Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijacked policies, PUMs, Problem Reg Keys


  • This topic is locked This topic is locked
155 replies to this topic

#1 t.murphytfm

t.murphytfm

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 26 February 2014 - 10:00 PM

Please help,

 

 

 

Last December 2013 – Vista security center alerted that windows update was turned off, I would manually fix, and next boot - off again.

 

This went on for weeks until I tried Re-enable or Tweaking WinRepair and it appears to be fixed,

 

but,

 

during that time, about mid- January 2014, RogueKiller began to report some mixture of the following - which I would delete - and they would come back as 1,2 or 3 of them together – never all four as I show here:

 

¤¤¤ Registry Entries : ¤¤¤

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableCMD (0) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableCMD (0) -> FOUND

 

and RogueKiller would report as many as 30 different discriptions similar to this:

 

¤¤¤ Driver : [LOADED] ¤¤¤

[Address] Shadow SSDT[582] : NtUserSwitchDesktop -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F8709C)

 

and these nasty sounding entries:

 

[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3615CD66)

[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3615CD66)

[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3615CD66)

 

and this:

 

Error reading LL2 MBR!

 

Panda's online cleaner discovers, and deletes - but they return.

 

The machine seems to be getting increasingly buggy, and I have tried an exhausting number of anti-malware scanners and bootkit removers to no avail, however:

 

within the past few days UNHIDE revealed this:

 

The C:\Users\19NEWA~1\AppData\Local\Temp\smtmp\ folder does not exist!!

Unhide cannot restore your missing shortcuts!!

 

Searching for Windows Registry changes made by FakeHDD rogues.

- Checking - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

* NoRun policy was found and deleted!

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

* NoRun policy was found and deleted!

 

However, also in the past few days when I tried to save anti-malware tutorials as document files - if the file name contains the name of an anti-malware app - when I try to reopen the file - they are judged corrupt by LibreOffice and renamed '$ (ARG1)',

 

Example:

 

“The file '$(ARG1)' is corrupt and therefore cannot be opened. LibreOffice can try to repair the file.> “The file '$(ARG1)' could not be repaired and therefore cannot be opened.”

 

My AV and SP are Avast free edition. FW Comodo.

 

I do the following weekly (now multiple times a day), to control malware:

 

Ccleaner > Rkill> KasperskyTDSSKiller> RogueKiller> MBAM> HitmanPro> AdwareCleaner> JRT>SAS

 

 

 

Thank you in advance.

 

 

The Logs:

 

 

RogueKiller V8.8.9 [Feb 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : 19newaccount51 [Admin rights]
Mode : Scan -- Date : 02/26/2014 14:37:53
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableCMD (0) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] SSDT[18] : NtAllocateVirtualMemory @ 0x82E9169D -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F87E18)
[Address] SSDT[78] : NtCreateThread @ 0x82EDAE40 -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F8A04C)
[Address] SSDT[147] : NtFreeVirtualMemory @ 0x82CCDE75 -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F88196)
[Address] SSDT[255] : NtQueueApcThread @ 0x82DFA889 -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F8A1DE)
[Address] SSDT[289] : NtSetContextThread @ 0x82EDC2CF -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F8A27E)
[Address] SSDT[358] : NtWriteVirtualMemory @ 0x82E56A27 -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F882DA)
[Address] SSDT[382] : NtCreateThreadEx @ 0x82E65115 -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F8A188)
[Address] Shadow SSDT[334] : NtUserCallTwoParam -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F88BEE)
[Address] Shadow SSDT[479] : NtUserMessageCall -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F89C82)
[Address] Shadow SSDT[497] : NtUserPostMessage -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F89BCC)
[Address] Shadow SSDT[498] : NtUserPostThreadMessage -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F8737A)
[Address] Shadow SSDT[504] : NtUserQueryWindow -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F87208)
[Address] Shadow SSDT[525] : NtUserSendInput -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F88AA2)
[Address] Shadow SSDT[582] : NtUserSwitchDesktop -> HOOKED (c:\users\19newaccount51\appdata\local\temp\4249FA2A1B.sys @ 0xA0F8709C)
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3615CD66)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3615CD66)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x3615CD66)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST950042 4AS SCSI Disk Device +++++
--- User ---
[MBR] a4bcbf173019e7e7d8b4626f0e65a7e1
[BSP] 021eeefc2757a2c2c43bee8a5d9e521e : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 250000 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512002048 | Size: 218476 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 959442944 | Size: 8450 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )

Finished : << RKreport[0]_S_02262014_143753.txt >>
 

 

 

 

 

The DDS.TXT

 

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16533 BrowserJavaVersion: 10.51.2

Run by 19newaccount51 at 16:16:15 on 2014-02-26

#Option Extended Search is enabled.

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2814.1804 [GMT -6:00]

.

AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}

SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Program Files\Common Files\COMODO\launcher_service.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe

C:\Windows\ehome\ehRecvr.exe

C:\Windows\ehome\ehsched.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\Program Files\System Explorer\service\SystemExplorerService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\System Explorer\SystemExplorer.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Comodo\COMODO Internet Security\cfp.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\wbem\WmiPrvSE.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k HPService

.

============== Pseudo HJT Report ===============

.

uStart Page = www.bing.com

uSearch Bar = Preserve

uSearch Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll

BHO: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - <orphaned>

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

uRun: [CCleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO

mRun: [SystemExplorerAutoStart] "c:\program files\system explorer\SystemExplorer.exe" /TRAY

mRun: [RTHDVCPL] "c:\program files\realtek\audio\hda\RtHDVCpl.exe" -s

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui

mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot

mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

uPolicies-Explorer: DisallowRun = dword:0

uPolicies-Explorer: NoSearchFilesInStartMenu = dword:0

uPolicies-Explorer: NoSearchProgramsInStartMenu = dword:0

uPolicies-Explorer: NoSearchComputerLinkInStartMenu = dword:0

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-Explorer: DisallowRun = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

DPF: {413D6754-BFD4-47FE-9346-319559290BFA} - hxxps://www.webpcfos.com/webpcfos/websabre/HTEweb_v.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{0ECCEB78-D1B0-4AD4-930B-4DF747359EFC} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{9CFDBEB8-28B9-4EA0-A3CC-A4EBF3E38F1D} : DHCPNameServer = 192.168.1.254

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\belarcadvisor\system\BAVoilaX.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - <orphaned>

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.117\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\19newaccount51\appdata\roaming\mozilla\firefox\profiles\ysj83qjj.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - www.google.com

FF - prefs.js: keyword.URL - hxxps://www.google.com/search

FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll

FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\visan\plugins\npRLSecurePluginLayer.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_70.dll

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-21 49944]

R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-21 180248]

R0 FixTDSS;TDSS Fixtool driver;c:\windows\system32\drivers\FixTDSS.sys [2014-2-21 26872]

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2013-4-26 44240]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-3-21 775952]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2013-3-21 410784]

R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2013-5-7 35064]

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-11-7 494416]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-11-7 42264]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-3-21 67824]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-3-21 50344]

R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2013-10-25 173272]

R2 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2013-7-24 70352]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2013-3-22 21504]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2013-10-14 660184]

R2 SystemExplorerHelpService;System Explorer Service;c:\program files\system explorer\service\SystemExplorerService.exe [2013-12-3 567256]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-2-25 418376]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-2-25 701512]

S2 SDScannerService;Spybot-S&D 2 Scanner Service;"h:\portableapps\spybotportable\app\spybot\sdfssvc.exe" --> h:\portableapps\spybotportable\app\spybot\SDFSSvc.exe [?]

S2 SDUpdateService;Spybot-S&D 2 Updating Service;"h:\portableapps\spybotportable\app\spybot\sdupdsvc.exe" --> h:\portableapps\spybotportable\app\spybot\SDUpdSvc.exe [?]

S2 SDWSCService;Spybot-S&D 2 Security Center Service;"h:\portableapps\spybotportable\app\spybot\sdwscsvc.exe" --> h:\portableapps\spybotportable\app\spybot\SDWSCSvc.exe [?]

S2 WiseBootAssistant;Wise Boot Assistant;c:\program files\wise\wise care 365\BootTime.exe [2014-1-19 580232]

S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2013-12-7 1439744]

S3 FreeAgentTheater Service;Seagate Media;c:\program files\seagate\seagate_media\sync\MediaAggreService.exe [2012-12-20 237248]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2013-3-24 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]

S3 GeekBuddyRSP;GeekBuddyRSP Service;c:\program files\common files\comodo\GeekBuddyRSP.exe [2013-5-30 1851088]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-2-25 22856]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-10-14 16024]

S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2013-10-14 1228504]

S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2013-3-24 13464]

S3 WIMMount;WIMMount;c:\program files\windows kits\8.0\assessment and deployment kit\deployment tools\x86\dism\wimmount.sys [2012-7-25 34248]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.

=============== Created Last 60 ================

.

2404-12-12 15:08:59 860416 ----a-w- c:\windows\system32\MaxxAudioAPOShell.dll

2404-12-12 15:08:59 5681196 ----a-w- c:\windows\system32\drivers\rtvienna.dat

2404-12-12 15:08:59 5115672 ----a-w- c:\windows\system32\NAHIMICAPOlfx.dll

2404-12-12 15:08:59 3629824 ----a-w- c:\windows\system32\MaxxAudioVnN.dll

2404-12-12 15:08:59 2547928 ----a-w- c:\windows\system32\RtkPgExt.dll

2404-12-12 15:08:59 2329304 ----a-w- c:\windows\system32\RtkAPO.dll

2404-12-12 15:08:59 1824000 ----a-w- c:\windows\system32\WavesGUILib.dll

2404-12-12 15:08:59 1677568 ----a-w- c:\windows\system32\MaxxAudioRealtek2.dll

2403-11-24 08:25:24 865592 ----a-w- c:\windows\system32\NAHIMICAPOSettingsIPC.dll

2403-11-24 08:25:24 693329 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT

2403-11-24 08:25:24 2929048 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys

2403-11-24 08:25:24 1935104 ----a-w- c:\windows\system32\MaxxAudioEQ.dll

2403-11-24 08:25:24 13881600 ----a-w- c:\windows\system32\MaxxAudioRealtek.dll

2403-11-24 08:25:24 1097984 ----a-w- c:\windows\system32\MaxxAudioAPO50.dll

2014-02-26 19:30:01 -------- d-----w- c:\users\19newaccount51\appdata\local\FixItCenter

2014-02-26 01:12:55 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys

2014-02-26 00:41:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-02-26 00:41:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2014-02-26 00:21:22 -------- d-----w- c:\users\19newaccount51\appdata\roaming\Instant Housecall

2014-02-25 16:55:36 31848 ----a-w- c:\windows\system32\drivers\DasPtct.SYS

2014-02-24 05:33:09 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-02-23 22:07:32 -------- d-----w- c:\windows\system32\catroot2

2014-02-23 22:00:02 -------- d-----w- c:\windows\system32\wbem\repository

2014-02-23 19:46:03 -------- d-----w- c:\windows\system32\wbem\repository.012

2014-02-23 06:41:54 -------- d-----w- c:\users\19newaccount51\appdata\roaming\Panda Security

2014-02-23 06:40:50 -------- d-----w- c:\programdata\Panda Security

2014-02-23 04:24:07 -------- d-----w- c:\users\19newaccount51\appdata\local\Adobe

2014-02-22 04:37:49 -------- d-----w- c:\users\19newaccount51\appdata\local\Comodo

2014-02-22 03:54:54 -------- d-----w- c:\users\19newaccount51\Pavark

2014-02-22 02:12:47 -------- d-----w- c:\users\19newaccount51\appdata\roaming\FixTDSS

2014-02-22 02:12:46 26872 ----a-w- c:\windows\system32\drivers\FixTDSS.sys

2014-02-21 21:53:55 -------- d-----w- c:\windows\system32\wbem\repository.011

2014-02-20 06:02:00 -------- d-----w- c:\users\19newaccount51\appdata\roaming\FreeFixer

2014-02-20 06:02:00 -------- d-----w- c:\users\19newaccount51\appdata\local\FreeFixer

2014-02-20 06:01:46 -------- d-----w- c:\program files\FreeFixer

2014-02-20 02:54:46 -------- d-----w- c:\program files\Spybot - Search & Destroy

2014-02-20 02:53:14 -------- d-----w- c:\program files\Speccy

2014-02-20 02:52:47 -------- d-----w- c:\program files\Process Hacker 2

2014-02-20 02:52:30 -------- d-----w- c:\users\19newaccount51\appdata\local\Paint.NET

2014-02-20 02:47:37 410784 ----a-w- c:\windows\system32\drivers\querftsq.sys

2014-02-20 02:46:32 -------- d-----w- c:\program files\Auslogics

2014-02-14 15:59:23 272496 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll

2014-02-14 15:55:02 773632 ----a-w- c:\users\19newaccount51\appdata\roaming\System.Data.SQLite.dll

2014-02-13 22:31:07 547104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpcpp160.dll

2014-02-13 22:30:19 167480 ----a-w- c:\windows\system32\hppccompio.dll

2014-02-13 22:30:19 134944 ----a-w- c:\windows\system32\hpmtp160.dll

2014-02-13 22:30:18 62752 ----a-w- c:\windows\system32\hpmpw081.dll

2014-02-13 22:30:18 55688 ----a-w- c:\windows\system32\hpmnque.dll

2014-02-13 22:30:18 55688 ----a-w- c:\windows\system32\hpmnndps.dll

2014-02-13 22:30:18 196896 ----a-w- c:\windows\system32\hpmml160.dll

2014-02-13 22:30:18 171296 ----a-w- c:\windows\system32\hpmja160.dll

2014-02-13 22:30:18 157984 ----a-w- c:\windows\system32\hpmpm081.dll

2014-02-13 22:30:18 103200 ----a-w- c:\windows\system32\hpmlm135.dll

2014-02-13 22:30:17 419616 ----a-w- c:\windows\system32\hpcpn160.dll

2014-02-13 22:30:17 119584 ----a-w- c:\windows\system32\hpcjpm.dll

2014-02-13 22:30:16 59928 ----a-w- c:\windows\system32\fxcompchannel.dll

2014-02-13 22:28:38 -------- d-----w- C:\HP Universal Print Driver

2014-02-13 04:21:10 -------- d-----w- c:\users\19newaccount51\Doctor Web

2014-02-12 00:53:28 -------- d-----w- c:\users\19newaccount51\appdata\roaming\SUPERAntiSpyware.com

2014-02-12 00:16:26 1248768 ----a-w- c:\windows\system32\msxml3.dll

2014-02-11 20:46:53 -------- d-----w- c:\users\19newaccount51\appdata\local\SlimWare Utilities Inc

2014-02-11 20:46:37 -------- d-----w- c:\program files\SlimCleaner

2014-02-11 07:33:08 -------- d-----w- c:\users\19newaccount51\appdata\local\HP

2014-02-09 20:09:10 -------- d-----w- c:\users\19newaccount51\appdata\roaming\HpUpdate

2014-02-09 09:13:33 -------- d-----w- c:\windows\system32\wbem\repository.010

2014-02-09 07:23:46 -------- d-----w- c:\users\19newaccount51\appdata\roaming\IObit

2014-02-09 06:50:03 -------- d-----w- c:\users\19newaccount51\appdata\roaming\Stegisoft

2014-02-09 05:05:32 -------- d-----w- C:\MATS

2014-02-09 03:01:04 -------- d-----w- c:\users\19newaccount51\appdata\roaming\Wise PC 1stAid

2014-02-08 22:55:04 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2014-02-08 22:41:09 -------- d-----w- c:\program files\VirusTotalUploader2

2014-02-08 04:53:44 -------- d-----w- c:\program files\Reason

2014-02-07 16:13:56 -------- d-----w- c:\users\19newaccount51\appdata\roaming\Malwarebytes

2014-02-07 04:12:04 -------- d-----w- c:\users\19newaccount51\appdata\local\Google

2014-02-07 01:27:08 -------- d-----w- c:\users\19newaccount51\appdata\local\ElevatedDiagnostics

2014-02-06 20:56:15 -------- d-----w- c:\users\19newaccount51\appdata\roaming\ChemTable Software

2014-02-06 20:56:12 -------- d-----w- c:\users\19newaccount51\appdata\local\ChemTable Software

2014-02-06 20:56:12 -------- d-----w- c:\program files\Reg Organizer

2014-02-06 20:55:48 -------- d-----w- c:\program files\AnVir Task Manager Free

2014-02-06 19:30:55 -------- d-----w- c:\users\19newaccount51\appdata\local\CrashDumps

2014-02-06 08:06:07 -------- d-----w- c:\programdata\Auslogics

2014-02-05 20:56:04 -------- d-----w- c:\users\19newaccount51\appdata\roaming\LibreOffice

2014-02-05 20:00:03 -------- d-----w- c:\users\19newaccount51\appdata\local\Macromedia

2014-02-05 19:59:04 -------- d-----w- c:\users\19newaccount51\appdata\local\Mozilla

2014-02-05 16:58:27 -------- d-----w- c:\users\19newaccount51\appdata\roaming\AVAST Software

2014-02-05 10:19:02 -------- d-----w- C:\MGlogs

2014-02-05 09:57:43 -------- d-----w- C:\MGtools

2014-02-04 06:55:17 -------- d-----w- c:\windows\system32\wbem\repository.009

2014-02-03 05:57:11 -------- d-----w- c:\program files\stinger

2014-02-01 23:46:01 18656 ----a-w- c:\windows\system32\autochk.exe.bak

2014-02-01 10:33:11 -------- d-----w- c:\program files\Panda Security

2014-02-01 09:10:17 1990574 ----a-w- C:\MGtools.exe

2014-01-31 17:35:46 -------- d-----w- C:\CCE_Quarantine

2014-01-31 07:55:27 -------- d-----w- c:\windows\system32\wbem\repository.008

2014-01-28 23:18:11 -------- d-----w- c:\programdata\Macrium

2014-01-28 22:38:49 -------- d---a-w- C:\cce_linux

2014-01-27 19:14:22 -------- d-----w- c:\programdata\Doctor Web

2014-01-27 14:34:21 -------- d-----w- c:\windows\system32\wbem\repository.007

2014-01-27 05:15:48 -------- d-----w- c:\program files\FileHippo.com

2014-01-26 21:21:03 -------- d-----w- c:\windows\system32\wbem\repository.006

2014-01-24 19:25:26 -------- d-----w- c:\program files\Virtual Earth 3D

2014-01-24 17:51:58 -------- d-----w- c:\windows\system32\wbem\repository.005

2014-01-22 23:56:50 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0

2014-01-22 19:26:03 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2014-01-20 20:32:27 -------- d-----w- c:\program files\Windows Kits

2014-01-16 20:40:45 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-01-16 20:40:45 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-01-15 18:08:07 -------- d-----w- c:\windows\Migration

2014-01-13 20:40:13 -------- d-----w- c:\program files\VS Revo Group

2014-01-13 19:11:38 -------- d-----w- c:\windows\system32\wbem\repository.004

2014-01-06 03:52:39 -------- d-----w- c:\windows\system32\wbem\repository.003

.

==================== Find6M ====================

.

