013-12-31 17:25 - 2013-12-31 17:24 - 00000000 ____D C:\Users\kris\AppData\Local\Mozilla
2013-12-31 17:24 - 2013-12-31 17:24 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-31 17:24 - 2013-12-31 17:24 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-31 17:24 - 2013-12-31 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-31 17:22 - 2013-12-31 17:22 - 00109144 _____ () C:\Users\kris\Downloads\Setup (2).exe
2013-12-31 16:35 - 2013-12-31 16:30 - 00000000 ____D C:\AdwCleaner
2013-12-31 15:47 - 2013-12-31 15:46 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2013-12-31 15:30 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-12-31 14:31 - 2013-12-31 14:31 - 00550371 _____ C:\Users\kris\Downloads\Autoruns.zip
2013-12-31 14:29 - 2013-12-31 14:29 - 00000000 ____D C:\Users\kris\AppData\Local\WinZip
2013-12-31 14:29 - 2013-04-17 10:35 - 00000000 ____D C:\ProgramData\WinZip
2013-12-30 22:28 - 2013-12-18 18:53 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-12-30 22:23 - 2013-12-30 22:22 - 00000000 ____D C:\Program Files (x86)\Sendori
2013-12-30 22:20 - 2013-12-30 22:20 - 00000000 ____D C:\ProgramData\Real
2013-12-30 21:27 - 2013-12-15 04:31 - 00000000 ____D C:\Users\kris\AppData\Local\Hewlett-Packard
2013-12-30 21:26 - 2013-12-30 21:26 - 00000000 ____D C:\ProgramData\UpdateServer
2013-12-30 21:24 - 2013-12-15 04:34 - 00000000 ____D C:\Users\kris\AppData\Roaming\Hewlett-Packard
2013-12-30 21:23 - 2013-12-30 21:23 - 00000000 ____D C:\Users\Public\CyberLink
2013-12-30 21:20 - 2013-04-17 10:32 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-30 21:19 - 2013-12-30 21:19 - 00000000 ____D C:\Users\kris\AppData\Roaming\CyberLink
2013-12-30 21:19 - 2013-12-30 21:19 - 00000000 ____D C:\Users\kris\AppData\Local\CyberLink
2013-12-30 21:14 - 2010-11-21 02:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-12-30 21:11 - 2013-12-30 21:11 - 00000000 ____D C:\Windows\ERUNT
2013-12-30 21:09 - 2013-12-30 21:09 - 00923784 _____ (CNET Download.com) C:\Users\kris\Downloads\cbsidlm-cbsi145-Junkware_Removal_Tool-ORG-75910255.exe
2013-12-30 20:55 - 2013-12-30 20:54 - 25647320 _____ (Microsoft Corporation) C:\Users\kris\Downloads\Windows-KB890830-x64-V5.7 (2).exe
2013-12-30 20:41 - 2013-12-30 20:16 - 00000000 ____D C:\Users\kris\AppData\Local\Deployment
2013-12-30 20:33 - 2013-12-30 20:33 - 00051496 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-12-30 20:28 - 2013-12-30 20:26 - 00000000 ____D C:\Program Files (x86)\ShowMyPCService
2013-12-30 20:16 - 2013-12-30 20:16 - 00000000 ____D C:\Users\kris\AppData\Local\Apps\2.0
2013-12-30 19:59 - 2013-12-15 04:35 - 00000000 ____D C:\Users\kris\AppData\Local\PDFC
2013-12-30 19:42 - 2013-12-30 19:41 - 55915216 _____ (Microsoft Corporation) C:\Users\kris\Downloads\IE11-Windows6.1-x64-en-us.exe
2013-12-30 19:42 - 2013-12-30 19:41 - 25647320 _____ (Microsoft Corporation) C:\Users\kris\Downloads\Windows-KB890830-x64-V5.7 (1).exe
2013-12-30 19:41 - 2013-12-30 19:41 - 25647320 _____ (Microsoft Corporation) C:\Users\kris\Downloads\Windows-KB890830-x64-V5.7.exe
2013-12-30 19:37 - 2013-12-15 04:35 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-30 19:35 - 2013-12-17 16:03 - 00000000 ____D C:\Users\kris\AppData\Local\cache
2013-12-30 19:33 - 2013-12-30 19:33 - 00000000 _____ C:\Users\kris\daemonprocess.txt
2013-12-30 19:33 - 2013-12-17 16:02 - 00000000 ____D C:\Users\kris\AppData\Local\genienext
2013-12-30 19:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-30 19:11 - 2011-02-11 12:15 - 00774592 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-30 19:09 - 2013-04-17 10:28 - 00005676 _____ C:\Windows\system32\RaCoInst.log
2013-12-30 19:07 - 2013-12-30 19:07 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-12-30 19:07 - 2013-04-17 10:21 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-30 19:07 - 2013-04-17 10:20 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-30 19:07 - 2013-04-17 10:20 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-30 18:44 - 2013-12-30 18:44 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-30 18:42 - 2013-12-30 18:42 - 00000000 ____D C:\Users\kris\AppData\Local\BrowserSafeguard
2013-12-30 15:55 - 2013-12-30 15:49 - 00000000 ____D C:\Users\kris\AppData\Local\Roblox
2013-12-30 15:44 - 2013-12-30 15:44 - 00000000 ____D C:\ProgramData\SearchDonkey
2013-12-30 15:44 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 15:20 - 2013-12-29 15:24 - 00000000 ____D C:\Users\kris\AppData\Roaming\Skype
2013-12-30 14:21 - 2013-12-24 18:10 - 00000000 ____D C:\Users\kris\AppData\Roaming\HP Support Assistant
2013-12-30 14:21 - 2013-12-16 04:59 - 00000000 ____D C:\Users\kris\AppData\Roaming\HpUpdate
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-12-29 15:24 - 2013-12-29 15:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-29 15:24 - 2013-04-17 10:37 - 00000000 ____D C:\ProgramData\Skype
2013-12-29 15:23 - 2013-12-29 15:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-28 23:51 - 2013-12-28 23:51 - 00001219 _____ C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-28 23:26 - 2013-12-28 23:26 - 00002119 _____ C:\Users\kris\Desktop\Microsoft Security Essentials.lnk
2013-12-28 23:26 - 2013-12-28 23:26 - 00001945 _____ C:\Windows\epplauncher.mif
2013-12-28 23:26 - 2013-12-28 23:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-28 23:26 - 2013-12-28 23:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-12-28 23:10 - 2013-12-18 18:54 - 00000000 ____D C:\Users\kris\AppData\Local\StormAlerts
2013-12-28 23:08 - 2013-12-17 16:02 - 00000000 ____D C:\Program Files (x86)\iSharpsoft
2013-12-28 21:46 - 2013-12-28 21:44 - 00000000 ____D C:\Windows\system32\MRT
2013-12-28 20:53 - 2013-12-28 20:53 - 00000000 ____D C:\Users\kris\hpremote
2013-12-28 20:50 - 2013-12-18 19:01 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-28 18:51 - 2013-12-20 16:02 - 00020930 _____ C:\Windows\system32\ScanResults.xml
2013-12-28 18:48 - 2013-12-20 16:00 - 00001056 _____ C:\Windows\system32\SettingsFile
2013-12-24 18:12 - 2013-04-17 10:26 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-12-18 19:02 - 2013-12-30 19:07 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2013-12-18 19:02 - 2013-12-18 19:02 - 00003144 _____ C:\Windows\System32\Tasks\ArcadeParlor