2404-12-12 15:08:59 41974272 ----a-w- c:\windows\system32\RCoRes.dat

2014-02-05 08:56:17 1806848 ----a-w- c:\windows\system32\jscript9.dll

2014-02-05 08:50:39 1129472 ----a-w- c:\windows\system32\wininet.dll

2014-02-05 08:49:56 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2014-02-05 08:48:40 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2014-02-05 08:48:27 421376 ----a-w- c:\windows\system32\vbscript.dll

2014-02-05 08:47:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2014-01-27 06:17:56 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2014-01-27 06:17:54 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2014-01-27 06:17:53 43152 ----a-w- c:\windows\avastSS.scr

2014-01-05 17:12:02 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-01-03 22:58:00 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys.bak

2013-12-04 06:15:16 379168 ----a-w- c:\windows\system32\hpmprein.dll

2013-12-04 06:08:42 69408 ----a-w- c:\windows\system32\hpmco160.dll

2013-12-03 11:21:07 938752 ----a-w- c:\windows\system32\slcnt32.dll

2013-12-03 11:21:07 604928 ----a-w- c:\windows\system32\sltech32.dll

2013-12-03 11:21:07 218368 ----a-w- c:\windows\system32\slprp32.dll

2013-12-03 11:21:06 919600 ----a-w- c:\windows\system32\SFSS_APO.dll

2013-12-03 11:21:06 823040 ----a-w- c:\windows\system32\sl3apo32.dll

2013-12-03 11:21:05 1596488 ----a-w- c:\windows\system32\RTSndMgr.cpl

2013-12-03 11:21:03 782040 ----a-w- c:\windows\system32\RtkApoApi.dll

2013-11-15 20:57:22 69120 ----a-w- c:\windows\system32\hpbpro.dll

2013-11-15 03:50:32 46080 ----a-w- c:\windows\system32\hpbmiapi.dll

2013-11-15 03:44:16 21504 ----a-w- c:\windows\system32\hpzisn12.dll

2013-11-15 03:43:58 34304 ----a-w- c:\windows\system32\hpzipt12.dll

2013-11-15 03:43:40 39424 ----a-w- c:\windows\system32\HPZipr12.dll

2013-11-15 03:43:24 55808 ----a-w- c:\windows\system32\HPZipm12.dll

2013-11-15 03:43:06 45056 ----a-w- c:\windows\system32\HPZinw12.dll

2013-11-15 03:42:48 54272 ----a-w- c:\windows\system32\HPZidr12.dll

2013-11-15 03:38:32 11776 ----a-w- c:\windows\system32\hpbprops.dll

2013-11-15 03:37:52 11776 ----a-w- c:\windows\system32\hpboidps.dll

2013-11-15 03:37:12 47104 ----a-w- c:\windows\system32\hpboid.dll

2013-11-08 18:10:17 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-10-30 02:13:01 1304064 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll

2013-10-30 02:12:54 335360 ----a-w- c:\windows\system32\SysFxUI.dll

2013-10-30 01:43:04 130048 ----a-w- c:\windows\system32\drivers\drmk.sys

2013-10-30 00:43:06 167936 ----a-w- c:\windows\system32\drivers\portcls.sys

2013-10-30 00:35:24 2050560 ----a-w- c:\windows\system32\win32k.sys

2013-10-22 07:19:59 158208 ----a-w- c:\windows\system32\imagehlp.dll

2013-10-14 10:04:42 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys

2013-10-11 02:08:55 36864 ----a-w- c:\windows\system32\wshcon.dll

2013-10-11 02:08:55 131072 ----a-w- c:\windows\system32\wshom.ocx

2013-10-11 02:08:35 172032 ----a-w- c:\windows\system32\scrrun.dll

2013-10-11 02:08:02 444928 ----a-w- c:\windows\system32\IKEEXT.DLL

2013-10-11 02:07:57 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL

2013-10-11 00:35:42 135168 ----a-w- c:\windows\system32\cscript.exe

2013-10-11 00:35:41 155648 ----a-w- c:\windows\system32\wscript.exe

2013-10-03 12:45:50 297984 ----a-w- c:\windows\system32\gdi32.dll

2013-10-03 12:45:45 993792 ----a-w- c:\windows\system32\crypt32.dll

2013-09-12 03:21:54 863344 ----a-w- c:\windows\system32\msvcr110_clr0400.dll

2013-09-12 03:21:54 501872 ----a-w- c:\windows\system32\msvcp110_clr0400.dll

2013-09-12 03:21:54 28776 ----a-w- c:\windows\system32\aspnet_counters.dll

2013-09-12 03:21:54 18000 ----a-w- c:\windows\system32\msvcr100_clr0400.dll

.

============= FINISH: 16:16:56.77 ===============

 

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.ATTACH.TX

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 3/21/2013 5:14:37 AM

System Uptime: 2/25/2014 11:12:59 PM (17 hours ago)

.

Motherboard: MSI | | K9N6PGM2-V2 (MS-7309)

Processor: AMD Athlon™ 64 X2 Dual Core Processor 6000+ | CPU1 | 3000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 244 GiB total, 94.768 GiB free.

D: is FIXED (NTFS) - 8 GiB total, 7.97 GiB free.

E: is CDROM ()

G: is FIXED (NTFS) - 213 GiB total, 17.933 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP544: 2/25/2014 7:04:24 AM - Scheduled Checkpoint

RP545: 2/26/2014 12:12:08 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

7-Zip 9.20

7-Zip 9.21

Adobe AIR

Adobe Flash Player 12 Plugin

Adobe Reader XI (11.0.06)

AnVir Task Manager Free

Apple Application Support

Apple Software Update

Auslogics DiskDefrag

avast! Free Antivirus

BackUp Maker

Bing Desktop

Bing Maps 3D

BufferChm

Canon IJ Network Scan Utility

Canon IJ Network Tool

Canon MP Navigator EX 3.1

Canon MX340 series MP Drivers

Canon MX340 series User Registration

Canon Speed Dial Utility

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

CCleaner

Comodo Dragon

COMODO Internet Security

CrystalDiskInfo 5.6.2

D110

D3DX10

ERUNT 1.1j

ESET Online Scanner v3

Everything 1.2.1.371

Fast Duplicate File Finder 3.2.0.1

FastStone Image Viewer 4.8

FileHippo.com Update Checker

Free Download Manager 3.9.3

FreeFixer

GeekBuddy

Google Chrome

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

herdProtect Anti-Malware Scanner

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Photosmart D110 All-In-One Driver 14.0 Rel. 7

HP Product Detection

HP Update

HPAppStudio

HPDiagnosticAlert

ImgBurn

Instant Housecall - Specialist Sign-in

Internet Explorer (Enable DEP)

Java 7 Update 51

Java Auto Updater

Junk Mail filter update

LibreOffice 4.1.5.3

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4.5.1

Microsoft Application Error Reporting

Microsoft Fix it Center

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 27.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2758694)

Network

NirSoft BlueScreenView

Notepad++

NVIDIA Control Panel 307.83

NVIDIA Display Control Panel

NVIDIA Drivers

NVIDIA Graphics Driver 307.83

NVIDIA Install Application

NVIDIA Update 1.10.8

NVIDIA Update Components

Open Book HVAC Certifications 4.2.00

Paint.NET v3.5.11

Panda Cloud Cleaner

PDF-Viewer

Process Hacker 2.33 (r5590)

PS_AIO_07_D110_SW_Min

QuickTime

QuickTransfer

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Recuva

Reg Organizer version 6.11

Revo Uninstaller 1.95

SARDU 2.0.6.5

Scan

Seagate Media Software

SeaTools for Windows

Secunia PSI (3.0.0.8013)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

Segoe UI

SlimCleaner

Sophos Anti-Rootkit 1.5.23

Speccy

Spybot - Search & Destroy

Super-Charger

SUPERAntiSpyware

System Explorer 4.5.0

Toolbox

TreeSize Free V2.7

Tweaking.com - Simple System Tweaker

Tweaking.com - Windows Repair (All in One)

UltraFileSearch

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

VirusTotal Uploader 2.2

WebReg

Windows Deployment Tools

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows PE x86 x64

Windows PE x86 x64 wims

WinHTTrack Website Copier 3.47-11

Wise Care 365 2.94

Wise PC 1stAid 1.13

Wise Registry Cleaner 7.94

WOT for Internet Explorer

xplorer² lite 32 bit

.

==== Event Viewer Messages From Past Week ========

.

2/26/2014 4:16:23 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

2/25/2014 7:20:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

2/25/2014 7:20:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

2/25/2014 7:19:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

2/25/2014 7:19:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm axsoay bacsyc bhnprr CFRMD cjxtpv cmdGuard eorclc hqmpym ijbsgx kxqcsx mtqjxm nmfmfx PRSBDRVR qhpbzs SASDIFSV SASKUTIL spldr ssuhop tcoifh tljkva Wanarpv6 wjtvys xtoxpl

2/25/2014 7:19:19 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

2/25/2014 7:18:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

2/25/2014 11:14:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: axsoay bacsyc bhnprr cjxtpv eorclc hqmpym ijbsgx kxqcsx mtqjxm nmfmfx PRSBDRVR qhpbzs ssuhop tcoifh tljkva wjtvys xtoxpl

2/25/2014 11:14:59 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The system cannot find the path specified.

2/25/2014 11:14:59 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Security Center Service service failed to start due to the following error: The system cannot find the path specified.

2/25/2014 11:14:59 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The system cannot find the path specified.

2/25/2014 10:20:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

.

==== End Of File ===========================

 



BC AdBot (Login to Remove)

 


#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:08:41 AM

Posted 27 February 2014 - 02:05 PM

t.murphytfm,

:welcome: to Bleeping Computer.
 
My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.
 
Some things to remember while we are working together.
  • Do not run any other tool untill instructed to do so!
  • Please do not attach logs or put logs in code or quote boxes (unless explicitly asked to)
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can also help.
  • Do not run anything while running a fix.
  • If you don't understand a step, please ask for clarification before continuing with any future steps.
In the upper right hand corner of the topic you will see the Follow This Topic button. Click on this then choose Receive Notification Immediately and then click Follow This Topic and you will be sent an email once I have posted a response and make the cleaning process faster.
 
Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.


I would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

 
In your next post I need the following:
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#3 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 27 February 2014 - 02:16 PM

Thank you, Jason

I'm on it.



#4 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 27 February 2014 - 04:04 PM

Thank you, Jason

 

I will see how myPC responds to any fixes

 

In the mean,

 

Here is the ComboFix log:

 

 