2013-12-18 19:02 - 2013-12-18 19:02 - 00000145 _____ C:\out.txt
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\Users\kris\AppData\Roaming\Mozilla
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\ProgramData\Adobe
2013-12-18 19:02 - 2013-12-18 19:02 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-12-18 19:02 - 2013-12-15 04:35 - 00000000 ____D C:\Users\kris\AppData\Roaming\Adobe
2013-12-17 18:49 - 2013-12-17 18:49 - 00000000 ____D C:\ProgramData\MediaDev
2013-12-17 18:44 - 2013-12-17 18:44 - 00000000 ____D C:\ProgramData\UpdateTask
2013-12-17 18:33 - 2013-12-17 16:02 - 00000000 ____D C:\Users\kris\AppData\Roaming\iSharpsoft
2013-12-17 18:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-12-17 18:29 - 2013-12-15 04:20 - 00000000 ____D C:\ProgramData\Recovery
2013-12-17 16:31 - 2013-12-17 15:58 - 00000000 ____D C:\ProgramData\UpdateCommon
2013-12-17 16:03 - 2013-12-17 16:03 - 00000000 ____D C:\Users\kris\.android
2013-12-17 16:02 - 2013-12-17 16:02 - 00003128 _____ C:\Windows\System32\Tasks\GreatArcadeHits
2013-12-17 16:02 - 2013-12-17 16:02 - 00002828 _____ C:\Windows\System32\Tasks\isharpsoft Task
2013-12-17 15:58 - 2013-12-17 15:58 - 00058016 _____ C:\Users\kris\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-17 15:58 - 2013-12-17 15:58 - 00000000 ____D C:\ProgramData\CDB
2013-12-17 15:56 - 2013-12-17 15:56 - 00000000 ____D C:\Program Files (x86)\Video Downloader
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3CF.tmp
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3CE.tmp
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3AF.tmp
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3A1.tmp
2013-12-17 15:55 - 2013-12-17 15:55 - 00000000 _____ C:\LILB3A0.tmp
2013-12-17 14:39 - 2013-12-15 04:35 - 00001415 _____ C:\Users\kris\Desktop\Internet Explorer.lnk
2013-12-17 06:28 - 2013-12-17 06:28 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2013-12-17 06:23 - 2013-04-17 10:41 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-12-17 06:23 - 2013-04-17 10:40 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2013-12-17 06:02 - 2013-12-17 06:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-17 06:02 - 2013-12-17 06:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-17 06:02 - 2013-12-17 06:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-17 06:02 - 2013-12-17 06:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-17 06:02 - 2013-12-17 06:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-17 06:02 - 2013-12-17 06:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-17 06:02 - 2013-12-17 06:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-17 06:02 - 2013-12-17 06:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-17 06:02 - 2013-12-17 06:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-16 15:01 - 2013-12-15 04:35 - 00000000 ____D C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-16 15:01 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\restore
2013-12-16 07:55 - 2009-07-13 23:45 - 00275712 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-16 07:52 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-16 07:52 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-16 07:52 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-16 07:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-12-16 07:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-12-16 07:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-12-16 07:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-12-16 07:49 - 2010-11-21 02:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-16 06:42 - 2013-12-16 06:42 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-16 06:42 - 2013-12-16 06:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-15 04:36 - 2013-12-15 04:36 - 00000000 ____D C:\Users\kris\AppData\Roaming\Macromedia
2013-12-15 04:35 - 2013-12-15 04:35 - 00000000 ____D C:\Users\kris\AppData\Local\VirtualStore
2013-12-15 04:35 - 2013-04-17 10:40 - 00000000 ____D C:\ProgramData\Norton
2013-12-15 04:35 - 2012-06-07 18:46 - 00000000 __RHD C:\SYSTEM.SAV
2013-12-15 04:35 - 2011-02-11 11:32 - 00000000 ____D C:\SWSETUP
2013-12-15 04:32 - 2013-12-30 19:07 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Hewlett-Packard
2013-12-15 04:32 - 2013-12-15 04:32 - 00000000 ____D C:\Users\kris\AppData\Local\RemEngine
2013-12-15 04:32 - 2013-12-15 04:32 - 00000000 ____D C:\Users\kris\AppData\Local\Hewlett-Packard_Company
2013-12-15 04:32 - 2013-12-15 04:32 - 00000000 ____D C:\Users\Default\AppData\Local\Hewlett-Packard
2013-12-15 04:32 - 2013-12-15 04:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Hewlett-Packard
2013-12-15 04:32 - 2013-12-15 03:26 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cPC_23-1014_Y53316J_0U_Q3CR225_E12NA2ARW602_4A_I2AED_SPEGATRON CORPORATION_V1.02_B7.01_T120521_W73-1_L409_M4053_J1000_7Intel_86A7_92.80_#130417_N10EC8168;1814539B_Z_G10DE1058_Ohp DV-W28S-W_DHWP4211.MRK
2013-12-15 04:32 - 2013-12-15 03:26 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cPC_23-1014_Y53316J_0U_Q3CR225_E12NA2ARW602_4A_I2AED_SPEGATRON CORPORATION_V1.02_B7.01_T120521_W73-1_L409_M4053_J1000_7Intel_86A7_92.80_#130417_N10EC8168;1814539B_Z_G10DE1058_Ohp DV-W28S-W_DHWP4211.MRK
2013-12-15 04:32 - 2013-04-17 10:39 - 00000000 ___RD C:\Program Files\Online Services
2013-12-15 04:32 - 2013-04-17 10:35 - 00000000 ___RD C:\Program Files (x86)\Online Services
2013-12-15 04:32 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-12-15 04:32 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-12-15 04:31 - 2013-12-15 04:31 - 00003290 _____ C:\Windows\System32\Tasks\RMCreator
2013-12-15 04:31 - 2013-12-15 04:31 - 00000020 ___SH C:\Users\kris\ntuser.ini
2013-12-15 04:31 - 2013-12-15 04:31 - 00000000 ____D C:\Users\kris\AppData\Local\TouchSmartData
2013-12-15 04:31 - 2013-12-15 04:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Mathematics
2013-12-15 04:31 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-15 04:20 - 2009-07-14 00:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-12-15 04:20 - 2009-07-14 00:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-12-15 03:27 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\sysprep

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-02 18:50

==================== End Of Log ============================












And here is second part



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by kris at 2014-01-04 21:06:51
Running from C:\Users\kris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3G0TWSM
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Bubble Wrap (x32 Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Canon MG2100 series MP Drivers (Version: - )
CyberLink YouCam (x32 Version: 3.5.3.5017 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.3.5017 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Facebook (x32 Version: 1.1.0004 - Hewlett-Packard)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Application Assistant (Version: 1.1.466.3970 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Calendar (x32 Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (x32 Version: 5.1.4281.27332 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP LinkUp (x32 Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (x32 Version: 5.1.15.0 - Hewlett-Packard)
HP Notes (x32 Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (x32 Version: 2.10.0000 - Hewlett-Packard)
HP RSS (x32 Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (x32 Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Information (x32 Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (x32 Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (x32 Version: 5.003.001.001 - Hewlett-Packard)
HP Weather (x32 Version: 5.1.4245.22595 - Hewlett-Packard)
Intel® Management Engine Components (x32 Version: 8.0.0.1351 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (x32 Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (x32 Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton Internet Security (x32 Version: 19.9.1.14 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
NVIDIA Control Panel 311.10 (Version: 311.10 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.10 (Version: 311.10 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Corporate Edition (x32 Version: 4.0.95 - PDF Complete, Inc)
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation)
Power2Go (x32 Version: 6.1.6207 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.6207 - CyberLink Corp.) Hidden
Ralink RT5390R 802.11bgn 1x1 Wi-Fi Adapter (x32 Version: 3.2.13.0 - Ralink)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6622 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.28110 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5223 - CyberLink Corp.) Hidden
Remote Graphics Receiver (x32 Version: 5.4.5 - Hewlett-Packard)
ROBLOX Player for kris (HKCU Version: - ROBLOX Corporation)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip 16.0 (Version: 16.0.9715 - WinZip Computing, S.L. )

==================== Restore Points =========================

30-12-2013 23:43:59 Removed VideoBuzz
31-12-2013 00:05:03 Windows Update
31-12-2013 00:29:37 Removed CWA Reminder by We-Care.com v4.1.24.3
31-12-2013 00:35:16 Removed ASPCA Reminder by We-Care.com v4.1.24.1
31-12-2013 00:37:54 Removed Blio.
01-01-2014 19:25:01 HPSF Restore Point
02-01-2014 20:49:06 Anvi CSB 3.1
03-01-2014 00:14:20 Removed SlimCleaner
03-01-2014 00:16:46 Removed SlimCleaner
03-01-2014 21:43:03 Windows Update

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03141617-5FAB-41FA-A7B5-919F4361318E} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2012-04-23] (CyberLink)
Task: {0C2881CC-45B8-438D-98A6-6F1B3D9D5EC8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {30B16B2A-4ECB-4468-8BB3-2D96DBF69C71} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {341BF60C-C7D0-4AED-A78C-1B33506E9ED2} - System32\Tasks\isharpsoft Task => C:\Users\kris\AppData\Roaming\UpdateServ\IRegCleaner.exe [2013-11-27] (iSharpsoft.com)
Task: {364955BB-D56D-4AFB-9DFB-39E18BACAED4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2013-02-19] (Hewlett-Packard)
Task: {376F7817-6F97-4233-9A3C-59EF69CEB83C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-01] (Adobe Systems Incorporated)
Task: {3FD58B42-508B-4143-BACF-235920A22586} - System32\Tasks\ArcadeParlor => C:\Users\kris\AppData\Local\ArcadeParlor\versioncheck.exe
Task: {445C20FB-0E29-45A9-9E94-EA77D590F3CF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\wscstub.exe [2013-02-01] (Symantec Corporation)
Task: {4F1A220D-C2DA-4469-BCA6-4F265C9DEBAE} - System32\Tasks\HPCeeScheduleForkris => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {53A33512-432F-4B74-8FCF-E2AF5AB1EE1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {58189FF3-7785-4F11-865A-E9D8ACD7824F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symerr.exe [2012-02-03] (Symantec Corporation)
Task: {634742E5-7972-4D49-BA3E-C6B8157C6FE6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {871A2A2A-213C-464F-9CC9-DC5710E59D6B} - System32\Tasks\GreatArcadeHits => C:\Users\kris\AppData\Local\GreatArcadeHits\GAHUpdate.exe <==== ATTENTION
Task: {AD77B586-0C85-454B-A687-C857D2005745} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {AF7CA4F7-1830-4DD2-9C47-FC2855408E2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {E1C9DB30-511B-45B5-BCAB-696E3487836A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe [2012-02-21] (CyberLink)
Task: {EB1141B3-66B9-4630-B85F-2E31C0584E1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {EB205F1A-05EC-446C-977A-DCFEA3F7E93F} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\symerr.exe [2012-02-03] (Symantec Corporation)
Task: {FA334172-CA57-4933-AD73-31EA71BB4050} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ArcadeParlor.job => C:\Users\kris\AppData\Local\ArcadeParlor\versioncheck.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForkris.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\isharpsoft Task.job => C:\Users\kris\AppData\Roaming\UpdateServ\IRegCleaner.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/03/2014 08:41:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: DUser.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdf26
Exception code: 0xc0000005
Fault offset: 0x0000000000002453
Faulting process id: 0x7e0
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (01/02/2014 05:40:42 PM) (Source: MsiInstaller) (User: DAVID)
Description: Product: Bing Bar -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.

Error: (12/30/2013 08:23:42 PM) (Source: Application Error) (User: )
Description: Faulting application name: join.me.exe, version: 1.13.0.130, time stamp: 0x52aacde6
Faulting module name: join.me.exe, version: 1.13.0.130, time stamp: 0x52aacde6
Exception code: 0xc0000005
Fault offset: 0x003b3bf0
Faulting process id: 0xf34
Faulting application start time: 0xjoin.me.exe0
Faulting application path: join.me.exe1
Faulting module path: join.me.exe2
Report Id: join.me.exe3

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Dynamic, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Dynamic, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06

Error: (12/30/2013 07:12:59 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06


System errors:
=============
Error: (01/02/2014 07:16:05 PM) (Source: Service Control Manager) (User: )
Description: The Anvi Cloud System Booster Speed Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/01/2014 08:45:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/01/2014 08:45:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/01/2014 08:45:28 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/01/2014 08:43:26 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/01/2014 08:43:26 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/01/2014 08:43:26 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/01/2014 08:43:24 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (01/01/2014 08:43:24 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (01/01/2014 08:43:20 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (01/03/2014 08:41:38 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4DUser.dll6.1.7600.163854a5bdf26c000000500000000000024537e001cf08e8112e4ffeC:\Windows\Explorer.EXEC:\Windows\system32\DUser.dll5a0cfeb3-74e1-11e3-a9ea-4c72b940af39