ComboFix 14-02-24.02 - 19newaccount51 02/27/2014  14:25:09.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2814.1818 [GMT -6:00]
Running from: c:\users\19newaccount51\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\19newaccount51\Desktop\Documents\disecting - firewallapi.dl - fwdonothingonobject - EAT @explorer.exe
c:\users\md\Documents\Techspot.com
c:\users\md\Documents\Virus and Malware Removal Virus and Malware Removal from Techspot.com
c:\program files\AVAST Software\Avast\Setup\902ba0a4-cea1-4239-a95e-649855ca91de.exe . . . . Failed to delete
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-27 to 2014-02-27  )))))))))))))))))))))))))))))))
.
.
2404-12-12 15:08 . 2404-12-12 15:08    860416    ----a-w-    c:\windows\system32\MaxxAudioAPOShell.dll
2404-12-12 15:08 . 2404-12-12 15:08    5681196    ----a-w-    c:\windows\system32\drivers\rtvienna.dat
2404-12-12 15:08 . 2404-12-12 15:08    5115672    ----a-w-    c:\windows\system32\NAHIMICAPOlfx.dll
2404-12-12 15:08 . 2404-12-12 15:08    3629824    ----a-w-    c:\windows\system32\MaxxAudioVnN.dll
2404-12-12 15:08 . 2404-12-12 15:08    2547928    ----a-w-    c:\windows\system32\RtkPgExt.dll
2404-12-12 15:08 . 2404-12-12 15:08    2329304    ----a-w-    c:\windows\system32\RtkAPO.dll
2404-12-12 15:08 . 2404-12-12 15:08    1824000    ----a-w-    c:\windows\system32\WavesGUILib.dll
2404-12-12 15:08 . 2404-12-12 15:08    1677568    ----a-w-    c:\windows\system32\MaxxAudioRealtek2.dll
2403-11-24 08:25 . 2403-11-24 08:25    865592    ----a-w-    c:\windows\system32\NAHIMICAPOSettingsIPC.dll
2403-11-24 08:25 . 2403-11-24 08:25    693329    ----a-w-    c:\windows\system32\drivers\RTAIODAT.DAT
2403-11-24 08:25 . 2403-11-24 08:25    2929048    ----a-w-    c:\windows\system32\drivers\RTKVHDA.sys
2403-11-24 08:25 . 2403-11-24 08:25    1935104    ----a-w-    c:\windows\system32\MaxxAudioEQ.dll
2403-11-24 08:25 . 2403-11-24 08:25    13881600    ----a-w-    c:\windows\system32\MaxxAudioRealtek.dll
2403-11-24 08:25 . 2403-11-24 08:25    1097984    ----a-w-    c:\windows\system32\MaxxAudioAPO50.dll
2014-02-27 20:33 . 2014-02-27 20:33    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2014-02-27 20:33 . 2014-02-27 20:33    --------    d-----w-    c:\users\md\AppData\Local\temp
2014-02-27 20:33 . 2014-02-27 20:33    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-02-26 01:12 . 2014-02-26 01:12    205072    ----a-w-    c:\windows\system32\drivers\tmcomm.sys
2014-02-26 00:41 . 2014-02-26 00:41    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2014-02-26 00:41 . 2013-04-04 20:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-02-25 16:55 . 2013-06-12 19:10    31848    ----a-w-    c:\windows\system32\drivers\DasPtct.SYS
2014-02-24 05:34 . 2014-02-24 05:34    --------    d-----w-    c:\program files\Common Files\Java
2014-02-24 05:33 . 2014-02-24 05:32    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-02-23 22:07 . 2014-02-26 01:19    --------    d-----w-    c:\windows\system32\catroot2
2014-02-23 22:00 . 2014-02-27 20:34    --------    d-----w-    c:\windows\system32\wbem\repository
2014-02-23 06:40 . 2014-02-23 06:49    --------    d-----w-    c:\programdata\Panda Security
2014-02-22 02:12 . 2014-02-22 02:12    26872    ----a-w-    c:\windows\system32\drivers\FixTDSS.sys
2014-02-20 06:01 . 2014-02-20 06:01    --------    d-----w-    c:\program files\FreeFixer
2014-02-20 02:54 . 2014-02-26 08:39    --------    d-----w-    c:\program files\Spybot - Search & Destroy
2014-02-20 02:53 . 2014-02-20 02:53    --------    d-----w-    c:\program files\Speccy
2014-02-20 02:52 . 2014-02-20 02:52    --------    d-----w-    c:\program files\Process Hacker 2
2014-02-20 02:52 . 2014-02-20 02:52    --------    d-----w-    c:\program files\Notepad++
2014-02-20 02:47 . 2014-02-20 02:47    410784    ----a-w-    c:\windows\system32\drivers\querftsq.sys
2014-02-20 02:46 . 2014-02-20 02:46    --------    d-----w-    c:\program files\Auslogics
2014-02-15 06:17 . 2014-02-15 06:19    --------    d-----w-    c:\program files\ERUNT
2014-02-14 15:59 . 2014-02-13 00:37    272496    ----a-w-    c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2014-02-13 22:32 . 2014-02-13 22:32    --------    d-----w-    c:\programdata\Hewlett-Packard
2014-02-13 22:31 . 2013-12-04 06:07    547104    ----a-w-    c:\windows\system32\Spool\prtprocs\w32x86\hpcpp160.dll
2014-02-13 22:30 . 2013-12-04 06:09    134944    ----a-w-    c:\windows\system32\hpmtp160.dll
2014-02-13 22:30 . 2011-02-11 20:23    167480    ----a-w-    c:\windows\system32\hppccompio.dll
2014-02-13 22:30 . 2013-12-04 06:17    55688    ----a-w-    c:\windows\system32\hpmnndps.dll
2014-02-13 22:30 . 2013-12-04 06:17    55688    ----a-w-    c:\windows\system32\hpmnque.dll
2014-02-13 22:30 . 2013-12-04 06:14    103200    ----a-w-    c:\windows\system32\hpmlm135.dll
2014-02-13 22:30 . 2013-12-04 06:09    62752    ----a-w-    c:\windows\system32\hpmpw081.dll
2014-02-13 22:30 . 2013-12-04 06:09    157984    ----a-w-    c:\windows\system32\hpmpm081.dll
2014-02-13 22:30 . 2013-12-04 06:09    196896    ----a-w-    c:\windows\system32\hpmml160.dll
2014-02-13 22:30 . 2013-12-04 06:08    171296    ----a-w-    c:\windows\system32\hpmja160.dll
2014-02-13 22:30 . 2013-12-04 06:07    419616    ----a-w-    c:\windows\system32\hpcpn160.dll
2014-02-13 22:30 . 2013-12-04 06:07    119584    ----a-w-    c:\windows\system32\hpcjpm.dll
2014-02-13 22:30 . 2009-02-25 22:32    59928    ----a-w-    c:\windows\system32\fxcompchannel.dll
2014-02-13 22:28 . 2014-02-13 22:28    --------    d-----w-    C:\HP Universal Print Driver
2014-02-12 00:16 . 2013-12-05 02:12    1248768    ----a-w-    c:\windows\system32\msxml3.dll
2014-02-11 20:46 . 2014-02-11 20:47    --------    d-----w-    c:\program files\SlimCleaner
2014-02-09 05:05 . 2014-02-09 05:05    --------    d-----w-    C:\MATS
2014-02-08 22:55 . 2014-02-26 20:33    --------    d-----w-    c:\programdata\Spybot - Search & Destroy
2014-02-08 22:41 . 2014-02-08 22:41    --------    d-----w-    c:\program files\VirusTotalUploader2
2014-02-08 04:53 . 2014-02-08 04:53    --------    d-----w-    c:\program files\Reason
2014-02-06 20:56 . 2014-02-06 20:56    --------    d-----w-    c:\program files\Reg Organizer
2014-02-06 20:55 . 2014-02-06 20:56    --------    d-----w-    c:\program files\AnVir Task Manager Free
2014-02-06 08:06 . 2014-02-11 23:00    --------    d-----w-    c:\programdata\Auslogics
2014-02-05 16:57 . 2014-02-22 03:54    --------    d-----w-    c:\users\19newaccount51
2014-02-05 10:19 . 2014-02-05 10:19    --------    d-----w-    C:\MGlogs
2014-02-05 09:57 . 2014-02-05 10:02    --------    d-----w-    C:\MGtools
2014-02-03 05:57 . 2014-02-03 05:58    --------    d-----w-    c:\program files\stinger
2014-02-01 23:46 . 2014-02-01 23:46    18656    ----a-w-    c:\windows\system32\autochk.exe.bak
2014-02-01 10:33 . 2014-02-23 06:49    --------    d-----w-    c:\program files\Panda Security
2014-02-01 09:42 . 2014-02-01 09:42    --------    d-----w-    c:\users\md\AppData\Roaming\QuickScan
2014-02-01 04:43 . 2014-02-01 04:43    89088    ----a-w-    c:\users\md\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\mbr.exe
2014-01-31 20:31 . 2014-01-31 20:31    1166132    ----a-w-    c:\users\md\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AdwCleaner(1).exe
2014-01-31 17:35 . 2014-02-07 15:03    --------    d-----w-    C:\CCE_Quarantine
2014-01-28 23:18 . 2014-01-28 23:18    --------    d-----w-    c:\programdata\Macrium
2014-01-28 23:17 . 2014-01-28 23:17    --------    d-----w-    c:\program files\Common Files\Adobe AIR
2014-01-28 22:38 . 2014-01-28 22:42    --------    d---a-w-    C:\cce_linux
2014-01-28 21:45 . 2014-01-28 21:45    12589848    ----a-w-    c:\users\md\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\mbar-1.07.0.1009(1).exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2404-12-12 15:08 . 2013-12-03 11:20    41974272    ----a-w-    c:\windows\system32\RCoRes.dat
2014-02-24 15:11 . 2014-01-16 20:40    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-24 15:11 . 2014-01-16 20:40    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-02-23 22:10 . 2013-04-07 06:51    181064    ----a-w-    c:\windows\PSEXESVC.EXE
2014-02-05 10:02 . 2014-02-05 09:57    284404    ----a-w-    C:\MGlogs.zip
2014-02-04 23:09 . 2013-10-20 23:17    773632    ----a-w-    c:\users\md\AppData\Roaming\System.Data.SQLite.dll
2014-01-27 06:17 . 2013-03-21 13:44    57672    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2014-01-27 06:17 . 2013-03-21 13:44    775952    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2014-01-27 06:17 . 2013-03-21 13:44    410784    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2014-01-27 06:17 . 2013-03-21 13:44    54832    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2014-01-27 06:17 . 2013-03-21 13:44    67824    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-01-27 06:17 . 2013-03-21 13:44    270240    ----a-w-    c:\windows\system32\aswBoot.exe
2014-01-27 06:17 . 2013-03-21 13:41    43152    ----a-w-    c:\windows\avastSS.scr
2014-01-27 03:35 . 2014-01-27 03:35    388608    ----a-w-    c:\users\md\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HiJackThis.exe
2014-01-22 20:26 . 2014-01-22 20:26    688992    ----a-w-    c:\users\md\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\dds.com
2014-01-22 20:25 . 2014-01-22 20:25    4745728    ----a-w-    c:\users\md\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\aswMBR.exe
2014-01-22 19:23 . 2014-01-22 19:23    987425    ----a-w-    c:\users\md\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SecurityCheck.exe
2014-01-22 19:19 . 2014-01-22 19:19    12582688    ----a-w-    c:\users\md\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\mbar-1.07.0.1008.exe
2014-01-16 21:57 . 2011-03-28 23:36    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-01-05 17:12 . 2013-03-21 13:44    180248    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-01-03 22:58 . 2014-01-03 22:28    35656    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys.bak
2013-12-04 06:15 . 2013-12-04 06:15    379168    ----a-w-    c:\windows\system32\hpmprein.dll
2013-12-04 06:08 . 2013-12-04 06:08    69408    ----a-w-    c:\windows\system32\hpmco160.dll
2013-12-03 11:21 . 2013-12-03 11:21    938752    ----a-w-    c:\windows\system32\slcnt32.dll
2013-12-03 11:21 . 2013-12-03 11:21    604928    ----a-w-    c:\windows\system32\sltech32.dll
2013-12-03 11:21 . 2013-12-03 11:21    218368    ----a-w-    c:\windows\system32\slprp32.dll
2013-12-03 11:21 . 2013-12-03 11:21    919600    ----a-w-    c:\windows\system32\SFSS_APO.dll
2013-12-03 11:21 . 2013-12-03 11:21    823040    ----a-w-    c:\windows\system32\sl3apo32.dll
2013-12-03 11:21 . 2013-12-03 11:21    1596488    ----a-w-    c:\windows\system32\RTSndMgr.cpl
2013-12-03 11:21 . 2013-12-03 11:21    782040    ----a-w-    c:\windows\system32\RtkApoApi.dll
2013-12-03 11:20 . 2013-12-03 11:20    852016    ----a-w-    c:\windows\system32\MISS_APO.dll
2013-12-03 11:20 . 2013-12-03 11:20    509184    ----a-w-    c:\windows\system32\MaxxVolumeSDAPO.dll
2013-12-03 11:20 . 2013-12-03 11:20    926976    ----a-w-    c:\windows\system32\MaxxSpeechAPO.dll
2013-12-03 11:20 . 2013-12-03 11:20    761088    ----a-w-    c:\windows\system32\MaxxVoiceAPO20.dll
2013-12-03 11:20 . 2013-12-03 11:20    27369216    ----a-w-    c:\windows\system32\MaxxAudioVnA.dll
2013-12-03 11:20 . 2013-12-03 11:20    873728    ----a-w-    c:\windows\system32\MaxxAudioAPO40.dll
2013-12-03 11:20 . 2013-12-03 11:20    509184    ----a-w-    c:\windows\system32\MaxxAudioAPO30.dll
2013-12-03 11:20 . 2013-12-03 11:20    426944    ----a-w-    c:\windows\system32\DTSU2PLFX32.dll
2013-12-03 11:20 . 2013-12-03 11:20    403392    ----a-w-    c:\windows\system32\DTSU2PGFX32.dll
2013-12-03 11:20 . 2013-12-03 11:20    346048    ----a-w-    c:\windows\system32\DTSU2PREC32.dll
2013-12-03 11:20 . 2013-12-03 11:20    2395680    ----a-w-    c:\windows\system32\FMAPO.dll
2013-12-03 11:20 . 2013-12-03 11:20    6176944    ----a-w-    c:\windows\system32\DDPP32A.dll
2013-12-03 11:20 . 2013-12-03 11:20    272048    ----a-w-    c:\windows\system32\DDPO32A.dll
2013-12-03 11:20 . 2013-12-03 11:20    219312    ----a-w-    c:\windows\system32\DDPA32.dll
2013-12-03 11:20 . 2013-12-03 11:20    1489072    ----a-w-    c:\windows\system32\DDPD32A.dll
2013-12-03 11:20 . 2013-12-03 11:20    92584    ----a-w-    c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-03 11:20 . 2013-12-03 11:20    502584    ----a-w-    c:\windows\system32\audioLibVc.dll
2013-12-03 11:20 . 2013-12-03 11:20    188696    ----a-w-    c:\windows\system32\AcpiServiceVnA.dll
2013-12-03 11:20 . 2013-12-03 11:20    182472    ----a-w-    c:\windows\system32\AERTACap.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
[7] 2008-01-19 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys
[7] 2008-01-19 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys
[7] 2006-11-02 . E86CF7CE67D5DE898F27EF884DC357D8 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6000.16386_none_22210ce737ee2d9b\asyncmac.sys
.
[7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
[7] 2008-01-19 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[7] 2006-11-02 . AC3DD1708B22761EBD7CBE14DCC3B5D7 . 6144 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys
.
.
.
.
[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
[7] 2006-11-02 . EC5EFB3C60F1B624648344A328BCE596 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6000.16386_none_a72f2b811e11f9f3\null.sys
.
.
[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
[7] 2006-11-02 . BEB6470532B7461D7BB426E3FACB424F . 81408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6000.16386_none_76b264bda1136499\browser.dll
.
[7] 2013-03-21 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[7] 2013-03-21 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[7] 2013-03-21 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[7] 2013-03-21 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[7] 2013-03-21 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[7] 2013-03-21 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[7] 2013-03-21 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[7] 2013-03-21 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[7] 2013-03-21 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[7] 2013-03-21 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[7] 2013-03-21 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[7] 2013-03-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[7] 2013-03-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[7] 2013-03-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[7] 2013-03-21 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[7] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[7] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[7] 2006-11-02 . 6A0E382E74280E4CC0DF17FE2661D003 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
.
[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
[7] 2006-11-02 . 90A4DAE28B94497F83BEA0F2A3B77092 . 273920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6000.16386_none_0d86599a54e4c25f\netman.dll
.
[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
[7] 2006-11-02 . 4843A1784BA6434DFF80F841DDC592C6 . 1236992 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6000.16386_none_2a7a18dbe946c84f\comres.dll
.
[7] 2013-03-21 . F1148566FA5173A4FD48AF8E8BC09401 . 750080 . . [7.0.6000.20647] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.20647_none_220fe38215833e63\qmgr.dll
[7] 2013-03-21 . DA551697E34D2B9943C8B1C8EAFFE89A . 750080 . . [7.0.6000.16531] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16531_none_218b14e6fc62ea9e\qmgr.dll
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[7] 2008-01-19 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[7] 2006-11-02 . 733FB484A06B9D6A44DD9CA1D3BE937B . 749568 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16386_none_215a02f0fc86fab8\qmgr.dll
.
[7] 2013-03-21 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[7] 2013-03-21 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[7] 2013-03-21 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[7] 2013-03-21 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[7] 2008-01-19 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
[7] 2006-11-02 . B46D8EA6DD30BAA49F674DACDC4C491F . 545792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16386_none_67941a0040f4ed68\rpcss.dll
.
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[7] 2008-01-19 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[7] 2006-11-02 . 329CF3C97CE4C19375C8ABCABAE258B0 . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
.
[7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[7] 2008-01-19 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[7] 2006-11-02 . DA612EF2556776DF2630B68BF2D48935 . 124928 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
.
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[7] 2008-01-19 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[7] 2006-11-02 . 9F75392B9128A91ABAFB044EA350BAAD . 308224 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
.
.
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[7] 2008-01-19 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[7] 2006-11-02 . AB4FDE8AF4A0270A46A001C08CBCE1C2 . 68096 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys
.
[7] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\System32\comctl32.dll
[7] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18879_none_3b3ff8f0d54e60f1\comctl32.dll
[7] 2013-07-04 . 9474AD3584430D24DA87517F9DB0CBB2 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
[7] 2013-07-04 . 059F04344FD96993C4F207BB4E281DF3 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23151_none_3bd70d4bee632e8a\comctl32.dll
[7] 2013-07-04 . C0A115C660134FD0A97735DE368702A5 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23151_none_8ad7a1bf66eb6815\comctl32.dll
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-19 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-19 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2008-01-19 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2006-11-02 . BB61FB941A382A197AC2989337BF6364 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6000.16386_none_37655d04db0c72a6\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2013-10-03 . 165E9D93A84A7F55EBEEB1B554110680 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[7] 2013-07-08 . 828805E2E7F529B24849AD52740288DA . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[7] 2013-04-24 . 3EDE4C1F9672C972479201544969ADCB . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[7] 2013-04-24 . FBE051C07C3D2B9011ECB1C7A73120C1 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll
[7] 2013-04-17 . 58CEF2D243575512657452B9E89A2E1F . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[7] 2013-04-17 . CC8E2C87016A07892B5448D764BF8A30 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-19 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[7] 2006-11-02 . 1C26FB097170A2A91066D1E3A24366E3 . 123392 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
[7] 2008-01-19 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll
[7] 2006-11-02 . DFB250BAC1A9108ABD777EA181E32015 . 259584 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16386_none_0ab6dd2154d28f55\es.dll
.
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[7] 2008-01-19 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[7] 2006-11-02 . EE12864398F1C3BF5BEE91F6AF9842E1 . 115200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll
.
[7] 2013-03-21 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[7] 2013-03-21 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[7] 2013-03-21 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[7] 2013-03-21 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll
[7] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll
[7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[7] 2008-01-19 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[7] 2006-11-02 . 1E36AE445E4DA83B82D51FEB2D4F8772 . 874496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
[7] 2013-06-04 . 14940757518AA48B73992F19820D1799 . 23552 . . [6.0.6002.23132] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23132_none_ac24a6e570e0e9d1\lpk.dll
[7] 2013-03-21 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
[7] 2013-03-21 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
[7] 2013-03-21 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
[7] 2013-03-21 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
[7] 2013-03-21 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll
[7] 2013-03-21 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18861_none_ab79c00457dc541a\lpk.dll
[7] 2013-03-21 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
[7] 2013-03-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll
[7] 2013-03-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
[7] 2013-03-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
[7] 2013-03-21 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
[7] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll
[7] 2006-11-02 . 6D832E5314A2445D3F644C71FAF32BDC . 24064 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16386_none_a79c567c5d9b4c78\lpk.dll
.
[7] 2014-02-05 . 620E595C1024D1D8DDBADF13C30FEB39 . 12345344 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20644_none_d3ad4d437938e206\mshtml.dll
[7] 2014-02-05 . 8CD5CA15064C3E47B4F246F98558E2DD . 12345344 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll
[7] 2014-02-05 . 8CD5CA15064C3E47B4F246F98558E2DD . 12345344 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16533_none_d32d801a60140cf4\mshtml.dll
[7] 2013-11-14 . 845028B4ED05A9DF76A03897E5C98FF5 . 12345344 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20637_none_d3bb1e0d792e121a\mshtml.dll
[7] 2013-11-14 . C89906FA43A58FD4CFC7EA06D885A597 . 12344320 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16526_none_d33b50e460093d08\mshtml.dll
[7] 2013-10-13 . AC986A1AD35CDBF07B0E5D1AC9D527B5 . 12344832 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16520_none_d3354f28600ea4fe\mshtml.dll
[7] 2013-10-13 . F111B63E90F9A36B8CF4894B43EFC641 . 12344832 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20631_none_d3b51c5179337a10\mshtml.dll
[7] 2013-09-22 . 41DAD6EDAE3F02B7D527FA9B4B4EA022 . 12336640 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20625_none_d3c3ed657927c37b\mshtml.dll
[7] 2013-09-22 . F46A58EC9183CB2B24326A41CDDE1FAE . 12336128 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16514_none_d344203c6002ee69\mshtml.dll
[7] 2013-07-31 . 6DB41C70A74B420A0ADC55A9862DDAD9 . 12335104 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16506_none_d350f0bc5ff90526\mshtml.dll
[7] 2013-07-31 . DCC51F3466767C3B418E23F5A467D6E5 . 12335616 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20617_none_d3d0bde5791dda38\mshtml.dll
[7] 2013-07-25 . 0E2B5CB2193B6B0057F7D8B3FE02777E . 12334080 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20613_none_d3ccbcbd792174dc\mshtml.dll
[7] 2013-07-25 . 7161E761E81356C8EF6383CB1AE41B8D . 12334080 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16502_none_d34cef945ffc9fca\mshtml.dll
[7] 2013-05-29 . 4ACB8A0EA4A1BEAA4FA92680BB71C542 . 12335104 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20606_none_d3da8d877916a4f0\mshtml.dll
[7] 2013-05-29 . 7BD6A6DFA75B665FA8F21BB21E59EC11 . 12333568 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16496_none_d2ef9f8a60420378\mshtml.dll
[7] 2013-05-16 . A6F5B25905CD01AE714990E02C7205A5 . 12329984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16490_none_d2e99dce60476b6e\mshtml.dll
[7] 2013-05-16 . 097654708FE5F07278A1E36D9F78CA94 . 12330496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20600_none_d3d48bcb791c0ce6\mshtml.dll
[7] 2013-05-05 . 1152DE9D7FE16EC92A12165D1CBE8406 . 12325888 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20594_none_d3773bc179617094\mshtml.dll
[7] 2013-05-05 . 26F30066B9FA78C97A0E92803D496211 . 12324864 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16484_none_d2f86ee2603bb4d9\mshtml.dll
[7] 2013-04-04 . 79B0D843B26BEA808EA89BA2D8A026F2 . 12324864 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16483_none_d2f76e98603c9b82\mshtml.dll
[7] 2013-04-04 . 4EBF337D1F52EA9202072348BA41CA95 . 12325376 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20593_none_d3763b777962573d\mshtml.dll
[7] 2013-03-22 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16470_none_d2ff3da66037338c\mshtml.dll
[7] 2013-03-21 . 8A49DC126EEB62C030782A9CBDA3A99E . 3599360 . . [7.00.6000.16982] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16982_none_11085adc2541f3d6\mshtml.dll
[7] 2013-03-21 . 0EE8B3A112C58EB71951DA5C77E7C01A . 3602944 . . [7.00.6000.21184] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21184_none_1193d05d3e5df990\mshtml.dll
[7] 2013-03-21 . 360A4FA3715C63086AE00C108E592E08 . 3600896 . . [7.00.6002.18167] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18167_none_14efae9a1f7a1de3\mshtml.dll
[7] 2013-03-21 . F1F3D1793483B394835DAB3D4C326CDB . 3603456 . . [7.00.6002.22290] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22290_none_1551d99b38b6601f\mshtml.dll
[7] 2013-03-21 . 804BEB97942AFDD90A0418DDB4EF8342 . 3585024 . . [7.00.6001.18385] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18385_none_12f19a602265d0cc\mshtml.dll
[7] 2013-03-21 . 6EF8BF95A1CE83ECA056524A02B29E25 . 3587584 . . [7.00.6001.22585] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22585_none_137b39113b836dbd\mshtml.dll
[7] 2013-02-22 . 474D43D76E2A33FEE21C6F4BB7C4A3B7 . 12324864 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20586_none_d3840c4179578751\mshtml.dll
[7] 2013-02-22 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16476_none_d3053f626031cb96\mshtml.dll
[7] 2013-02-02 . 8645B1DDBA9C7E8A863DBF51BE5A7318 . 3622400 . . [7.00.6002.23032] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.23032_none_15949f2338840a7a\mshtml.dll
[7] 2013-02-01 . B8D9E6506F6D834973962FD662A5256E . 3621888 . . [7.00.6002.18778] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18778_none_14e5ea5c1f814215\mshtml.dll
[7] 2009-04-11 . A4D04D404AFC1D30EDA01EE50D27AA51 . 3596288 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18005_none_152e8ba81f4b4668\mshtml.dll
[7] 2008-01-19 . 48E05FD07045BB2E5CFC43C970CAF1E7 . 3578368 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18000_none_1343129c22297b1c\mshtml.dll
[7] 2006-11-02 . 2D972F487EACEBBB2B3A02F290C3511A . 3580416 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16386_none_110c50a0253e6a48\mshtml.dll
.
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-19 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
[7] 2006-11-02 . 75287677BB8BC9A16C32CE8A72F485A0 . 681472 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6000.16386_none_cf1e7424a1fb0cd9\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-19 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
[7] 2006-11-02 . 54E9576169A248AD62A1EB9773225826 . 227328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6000.16386_none_b61c950a3060adba\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[7] 2008-01-19 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[7] 2006-11-02 . 889A2C9F2AACCD8F64EF50AC0B3D553B . 559616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-19 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
[7] 2006-11-02 . 3CDEC51291F735C5C276B957239017A3 . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6000.16386_none_a0e2dc64ffed4e9d\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[7] 2008-01-19 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[7] 2006-11-02 . 80E2839D05CA5970A86D7BE2A08BFF61 . 176640 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6000.16386_none_a4ff01505f4694a4\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[7] 2006-11-02 . 10DA15933D582D2FEDCF705EFE394B09 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-19 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
[7] 2006-11-02 . EF3DD33C740FC2F82E7E4622F1C49289 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6000.16386_none_e10616dfe80787ab\tapisrv.dll
.
[7] 2013-03-21 . 9D9F061EDA75425FC67F0365E3467C86 . 633856 . . [6.0.6000.20537] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[7] 2013-03-21 . 63B4F59D7C89B1BF5277F1FFEFD491CD . 633856 . . [6.0.6000.16438] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[7] 2008-01-19 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[7] 2006-11-02 . E698A5437B89A285ACA3FF022356810A . 633856 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
.
[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[7] 2006-11-02 . 22027835939F86C3E47AD8E3FBDE3D11 . 24576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
.
[7] 2014-02-05 . 5EDAA4D8E5E762B4487813DC4053F244 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20644_none_c2532e24f8e278d0\wininet.dll
[7] 2014-02-05 . 679EAED8E703235BA81AA2E58F4E2D16 . 1129472 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll
[7] 2014-02-05 . 679EAED8E703235BA81AA2E58F4E2D16 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16533_none_c1d360fbdfbda3be\wininet.dll
[7] 2013-11-14 . 4CC9DF09C3D915BA0A101A11DB684F26 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16526_none_c1e131c5dfb2d3d2\wininet.dll
[7] 2013-11-14 . 1C0B5D8A0A0F4614F032751E418E87E1 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20637_none_c260feeef8d7a8e4\wininet.dll
[7] 2013-10-13 . C36E38AD3C7FAFF0E30C4CBCB28CE7FB . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16520_none_c1db3009dfb83bc8\wininet.dll
[7] 2013-10-13 . F1771715A3DC3DB14BD374F63507878D . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20631_none_c25afd32f8dd10da\wininet.dll
[7] 2013-09-22 . 508484580EA124FB03C41C58D4A63BE1 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20625_none_c269ce46f8d15a45\wininet.dll
[7] 2013-09-22 . C8ADAA6948993D839D14524847EA5B75 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16514_none_c1ea011ddfac8533\wininet.dll
[7] 2013-07-31 . 21A5424935A32080A58DD40F2712212C . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16506_none_c1f6d19ddfa29bf0\wininet.dll
[7] 2013-07-31 . 99991FC7D1430A61F27B48AC3D43B028 . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20617_none_c2769ec6f8c77102\wininet.dll
[7] 2013-07-25 . EFA69C15A411D9794131CBCF6B59EA08 . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_c2729d9ef8cb0ba6\wininet.dll
[7] 2013-07-25 . 6839F14A2507D9273BD13565DD880377 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_c1f2d075dfa63694\wininet.dll
[7] 2013-05-29 . 745410A5E043E8F880C932007034F8B6 . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_c2806e68f8c03bba\wininet.dll
[7] 2013-05-29 . EA952A5C277CABCBA69EA806146BB984 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_c195806bdfeb9a42\wininet.dll
[7] 2013-05-16 . 6A25377A76479A0C0BF3DB6FC42FE09A . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_c18f7eafdff10238\wininet.dll
[7] 2013-05-16 . CC25EA1287613DC45D25A26037B4DBDD . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_c27a6cacf8c5a3b0\wininet.dll
[7] 2013-04-04 . 2C96B3921B4CDE10DBAED5AAD760DB67 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll
[7] 2013-04-04 . 28B2DD8DBAEE306290A74ED03DB3768F . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll
[7] 2013-03-22 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll
[7] 2013-03-21 . C7A318E74FEF945EBFF855C1513CD96C . 832512 . . [7.00.6000.16982] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16982_none_ffae3bbda4eb8aa0\wininet.dll
[7] 2013-03-21 . 6F837BD5085F73A8FF0425AA6705A8D1 . 841216 . . [7.00.6000.21184] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21184_none_0039b13ebe07905a\wininet.dll
[7] 2013-03-21 . 565B8A25FB59E8E1F5ED59C95F72B7D7 . 834048 . . [7.00.6002.18167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18167_none_03958f7b9f23b4ad\wininet.dll
[7] 2013-03-21 . C86BBCF0DA44F2B36C9AA59032916EF0 . 834048 . . [7.00.6002.22290] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22290_none_03f7ba7cb85ff6e9\wininet.dll
[7] 2013-03-21 . 27DFDEA0533477C8923FC874F6439CF0 . 833024 . . [7.00.6001.18385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18385_none_01977b41a20f6796\wininet.dll
[7] 2013-03-21 . 4D36519B1212659127A4CFCC19E33049 . 834048 . . [7.00.6001.22585] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22585_none_022119f2bb2d0487\wininet.dll
[7] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[7] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[7] 2013-02-02 . 387596B39BE2FF5B24B251D4AE936400 . 842240 . . [7.00.6002.23032] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.23032_none_043a8004b82da144\wininet.dll
[7] 2013-02-01 . 44B4EF5F6696420237AE2E8E43F79A42 . 834048 . . [7.00.6002.18778] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18778_none_038bcb3d9f2ad8df\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2008-01-19 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
[7] 2006-11-02 . 214A456AADCC7DD1B36E2287BA71A9CA . 822272 . . [7.00.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16386_none_ffb23181a4e80112\wininet.dll
.
[7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[7] 2008-01-19 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[7] 2006-11-02 . D99A071C1018BB3D4ABAAD4B62048AC2 . 178688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[7] 2013-03-21 . 6D06CD98D954FE87FB2DB8108793B399 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[7] 2013-03-21 . BD06F0BF753BC704B653C3A50F89D362 . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[7] 2013-03-21 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[7] 2013-03-21 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[7] 2013-03-21 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[7] 2013-03-21 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[7] 2008-01-19 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[7] 2006-11-02 . FD8C53FB002217F6F888BCF6F5D7084D . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
.
[7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe
[7] 2008-01-19 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
[7] 2006-11-02 . F13123E76FDA33E55F11E0EB832E832A . 134656 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[7] 2008-01-19 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
[7] 2006-11-02 . CCE6FB960F8985BF500CE9CB0B2EF4CF . 1314816 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6000.16386_none_a9e6e55ff5664fb0\ole32.dll
.
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[7] 2008-01-19 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
[7] 2006-11-02 . 456FB859236C9074ACF6C3B6243D8B46 . 502784 . . [1.0626.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6000.16386_none_aac3b7125b914f5a\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6000.16386_none_e5cada609a6133bd\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll
.
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\msimg32.dll
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6000.16386_none_7535161f1f2100ed\msimg32.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[7] 2008-01-19 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[7] 2006-11-02 . D4385B03E8CCCEE6F0EE249F827C1F3E . 95744 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
.
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[7] 2008-01-19 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
[7] 2006-11-02 . 9A043808667C8C1893DA7275AF373F0E . 105984 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6000.16386_none_872f43bd868c402d\regsvc.dll
.
[7] 2013-03-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[7] 2013-03-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
[7] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[7] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[7] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[7] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[7] 2008-01-19 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
[7] 2006-11-02 . 5C72614E6625D39CC1504BF078FDC4CA . 595456 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16386_none_2cca5c959a1767e4\schedsvc.dll
.
[7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[7] 2008-01-19 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
[7] 2006-11-02 . 8D3E4BAFF8B3997138C38EB1B600519A . 155136 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6000.16386_none_7d92b0efd44d38e1\ssdpsrv.dll
.
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[7] 2008-01-19 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
[7] 2006-11-02 . FAD71C1E8E4047B154E899AE31EB8CAA . 427520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6000.16386_none_8c687fcc5759068e\termsrv.dll
.
[7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[7] 2008-01-19 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
[7] 2006-11-02 . 312BA286EB3BE9EAE82DA427ED2C0284 . 291840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6000.16386_none_adff83b897ae75bd\hnetcfg.dll
.
.
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[7] 2008-01-19 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
[7] 2006-11-02 . D7657856319941907BBDC2A11713CFD7 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6000.16386_none_f6ca18a8459b3244\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
.
[7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[7] 2008-01-19 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
[7] 2006-11-02 . 8EB871A3DEB6B3D5A85EB6DDFC390B59 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6000.16386_none_bfb172793798ecfb\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[7] 2008-01-19 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
[7] 2006-11-02 . 68AC082734363E6BA813E7EAA353DB13 . 445440 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6000.16386_none_5664fc5c44f7ce2c\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[7] 2008-01-19 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
[7] 2006-11-02 . E72A22DCF0733AC06695ACD2268F6EB3 . 1788416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6000.16386_none_c016aaa963db2525\d3d9.dll
.
[7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[7] 2008-01-19 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
[7] 2006-11-02 . 29EF7A2EE634DD701571E781DE5E7E91 . 528384 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6000.16386_none_02cee0f0c3162de9\ddraw.dll
.
[7] 2009-04-11 04:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll
[7] 2009-04-11 04:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[7] 2008-01-19 04:36 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
[7] 2006-11-02 09:46 . DF54915B3DD106854F18C678BEB2977D . 88576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6000.16386_none_37dcf89704c935aa\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6000.16386_none_2f3c7bc7602ec1c4\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[7] 2008-01-19 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
[7] 2006-11-02 . D8C819157EBA10401FD25FB48184EF24 . 20480 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6000.16386_none_12c78d3353faab20\version.dll
.
.
.
.
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll
[7] 2008-01-19 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll
[7] 2006-11-02 . 62B0D0F6F5580D9D0DFA5E0B466FF2ED . 270848 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6000.16386_none_8670a1b3705f945b\w32time.dll
.
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll
[7] 2008-01-19 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll
[7] 2006-11-02 . A941E099EF46E3CC12F898CBE1C39910 . 451584 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6000.16386_none_305d7915b6684b33\wiaservc.dll
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[7] 2008-01-19 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
[7] 2006-11-02 . 848E745A842F903FD521DB585AB00D97 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6000.16386_none_8ac7060813a4d0d2\midimap.dll
.
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
.
[7] 2008-01-19 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL
[7] 2008-01-19 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
[7] 2006-11-02 . CE0D320700CCF7C78AEF9ED84332CC53 . 11264 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6000.16386_none_c97c43c6349c7486\WSHTCPIP.DLL
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-27 06:17    259464    ----a-w-    c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"="c:\program files\CCleaner\CCleaner.exe" [2014-01-21 4455704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2013-12-01 2860064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-12-03 12017368]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-08 6756048]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-27 3767096]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2011-05-15 325512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSearchFilesInStartMenu"= 0 (0x0)
"NoSearchProgramsInStartMenu"= 0 (0x0)
"NoSearchComputerLinkInStartMenu"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54    551296    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-03-25 116608]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
HPZ12    REG_MULTI_SZ       Pml Driver HPZ12 Net Driver HPZ12
HPService    REG_MULTI_SZ       HPSLPSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 06:51    1150280    ----a-w-    c:\program files\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-16 15:11]
.
2014-02-06 c:\windows\Tasks\AnVir Task Manager.job
- c:\program files\AnVir Task Manager Free\AnVir.exe [2013-07-16 07:32]
.
2014-02-22 c:\windows\Tasks\FreeFixer background scan.job
- c:\program files\FreeFixer\freefixer.exe [2014-02-10 15:56]
.
2014-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-21 13:44]
.
2014-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-03-21 13:44]
.
2014-02-06 c:\windows\Tasks\RegOrganizerQuickLaunch.job
- c:\program files\Reg Organizer\RegOrganizer.exe [2014-02-06 01:50]
.
2014-02-27 c:\windows\Tasks\Wise Care 365 PC Checkup Task.job
- c:\program files\Wise\Wise Care 365\WiseCare365.exe [2014-01-19 21:25]
.
2014-02-02 c:\windows\Tasks\Wise PC 1stAid Task.job
- c:\program files\Wise\Wise PC 1stAid\WisePCAid.exe [2013-08-27 20:07]
.
2014-01-19 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files\Wise\Wise Care 365\WiseTurbo.exe [2014-01-19 21:25]
.
.
------- Supplementary Scan -------
.
uStart Page = www.bing.com
TCP: DhcpNameServer = 192.168.1.254
DPF: {413D6754-BFD4-47FE-9346-319559290BFA} - hxxps://www.webpcfos.com/webpcfos/websabre/HTEweb_v.cab
FF - ProfilePath - c:\users\19newaccount51\AppData\Roaming\Mozilla\Firefox\Profiles\ysj83qjj.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxps://www.google.com/search
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
SafeBoot-06770448.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-27 14:35
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(784)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(1768)
c:\windows\system32\guard32.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\COMODO\launcher_service.exe
c:\windows\system32\nvvsvc.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Microsoft\BingDesktop\BingDesktopUpdater.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\ehome\ehsched.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Secunia\PSI\sua.exe
c:\program files\System Explorer\service\SystemExplorerService.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
.
**************************************************************************
.
Completion time: 2014-02-27  14:54:52 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-27 20:54
.
Pre-Run: 98,443,530,240 bytes free
Post-Run: 98,290,294,784 bytes free
.
- - End Of File - - E83CC0BBF7A4D51B95164E265F915B9E
5C616939100B85E558DA92B899A0FC36