Error: (01/02/2014 05:40:42 PM) (Source: MsiInstaller)(User: DAVID)
Description: Product: Bing Bar -- Error 1730. You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/30/2013 08:23:42 PM) (Source: Application Error)(User: )
Description: join.me.exe1.13.0.13052aacde6join.me.exe1.13.0.13052aacde6c0000005003b3bf0f3401cf05c5f880e442C:\Users\kris\AppData\Local\Temp\joiCD9B.tmp\join.me.exeC:\Users\kris\AppData\Local\Temp\joiCD9B.tmp\join.me.exe2f186f37-71ba-11e3-9778-4c72b940af39

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
System.Data.SqlXml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Dynamic, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
System.Dynamic, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Dynamic, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
System.Dynamic, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (12/30/2013 07:13:00 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80131f06
System.Numerics, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (12/30/2013 07:12:59 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80131f06
System.Security, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a


==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 4052.4 MB
Available physical RAM: 2583.06 MB
Total Pagefile: 8102.98 MB
Available Pagefile: 5955.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:920.41 GB) (Free:879.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:10.87 GB) (Free:1.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 5DCBBF18)

Partition: GPT Partition Type
==================== End Of Log ============================

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:05 AM

Posted 04 January 2014 - 11:07 PM



Hello djlnyc

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 04 January 2014 - 11:37 PM

okay here are the 2 reports I will restart and check back with you in just a minute

 

 

 

 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########
 AdwCleaner v3.016 - Report created 04/01/2014 at 23:12:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : kris - DAVID
# Running from : C:\Users\kris\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Video downloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5541 octets] - [31/12/2013 16:30:46]
AdwCleaner[R1].txt - [1541 octets] - [04/01/2014 23:10:36]
AdwCleaner[S0].txt - [5325 octets] - [31/12/2013 16:34:57]
AdwCleaner[S1].txt - [1478 octets] - [04/01/2014 23:12:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1538 octets] ##########

 

 

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by kris on Sat 01/04/2014 at 23:17:23.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-942877113-2146743326-1431284760-1000\Software\sweetim

 

~~~ Files

Successfully deleted: [File] "C:\Users\kris\appdata\locallow\SkwConfig.bin"

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\searchdonkey"
Successfully deleted: [Folder] "C:\Users\kris\appdata\local\browsersafeguard"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

~~~ FireFox

Emptied folder: C:\Users\kris\AppData\Roaming\mozilla\firefox\profiles\qasmhd8p.default\minidumps [4 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/04/2014 at 23:23:13.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#6 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 04 January 2014 - 11:46 PM

Okay I did notice it did start much faster then previous times , but the pop up still came up at start in which I had to X to remove from screen "Smart Pc Fix Notice" Thanks

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:05 AM

Posted 05 January 2014 - 12:17 PM


Hello djlnyc

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 05 January 2014 - 03:05 PM

hello ,good afternoon did not see your email would have responded faster , every thing seems fine except for homepage setting ,  seems like my msn page is gone but no biggie I can  always put back I will reboot and check for that Smart Pc Fix Notice , I did notice on this log I posted that one of those files has a name that I believe is associated with this Pop up at start up which is ( isharpsoft  )  cause this name is also on bottom of pop up don't know if that helps Thanks , also don't know also seems like 1 part of the Norton security was not properly disabled by me while doing  this scan according this log posted

 

 

 

 

 

 

 