#5 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:08:41 AM

Posted 27 February 2014 - 05:17 PM

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then attach it to your next reply.

 

In your next reply, please include:

  • aswmbr log
  • How is the computer running now?

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#6 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 27 February 2014 - 06:23 PM

Hi Jason,

 

In retrospect, your instruction line for ComboFix: "Close any open browsers or any other programs that are open."

The sentence caused me to think now  – I 'm not convinced I can shut down Internet Explorer (IE) – I have seen anti-malware and cleaner apps alert me with something like: “IE needs to be shut down before proceeding” - even though I had closed out of IE.

My work-around has been simply: Reboot and proceed not using IE before scanning for malware. It has become so routine, I didn't even think to mention it.

 

Also,

I have been aware, but never thought it important, until now:

1. My AdwareCleaner reports always show a cleaning of Firefox(Prefs.), and Chrome (Prefs.) – but never anything for Internet Explorer, (abreviated LOG below)


 

And,

Looking back through my various anti-malware logs I just now noticed

2. Junkware Removal Tool (JRT) found IE needed a repair 4 days ago.(abreviated LOG below)

 

How significant is this?

 

Please know, I will proceed with aswMBR as you advised and report right back to you.

 

Thank you

 

The logs:

 

# AdwCleaner v3.019 - Report created 24/02/2014 at 13:25:34
# Updated 17/02/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : 19newaccount51 - LONDON
# Running from : C:\Users\19newaccount51\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\md\AppData\Roaming\Mozilla\Firefox\Profiles\qkl4rll6.default-1387550502502\prefs.js ]
[ File :C:\Users\19newaccount51\AppData\Roaming\Mozilla\Firefox\Profiles\ysj83qjj.default\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\md\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\19newaccount51\AppData\Local\Google\Chrome\User Data\Default\preferences ]


########## EOF - C:\AdwCleaner\AdwCleaner[S43].txt - [6407 octets] ##########

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.2 (02.20.2014:1)

OS: Windows Vista ™ Home Premium x86

Ran by 19newaccount51 on Mon 02/24/2014 at 11:31:54.62

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3326819883-535093209-635282915-1261\Software\Microsoft\Internet Explorer\Main\\Start Page