ComboFix 14-01-04.03 - kris 01/05/2014  14:42:36.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4052.2719 [GMT -5:00]
Running from: c:\users\kris\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\LILB3A0.tmp
C:\LILB3A1.tmp
C:\LILB3AF.tmp
C:\LILB3CE.tmp
C:\LILB3CF.tmp
c:\programdata\UpdateTask
c:\programdata\UpdateTask\feedback.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-05 to 2014-01-05  )))))))))))))))))))))))))))))))
.
.
2014-01-05 19:46 . 2014-01-05 19:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-05 02:04 . 2014-01-05 02:04 -------- d-----w- C:\FRST
2014-01-05 00:11 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4FC67C63-2269-4C4A-B579-D7A9D687FA8F}\mpengine.dll
2014-01-04 20:04 . 2014-01-04 20:04 -------- d-----w- c:\program files (x86)\Google
2014-01-04 19:02 . 2014-01-04 19:02 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2014-01-04 19:02 . 2014-01-04 19:02 -------- d--h--w- c:\programdata\CanonBJ
2014-01-04 19:02 . 2011-05-23 10:00 98816 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAQ.DLL
2014-01-04 19:02 . 2011-05-23 10:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAQ.DLL
2014-01-04 19:01 . 2011-05-23 10:00 385536 ----a-w- c:\windows\system32\CNMLMAQ.DLL
2014-01-04 19:01 . 2011-04-27 16:01 373248 ----a-w- c:\windows\system32\CNC_AQL.dll
2014-01-04 19:01 . 2011-04-27 16:00 323584 ----a-w- c:\windows\SysWow64\CNC_AQL.dll
2014-01-04 19:01 . 2011-03-31 15:07 114688 ----a-w- c:\windows\SysWow64\CNC_AQU.dll
2014-01-04 19:01 . 2011-03-31 15:07 302080 ----a-w- c:\windows\system32\CNC_AQC.dll
2014-01-04 19:01 . 2011-03-31 15:06 112128 ----a-w- c:\windows\system32\CNC_AQI.dll
2014-01-04 19:01 . 2008-08-25 23:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2014-01-04 19:01 . 2008-08-25 23:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2014-01-03 21:43 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-03 00:07 . 2014-01-03 00:17 -------- d-----w- c:\program files (x86)\SlimCleaner
2014-01-02 00:00 . 2014-01-02 00:00 -------- d-----w- c:\programdata\Malwarebytes
2014-01-01 20:42 . 2014-01-01 20:42 -------- d-----w- c:\programdata\Anvisoft
2014-01-01 20:42 . 2014-01-03 00:16 -------- d-----w- c:\program files (x86)\Anvisoft
2013-12-31 22:24 . 2013-12-31 22:24 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-12-31 21:30 . 2014-01-05 04:12 -------- d-----w- C:\AdwCleaner
2013-12-31 03:22 . 2013-12-31 03:23 -------- d-----w- c:\program files (x86)\Sendori
2013-12-31 02:40 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-12-31 02:40 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-12-31 02:26 . 2013-12-31 02:26 -------- d-----w- c:\programdata\UpdateServer
2013-12-31 02:23 . 2013-12-31 02:23 -------- d-----w- c:\users\Public\CyberLink
2013-12-31 02:16 . 2013-12-31 02:16 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-12-31 02:16 . 2013-12-31 02:16 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-12-31 02:15 . 2013-12-31 02:15 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-31 02:15 . 2013-12-31 02:15 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-12-31 02:11 . 2013-12-31 02:11 -------- d-----w- c:\windows\ERUNT
2013-12-31 01:33 . 2013-12-31 01:33 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2013-12-31 01:26 . 2013-12-31 01:28 -------- d-----w- c:\program files (x86)\ShowMyPCService
2013-12-31 00:09 . 2013-12-31 00:09 -------- d-----w- c:\windows\Migration
2013-12-31 00:07 . 2014-01-04 01:00 -------- d-----w- c:\users\UpdatusUser
2013-12-31 00:01 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-12-31 00:01 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-12-31 00:01 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-31 00:01 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-31 00:01 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-31 00:01 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-31 00:01 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-31 00:01 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-31 00:01 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-12-29 20:24 . 2013-12-29 20:24 -------- d-----w- c:\program files\Microsoft Silverlight
2013-12-29 20:24 . 2013-12-29 20:24 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-12-29 20:23 . 2013-12-29 20:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-12-29 20:23 . 2013-12-29 20:23 -------- d-----r- c:\program files (x86)\Skype
2013-12-29 04:27 . 2013-12-29 04:27 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{568DB3C3-D444-4395-A2B2-C5DF3BA36266}\gapaengine.dll
2013-12-29 04:26 . 2013-12-29 04:26 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-12-29 04:26 . 2013-12-29 04:26 -------- d-----w- c:\program files\Microsoft Security Client
2013-12-29 02:44 . 2013-12-29 02:46 -------- d-----w- c:\windows\system32\MRT
2013-12-19 00:02 . 2013-12-19 00:02 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-12-19 00:01 . 2013-12-29 01:50 -------- d-----w- c:\programdata\Yahoo!
2013-12-18 23:53 . 2013-12-31 03:28 -------- d-----w- c:\program files (x86)\VideoLAN
2013-12-17 23:49 . 2013-12-17 23:49 -------- d-----w- c:\programdata\MediaDev
2013-12-17 21:02 . 2013-12-29 04:08 -------- d-----w- c:\program files (x86)\iSharpsoft
2013-12-17 20:58 . 2013-12-17 20:58 -------- d-----w- c:\programdata\CDB
2013-12-17 20:58 . 2013-12-17 21:31 -------- d-----w- c:\programdata\UpdateCommon
2013-12-17 11:03 . 2013-10-15 02:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-16 22:23 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-16 22:23 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-16 22:23 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-12-16 22:23 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-12-16 22:23 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-12-16 22:23 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-12-16 20:11 . 2013-12-17 23:33 -------- d-----w- c:\windows\system32\drivers\NISx64\1309010.00E
2013-12-16 12:50 . 2013-12-16 12:50 -------- d-----w- c:\windows\SysWow64\Wat
2013-12-16 12:50 . 2013-12-16 12:50 -------- d-----w- c:\windows\system32\Wat
2013-12-16 12:27 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-16 12:27 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-16 12:27 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-16 12:27 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-16 12:27 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-16 11:50 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-12-16 11:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-12-16 11:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-12-16 11:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-12-16 11:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-12-16 11:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-12-16 11:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-12-16 11:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-12-16 11:04 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-12-16 11:04 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-12-16 11:04 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-12-15 22:35 . 2013-12-15 22:35 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-12-15 11:15 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-12-15 11:14 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-15 11:13 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-12-15 11:12 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-12-15 11:11 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-12-15 09:32 . 2013-12-15 09:32 -------- d-----w- c:\users\Default\AppData\Local\Hewlett-Packard
2013-12-15 09:31 . 2014-01-05 02:00 -------- d-----w- c:\users\kris
2013-12-15 09:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-12-15 09:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-12-15 09:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-12-15 09:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-12-15 09:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-12-15 09:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-12-15 09:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-12-15 09:31 . 2013-12-15 09:31 -------- d-----w- c:\program files (x86)\Microsoft Mathematics
2013-12-15 09:31 . 2012-06-02 23:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-12-15 09:31 . 2012-06-02 23:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-12-15 09:20 . 2013-12-17 23:29 -------- d-----w- c:\programdata\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-01 19:40 . 2013-04-17 15:33 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-01 19:40 . 2013-04-17 15:33 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-16 20:01 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-19 10:21 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2012-04-04 684024]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MediaDevSrv;MediaDevSrv;c:\programdata\MediaDev\1387324144\mediadev.exe;c:\programdata\MediaDev\1387324144\mediadev.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WinDevSvc;WinDevSvc;c:\programdata\UpdateServer\1388456804\webdev.exe;c:\programdata\UpdateServer\1388456804\webdev.exe [x]
R3 cpuz134;cpuz134;c:\users\kris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\kris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
S2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20131203.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [x]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20140103.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20140103.001\IDSvia64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-04 20:04 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-17 19:40]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04 20:04]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04 20:04]
.
2014-01-05 c:\windows\Tasks\HPCeeScheduleForkris.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
2014-01-05 c:\windows\Tasks\isharpsoft Task.job
- c:\users\kris\AppData\Roaming\UpdateServ\IRegCleaner.exe [2013-11-27 11:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-04-24 6470248]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-24 1266912]
"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-13 21720]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
Trusted Zone: skillport.com
Trusted Zone: skillwsa.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Updater - c:\programdata\Updater\Updater.exe
Wow6432Node-HKLM-Run-(default) - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FastMediaConverter.lnk - c:\program files (x86)\FastMediaConverter\FastMediaConverterApp.exe
HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-05  14:47:39
ComboFix-quarantined-files.txt  2014-01-05 19:47
.
Pre-Run: 944,028,925,952 bytes free
Post-Run: 945,342,779,392 bytes free
.
- - End Of File - - E827683E7CB0756C315343A7EACA1C6E

 



#9 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 05 January 2014 - 03:30 PM

okay seems like my browser was not responding google ,my msn but fire fox was working I reset my browser setting seems fine now I have a new tab
" meet your new browser " from internet explorer and that pop is still there at start up , Thanks

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:05 AM

Posted 05 January 2014 - 11:32 PM


Hello djlnyc

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


 
Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
CFScriptB-4.gif
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 06 January 2014 - 08:02 PM

okay its looking good I guess every time you run combofix  it resets  google and mymsn cause its gone again no bigigie but as soon as I ran combo fix the pop up disappeared , I will now restart and see if it Smart Pc Fix Notice appears at start heres the report Thanks

 

 

 

 