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 02/24/2014 at 11:35:29.01

End of JRT log

~~~~~~~~~~~~~~~~~

 

 

 

 

aswMBR log next

 

Thank you



#7 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 27 February 2014 - 06:57 PM

Hi Jason,

 

Here is the aswMBR log

 

Thank you for guiding and hanging in here with me.

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-02-27 17:38:09
-----------------------------
17:38:09.960    OS Version: Windows 6.0.6002 Service Pack 2
17:38:09.960    Number of processors: 2 586 0x4303
17:38:09.960    ComputerName: LONDON  UserName:
17:38:14.343    Initialize success
17:38:18.743    AVAST engine defs: 14022700
17:39:30.331    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006e
17:39:30.331    Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 3
17:39:30.440    Disk 0 MBR read successfully
17:39:30.440    Disk 0 MBR scan
17:39:30.456    Disk 0 Windows VISTA default MBR code
17:39:30.456    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       250000 MB offset 63
17:39:30.471    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       218476 MB offset 512002048
17:39:30.487    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS         8450 MB offset 959442944
17:39:30.487    Disk 0 scanning sectors +976748544
17:39:30.518    Disk 0 scanning C:\Windows\system32\drivers
17:39:42.842    Service scanning
17:40:02.607    Modules scanning
17:40:08.910    Disk 0 trace - called modules:
17:40:08.925    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
17:40:08.941    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x872a32e0]
17:40:08.941    3 CLASSPNP.SYS[8abbd8b3] -> nt!IofCallDriver -> [0x86367120]
17:40:08.941    5 acpi.sys[832166bc] -> nt!IofCallDriver -> \Device\0000006e[0x86367360]
17:40:09.705    AVAST engine scan C:\Windows
17:40:13.387    AVAST engine scan C:\Windows\system32
17:43:35.875    AVAST engine scan C:\Windows\system32\drivers
17:43:51.444    AVAST engine scan C:\Users\19newaccount51
17:48:21.917    AVAST engine scan C:\ProgramData
17:49:36.344    Scan finished successfully
17:52:22.968    Disk 0 MBR has been saved successfully to "C:\Users\19newaccount51\Desktop\MBR.dat"
17:52:22.983    The log file has been saved successfully to "C:\Users\19newaccount51\Desktop\aswMBR-Thursday 02-17-2014.txt"
 



#8 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 27 February 2014 - 08:57 PM

Hi Jason,

 

My PC status:

 

Some "very good" and some "not sure":

 

1.

I can now definitely save and re-open the BC anti-malware tutorials as document files (Recall Problem: "if the file name contains the name of an anti-malware app - when I try to reopen the file - they are judged corrupt by LibreOffice and renamed '$ (ARG1)' "

 

To try and push the limit, I created a file with the name and the contents simply a long list of common malware words (shown below), and I closed and re-opened both this and the tutorial file numerous times and never got the corrupt file rename '$ (ARG1)' "

 

The List:

"Avast AGV Comodo Norton Trendmicro McAfee Sophos Super Anti Spyware Microsoft ESET scan Gmer Awcleaner Ccleaner R kill OTL Mini tool box firewall security anti virus malware bytes root kit buster Rogue Killer Hit man Pro HJT Hi Jack This JRT junk ware"

 

 

2.

It still has some buggy slowness, as if needing HDD Defrag, even though I use Auslogics Defragger regularly.

 

Example:

 

If I do the sequence:

 

R-click START> explore> desktop – from the drop down menu – it won't open the desktop no matter how long I wait, but, I if click 2 more times the desktop opens immediately.

 

 

3.

The IE issue (Recall Problem: AdwCleaner never reported anything cleaned in IE and JRT reported six repairs).

 

I never intentionally use IE - My understanding is IE is always used by WIN Update and a few anti-malware apps to update definitions. So, I would only be informed via future AdwCleaner – JRT scans.

 

How do the scans I sent you actually look as far as any significant indications??.

 

Thank you



#9 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:08:41 AM

Posted 28 February 2014 - 11:55 AM

Hi t.murphytfm,

Regarding the Firefox and Chrome preferences with adwcleaner and JRT, I'm not sure why those keep popping back up. It may be related to your computer still being infected.

 

2.
It still has some buggy slowness, as if needing HDD Defrag, even though I use Auslogics Defragger regularly.
 
Example:
 
If I do the sequence:
 
R-click START> explore> desktop – from the drop down menu – it won't open the desktop no matter how long I wait, but, I if click 2 more times the desktop opens immediately.


This is strange. It shouldn't take too long at all to display the desktop. Do you remember when you first noticed this happen? Was it back in December?

 

3.
The IE issue (Recall Problem: AdwCleaner never reported anything cleaned in IE and JRT reported six repairs).
 
I never intentionally use IE - My understanding is IE is always used by WIN Update and a few anti-malware apps to update definitions. So, I would only be informed via future AdwCleaner – JRT scans.
 
How do the scans I sent you actually look as far as any significant indications?

 
We've removed some malware in the scans that we've run, but I don't think that we've completely removed all the malware.


:step1: Farbar Service Scanner
Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

:step2: FRST
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#10 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 28 February 2014 - 01:18 PM

Hi Jason,

Thank you for the reply.

 

So, sure, I'll remain patient about the FF and Chrome Prefs. showing up in AdwCleaner and JRT.  I was actually thinking there was a problem with IE not being cleaned of Temp. Prefs - because it was possibly being controlled by malware and not accessible for cleaning.  So thank you for my better understanding.

 

Regarding the delay in the desktop displaying:  This started occurring about a week before my first post (say 12 days ago) - more info. - I tested the drop-down menu a number of times this morning for the other selections (downloads, computer etc.)  and they react the same, but I also see that about 1 out of 10 times it works as normal, so the symptom is not totally consistent.

 

 

 

Now the Scans you requested - They will require two or more posts as I got the, "post too large" notice, on the first try.

 

Farbar Service Scanner Version: 25-02-2014
Ran by 19newaccount51 (administrator) on 28-02-2014 at 11:17:28
Running from "C:\Users\19newaccount51\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2013-08-14 01:07] - [2013-07-04 21:20] - 0914880 ____A (Microsoft Corporation) 6D0D344F643E28B31262AC2682109A3C

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

 

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-02-2014 02
Ran by 19newaccount51 at 2014-02-28 11:22:45
Running from C:\Users\19newaccount51\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: COMODO Defense+ (Disabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 16.1.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
7-Zip 9.21 (HKLM\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AnVir Task Manager Free (HKLM\...\AnVir Task Manager Free) (Version:  - AnVir Software)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.0.0 - Auslogics Labs Pty Ltd)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2013 - Avast Software)
BackUp Maker (HKLM\...\BackUp Maker_is1) (Version: 6.5.0.7 - ASCOMP Software GmbH)
Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.341.0 - Microsoft Corporation)
Bing Maps 3D (HKLM\...\{2D87E961-577B-492B-AD54-1368680FB9A7}) (Version: 4.0.903.16005 - Microsoft Corporation)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - )
Canon MX340 series User Registration (HKLM\...\Canon MX340 series User Registration) (Version:  - )
Canon Speed Dial Utility (HKLM\...\Speed Dial Utility) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Comodo Dragon (HKLM\...\Comodo Dragon) (Version: 26.0.2.0 - COMODO)
COMODO Internet Security (HKLM\...\{E62381A7-B1C1-4121-8262-84D38C77786C}) (Version: 5.12.59641.2599 - COMODO Security Solutions Inc.)
CrystalDiskInfo 5.6.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
D110 (Version: 140.0.283.000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Everything 1.2.1.371 (HKLM\...\Everything) (Version:  - )
Fast Duplicate File Finder 3.2.0.1 (HKLM\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 3.2.0.1 - MindGems, Inc.)
FastStone Image Viewer 4.8 (HKLM\...\FastStone Image Viewer) (Version: 4.8 - FastStone Soft)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
Free Download Manager 3.9.3 (HKLM\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
FreeFixer (HKLM\...\FreeFixer1.09) (Version: 1.09 - Kephyr)
GeekBuddy (HKLM\...\{00B6D29A-4BBB-460C-A312-3D5B2FFB23E2}) (Version: 4.8.66 - Comodo Security Solutions Inc)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
herdProtect Anti-Malware Scanner (HKLM\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Product Detection (HKLM\...\{ACAA0152-96A4-4D93-92F5-1B4728C3D984}) (Version: 11.15.0008 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPAppStudio (Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Instant Housecall - Specialist Sign-in (HKLM\...\Instant Housecall-SSI) (Version:  - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.1.5.3 (HKLM\...\{E77773E5-944A-453F-97F3-46767AE0A253}) (Version: 4.1.5.3 - The Document Foundation)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version:  - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Open Book HVAC Certifications 4.2.00 (HKLM\...\9588-9510-0199-4620) (Version: 4.2.00 - Mainstream Engineering Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.95 - Panda Security)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.212.0 - Tracker Software Products Ltd)
Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 6.247.222.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Reg Organizer version 6.11 (HKLM\...\Reg Organizer_is1) (Version: 6.11 - ChemTable Software)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SARDU 2.0.6.5 (HKLM\...\SARDU) (Version: 2.0.6.5 - Davide Costa)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Seagate Media Software (HKLM\...\InstallShield_{F1D90A09-242F-4A38-8672-8EC9FB9A000E}) (Version: 2.01.0370 - Seagate)
Seagate Media Software (Version: 2.01.0370 - Seagate) Hidden
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Secunia PSI (3.0.0.8013) (HKLM\...\Secunia PSI) (Version: 3.0.0.8013 - Secunia)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SlimCleaner (HKLM\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
Sophos Anti-Rootkit 1.5.23 (HKLM\...\Sophos-AntiRootkit) (Version: 1.5.23 - Sophos Plc)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1012 - SUPERAntiSpyware.com)
Super-Charger (HKLM\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.0.110 - MSI)
System Explorer 4.5.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TreeSize Free V2.7 (HKLM\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Tweaking.com - Simple System Tweaker (HKLM\...\Tweaking.com - Simple System Tweaker) (Version: 1.1.3 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.4.1 - Tweaking.com)
UltraFileSearch (HKLM\...\UltraFileSearch) (Version:  - Stegisoft)
UltraFileSearch (Version: 2.9.0.12349 - Stegisoft) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VirusTotal Uploader 2.2 (HKLM\...\VTUploader) (Version:  - )
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Deployment Tools (HKLM\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows PE x86 x64 (HKLM\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinHTTrack Website Copier 3.47-11 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.11 - HTTrack)
Wise Care 365 2.94 (HKLM\...\Wise Care 365_is1) (Version: 2.94 - WiseCleaner.com, Inc.)
Wise PC 1stAid 1.13 (HKLM\...\Wise PC 1stAid_is1) (Version: 1.13 - WiseCleaner.com, Inc.)
Wise Registry Cleaner 7.94 (HKLM\...\Wise Registry Cleaner_is1) (Version: 7.94 - WiseCleaner.com, Inc.)
WOT for Internet Explorer (HKLM\...\{DCAEC601-735C-41AE-B84F-D792F09FB7D1}) (Version: 12.8.2.0 - WOT Services Oy)
xplorer² lite 32 bit (HKLM\...\xplorer2l) (Version: 2.2.0.2 - Zabkat)

==================== Restore Points  =========================

25-02-2014 13:04:24 Scheduled Checkpoint
26-02-2014 06:12:08 Scheduled Checkpoint
27-02-2014 06:33:44 Scheduled Checkpoint
28-02-2014 02:24:25 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 04:23 - 2014-02-27 14:35 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0D964D4E-6193-4766-9D92-33B08C90CF89} - System32\Tasks\SlimCleaner Run => C:\Program Files\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {16374DDE-B3EC-476A-A17A-06FBBEECA9B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24] (Adobe Systems Incorporated)
Task: {176139C1-515E-4F38-B784-9739B4105A8E} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-18] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {23BDB0AC-65D7-4F48-BAB3-115DAD9CA633} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-21] (Google Inc.)
Task: {2A6040F7-1CEA-45E3-8B83-EB604EB92346} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-27] (AVAST Software)
Task: {38FC8D12-48C5-4F01-B58F-82EDBBEDA979} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-21] (Google Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {46A7F30D-0388-45C4-B3A4-E62664031323} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {4DABB605-83D3-47DE-B078-265AFC4872BC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {7F81E498-455A-44B9-A4F5-87E23FC3A547} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {B79B81A6-DA52-45D1-8542-81237E66E903} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe [2014-01-21] (WiseCleaner.com)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2013-03-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AnVir Task Manager.job => C:\Program Files\AnVir Task Manager Free\AnVir.exe
Task: C:\Windows\Tasks\FreeFixer background scan.job => C:\Program Files\FreeFixer\freefixer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegOrganizerQuickLaunch.job => C:\Program Files\Reg Organizer\RegOrganizer.exe
Task: C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe
Task: C:\Windows\Tasks\Wise PC 1stAid Task.job => C:\Program Files\Wise\Wise PC 1stAid\WisePCAid.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2014-02-28 06:41 - 2014-02-28 03:29 - 02186240 _____ () C:\Program Files\AVAST Software\Avast\defs\14022800\algo.dll
2012-06-18 09:24 - 2012-06-18 09:24 - 00260096 _____ () C:\Program Files\Notepad++\NppShell_05.dll
2013-11-08 12:10 - 2013-11-08 12:10 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/26/2014 04:01:14 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\19NEWACCOUNT51\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YSJ83QJJ.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/26/2014 01:29:31 PM) (Source: MatSvc) (User: )
Description: The MATS service encountered a web service failure. hr=0x801901F7

Error: (02/25/2014 11:12:22 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (02/25/2014 07:20:01 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/25/2014 07:10:26 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (02/28/2014 11:15:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/28/2014 11:05:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/28/2014 11:00:03 AM) (Source: Print) (User: LONDON)
Description: The document Hijacked policies, PUMs, Problem Reg Keys - Virus, Trojan, Spyware, and Malware Removal Logs, owned by 19newaccount51, failed to print on printer Canon MX340 series Printer. Try to print the document again, or restart the print spooler.
Data type: NT EMF 1.008. Size of the spool file in bytes: 25755648. Number of bytes printed: 25678804. Total number of pages in the document: 1. Number of pages printed: 0. Client computer: \\LONDON. Win32 error code returned by the print processor: Hijacked policies, PUMs, Problem Reg Keys - Virus, Trojan, Spyware, and Malware Removal Logs0. Hijacked policies, PUMs, Problem Reg Keys - Virus, Trojan, Spyware, and Malware Removal Logs1

Error: (02/28/2014 10:59:28 AM) (Source: Print) (User: LONDON)
Description: The document Hijacked policies, PUMs, Problem Reg Keys - Virus, Trojan, Spyware, and Malware Removal Logs, owned by 19newaccount51, failed to print on printer Canon MX340 series Printer. Try to print the document again, or restart the print spooler.
Data type: NT EMF 1.008. Size of the spool file in bytes: 25685008. Number of bytes printed: 25684752. Total number of pages in the document: 1. Number of pages printed: 0. Client computer: \\LONDON. Win32 error code returned by the print processor: Hijacked policies, PUMs, Problem Reg Keys - Virus, Trojan, Spyware, and Malware Removal Logs0. Hijacked policies, PUMs, Problem Reg Keys - Virus, Trojan, Spyware, and Malware Removal Logs1

Error: (02/28/2014 10:55:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/28/2014 10:45:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/28/2014 10:35:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/28/2014 10:25:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/28/2014 10:15:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/28/2014 10:05:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (02/26/2014 04:01:14 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\19NEWACCOUNT51\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\YSJ83QJJ.DEFAULT\PERMISSIONS.SQLITE-JOURNAL

Error: (02/26/2014 01:29:31 PM) (Source: MatSvc)(User: )
Description: hr=0x801901F7ISapCatalogService::GetFullSapCatalogService Unavailable

Error: (02/25/2014 11:12:22 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (02/25/2014 07:20:01 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/25/2014 07:10:26 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


CodeIntegrity Errors:
===================================
  Date: 2014-02-28 11:21:14.981
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\DasPtct.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-28 11:21:14.762
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\DasPtct.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-27 14:27:02.248
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\DasPtct.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-27 14:27:02.041
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\DasPtct.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-25 18:46:27.835
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\DasPtct.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-25 18:46:27.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\DasPtct.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-25 18:46:27.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\DasPtct.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-25 18:46:27.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\DasPtct.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-23 00:46:04.617
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PSINReg.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-23 00:46:04.438
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\PSINReg.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 2814.32 MB
Available physical RAM: 1858.45 MB
Total Pagefile: 5860.61 MB
Available Pagefile: 4807.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.7 MB

==================== Drives ================================

Drive c: ((C:)2.5in500GB1stPart) (Fixed) (Total:244.14 GB) (Free:90.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: ((D:)2.5in500GB3rdPartPRESARIO_RP) (Fixed) (Total:8.25 GB) (Free:7.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: ((G:)2.5in500GB2ndPart) (Fixed) (Total:213.36 GB) (Free:17.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: D43FE739)

Partition: GPT Partition Type.

==================== End Of Log ============================



#11 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 28 February 2014 - 01:25 PM

 PART 1 OF 2 FOR FRST.TXT

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-02-2014 02
Ran by 19newaccount51 (administrator) on LONDON on 28-02-2014 11:20:52