ComboFix 14-01-04.03 - kris 01/06/2014  19:48:04.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4052.2203 [GMT -5:00]
Running from: c:\users\kris\Downloads\ComboFix.exe
Command switches used :: c:\users\kris\Desktop\CFScript.txt.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\UpdateTask
c:\programdata\UpdateTask\feedback.exe
c:\windows\TEMP\ACLM\HP.ActiveCheckLocalMode.UpdateEngine.UpdateManager_13717766-10c8-489f-8bff-745c4edf31fc\HP.ActiveCheckLocalMode.Ccl.dll
c:\windows\TEMP\ACLM\HP.ActiveCheckLocalMode.UpdateEngine.UpdateManager_13717766-10c8-489f-8bff-745c4edf31fc\HP.ActiveCheckLocalMode.SharedObjects.dll
c:\windows\TEMP\ACLM\HP.ActiveCheckLocalMode.UpdateEngine.UpdateManager_13717766-10c8-489f-8bff-745c4edf31fc\HP.ActiveCheckLocalMode.UpdateEngine.dll
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-07 to 2014-01-07  )))))))))))))))))))))))))))))))
.
.
2014-01-07 00:51 . 2014-01-07 00:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-05 02:04 . 2014-01-05 02:04 -------- d-----w- C:\FRST
2014-01-05 00:11 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4FC67C63-2269-4C4A-B579-D7A9D687FA8F}\mpengine.dll
2014-01-04 20:04 . 2014-01-04 20:04 -------- d-----w- c:\program files (x86)\Google
2014-01-04 19:02 . 2014-01-04 19:02 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2014-01-04 19:02 . 2014-01-04 19:02 -------- d--h--w- c:\programdata\CanonBJ
2014-01-04 19:02 . 2011-05-23 10:00 98816 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAQ.DLL
2014-01-04 19:02 . 2011-05-23 10:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAQ.DLL
2014-01-04 19:01 . 2011-05-23 10:00 385536 ----a-w- c:\windows\system32\CNMLMAQ.DLL
2014-01-04 19:01 . 2011-04-27 16:01 373248 ----a-w- c:\windows\system32\CNC_AQL.dll
2014-01-04 19:01 . 2011-04-27 16:00 323584 ----a-w- c:\windows\SysWow64\CNC_AQL.dll
2014-01-04 19:01 . 2011-03-31 15:07 114688 ----a-w- c:\windows\SysWow64\CNC_AQU.dll
2014-01-04 19:01 . 2011-03-31 15:07 302080 ----a-w- c:\windows\system32\CNC_AQC.dll
2014-01-04 19:01 . 2011-03-31 15:06 112128 ----a-w- c:\windows\system32\CNC_AQI.dll
2014-01-04 19:01 . 2008-08-25 23:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2014-01-04 19:01 . 2008-08-25 23:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2014-01-03 21:43 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-03 00:07 . 2014-01-03 00:17 -------- d-----w- c:\program files (x86)\SlimCleaner
2014-01-02 00:00 . 2014-01-02 00:00 -------- d-----w- c:\programdata\Malwarebytes
2014-01-01 20:42 . 2014-01-01 20:42 -------- d-----w- c:\programdata\Anvisoft
2014-01-01 20:42 . 2014-01-03 00:16 -------- d-----w- c:\program files (x86)\Anvisoft
2013-12-31 22:24 . 2013-12-31 22:24 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-12-31 21:30 . 2014-01-05 04:12 -------- d-----w- C:\AdwCleaner
2013-12-31 03:22 . 2013-12-31 03:23 -------- d-----w- c:\program files (x86)\Sendori
2013-12-31 02:40 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-12-31 02:40 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-12-31 02:26 . 2013-12-31 02:26 -------- d-----w- c:\programdata\UpdateServer
2013-12-31 02:23 . 2013-12-31 02:23 -------- d-----w- c:\users\Public\CyberLink
2013-12-31 02:16 . 2013-12-31 02:16 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-12-31 02:16 . 2013-12-31 02:16 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-12-31 02:15 . 2013-12-31 02:15 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-31 02:15 . 2013-12-31 02:15 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-12-31 02:11 . 2013-12-31 02:11 -------- d-----w- c:\windows\ERUNT
2013-12-31 01:33 . 2013-12-31 01:33 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2013-12-31 01:26 . 2013-12-31 01:28 -------- d-----w- c:\program files (x86)\ShowMyPCService
2013-12-31 00:09 . 2013-12-31 00:09 -------- d-----w- c:\windows\Migration
2013-12-31 00:07 . 2014-01-04 01:00 -------- d-----w- c:\users\UpdatusUser
2013-12-31 00:01 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-12-31 00:01 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-12-31 00:01 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-31 00:01 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-31 00:01 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-31 00:01 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-31 00:01 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-31 00:01 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-31 00:01 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-12-29 20:24 . 2013-12-29 20:24 -------- d-----w- c:\program files\Microsoft Silverlight
2013-12-29 20:24 . 2013-12-29 20:24 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-12-29 20:23 . 2013-12-29 20:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-12-29 20:23 . 2013-12-29 20:23 -------- d-----r- c:\program files (x86)\Skype
2013-12-29 04:27 . 2013-12-29 04:27 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{568DB3C3-D444-4395-A2B2-C5DF3BA36266}\gapaengine.dll
2013-12-29 04:26 . 2013-12-29 04:26 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-12-29 04:26 . 2013-12-29 04:26 -------- d-----w- c:\program files\Microsoft Security Client
2013-12-29 02:44 . 2013-12-29 02:46 -------- d-----w- c:\windows\system32\MRT
2013-12-19 00:02 . 2013-12-19 00:02 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-12-19 00:01 . 2013-12-29 01:50 -------- d-----w- c:\programdata\Yahoo!
2013-12-18 23:53 . 2013-12-31 03:28 -------- d-----w- c:\program files (x86)\VideoLAN
2013-12-17 23:49 . 2013-12-17 23:49 -------- d-----w- c:\programdata\MediaDev
2013-12-17 21:02 . 2013-12-29 04:08 -------- d-----w- c:\program files (x86)\iSharpsoft
2013-12-17 20:58 . 2013-12-17 20:58 -------- d-----w- c:\programdata\CDB
2013-12-17 20:58 . 2013-12-17 21:31 -------- d-----w- c:\programdata\UpdateCommon
2013-12-17 11:03 . 2013-10-15 02:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-16 22:23 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-16 22:23 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-16 22:23 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-12-16 22:23 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-12-16 22:23 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-12-16 22:23 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-12-16 20:11 . 2013-12-17 23:33 -------- d-----w- c:\windows\system32\drivers\NISx64\1309010.00E
2013-12-16 12:50 . 2013-12-16 12:50 -------- d-----w- c:\windows\SysWow64\Wat
2013-12-16 12:50 . 2013-12-16 12:50 -------- d-----w- c:\windows\system32\Wat
2013-12-16 12:27 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-16 12:27 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-16 12:27 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-16 12:27 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-16 12:27 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-16 11:50 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-12-16 11:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-12-16 11:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-12-16 11:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-12-16 11:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-12-16 11:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-12-16 11:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-12-16 11:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-12-16 11:04 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-12-16 11:04 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-12-16 11:04 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-12-15 22:35 . 2013-12-15 22:35 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-12-15 11:15 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-12-15 11:14 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-15 11:13 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-12-15 11:12 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-12-15 11:11 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-12-15 09:32 . 2013-12-15 09:32 -------- d-----w- c:\users\Default\AppData\Local\Hewlett-Packard
2013-12-15 09:31 . 2014-01-05 20:10 -------- d-----w- c:\users\kris
2013-12-15 09:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-12-15 09:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-12-15 09:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-12-15 09:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-12-15 09:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-12-15 09:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-12-15 09:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-12-15 09:31 . 2013-12-15 09:31 -------- d-----w- c:\program files (x86)\Microsoft Mathematics
2013-12-15 09:31 . 2012-06-02 23:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-12-15 09:31 . 2012-06-02 23:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-12-15 09:20 . 2013-12-17 23:29 -------- d-----w- c:\programdata\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-01 19:40 . 2013-04-17 15:33 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-01 19:40 . 2013-04-17 15:33 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-16 20:01 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-19 10:21 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2012-04-04 684024]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MediaDevSrv;MediaDevSrv;c:\programdata\MediaDev\1387324144\mediadev.exe;c:\programdata\MediaDev\1387324144\mediadev.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WinDevSvc;WinDevSvc;c:\programdata\UpdateServer\1388456804\webdev.exe;c:\programdata\UpdateServer\1388456804\webdev.exe [x]
R3 cpuz134;cpuz134;c:\users\kris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\kris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
S2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20131203.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20131203.001\BHDrvx64.sys [x]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20140103.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20140103.001\IDSvia64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-04 20:04 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-17 19:40]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04 20:04]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04 20:04]
.
2014-01-05 c:\windows\Tasks\HPCeeScheduleForkris.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
2014-01-07 c:\windows\Tasks\isharpsoft Task.job
- c:\users\kris\AppData\Roaming\UpdateServ\IRegCleaner.exe [2013-11-27 11:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-04-24 6470248]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-24 1266912]
"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-13 21720]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
Trusted Zone: skillport.com
Trusted Zone: skillwsa.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-06  19:53:05
ComboFix-quarantined-files.txt  2014-01-07 00:53
ComboFix2.txt  2014-01-05 19:47
.
Pre-Run: 945,310,900,224 bytes free
Post-Run: 945,018,368,000 bytes free
.
- - End Of File - - BA336BC6336CB808F104994818203902