Running from C:\Users\19newaccount51\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Comodo Security Solutions Inc.) C:\Program Files\Common Files\COMODO\launcher_service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Mister Group) C:\Program Files\System Explorer\service\SystemExplorerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SystemExplorerAutoStart] - C:\Program Files\System Explorer\SystemExplorer.exe [2860064 2013-11-30] (Mister Group)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-12-03] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6756048 2012-11-07] (COMODO)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-27] (AVAST Software)
HKLM\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [325512 2011-05-15] (BillP Studios)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKU\S-1-5-21-3326819883-535093209-635282915-1261\...\Run: [CCleaner] - C:\Program Files\CCleaner\CCleaner.exe [4455704 2014-01-21] (Piriform Ltd)
HKU\S-1-5-21-3326819883-535093209-635282915-1261\...\Policies\Explorer: [NoSearchFilesInStartMenu] 0
HKU\S-1-5-21-3326819883-535093209-635282915-1261\...\Policies\Explorer: [NoSearchProgramsInStartMenu] 0
HKU\S-1-5-21-3326819883-535093209-635282915-1261\...\Policies\Explorer: [NoSearchComputerLinkInStartMenu] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: No Name - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -  No File
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {71576546-354D-41c9-AAE8-31F2EC22BF0D} -  No File
DPF: {413D6754-BFD4-47FE-9346-319559290BFA} https://www.webpcfos.com/webpcfos/websabre/HTEweb_v.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} -  No File
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-18] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\19newaccount51\AppData\Roaming\Mozilla\Firefox\Profiles\ysj83qjj.default
FF NewTab: www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: WOT - C:\Users\19newaccount51\AppData\Roaming\Mozilla\Firefox\Profiles\ysj83qjj.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-02-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-21]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "www.google.com"
CHR Extension: (Google Docs) - C:\Users\19newaccount51\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-06]
CHR Extension: (Google Drive) - C:\Users\19newaccount51\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-06]
CHR Extension: (YouTube) - C:\Users\19newaccount51\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-06]
CHR Extension: (Google Search) - C:\Users\19newaccount51\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-06]
CHR Extension: (avast! Online Security) - C:\Users\19newaccount51\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-06]
CHR Extension: (Google Wallet) - C:\Users\19newaccount51\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06]
CHR Extension: (Gmail) - C:\Users\19newaccount51\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-08]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2013-03-24] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-27] (AVAST Software)
R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-10-25] (Microsoft Corp.)
R2 CLPSLauncher; C:\Program Files\Common Files\COMODO\launcher_service.exe [70352 2013-07-24] (Comodo Security Solutions Inc.)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-07] (COMODO)
S3 FreeAgentTheater Service; C:\Program Files\Seagate\Seagate_Media\Sync\MediaAggreService.exe [237248 2012-12-20] (Seagate Technology LLC)
S3 GeekBuddyRSP; C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [1851088 2013-05-30] (Comodo Security Solutions, Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1228504 2013-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660184 2013-10-14] (Secunia)
R2 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567256 2012-11-25] (Mister Group)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com)
S2 SDScannerService; "H:\PortableApps\SpybotPortable\App\Spybot\SDFSSvc.exe" [X]
S2 SDUpdateService; "H:\PortableApps\SpybotPortable\App\Spybot\SDUpdSvc.exe" [X]
S2 SDWSCService; "H:\PortableApps\SpybotPortable\App\Spybot\SDWSCSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-27] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-27] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-11-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-01-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-27] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-05] ()
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1439744 2010-10-10] (Atheros Communications, Inc.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [35064 2013-05-07] (Windows ® Win 7 DDK provider)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [494416 2012-11-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [42264 2012-11-07] (COMODO)
R0 FixTDSS; C:\Windows\System32\drivers\FixTDSS.sys [26872 2014-02-21] (Symantec Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2013-04-26] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [82952 2012-11-07] (COMODO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-10-14] (Secunia)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-08-24] ()
S3 WIMMount; C:\Program Files\Windows Kits\8.0\Assessment and Deployment Kit\Deployment Tools\x86\DISM\wimmount.sys [34248 2012-07-25] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
S0 axsoay; No ImagePath
S0 bacsyc; No ImagePath
S0 bhnprr; No ImagePath
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
R3 catchme; \??\C:\Users\19NEWA~1\AppData\Local\Temp\catchme.sys [X]
S0 cjxtpv; No ImagePath
S0 eorclc; No ImagePath
S0 hqmpym; No ImagePath
S0 ijbsgx; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 kxqcsx; No ImagePath
S0 mtqjxm; No ImagePath
S0 nmfmfx; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S0 PRSBDRVR; \SystemRoot\system32\drivers\PRSBDRVR.SYS [X]
S0 qhpbzs; No ImagePath
S0 ssuhop; No ImagePath
S0 tcoifh; No ImagePath
S0 tljkva; No ImagePath
S0 wjtvys; No ImagePath
S0 xtoxpl; No ImagePath
U3 aswMBR; \??\C:\Users\19NEWA~1\AppData\Local\Temp\aswMBR.sys [X]
U3 mbr; \??\C:\Users\19NEWA~1\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2099-12-12 09:08 - 2404-12-12 09:08 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2099-12-12 09:08 - 2404-12-12 09:08 - 05115672 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 03629824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 13881600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 02929048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2099-11-24 02:25 - 2403-11-24 02:25 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 00865592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-28 11:20 - 2014-02-28 11:21 - 00014986 _____ () C:\Users\19newaccount51\Desktop\FRST.txt
2014-02-28 11:20 - 2014-02-28 11:20 - 00000000 ____D () C:\FRST
2014-02-28 11:18 - 2014-02-28 11:18 - 00002744 _____ () C:\Users\19newaccount51\Desktop\FSS.txt Feb 28, 2014.txt
2014-02-28 11:11 - 2014-02-28 11:11 - 01143808 _____ (Farbar) C:\Users\19newaccount51\Desktop\FRST.exe
2014-02-28 11:10 - 2014-02-28 11:10 - 00409600 _____ (Farbar) C:\Users\19newaccount51\Desktop\FSS.exe
2014-02-28 10:27 - 2014-02-28 10:49 - 00041442 _____ () C:\Users\19newaccount51\Desktop\How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Scanners – and even  WINPatrol.odt
2014-02-28 09:59 - 2014-02-28 10:49 - 00029480 _____ () C:\Users\19newaccount51\Desktop\SearhConduit won't remove – and a cure by Broni 44,000+ malware posts in Techspot.com alone.odt
2014-02-28 01:37 - 2014-02-28 09:48 - 00023372 _____ () C:\Users\19newaccount51\Desktop\How to use ComboFix -  The real honest-to-god step-by-step feb 2014.odt
2014-02-27 23:53 - 2014-02-28 00:29 - 00026916 _____ () C:\Users\19newaccount51\Desktop\Fixes that jason or screen name jntkwx of bleepingcomputer has done.odt
2014-02-27 22:17 - 2014-02-27 22:33 - 00020653 _____ () C:\Users\19newaccount51\Desktop\MBR master boot record issues, diagnosis, repairs.odt
2014-02-27 22:13 - 2014-02-28 00:29 - 00020108 _____ () C:\Users\19newaccount51\Desktop\Disecting my scans with jason of bleepingcomputer-   RogueKiller, DDS, ComboFix, asMBR,.odt
2014-02-27 20:42 - 2014-02-27 21:29 - 00018028 _____ () C:\Users\19newaccount51\Desktop\Lawrence Abrams, owner of technology site BleepingComputer.com describes how Scam Antivirus App Spreads Malware.odt
2014-02-27 19:31 - 2014-02-27 20:42 - 00013032 _____ () C:\Users\19newaccount51\Desktop\My PC status after ComboFix and aswMBR for Jason of BC.odt
2014-02-27 18:48 - 2014-02-27 21:02 - 00023011 _____ () C:\Users\19newaccount51\Desktop\How to remove a Trojan, Virus, Worm, or other Malware by Lawrence Abrams of bleepingcomputer.odt
2014-02-27 18:01 - 2014-02-27 20:45 - 00013269 _____ () C:\Users\19newaccount51\Desktop\myTFM  letter to JASON OF BC.odt
2014-02-27 17:52 - 2014-02-27 17:52 - 00002042 _____ () C:\Users\19newaccount51\Desktop\aswMBR-Thursday 02-17-2014.txt
2014-02-27 17:33 - 2014-02-27 17:33 - 04745728 _____ (AVAST Software) C:\Users\19newaccount51\Desktop\aswmbr.exe
2014-02-27 16:34 - 2014-02-27 17:38 - 00010032 _____ () C:\Users\19newaccount51\Desktop\Avast AGV Comodo Norton Trendmicro McAfee Sophos Super Anti Spyware Microsoft ESET scan Gmer Awcleaner Ccleaner R kill OTL Mini tool box firewall security anti virus malware bytes root kit buster.odt
2014-02-27 16:02 - 2014-02-27 16:26 - 00009466 _____ () C:\Users\19newaccount51\Desktop\Avast antivirus anti-virus   antimalwarebytes rootkitbusterv5 RogueKiller HitmanPro.odt
2014-02-27 15:40 - 2014-02-27 16:08 - 00010873 _____ () C:\Users\19newaccount51\Desktop\more for jason at BC.odt
2014-02-27 15:08 - 2014-02-27 15:12 - 00035985 _____ () C:\Users\19newaccount51\Desktop\ComboFixLOG FOR JASON 14-02-24.02 - 19newaccount51 02-27-2014  1425.odt
2014-02-27 14:54 - 2014-02-27 14:54 - 00095164 _____ () C:\ComboFix.txt
2014-02-27 14:34 - 2014-02-27 14:34 - 00000552 _____ () C:\Windows\PFRO.log
2014-02-27 14:23 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-27 14:23 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-27 14:23 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-27 14:23 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-27 14:23 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-27 14:23 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-27 14:23 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-27 14:23 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-27 14:22 - 2014-02-27 14:54 - 00000000 ____D () C:\Qoobox
2014-02-27 14:12 - 2014-02-27 14:13 - 05185084 ____R (Swearware) C:\Users\19newaccount51\Desktop\ComboFix.exe
2014-02-27 13:45 - 2014-02-27 17:34 - 00013440 _____ () C:\Users\19newaccount51\Desktop\jason of BC - my first reply1.odt
2014-02-27 13:27 - 2014-02-27 13:27 - 00013254 _____ () C:\Users\19newaccount51\Desktop\latest iterationposted for BC.odt
2014-02-27 13:26 - 2014-02-27 13:26 - 00013254 _____ () C:\Users\19newaccount51\Desktop\Jason from BC instructions.odt
2014-02-27 12:56 - 2014-02-27 12:56 - 00020720 _____ () C:\Users\19newaccount51\Desktop\Comprehensive List of 26 Bootable Antivirus Rescue CDs for Offline Scanning.odt
2014-02-27 12:30 - 2014-02-27 12:33 - 00025794 _____ () C:\Users\19newaccount51\Desktop\The Dirty Little Secret Of Inkjet Printers the odt file.odt
2014-02-27 12:17 - 2014-02-27 12:18 - 00016274 _____ () C:\Users\19newaccount51\Desktop\RKill 2.6.5.0  a how to.odt
2014-02-27 10:27 - 2014-02-27 10:27 - 00001905 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02272014_102738.txt
2014-02-27 10:25 - 2014-02-27 10:25 - 00002068 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02272014_102404.txt   3-HJ POL  3-FWAPI hooked.txt
2014-02-27 10:24 - 2014-02-27 10:24 - 00002068 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02272014_102404.txt
2014-02-27 10:22 - 2014-02-27 10:22 - 00002026 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02272014_102227.txt
2014-02-27 10:15 - 2014-02-27 10:15 - 04110135 _____ () C:\Users\19newaccount51\Desktop\tdsskiller(1).zip
2014-02-27 01:34 - 2014-02-27 01:34 - 00011899 _____ () C:\Users\19newaccount51\Desktop\Unhide by Lawrence Abrams Grinler.odt
2014-02-27 01:33 - 2014-02-27 01:33 - 00011899 _____ () C:\Users\19newaccount51\Desktop\Documents\Unhide by Lawrence Abrams Grinler.odt
2014-02-27 01:32 - 2014-02-27 01:32 - 00017965 _____ () C:\Users\19newaccount51\Desktop\How to remove an tcpip error.odt
2014-02-27 01:30 - 2014-02-27 01:31 - 00016642 _____ () C:\Users\19newaccount51\Desktop\Documents\Re-enable version 2.odt
2014-02-27 01:28 - 2014-02-27 01:28 - 00020176 _____ () C:\Users\19newaccount51\Desktop\Documents\3 Tools to Help Remove Toolbars and their Leftovers by  www.raymond.cc blog.odt
2014-02-26 23:50 - 2014-02-26 23:52 - 00027879 _____ () C:\Users\19newaccount51\Desktop\BEFORE You POST Please read this Procedure Before Requesting Assistance -  spybo tinfo forums.odt
2014-02-26 23:41 - 2014-02-26 23:41 - 00602112 _____ (OldTimer Tools) C:\Users\19newaccount51\Downloads\OTL.exe
2014-02-26 23:40 - 2014-02-27 01:12 - 00015422 _____ () C:\Users\19newaccount51\Desktop\How Touse and Gather OTL Output.odt
2014-02-26 22:42 - 2014-02-26 23:18 - 00037069 _____ () C:\Users\19newaccount51\Desktop\bleepingcomputer.com  List of the 30+ different topic  forums.odt
2014-02-26 18:11 - 2014-02-27 01:13 - 00018087 _____ () C:\Users\19newaccount51\Desktop\TFM BLEEPING LETTER.odt
2014-02-26 16:25 - 2014-02-26 16:27 - 00022918 _____ () C:\Users\19newaccount51\Desktop\DDS LOG ON 2-26-2014  - TFM KLNOWS THAT THE DISABLE POLICES REG KEYS ARE PRESENT.odt
2014-02-26 16:17 - 2014-02-26 21:44 - 00024165 _____ () C:\Users\19newaccount51\Desktop\dds.txt
2014-02-26 16:17 - 2014-02-26 16:17 - 00008368 _____ () C:\Users\19newaccount51\Desktop\attach.txt
2014-02-26 16:12 - 2014-02-26 16:12 - 00042335 _____ () C:\Users\19newaccount51\Desktop\Device Manager Windows - Troubleshooting AND Using  FROM U WISCONSON MADISON.odt
2014-02-26 15:55 - 2014-02-26 15:55 - 00029145 _____ () C:\Users\19newaccount51\Desktop\Slow Computer-Bowser Check Here First It May Not Be Malware  - BLEEPINGCOMPUTER.odt
2014-02-26 14:56 - 2014-02-26 15:06 - 00022917 _____ () C:\Users\19newaccount51\Desktop\Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help.odt
2014-02-26 14:52 - 2014-02-26 14:53 - 00039195 _____ () C:\Users\19newaccount51\Desktop\bleepingcomputer.com  forums.odt
2014-02-26 14:39 - 2014-02-26 14:39 - 00003881 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02262014_143753.txt  DISABLE TASKmGR REGISTRYTOOLS CMD.txt
2014-02-26 14:37 - 2014-02-26 14:37 - 00003881 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02262014_143753.txt
2014-02-26 13:30 - 2014-02-26 13:30 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\FixItCenter
2014-02-26 02:18 - 2014-02-26 02:18 - 00022834 _____ () C:\Users\19newaccount51\Desktop\THE REAL LIST OF MALWARE SCANNERS  -  FROM BLEEPING.odt
2014-02-26 02:05 - 2014-02-26 02:06 - 00021730 _____ () C:\Users\19newaccount51\Desktop\How to remove a Trojan, Virus, Worm, or other Malware   TFM READ THIS.odt
2014-02-26 01:57 - 2014-02-26 01:57 - 00000230 _____ () C:\Users\19newaccount51\Downloads\RemVimes.reg
2014-02-26 01:53 - 2014-02-26 01:53 - 00020630 _____ () C:\Users\19newaccount51\Desktop\Removal Guide -  FROM BLEEPING RE LIVE SUPPORT OPTIMIZER.odt
2014-02-26 01:41 - 2014-02-26 01:42 - 00112342 _____ () C:\Users\19newaccount51\Desktop\SECURITYCHECK BY SCREEN317.odt
2014-02-26 01:37 - 2014-02-26 01:37 - 00987425 _____ () C:\Users\19newaccount51\Downloads\SecurityCheck.exe
2014-02-26 01:16 - 2014-02-26 01:19 - 00024032 _____ () C:\Users\19newaccount51\Desktop\Unhide.exe is a program that will revert many of the changes on your computer caused by the FakeHDD family of rogue anti-spyware programs.odt
2014-02-26 01:12 - 2014-02-26 01:13 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Downloads\unhide(1).exe
2014-02-26 01:07 - 2014-02-26 01:07 - 00011512 _____ () C:\Users\19newaccount51\Desktop\Rkill.txt  wow 30 times faster at quelling all processes and any malware from 30minites to 1min 12 sec did removing 2 reg keys by unhide achieve this.odt
2014-02-26 01:07 - 2014-02-26 01:07 - 00011508 _____ () C:\Users\19newaccount51\Desktop\Documents\Rkill.txt  wow 30 times faster at quelling all processes and any malware from 30minites to 1min 12 sec did removing 2 reg keys by unhide achieve this.txt
2014-02-26 01:00 - 2014-02-26 01:05 - 00027072 _____ () C:\Users\19newaccount51\Desktop\Documents\RKill - What it does and What it Doesn't - A brief introduction to the program.odt
2014-02-26 00:51 - 2014-02-26 00:51 - 00002466 _____ () C:\Users\19newaccount51\Desktop\Rkill.txt  wow 30 times faster at quelling all processes and any malware from 30minites to 1min 12 sec did removing 2 reg keys by unhide achieve this.txt
2014-02-25 23:20 - 2014-02-25 23:20 - 00006610 _____ () C:\Users\19newaccount51\Desktop\AdwCleaner[S44].txt  2-25-2014  check it out.txt
2014-02-25 23:15 - 2014-02-28 09:20 - 00017955 _____ () C:\Windows\WindowsUpdate.log
2014-02-25 23:02 - 2014-02-25 23:02 - 04621264 _____ () C:\Users\19newaccount51\Downloads\SpyBHORemover(1).zip
2014-02-25 22:46 - 2014-02-25 22:47 - 00328496 _____ () C:\Users\19newaccount51\Downloads\vista-32-StartMenu-reset-BleepingComp.exe
2014-02-25 22:13 - 2014-02-25 22:13 - 00002377 _____ () C:\Users\19newaccount51\Desktop\ESET ONLINE SCANNER TUES 23, 2014 – 21 TREATS.txt
2014-02-25 19:12 - 2014-02-25 19:12 - 00205072 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-02-25 19:06 - 2014-02-25 19:06 - 00008414 _____ () C:\Users\19newaccount51\Desktop\HitmanPro_20140225_1906.logcheckout the unknwns here.log
2014-02-25 18:41 - 2014-02-25 18:41 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-25 18:41 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-25 18:39 - 2014-02-25 18:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\19newaccount51\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-25 18:37 - 2014-02-25 18:37 - 00065232 _____ (Malwarebytes) C:\Users\19newaccount51\Downloads\regassassin-setup-1.03(1).exe
2014-02-25 18:21 - 2014-02-25 18:21 - 00001149 _____ () C:\Users\19newaccount51\Desktop\Specialist Sign-in.lnk
2014-02-25 18:21 - 2014-02-25 18:21 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Instant Housecall
2014-02-25 18:21 - 2014-02-25 18:21 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Instant Housecall
2014-02-25 16:01 - 2014-02-25 16:01 - 00002590 _____ () C:\Users\19newaccount51\Desktop\Rkill.txt after unhide, RK, nowr-kill, will follow with panda cleaner.txt
2014-02-25 15:59 - 2014-02-25 15:59 - 00002937 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02252014_155919.txt  after running unhide.txt
2014-02-25 15:20 - 2014-02-25 23:11 - 00003100 _____ () C:\Users\19newaccount51\Desktop\unhide.txt
2014-02-25 15:05 - 2014-02-25 15:05 - 00002832 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02252014_150203.txt   2nd scan after removal to confirm removal.txt
2014-02-25 14:59 - 2014-02-25 13:26 - 00022033 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_33.odt
2014-02-25 14:59 - 2014-02-25 13:25 - 00018480 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_32.odt
2014-02-25 14:59 - 2014-02-25 12:46 - 00025240 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_19_1.odt
2014-02-25 14:59 - 2014-02-25 12:46 - 00020219 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_20_1.odt
2014-02-25 14:59 - 2014-02-25 12:25 - 00025625 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_8_1.odt
2014-02-25 14:59 - 2014-02-25 12:24 - 00020190 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_6_1.odt
2014-02-25 14:54 - 2014-02-26 22:54 - 00003794 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02252014_144611.txt       reg entriesHJ POL PUM  removed, but still have - donothing, disable task, reg, and comodo listed under drivers.txt
2014-02-25 14:18 - 2014-02-25 14:18 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.WinMediaPlayer.FISC.148316786607172117.1.2.Run.exe
2014-02-25 14:18 - 2014-02-25 14:18 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.Performance.FISC.148316786607172117.1.4.Run.exe
2014-02-25 14:18 - 2014-02-25 14:18 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.dvd.FISC.148316786607172117.1.1.Run.exe