 



#12 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 06 January 2014 - 08:18 PM

okay everything is running fine no issues , except for that nasty Pop Up " Smart Pc Fix "  Is still there I thought it was gone cause it  disappeared when running Combo Fix , so Im not sure if its  gone . Thanks



#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:05 AM

Posted 06 January 2014 - 10:51 PM


Hello djlnyc

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
c:\users\kris\AppData\Roaming\UpdateServ

File::
c:\windows\Tasks\isharpsoft Task.job
 
Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
CFScriptB-4.gif
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 06 January 2014 - 11:12 PM

haven't restarted will let you know any changes, Thanks

 

 

 

 

 

ComboFix 14-01-04.03 - kris 01/06/2014  23:01:52.3.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4052.2613 [GMT -5:00]
Running from: c:\users\kris\Downloads\ComboFix.exe
Command switches used :: c:\users\kris\Desktop\CFScript.txt.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\isharpsoft Task.job"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\UpdateTask
c:\programdata\UpdateTask\feedback.exe
c:\users\kris\AppData\Roaming\UpdateServ
c:\users\kris\AppData\Roaming\UpdateServ\download.dat
c:\users\kris\AppData\Roaming\UpdateServ\fb_info.dat
c:\users\kris\AppData\Roaming\UpdateServ\IRegCleaner.exe
c:\users\kris\AppData\Roaming\UpdateServ\Main_Soft.exe
c:\users\kris\AppData\Roaming\UpdateServ\Mobogenie_Setup_2.1.27_589.exe
c:\users\kris\AppData\Roaming\UpdateServ\Porf_Soft.exe
c:\users\kris\AppData\Roaming\UpdateServ\porf_tool.dat
c:\users\kris\AppData\Roaming\UpdateServ\SearchProtect.exe
c:\windows\Tasks\isharpsoft Task.job
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-07 to 2014-01-07  )))))))))))))))))))))))))))))))
.
.
2014-01-07 04:05 . 2014-01-07 04:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-07 01:48 . 2014-01-07 01:48 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2014-01-07 01:48 . 2014-01-07 01:48 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-01-07 01:48 . 2014-01-07 01:48 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-01-07 01:19 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{192DB9B7-744E-4147-954F-9DE338369C6D}\mpengine.dll
2014-01-05 02:04 . 2014-01-05 02:04 -------- d-----w- C:\FRST
2014-01-05 00:11 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-04 20:04 . 2014-01-04 20:04 -------- d-----w- c:\program files (x86)\Google
2014-01-04 19:02 . 2014-01-04 19:02 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2014-01-04 19:02 . 2014-01-04 19:02 -------- d--h--w- c:\programdata\CanonBJ
2014-01-04 19:02 . 2011-05-23 10:00 98816 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAQ.DLL
2014-01-04 19:02 . 2011-05-23 10:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAQ.DLL
2014-01-04 19:01 . 2011-05-23 10:00 385536 ----a-w- c:\windows\system32\CNMLMAQ.DLL
2014-01-04 19:01 . 2011-04-27 16:01 373248 ----a-w- c:\windows\system32\CNC_AQL.dll
2014-01-04 19:01 . 2011-04-27 16:00 323584 ----a-w- c:\windows\SysWow64\CNC_AQL.dll
2014-01-04 19:01 . 2011-03-31 15:07 114688 ----a-w- c:\windows\SysWow64\CNC_AQU.dll
2014-01-04 19:01 . 2011-03-31 15:07 302080 ----a-w- c:\windows\system32\CNC_AQC.dll
2014-01-04 19:01 . 2011-03-31 15:06 112128 ----a-w- c:\windows\system32\CNC_AQI.dll
2014-01-04 19:01 . 2008-08-25 23:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2014-01-04 19:01 . 2008-08-25 23:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2014-01-03 00:07 . 2014-01-03 00:17 -------- d-----w- c:\program files (x86)\SlimCleaner
2014-01-02 00:00 . 2014-01-02 00:00 -------- d-----w- c:\programdata\Malwarebytes
2014-01-01 20:42 . 2014-01-01 20:42 -------- d-----w- c:\programdata\Anvisoft
2014-01-01 20:42 . 2014-01-03 00:16 -------- d-----w- c:\program files (x86)\Anvisoft
2013-12-31 22:24 . 2013-12-31 22:24 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-12-31 21:30 . 2014-01-05 04:12 -------- d-----w- C:\AdwCleaner
2013-12-31 03:22 . 2013-12-31 03:23 -------- d-----w- c:\program files (x86)\Sendori
2013-12-31 02:40 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-12-31 02:40 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-12-31 02:26 . 2013-12-31 02:26 -------- d-----w- c:\programdata\UpdateServer
2013-12-31 02:23 . 2013-12-31 02:23 -------- d-----w- c:\users\Public\CyberLink
2013-12-31 02:16 . 2013-12-31 02:16 736952 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-12-31 02:16 . 2013-12-31 02:16 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-12-31 02:15 . 2013-12-31 02:15 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-12-31 02:15 . 2013-12-31 02:15 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-12-31 02:11 . 2013-12-31 02:11 -------- d-----w- c:\windows\ERUNT
2013-12-31 01:33 . 2013-12-31 01:33 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2013-12-31 01:26 . 2013-12-31 01:28 -------- d-----w- c:\program files (x86)\ShowMyPCService
2013-12-31 00:09 . 2013-12-31 00:09 -------- d-----w- c:\windows\Migration
2013-12-31 00:07 . 2014-01-04 01:00 -------- d-----w- c:\users\UpdatusUser
2013-12-31 00:01 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-12-31 00:01 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-12-31 00:01 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-31 00:01 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-31 00:01 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-31 00:01 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-31 00:01 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-31 00:01 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-31 00:01 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-12-29 20:24 . 2013-12-29 20:24 -------- d-----w- c:\program files\Microsoft Silverlight
2013-12-29 20:24 . 2013-12-29 20:24 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-12-29 20:23 . 2013-12-29 20:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-12-29 20:23 . 2013-12-29 20:23 -------- d-----r- c:\program files (x86)\Skype
2013-12-29 04:27 . 2013-12-29 04:27 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{568DB3C3-D444-4395-A2B2-C5DF3BA36266}\gapaengine.dll
2013-12-29 04:26 . 2013-12-29 04:26 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-12-29 04:26 . 2013-12-29 04:26 -------- d-----w- c:\program files\Microsoft Security Client
2013-12-29 02:44 . 2013-12-29 02:46 -------- d-----w- c:\windows\system32\MRT