2014-02-25 14:18 - 2014-02-25 14:18 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.Devices.FISC.148316786607172117.1.3.Run.exe
2014-02-25 14:13 - 2014-02-25 14:13 - 01789242 _____ () C:\Users\19newaccount51\Downloads\rcss_dll_restore.zip
2014-02-25 13:13 - 2014-02-25 13:13 - 01769928 _____ (Malwarebytes ) C:\Users\19newaccount51\Downloads\mbae-setup-0.09.5.1000(1).exe
2014-02-25 13:12 - 2014-02-25 13:12 - 12589848 _____ (Malwarebytes Corp.) C:\Users\19newaccount51\Downloads\mbar-1.07.0.1009.exe
2014-02-25 11:32 - 2014-02-25 11:32 - 01093707 _____ (Tangosoft) C:\Users\19newaccount51\Downloads\reenable-setup.exe
2014-02-25 11:31 - 2014-02-25 11:31 - 00792064 _____ (TangoSoft) C:\Users\19newaccount51\Downloads\Re-Enable v2_liteEdition.exe
2014-02-25 10:55 - 2013-06-12 13:10 - 00031848 _____ () C:\Windows\system32\Drivers\DasPtct.SYS
2014-02-25 01:14 - 2014-02-25 01:14 - 00002765 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02252014_010958.txt PANDA DELETED THESE 3 HOOKED THINGS, SUDDENLY PATCHMYPC DETECTED AS SUSPICIOUS PATH.txt
2014-02-25 01:03 - 2014-02-25 01:03 - 03818496 _____ () C:\Users\19newaccount51\Desktop\RogueKiller(1).exe
2014-02-25 00:53 - 2014-02-25 00:53 - 00020150 _____ () C:\Users\19newaccount51\Desktop\Online Virus Scanners.odt
2014-02-25 00:53 - 2014-02-25 00:53 - 00017927 _____ () C:\Users\19newaccount51\Desktop\How to Remove a Windows Virus.odt
2014-02-25 00:52 - 2014-02-25 00:52 - 00015893 _____ () C:\Users\19newaccount51\Desktop\Antivirus Bootable Rescue CDs.odt
2014-02-24 23:52 - 2014-02-25 00:20 - 00021444 _____ () C:\Users\19newaccount51\Desktop\How to remove trojans, spyware, rogues and other malware FROM MALWARETIPS.COM
2014-02-24 22:10 - 2014-02-24 22:17 - 00023851 _____ () C:\Users\19newaccount51\Desktop\Best free antivirus software 2014 -techradar.com
2014-02-24 20:32 - 2014-02-24 22:05 - 00179026 _____ () C:\Users\19newaccount51\Desktop\Tom's Guide - Free Antivirus Software The Best of 2013.odt
2014-02-24 17:25 - 2014-02-24 17:25 - 00000691 _____ () C:\Users\19newaccount51\Desktop\PCloudCleaner   Panda Cloud Cleaner - tfm mid-Dec, 2013 to  Feb 23, 2014 reg key and policy highjacks disinfected.txt
2014-02-24 17:23 - 2014-02-25 08:26 - 00027977 _____ () C:\Users\19newaccount51\Desktop\Panda Cloud Cleaner Help  and Feb 23, 2014 reg key and policy highjacks disinfected..odt
2014-02-24 15:57 - 2014-02-25 16:01 - 00001096 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-02-24 15:56 - 2014-02-24 15:56 - 00036144 _____ () C:\Users\19newaccount51\Desktop\3 Ways to Save Money on Your Cable, Phone and Internet Bills.odt
2014-02-24 14:54 - 2014-02-24 14:54 - 00033350 _____ () C:\Users\19newaccount51\Desktop\good bleepingcomputer malware technique copied 02-24-2014.odt
2014-02-24 13:55 - 2014-02-24 13:55 - 00002003 _____ () C:\Users\19newaccount51\Desktop\FarberSS 02-24-2014.txt
2014-02-24 13:53 - 2014-02-24 13:53 - 00002003 _____ () C:\Users\19newaccount51\Downloads\FSS.txt
2014-02-24 13:37 - 2014-02-24 13:37 - 00006488 _____ () C:\Users\19newaccount51\Desktop\AdwCleaner[S43]     I think IE has been hooked - only browser with never any cleaning as  here by AdwCleaner, also can't reset it withavast Browser cleaner reseter1.txt
2014-02-24 13:36 - 2014-02-24 13:36 - 00006488 _____ () C:\Users\19newaccount51\Desktop\AdwCleaner[S43]     I think IE has been hooked - only browser with never any cleaning as  here by AdwCleaner, also can't reset it withavast Browser cleaner reseter.txt
2014-02-24 12:40 - 2014-02-24 12:40 - 10711752 _____ (SUPERAdBlocker.com and SUPERAntiSpyware.com) C:\Users\19newaccount51\Desktop\SASDEFINITIONS.EXE
2014-02-24 12:21 - 2014-02-24 12:21 - 00000620 _____ () C:\Users\19newaccount51\Downloads\minitoolbox 1-23-2014Result.txt
2014-02-24 11:38 - 2014-02-24 11:38 - 00001377 _____ () C:\Users\19newaccount51\Desktop\JRT i did tweaking default repair then reboot, r-kill, rogueKiller, and now JRT maybe repaired all my problems with Int. Explorer see results.txt
2014-02-24 11:38 - 2014-02-24 11:38 - 00001325 _____ () C:\Users\19newaccount51\Desktop\JRT i did tweaking default repair then reboot, r-kill, rogueKiller, and now JRT maybe repaired all my problems with Int. Explorer see results.lnk
2014-02-24 11:24 - 2014-02-24 11:24 - 00060544 _____ () C:\Users\19newaccount51\Desktop\10 Cheap Things to Carry Around in Your Tech Toolkit.odt
2014-02-24 11:22 - 2014-02-24 11:22 - 00026464 _____ () C:\Users\19newaccount51\Desktop\6 Ways To Free Up Space On Your Windows Computer.odt
2014-02-24 11:20 - 2014-02-24 11:20 - 00064453 _____ () C:\Users\19newaccount51\Desktop\10 Steps To Take When You Discover Malware On Your Compute.odt
2014-02-24 11:15 - 2014-02-24 11:16 - 00022703 _____ () C:\Users\19newaccount51\Desktop\6 Tips to Save Money on PC Repairs.odt
2014-02-24 11:11 - 2014-02-24 11:11 - 00026268 _____ () C:\Users\19newaccount51\Desktop\Windows Update Everything You Need To Know.odt
2014-02-24 10:46 - 2014-02-24 10:46 - 00043188 _____ () C:\Users\19newaccount51\Desktop\Here’s how to avoid Exploding iPhones.odt
2014-02-24 10:24 - 2014-02-24 10:24 - 00047713 _____ () C:\Users\19newaccount51\Desktop\What is the FAFSA -  Free Application for Federal Student Aid.odt
2014-02-24 09:45 - 2014-02-24 10:41 - 00029851 _____ () C:\Users\19newaccount51\Desktop\PatchMyPC - This Useful Small Program Makes Updating Your PC Software Easier.odt
2014-02-24 09:18 - 2014-02-24 09:18 - 00130048 _____ (CodePlex Community) C:\Users\19newaccount51\Desktop\Microsoft.Win32.TaskScheduler.dll
2014-02-24 09:11 - 2014-02-28 11:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-23 23:39 - 2014-02-23 23:39 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Oracle
2014-02-23 23:34 - 2014-02-23 23:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-23 23:33 - 2014-02-23 23:32 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-23 23:33 - 2014-02-23 23:32 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-23 23:33 - 2014-02-23 23:32 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-23 23:33 - 2014-02-23 23:32 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-23 23:22 - 2014-02-23 23:40 - 00015019 _____ () C:\Users\19newaccount51\Desktop\Documents\install Java online for Firefox.odt
2014-02-23 23:11 - 2014-02-23 23:11 - 00010662 _____ () C:\Users\19newaccount51\Desktop\How do I install Java online for Firefox on Windows  - Print-friendly Page.htm
2014-02-23 23:11 - 2014-02-23 23:11 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How do I install Java online for Firefox on Windows  - Print-friendly Page_files
2014-02-23 22:55 - 2014-02-23 23:09 - 00000000 ____D () C:\Users\19newaccount51\Desktop\JavaRa-2.5
2014-02-23 22:38 - 2014-02-23 22:38 - 00156058 _____ () C:\Users\19newaccount51\Desktop\JavaRa-2.5.zip
2014-02-23 22:32 - 2014-02-23 22:32 - 00017358 _____ () C:\Users\19newaccount51\Desktop\JavaRa 2.0 Documentation.odt
2014-02-23 21:41 - 2014-02-23 21:41 - 00013456 _____ () C:\Users\19newaccount51\Desktop\install PROGRAMS PER CCLEANER 02-23-2014  PRINT THIS.txt
2014-02-23 21:05 - 2014-02-23 21:05 - 00040626 _____ () C:\Users\19newaccount51\Desktop\COPY OF Printers - Install, network, diagnose, troubleshoot, repair  from windows help and support.odt
2014-02-23 21:04 - 2014-02-23 21:04 - 00027249 _____ () C:\Users\19newaccount51\Desktop\COPY OF MICROSOFT ON SECURITY -  FEB 23, 2014 - COMPLETE SET OF RECOMMENDATIONS, SOLUTIONS, DIAGNOSIS, TROUBLESHOOT -  FROM MS HELP AND SUPPORT-.odt
2014-02-23 21:03 - 2014-02-23 21:03 - 00030514 _____ () C:\Users\19newaccount51\Desktop\COPY OF Troubleshoot Wired and wireless network problems - from windows help and support.odt
2014-02-23 21:03 - 2014-02-23 21:03 - 00030513 _____ () C:\Users\19newaccount51\Desktop\Troubleshoot Wired and wireless network problems - from windows help and support.odt
2014-02-23 21:02 - 2014-02-23 21:02 - 00018287 _____ () C:\Users\19newaccount51\Desktop\COPY OF how to use MS  Internet Explprer Security and privacy features.odt
2014-02-23 20:55 - 2014-02-23 20:57 - 216141824 _____ () C:\Users\19newaccount51\Desktop\LibreOffice_4.1.5_Win_x86.msi
2014-02-23 20:44 - 2014-02-23 20:44 - 00026503 _____ () C:\Users\19newaccount51\Desktop\MICROSOFT ON SECURITY -  FEB 23, 2014 - COMPLETE SET OF RECOMMENDATIONS, SOLUTIONS, DIAGNOSIS, TROUBLESHOOT -  FROM MS HELP AND SUPPORT-.odt
2014-02-23 20:13 - 2014-02-23 20:13 - 00030821 _____ () C:\Users\19newaccount51\Desktop\Documents\Troubleshoot Wired and wireless network problems - from windows help and support.odt
2014-02-23 20:00 - 2014-02-23 20:00 - 00040611 _____ () C:\Users\19newaccount51\Desktop\Documents\Printers - Install, network, diagnose, troubleshoot, repair  from windows help and support.odt
2014-02-23 19:59 - 2014-02-23 19:59 - 00040608 _____ () C:\Users\19newaccount51\Desktop\Documents\Printers - Install, network, diagnose, troubleshoot, repair.odt
2014-02-23 19:58 - 2014-02-23 19:58 - 00018282 _____ () C:\Users\19newaccount51\Desktop\Documents\how to use MS  Internet Explprer Security and privacy features.odt
2014-02-23 19:56 - 2014-02-23 19:56 - 00022300 _____ () C:\Users\19newaccount51\Desktop\Documents\Troubleshoot network problems - from windows help and support.odt
2014-02-23 18:50 - 2014-02-23 18:51 - 00549426 _____ () C:\Users\19newaccount51\Desktop\WhyIGotInfected.exe
2014-02-23 15:30 - 2014-02-23 15:30 - 00002936 _____ () C:\Users\19newaccount51\Desktop\Rkill   ROGUEKILLER STOPPED - I EXITED THE APP SO WHY IS THE NEED TO STOP WITH RKILL NOW - WILL NOW RUN TWEAKING IN NORMAL MODE, NO NETWORK AV FW.txt
2014-02-23 15:29 - 2014-02-23 15:29 - 00002936 _____ () C:\Users\19newaccount51\Desktop\Rkill   ROGUEKILLER STOPPED - I EXITED THE APP SO WHY IS THE NEED TO STOP WITH RKILL NOW - WILL NOW RUN TWEAKING IN NORMAL MODE.txt
2014-02-23 15:23 - 2014-02-27 10:14 - 00002466 _____ () C:\Users\19newaccount51\Desktop\Rkill.txt
2014-02-23 15:22 - 2014-02-23 15:22 - 00002626 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02232014_151848   HOOKED  DO NOTHING, ENABLE MEMTRACINGM SETmEMlEAKpOLICY.txt
2014-02-23 15:10 - 2014-02-23 15:10 - 00070447 _____ () C:\Users\19newaccount51\Desktop\Documents\NOTEPAD++    DOCUMENTATION.odt
2014-02-23 14:47 - 2014-02-23 14:47 - 00002661 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02232014_144708    3 hooked.txt
2014-02-23 14:02 - 2014-02-23 13:14 - 00029473 _____ () C:\Users\19newaccount51\Desktop\untitled_19.odt
2014-02-23 14:02 - 2014-02-23 13:13 - 00013152 _____ () C:\Users\19newaccount51\Desktop\untitled_8.odt
2014-02-23 14:02 - 2014-02-23 12:48 - 00070195 _____ () C:\Users\19newaccount51\Desktop\untitled_2_1.odt
2014-02-23 13:06 - 2014-02-23 13:06 - 00787408 _____ () C:\Users\19newaccount51\Downloads\Tweaking.com-svchost.exe_Lookup_Tool.exe
2014-02-23 12:39 - 2014-02-23 12:39 - 00013660 _____ () C:\Users\19newaccount51\Desktop\installed programs per Ccleaner 02-23-2014   record a list of download sites for future lookup ook and remove like nirsoft.txt
2014-02-23 00:41 - 2014-02-23 00:47 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Panda Security
2014-02-23 00:40 - 2014-02-23 00:49 - 00000000 ____D () C:\ProgramData\Panda Security
2014-02-22 23:50 - 2014-02-23 14:33 - 00052928 _____ () C:\Users\19newaccount51\Desktop\Documents\bleeping account setup info 022102014.odt
2014-02-22 23:38 - 2014-02-22 23:38 - 00023185 _____ () C:\Users\19newaccount51\Desktop\Documents\How to create a command-line toolkit for Windows.odt
2014-02-22 23:21 - 2014-02-22 23:22 - 00000464 _____ () C:\Users\19newaccount51\Desktop\fsbl-20140223052133.log
2014-02-22 22:24 - 2014-02-22 22:24 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Adobe
2014-02-22 15:56 - 2014-02-22 15:56 - 00218600 _____ () C:\Users\19newaccount51\Desktop\eurail travel time between cities.odt
2014-02-22 15:37 - 2014-02-22 22:36 - 00107962 _____ () C:\Users\19newaccount51\Desktop\europe for betty.odt
2014-02-22 14:58 - 2014-02-22 14:58 - 00036656 _____ () C:\Users\19newaccount51\Desktop\PC and NETWORK HomeGroup from start to finish.odt
2014-02-22 14:57 - 2014-02-22 14:57 - 00016819 _____ () C:\Users\19newaccount51\Desktop\Install or remove a hard disk drive.odt
2014-02-22 14:56 - 2014-02-22 14:56 - 00015494 _____ () C:\Users\19newaccount51\Desktop\Formatting disks and drives frequently asked questions.odt
2014-02-22 14:33 - 2014-02-22 14:56 - 00046316 _____ () C:\Users\19newaccount51\Desktop\DRIVERS - DIAGNOSE, SEARCH FOR, INSTALL,AUTO AND MAN UPDATE, REMOVE, ROOLBACK,.odt
2014-02-22 14:21 - 2014-02-22 14:23 - 00025567 _____ () C:\Users\19newaccount51\Desktop\wuauclt exe from ccleaner reg cleaner and missing win update from april 2013.odt
2014-02-22 14:14 - 2014-02-22 14:14 - 00028481 _____ () C:\Users\19newaccount51\Desktop\Documents\wuauclt exe from ccleaner reg cleaner and missing win update from april 2013.odt
2014-02-22 11:10 - 2014-02-22 00:19 - 00020562 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_2_3.odt
2014-02-22 00:27 - 2014-02-22 00:27 - 01241834 _____ () C:\Users\19newaccount51\Desktop\adwcleaner.exe
2014-02-21 22:37 - 2014-02-21 22:37 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Comodo
2014-02-21 22:03 - 2014-02-21 22:03 - 00000326 _____ () C:\Windows\Tasks\FreeFixer background scan.job
2014-02-21 22:02 - 2014-02-21 22:02 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
2014-02-21 21:56 - 2014-02-21 11:26 - 00019227 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_20.odt
2014-02-21 21:56 - 2014-02-21 11:25 - 00018957 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_2_2.odt
2014-02-21 21:56 - 2014-02-21 11:25 - 00018441 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_19.odt
2014-02-21 21:56 - 2014-02-21 11:25 - 00018081 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_8.odt
2014-02-21 21:56 - 2014-02-21 10:48 - 00017373 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_6.odt
2014-02-21 21:54 - 2014-02-21 21:55 - 00000000 ____D () C:\Users\19newaccount51\Desktop\AntiRootkit
2014-02-21 21:54 - 2014-02-21 21:54 - 00000000 ____D () C:\Users\19newaccount51\Pavark
2014-02-21 21:52 - 2014-02-21 21:52 - 00003722 _____ () C:\Users\19newaccount51\Desktop\Documents\BHOScanReport.html
2014-02-21 21:46 - 2014-02-21 21:46 - 00000000 ____D () C:\Users\19newaccount51\Desktop\SpyBHORemover
2014-02-21 21:45 - 2014-02-21 21:45 - 02019064 _____ () C:\Users\19newaccount51\Downloads\SpyBHORemover.zip
2014-02-21 20:12 - 2014-02-21 20:12 - 00026872 _____ (Symantec Corporation) C:\Windows\system32\Drivers\FixTDSS.sys
2014-02-21 20:12 - 2014-02-21 20:12 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\FixTDSS
2014-02-21 20:09 - 2014-02-21 20:09 - 00002144 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02212014_191240  after an onslot of many anti-mal scans and a safe-mode tweaking session i still hav 02-20-2014e these creeps.txt
2014-02-21 15:32 - 2014-02-21 15:32 - 00002007 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02212014_153119    not  disable task,  cmd, registry tools,.txt
2014-02-21 14:41 - 2014-02-21 14:41 - 00015800 _____ () C:\Users\19newaccount51\Desktop\HitmanPro_20140221_1438   C-WINDOWS-SYTEM32-DRIVERS-dasBOOT.SYS  AND  DASBOOTF .SYS, IEFRAME.DLL- ALSO - PRSBDRVR.SYS
2014-02-21 14:22 - 2014-02-20 00:33 - 01037734 _____ (Thisisu) C:\Users\19newaccount51\Desktop\JRT_NEW.exe
2014-02-21 09:29 - 2014-02-27 10:17 - 00000000 ____D () C:\Users\19newaccount51\Desktop\tdsskiller(1)
2014-02-21 08:37 - 2014-02-21 08:37 - 00001740 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02212014_083633  disable task, and reg.txt
2014-02-21 07:46 - 2014-02-21 07:46 - 00002184 _____ () C:\Users\19newaccount51\Desktop\STARTUP ITEMS CCLEANER 02-20-2014startup.txt
2014-02-21 07:45 - 2014-02-21 07:45 - 00013704 _____ () C:\Users\19newaccount51\Desktop\INSTALLED PROGRAMS PER CCLEANER 02-20-2014install.txt
2014-02-21 07:07 - 2014-02-21 07:07 - 00032653 _____ () C:\Users\19newaccount51\Desktop\vEDIO - MINIDV,VHS, BLUE-RAY, DVD - HOW TO COPY, CONVERT, BURN.odt
2014-02-21 07:01 - 2014-02-21 07:38 - 00026622 _____ () C:\Users\19newaccount51\Desktop\format a write-protected USB flash drive or memory card.odt
2014-02-21 06:59 - 2014-02-21 06:59 - 00019958 _____ () C:\Users\19newaccount51\Desktop\Documents\Using pIRIFORM Speccy.odt
2014-02-21 04:29 - 2014-02-21 04:42 - 00027750 _____ () C:\Users\19newaccount51\Desktop\Documents\SPECCY REPORT 02-20-2014.odt
2014-02-21 04:26 - 2014-02-21 04:26 - 00052979 _____ () C:\Users\19newaccount51\Desktop\SPECCY REPORT 02-20-2014LONDON.txt
2014-02-21 04:25 - 2014-02-21 04:25 - 00013557 _____ () C:\Users\19newaccount51\Desktop\SPECCY REPORT 02-20-20`14LONDON.speccy
2014-02-21 04:22 - 2014-02-21 04:26 - 00000000 ____D () C:\Users\19newaccount51\Desktop\PortableZipNoInstallerPiriformSpeccyspsetup125
2014-02-21 04:11 - 2014-02-21 04:11 - 00021473 _____ () C:\Users\19newaccount51\Desktop\Documents\Beginner Geek How to Host Your Own Website on Windows.odt
2014-02-21 04:08 - 2014-02-21 04:08 - 00032654 _____ () C:\Users\19newaccount51\Desktop\How to Run a Last Pass Security Audit - and why it can't wait.odt
2014-02-21 04:01 - 2014-02-21 04:05 - 00019987 _____ () C:\Users\19newaccount51\Desktop\Add Take Ownership to Explorer Right-Click Menu in Win 7, 8 or Vista.odt
2014-02-21 03:58 - 2014-02-21 03:59 - 00019199 _____ () C:\Users\19newaccount51\Desktop\HTG Explains What BCC Is and Why You’re a Terrible Person If You Don’t Use It Correctly Or At All.odt
2014-02-21 03:52 - 2014-02-21 03:52 - 00015605 _____ () C:\Users\19newaccount51\Desktop\CCleaner v3.07.1457 wants to unset firewall settings - invalid firewall rule.odt
2014-02-21 03:38 - 2014-02-21 03:38 - 00026801 _____ () C:\Users\19newaccount51\Desktop\system explorer - some esplaination.odt
2014-02-21 03:37 - 2014-02-21 03:37 - 00030632 _____ () C:\Users\19newaccount51\Desktop\hard drive backup, where the space is - or not.odt
2014-02-21 03:37 - 2014-02-21 03:37 - 00014631 _____ () C:\Users\19newaccount51\Desktop\Prevent Viruses Infecting A Memory Card.odt
2014-02-21 03:36 - 2014-02-21 03:36 - 00017616 _____ () C:\Users\19newaccount51\Desktop\Securely Erase A Hard Drive – DBAN May Not Be Sufficient.odt
2014-02-21 03:35 - 2014-02-21 03:35 - 00048365 _____ () C:\Users\19newaccount51\Desktop\How To Check If A Hard Drive Is Failing, copy files from, stuck in PIO mode, and more.odt
2014-02-21 03:33 - 2014-02-21 03:33 - 00021259 _____ () C:\Users\19newaccount51\Desktop\USB Flash drives ERRORS and FIXES.odt
2014-02-21 03:13 - 2014-02-21 03:13 - 00026092 _____ () C:\Users\19newaccount51\Desktop\How To Change Permissions Of A Registry Key.odt
2014-02-21 03:09 - 2014-02-21 03:38 - 00024991 _____ () C:\Users\19newaccount51\Desktop\How To Display A List Of All Installed Network Adapters.odt
2014-02-21 03:06 - 2014-02-21 03:07 - 00027041 _____ () C:\Users\19newaccount51\Desktop\How To Check If A Computer Is Overheating Tfm especailly laptop and netbooks.odt
2014-02-21 03:05 - 2014-02-21 03:05 - 00016815 _____ () C:\Users\19newaccount51\Desktop\How To Check If A Computer Is Overheating.odt
2014-02-21 03:00 - 2014-02-21 03:38 - 00041197 _____ () C:\Users\19newaccount51\Desktop\Updating Any Driver Automatically Using Driver Packs.odt
2014-02-21 02:51 - 2014-02-21 03:02 - 00031641 _____ () C:\Users\19newaccount51\Desktop\Fix The Not Enough Free Disk Space Error On USB Flash Drives.odt
2014-02-21 02:29 - 2014-02-21 03:38 - 00023006 _____ () C:\Users\19newaccount51\Desktop\Copy Files From A Dead Computer with usb adpter to a working PC.odt
2014-02-21 02:20 - 2014-02-21 03:38 - 00026831 _____ () C:\Users\19newaccount51\Desktop\Copy Files From A Failing Hard Drive.odt
2014-02-21 02:16 - 2014-02-21 03:34 - 00048525 _____ () C:\Users\19newaccount51\Desktop\How To Check If A Hard Drive Is Failing, stuck in PIO mode,.odt
2014-02-21 01:46 - 2014-02-21 01:46 - 00031516 _____ () C:\Users\19newaccount51\Desktop\How to Fix the “Firefox Is Already Running” Error.odt
2014-02-21 01:36 - 2014-02-21 01:36 - 00013704 _____ () C:\Users\19newaccount51\Desktop\Documents\Ccleaner list of installed programs - time to weed out using revo Uninstaller.txt
2014-02-21 01:23 - 2014-02-21 01:23 - 00027212 _____ () C:\Users\19newaccount51\Desktop\How To Check Which Type Of RAM You Need For Upgrading.odt
2014-02-21 01:09 - 2014-02-21 01:23 - 00028095 _____ () C:\Users\19newaccount51\Desktop\Troubleshooting A Faulty hdd hard drive SATA Port.odt