2013-12-19 00:02 . 2013-12-19 00:02 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-12-19 00:01 . 2013-12-29 01:50 -------- d-----w- c:\programdata\Yahoo!
2013-12-18 23:53 . 2013-12-31 03:28 -------- d-----w- c:\program files (x86)\VideoLAN
2013-12-17 23:49 . 2013-12-17 23:49 -------- d-----w- c:\programdata\MediaDev
2013-12-17 21:02 . 2013-12-29 04:08 -------- d-----w- c:\program files (x86)\iSharpsoft
2013-12-17 20:58 . 2013-12-17 20:58 -------- d-----w- c:\programdata\CDB
2013-12-17 20:58 . 2013-12-17 21:31 -------- d-----w- c:\programdata\UpdateCommon
2013-12-17 11:03 . 2013-10-15 02:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-16 22:23 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-16 22:23 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-16 22:23 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-12-16 22:23 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-12-16 22:23 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-12-16 22:23 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2013-12-16 20:11 . 2013-12-17 23:33 -------- d-----w- c:\windows\system32\drivers\NISx64\1309010.00E
2013-12-16 12:50 . 2013-12-16 12:50 -------- d-----w- c:\windows\SysWow64\Wat
2013-12-16 12:50 . 2013-12-16 12:50 -------- d-----w- c:\windows\system32\Wat
2013-12-16 12:27 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-16 12:27 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-16 12:27 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-16 12:27 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-16 12:27 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-16 11:50 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-12-16 11:18 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-12-16 11:18 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-12-16 11:18 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-12-16 11:18 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-12-16 11:18 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-12-16 11:18 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-12-16 11:18 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-12-16 11:04 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-12-16 11:04 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-12-16 11:04 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-12-15 22:35 . 2013-12-15 22:35 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-12-15 11:15 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-12-15 11:14 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-15 11:13 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-12-15 11:12 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-12-15 11:11 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-12-15 09:32 . 2013-12-15 09:32 -------- d-----w- c:\users\Default\AppData\Local\Hewlett-Packard
2013-12-15 09:31 . 2014-01-05 20:10 -------- d-----w- c:\users\kris
2013-12-15 09:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-12-15 09:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-12-15 09:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-12-15 09:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-12-15 09:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-12-15 09:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-12-15 09:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-12-15 09:31 . 2013-12-15 09:31 -------- d-----w- c:\program files (x86)\Microsoft Mathematics
2013-12-15 09:31 . 2012-06-02 23:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-12-15 09:31 . 2012-06-02 23:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-12-15 09:20 . 2013-12-17 23:29 -------- d-----w- c:\programdata\Recovery
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-01 19:40 . 2013-04-17 15:33 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-01 19:40 . 2013-04-17 15:33 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-16 20:01 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-19 10:21 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2012-04-04 684024]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MediaDevSrv;MediaDevSrv;c:\programdata\MediaDev\1387324144\mediadev.exe;c:\programdata\MediaDev\1387324144\mediadev.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WinDevSvc;WinDevSvc;c:\programdata\UpdateServer\1388456804\webdev.exe;c:\programdata\UpdateServer\1388456804\webdev.exe [x]
R3 cpuz134;cpuz134;c:\users\kris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\kris\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
S2 CalendarSynchService;CalendarSynchService;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe;c:\program files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20131218.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20131218.001\BHDrvx64.sys [x]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20140103.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20140103.001\IDSvia64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-04 20:04 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-17 19:40]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04 20:04]
.
2014-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04 20:04]
.
2014-01-05 c:\windows\Tasks\HPCeeScheduleForkris.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-04-24 6470248]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-24 1266912]
"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-13 21720]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
Trusted Zone: skillport.com
Trusted Zone: skillwsa.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\kris\AppData\Roaming\Mozilla\Firefox\Profiles\qasmhd8p.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-06  23:06:36
ComboFix-quarantined-files.txt  2014-01-07 04:06
ComboFix2.txt  2014-01-07 00:53
ComboFix3.txt  2014-01-05 19:47
.
Pre-Run: 943,872,249,856 bytes free
Post-Run: 943,808,720,896 bytes free
.
- - End Of File - - F8D9B2533F3166821884163785FEB4E9

 



#15 djlnyc

djlnyc
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:05 AM

Posted 06 January 2014 - 11:30 PM

Okay here we go ,  Smart Pc Notice is gone  bye bye , but also did notice that browser just stay loading specifically My msn don't know if has to be updated cause i have a new tap stating  called meet your  new browser I will play with setting to see if that fixes it , but main problem is gone I will post back my finding on this minor issue , but anyways It seems faster when clicking websites Thank you thank you






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users