2014-02-21 00:59 - 2014-02-21 01:24 - 00028898 _____ () C:\Users\19newaccount51\Desktop\Replacing A Broken DVD Or CD Drive - from techlogin.com
2014-02-21 00:44 - 2014-02-21 00:45 - 00029892 _____ () C:\Users\19newaccount51\Desktop\How To Partition A Hard Drive from techlogin.com
2014-02-21 00:34 - 2014-02-21 01:24 - 00025952 _____ () C:\Users\19newaccount51\Desktop\techlogin.com
2014-02-21 00:33 - 2014-02-21 01:31 - 00012251 _____ () C:\Users\19newaccount51\Desktop\WonderHowTo.com Fresh Hacks For a Changing World. Delivering the zeitgeist's most delightful how-tos, hacks, pro-tips, and insider secrets.odt
2014-02-21 00:24 - 2014-02-21 00:26 - 00024456 _____ () C:\Users\19newaccount51\Desktop\apple mac - speed it up - multiple articles.odt
2014-02-21 00:01 - 2014-02-21 01:28 - 00021012 _____ () C:\Users\19newaccount51\Desktop\How can I do format and reinstall Windows Vista Home Premium on my notebook.odt
2014-02-21 00:00 - 2014-02-21 01:33 - 00024802 _____ () C:\Users\19newaccount51\Desktop\Speccy – Piriforms pc system information tool.odt
2014-02-20 23:58 - 2014-02-20 23:58 - 00035377 _____ () C:\Users\19newaccount51\Desktop\Replaceing hard drive from wilders security.odt
2014-02-20 23:35 - 2014-02-20 23:35 - 05160095 _____ () C:\Users\19newaccount51\Desktop\PortableZipNoInstallerPiriformSpeccyspsetup125.zip
2014-02-20 23:34 - 2014-02-20 23:34 - 03780920 _____ (Piriform Ltd) C:\Users\19newaccount51\Downloads\spsetup125_slim.exe
2014-02-20 23:09 - 2014-02-20 23:09 - 04845384 _____ (Piriform Ltd) C:\Users\19newaccount51\Downloads\Piriforms-SpeccyPCinfosetup125.exe
2014-02-20 22:15 - 2014-02-20 22:16 - 00017994 _____ () C:\Users\19newaccount51\Desktop\Backblaze, an Online Backup Service - A Full Review of.odt
2014-02-20 22:08 - 2014-02-21 00:28 - 00023439 _____ () C:\Users\19newaccount51\Desktop\Remotely Access Computers for Free With These 15 Free Remote Access Software Tools By Tim Fisher.odt
2014-02-20 21:06 - 2014-02-20 21:07 - 00202088 _____ () C:\Users\19newaccount51\Desktop\Documents\World of 7 Billion Video Entry Received.odt
2014-02-20 18:55 - 2014-02-20 21:01 - 00020173 _____ () C:\Users\19newaccount51\Desktop\Documents\songs, U_2 Adele, bob Marley, los lonely boys, one direction.odt
2014-02-20 18:28 - 2014-02-26 02:17 - 00002000 _____ () C:\Users\19newaccount51\Desktop\AviraAntiVirRemovalTool_en.log
2014-02-20 15:47 - 2014-02-20 15:49 - 00027021 _____ () C:\Users\19newaccount51\Desktop\Best Pre-Workout Foods   eat before excersise.odt
2014-02-20 15:37 - 2014-02-20 15:37 - 00014396 _____ () C:\Users\19newaccount51\Desktop\chords crowded house, eagle-eyed cherry.odt
2014-02-20 14:50 - 2014-02-20 14:53 - 00040653 _____ () C:\Users\19newaccount51\Desktop\Fixit - 10 Sub-Catagories in reddits.com Every Fixer Should Know.odt
2014-02-20 14:00 - 2014-02-20 17:04 - 00032389 _____ () C:\Users\19newaccount51\Desktop\How to Get More Plus out of Notepad++.odt
2014-02-20 13:50 - 2014-02-20 13:52 - 00020449 _____ () C:\Users\19newaccount51\Desktop\Documents\PainT.NET The Best Image Editor Available That You Should Download.odt
2014-02-20 13:40 - 2014-02-20 14:57 - 00026983 _____ () C:\Users\19newaccount51\Desktop\10 Useful Features Hidden in VLC, The Swiss Army Knife of Media Players  FOUND VIA VIC LAURIE BLEEPINGCOMPTER.odt
2014-02-20 13:29 - 2014-02-20 13:29 - 00015650 _____ () C:\Users\19newaccount51\Desktop\Disabling Java Plug-ins IN EACH BROWSER by F-secure.odt
2014-02-20 13:17 - 2014-02-20 13:18 - 00013590 _____ () C:\Users\19newaccount51\Desktop\Dont Dream Its Over Chords by Crowded House.odt
2014-02-20 13:09 - 2014-02-20 13:09 - 00012696 _____ () C:\Users\19newaccount51\Desktop\f-SECURE Health Check.odt
2014-02-20 13:07 - 2014-02-20 13:07 - 00014029 _____ () C:\Users\19newaccount51\Desktop\APPLE FLASHBACK MALWARE REMOVAL BY F-SECURE.odt
2014-02-20 13:03 - 2014-02-20 17:04 - 00021764 _____ () C:\Users\19newaccount51\Desktop\Oracle Java JRE 1.7 Expression.execute and SunToolkit.get Field fail to restrict access to privileged code.odt
2014-02-20 12:59 - 2014-02-20 13:31 - 00013958 _____ () C:\Users\19newaccount51\Desktop\Disabling System Restore on Windows Vista  by F-support.odt
2014-02-20 12:42 - 2014-02-20 13:36 - 00023789 _____ () C:\Users\19newaccount51\Desktop\General Removal Instructions  by F-secure.odt
2014-02-20 12:39 - 2014-02-20 13:28 - 00015471 _____ () C:\Users\19newaccount51\Desktop\Disabling Java Plug-ins by F-secure.odt
2014-02-20 12:30 - 2014-02-20 13:08 - 00029150 _____ () C:\Users\19newaccount51\Desktop\F-secure apps to clean malware.odt
2014-02-20 11:23 - 2014-02-20 12:31 - 00003866 _____ () C:\Users\19newaccount51\Desktop\fsbl-20140220172316.log
2014-02-20 10:51 - 2014-02-20 17:04 - 00027323 _____ () C:\Users\19newaccount51\Desktop\Guides and Tips for Using Four Popular Free Applications.odt
2014-02-20 10:51 - 2014-02-20 10:52 - 00162662 _____ () C:\Users\19newaccount51\Desktop\Access violation at affress 743dc111 in module nemesisInteropmodule,dll.odt
2014-02-20 01:05 - 2014-02-20 01:05 - 04102163 _____ () C:\Users\19newaccount51\Downloads\tdsskiller.zip
2014-02-20 00:02 - 2014-02-21 22:10 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\FreeFixer
2014-02-20 00:02 - 2014-02-20 00:15 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\FreeFixer
2014-02-20 00:02 - 2014-02-20 00:02 - 00013354 _____ () C:\Users\19newaccount51\Desktop\What is aswSnx.sys, AND cmdguard.sys
2014-02-20 00:01 - 2014-02-20 00:01 - 00000000 ____D () C:\Program Files\FreeFixer
2014-02-19 23:59 - 2014-02-19 23:59 - 02551343 _____ (Kephyr) C:\Users\19newaccount51\Desktop\freefixersetup.exe
2014-02-19 23:57 - 2014-02-20 00:11 - 00137866 _____ () C:\Users\19newaccount51\Desktop\FREEFIXER - User's Manual FEB 2014.odt
2014-02-19 23:38 - 2014-02-19 22:13 - 00031165 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_3.odt
2014-02-19 23:38 - 2014-02-19 20:40 - 00072734 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_2_1.odt
2014-02-19 22:18 - 2014-02-19 22:18 - 01137360 _____ (F-Secure Corporation) C:\Users\19newaccount51\Desktop\f-SecureBlackLightRootKitToolfsbl.exe
2014-02-19 22:16 - 2014-02-19 22:16 - 00790064 _____ () C:\Users\19newaccount51\Desktop\SophosConflickerRemovalTool_ssconftool_10_sfx.exe
2014-02-19 22:14 - 2014-02-19 22:14 - 00366627 _____ (Avira GmbH) C:\Users\19newaccount51\Desktop\AviraAntiVirRemovalTool_en.exe
2014-02-19 22:13 - 2014-02-19 22:13 - 04130896 _____ (PC Tools) C:\Users\19newaccount51\Desktop\avinstall.exe
2014-02-19 22:12 - 2014-02-19 22:21 - 316506608 _____ (Norman Shark AS) C:\Users\19newaccount51\Downloads\Norman_Malware_Cleaner.exe
2014-02-19 22:07 - 2014-02-19 22:08 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\19newaccount51\Desktop\mbam-setup-1.75.0.1300(1).exe
2014-02-19 20:59 - 2014-02-19 20:59 - 00001041 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-02-19 20:54 - 2014-02-26 02:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-02-19 20:53 - 2014-02-19 20:53 - 00002084 _____ () C:\Users\Public\Desktop\Tweaking.com - Simple System Tweaker.lnk
2014-02-19 20:53 - 2014-02-19 20:53 - 00001078 _____ () C:\Users\19newaccount51\Desktop\Revo Uninstaller.lnk
2014-02-19 20:53 - 2014-02-19 20:53 - 00000797 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-02-19 20:53 - 2014-02-19 20:53 - 00000000 ____D () C:\Program Files\Speccy
2014-02-19 20:52 - 2014-02-23 15:13 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Notepad++
2014-02-19 20:52 - 2014-02-19 20:52 - 00001854 _____ () C:\Users\19newaccount51\Desktop\Process Hacker 2.lnk
2014-02-19 20:52 - 2014-02-19 20:52 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-19 20:52 - 2014-02-19 20:52 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Paint.NET
2014-02-19 20:52 - 2014-02-19 20:52 - 00000000 ____D () C:\Program Files\Process Hacker 2
2014-02-19 20:52 - 2014-02-19 20:52 - 00000000 ____D () C:\Program Files\Notepad++
2014-02-19 20:49 - 2014-02-19 20:49 - 00001671 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-02-19 20:47 - 2014-02-19 20:47 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\querftsq.sys
2014-02-19 20:46 - 2014-02-19 20:46 - 00000983 _____ () C:\Users\19newaccount51\Desktop\Auslogics DiskDefrag.lnk
2014-02-19 20:46 - 2014-02-19 20:46 - 00000000 ____D () C:\Program Files\Auslogics
2014-02-19 15:42 - 2014-02-19 15:42 - 00005948 _____ () C:\Users\19newaccount51\Desktop\cc_20140219_154216.reg
2014-02-19 14:11 - 2014-02-19 14:11 - 00000773 _____ () C:\Users\19newaccount51\Desktop\JRT.txt  2-19-2014 Google Blacklisted Policy removed.txt
2014-02-19 02:07 - 2014-02-19 02:07 - 00019482 _____ () C:\Users\19newaccount51\Desktop\AVAST CHAPTER ON USING THE VIRUS CHEST.odt
2014-02-19 01:28 - 2014-02-19 01:46 - 00178010 _____ () C:\Users\19newaccount51\Desktop\AVAST VIRUS CHEST LIST AS OF 02-19-2014  0125.odt
2014-02-19 01:19 - 2014-02-19 01:46 - 00015643 _____ () C:\Users\19newaccount51\Desktop\AVAST VIRUS CHEST CONSIDERATIONS.odt
2014-02-19 01:18 - 2014-02-19 01:18 - 00015168 _____ () C:\Users\19newaccount51\Desktop\small nastys that like us humans.odt
2014-02-19 01:17 - 2014-02-19 03:16 - 00095255 _____ () C:\Users\19newaccount51\Desktop\Anemia considerations from livestrong.com
2014-02-18 23:40 - 2014-02-19 02:00 - 00070190 _____ () C:\Users\19newaccount51\Desktop\Documents\BLOOD DISORDER OR DISEASE -MINUS-  -HEART  TFM GOOGLED THE PRECEDING WITH IMAGES OF.odt
2014-02-18 23:38 - 2014-02-18 23:38 - 00086402 _____ () C:\Users\19newaccount51\Desktop\IMAGES OF BLOOD DISORDER OR DISEASE -HEART.odt
2014-02-18 23:33 - 2014-02-18 23:33 - 00005796 _____ () C:\Users\19newaccount51\Desktop\blood disease  sickle-cell anemia -- Britannica Online Encyclopedia.htm
2014-02-18 23:33 - 2014-02-18 23:33 - 00000000 ____D () C:\Users\19newaccount51\Desktop\blood disease  sickle-cell anemia -- Britannica Online Encyclopedia_files
2014-02-18 22:37 - 2014-02-18 23:10 - 00015316 _____ () C:\Users\19newaccount51\Desktop\AFTER RK,MBAMANTIROOT, MBAM, SAS, AVAST QUICK SCAN STILL 30 PLUS EATsTFM JUST NOTICED HAVEN'T HAD AVAST FULL SCAN CHEDULED SINCE.odt
2014-02-18 17:20 - 2014-02-18 17:20 - 00015641 _____ () C:\Users\19newaccount51\Desktop\TFM COPY-PASTED THE MBR RAW DATA DURING SCAN.odt
2014-02-18 17:09 - 2014-02-18 17:09 - 00011559 _____ () C:\Users\19newaccount51\Desktop\SAS SCAN ONLY COOKIES 32 BUT ORIGINAL SAN RESULTS HIGHLIGHTED THE BOLD FACE.odt
2014-02-18 14:39 - 2014-02-18 15:35 - 00019467 _____ () C:\Users\19newaccount51\Desktop\SUPERANTISPYWARE FINDS Trojan.Dropper fake found during SAS scan NOTE THE HOOOKS ARE NOT CONSIDERED BAD.odt
2014-02-18 14:16 - 2014-02-18 14:24 - 00038216 _____ () C:\Users\19newaccount51\Desktop\BLEEPINGCOMPUTER FEB 01 2014 NICE SERIES OF STEPS.odt
2014-02-18 13:52 - 2014-02-18 13:52 - 00012854 _____ () C:\Users\19newaccount51\Desktop\HitmanPro_2014-021-8_1240     iframedll -  WRP  Run   - at C-windows-system32.log at the end of the run display screen read threats  11.odt
2014-02-18 13:45 - 2014-02-18 13:45 - 00016128 _____ () C:\Users\19newaccount51\Desktop\Documents\ClamAV memory scan scan  canceled by user ran only 1 min 12 sec note results  a pages of lines - ton of permission denied.odt
2014-02-18 13:44 - 2014-02-27 01:12 - 00016045 _____ () C:\Users\19newaccount51\Desktop\ClamAV memory scan scan  canceled by user ran only 1 min 12 sec note results  a ton of permission denied.odt
2014-02-18 13:36 - 2014-02-18 13:36 - 00014022 _____ () C:\Users\19newaccount51\Desktop\area network is working and no Hjs but over 30 policy HJsi turned file sharing off after this scan.odt
2014-02-18 13:35 - 2014-02-18 13:35 - 00012871 _____ () C:\Users\19newaccount51\Desktop\area network is working and no Hjs i turned file sharing off after this scan.odt
2014-02-17 22:36 - 2014-02-17 22:36 - 00023323 _____ () C:\Users\19newaccount51\Desktop\PortableApps.com
2014-02-17 21:31 - 2014-02-17 21:31 - 00118535 _____ () C:\Users\19newaccount51\Desktop\TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 2332 ran with all options see bolded.odt
2014-02-17 21:20 - 2014-02-17 21:20 - 00118015 _____ () C:\Users\19newaccount51\Desktop\TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 2332   ran with all options  checked including modules-  rebooted to prepare for ascan - no threat detcted  will no.odt
2014-02-15 18:17 - 2014-02-15 18:17 - 00012490 _____ () C:\Users\19newaccount51\Desktop\UNHIDE by bleeping computer WOW -1. detected and deleted - disable taskMrg, and two no-run  policies but 2. I need to creat a temp file.odt
2014-02-15 18:13 - 2014-02-15 18:15 - 00011859 _____ () C:\Users\19newaccount51\Desktop\UNHIDE by bleeping computer WOW - detected and deleted - disable taskMrg, and two no-run  policies.odt
2014-02-15 02:55 - 2014-02-15 02:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\19newaccount51\Downloads\mbar-1.07.0.1009(1).exe
2014-02-15 02:55 - 2014-02-15 02:55 - 00065232 _____ (Malwarebytes) C:\Users\19newaccount51\Downloads\regassassin-setup-1.03.exe
2014-02-15 02:54 - 2014-02-15 02:55 - 01769928 _____ (Malwarebytes ) C:\Users\19newaccount51\Downloads\mbae-setup-0.09.5.1000.exe
2014-02-15 01:57 - 2014-02-15 01:57 - 00001186 _____ () C:\Users\19newaccount51\Desktop\cc_20140215_015704.reg
2014-02-15 01:52 - 2014-02-15 01:52 - 00080214 _____ () C:\Users\19newaccount51\Desktop\Documents\1. Malwarebytes Forum  → Malware Removal Support  → Malware Removal Help  → Resolved HijackThis Logs - the 101 page version.odt
2014-02-15 01:52 - 2014-02-15 01:52 - 00036903 _____ () C:\Users\19newaccount51\Desktop\1. Malwarebytes Forum  → Malware Removal Support  → Malware Removal Help  → Resolved HijackThis Logs  the 20 page version.odt
2014-02-15 01:36 - 2014-02-27 14:40 - 00000000 ____D () C:\Windows\ERDNT
2014-02-15 01:34 - 2014-02-15 01:34 - 00020703 _____ () C:\Users\19newaccount51\Desktop\Canon pixma mx340 -  tfm - notes i have taken that work - Reset ink level,or new cartridge reset.odt
2014-02-15 00:28 - 2014-02-15 00:28 - 00024640 _____ () C:\Users\19newaccount51\Desktop\Documents\ERUNT - The Emergency Recovery Utility NT  Registry Backup and Restore for Windows.odt
2014-02-15 00:21 - 2014-02-15 00:25 - 00024326 _____ () C:\Users\19newaccount51\Desktop\Documents\ERUNT - The Emergency Recovery Utility NT   -  readme file.odt
2014-02-15 00:17 - 2014-02-15 00:19 - 00000000 ____D () C:\Program Files\ERUNT
2014-02-15 00:07 - 2014-02-15 00:08 - 00000000 _____ () C:\Users\19newaccount51\Desktop\LogAnalyZer.ini
2014-02-15 00:02 - 2014-02-15 00:03 - 00791393 _____ (Lars Hederer ) C:\Users\19newaccount51\Desktop\erunt-setup.exe
2014-02-14 21:04 - 2014-02-14 21:06 - 00020694 _____ () C:\Users\19newaccount51\Desktop\Documents\Canon pixma mx340 -  Reset ink level,or new cartridge reset.odt
2014-02-14 14:45 - 2014-02-14 21:00 - 00020469 _____ () C:\Users\19newaccount51\Desktop\Documents\Canon pixma mx340 -  Reset ink level, cartridge not installed.odt
2014-02-14 13:43 - 2014-02-15 01:32 - 00080365 _____ () C:\Users\19newaccount51\Desktop\Documents\1. Malwarebytes Forum  → Malware Removal Support  → Malware Removal Help  → Resolved HijackThis Logs.odt
2014-02-14 13:15 - 2014-02-14 13:15 - 00019905 _____ () C:\Users\19newaccount51\Desktop\Documents\DDS 02-14-2014  1315.txt
2014-02-14 10:29 - 2014-02-14 10:29 - 00018160 _____ () C:\Users\19newaccount51\Desktop\Troubleshoot Adobe Reader installation Windows feb 2014.odt
2014-02-14 10:14 - 2014-02-26 23:48 - 00220377 _____ () C:\Users\19newaccount51\Desktop\WIGI adlice URL history uploadremoteremote  server error  forbidden.odt
2014-02-14 09:58 - 2014-02-14 09:58 - 00282840 _____ (Mozilla) C:\Users\19newaccount51\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-14 09:55 - 2014-02-14 09:55 - 00773632 _____ (Robert Simpson, et al.) C:\Users\19newaccount51\AppData\Roaming\System.Data.SQLite.dll
2014-02-14 09:46 - 2014-02-14 09:46 - 00002176 _____ () C:\Users\19newaccount51\Desktop\cc_20140214_094608.reg
2014-02-14 09:34 - 2014-02-14 09:38 - 00000968 _____ () C:\Users\19newaccount51\Desktop\Continue Zip Extractor Installation.lnk
2014-02-13 19:51 - 2014-02-13 19:51 - 00020756 _____ () C:\Users\19newaccount51\Desktop\Thomas F. Murphy resume prepared for Environmental Safety Technologies.odt
2014-02-13 19:46 - 2014-02-13 19:50 - 00020756 _____ () C:\Users\19newaccount51\Desktop\Documents\Thomas F. Murphy resume prepared for Environmental Safety Technologies.odt
2014-02-13 19:41 - 2014-02-13 19:41 - 00008267 _____ () C:\Users\19newaccount51\Desktop\Documents\Thomas F. Murphy resume for Environmental Safety Technologies.odt
2014-02-13 16:37 - 2014-02-13 16:37 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.Printing.Run.exe
2014-02-13 16:32 - 2014-02-13 16:32 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-13 16:31 - 2014-02-13 16:31 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-02-13 16:30 - 2013-12-04 00:17 - 00055688 _____ (Hewlett-Packard) C:\Windows\system32\hpmnque.dll
2014-02-13 16:30 - 2013-12-04 00:17 - 00055688 _____ (Hewlett-Packard) C:\Windows\system32\hpmnndps.dll
2014-02-13 16:30 - 2013-12-04 00:14 - 00103200 _____ (Hewlett-Packard Company) C:\Windows\system32\hpmlm135.dll
2014-02-13 16:30 - 2013-12-04 00:09 - 00196896 _____ (Hewlett-Packard) C:\Windows\system32\hpmml160.dll
2014-02-13 16:30 - 2013-12-04 00:09 - 00157984 _____ (Hewlett-Packard) C:\Windows\system32\hpmpm081.dll
2014-02-13 16:30 - 2013-12-04 00:09 - 00134944 _____ (Hewlett-Packard) C:\Windows\system32\hpmtp160.dll
2014-02-13 16:30 - 2013-12-04 00:09 - 00062752 _____ (Hewlett-Packard) C:\Windows\system32\hpmpw081.dll
2014-02-13 16:30 - 2013-12-04 00:08 - 00171296 _____ (Hewlett-Packard) C:\Windows\system32\hpmja160.dll
2014-02-13 16:30 - 2013-12-04 00:07 - 00419616 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn160.dll
2014-02-13 16:30 - 2013-12-04 00:07 - 00119584 _____ (Hewlett-Packard) C:\Windows\system32\hpcjpm.dll
2014-02-13 16:30 - 2011-02-11 14:23 - 00167480 _____ (Hewlett-Packard) C:\Windows\system32\hppccompio.dll
2014-02-13 16:30 - 2009-02-25 16:32 - 00059928 _____ (Hewlett-Packard) C:\Windows\system32\fxcompchannel.dll
2014-02-13 16:28 - 2014-02-13 16:28 - 00000000 ____D () C:\HP Universal Print Driver
2014-02-13 16:26 - 2014-02-13 16:26 - 00001650 _____ () C:\Users\19newaccount51\Desktop\cc_20140213_162629.reg
2014-02-13 16:19 - 2014-02-13 16:19 - 00016002 _____ () C:\Users\19newaccount51\Desktop\How To Fix Ieframe.dll Errors.odt
2014-02-13 16:15 - 2014-02-13 16:19 - 00022458 _____ () C:\Users\19newaccount51\Desktop\HP Universal Print Driver for Windows.odt
2014-02-13 16:14 - 2014-02-13 16:14 - 17344800 _____ () C:\Users\19newaccount51\Desktop\upd-pcl6-x32-5.8.0.17508.exe
2014-02-13 14:04 - 2014-02-13 14:06 - 00016170 _____ () C:\Users\19newaccount51\Desktop\How to enable  -  disable command prompt.odt
2014-02-13 13:26 - 2014-02-13 13:27 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Canon
2014-02-13 11:44 - 2014-02-13 13:40 - 00010107 _____ () C:\Users\19newaccount51\Desktop\Documents\DICK MILLER EMAIL NOT RECIEVED.odt
2014-02-12 22:21 - 2014-02-13 04:41 - 00000000 ____D () C:\Users\19newaccount51\Doctor Web
2014-02-12 18:32 - 2014-02-12 18:32 - 07265600 _____ (Bitdefender LLC) C:\Users\19newaccount51\Downloads\BootkitRemoval_x86.exe
2014-02-12 18:16 - 2014-02-12 18:16 - 00147456 _____ () C:\Users\19newaccount51\Desktop\catchme.exe
2014-02-12 18:15 - 2014-02-12 18:15 - 00017584 _____ () C:\Users\19newaccount51\Desktop\Documents\List of Anti-Rootkits.odt
2014-02-12 18:11 - 2014-02-12 18:11 - 00634925 _____ () C:\Users\19newaccount51\Downloads\RkU3.8.389.593.rar
2014-02-12 16:39 - 2014-02-12 16:39 - 00002604 _____ () C:\Users\19newaccount51\Desktop\cc_20140212_163932.reg TFM LOOK THIS OVER.reg
2014-02-12 16:27 - 2014-02-12 16:31 - 00028823 _____ () C:\Users\19newaccount51\Desktop\GREAT ROOTKIT MALWARE EXCERSE FROM BLEEPING.odt
2014-02-12 16:26 - 2014-02-12 16:27 - 00029353 _____ () C:\Users\19newaccount51\Desktop\Kaspersky AV has identified tcpip.sys vital windows file BSOD with out it as malware  Can't get rid of rootkit infection - tcpip.odt
2014-02-12 16:23 - 2014-02-12 16:23 - 00029182 _____ () C:\Users\19newaccount51\Desktop\Documents\Kaspersky AV has identified tcpip.sys vital windows file BSOD with out it as malware  Can't get rid of rootkit infection - tcpip.sys
2014-02-12 16:21 - 2014-02-12 16:21 - 00015602 _____ () C:\Users\19newaccount51\Desktop\Documents\Publish a Snapshot using Speccy  for blepping computer.odt
2014-02-12 16:16 - 2014-02-12 16:19 - 00032055 _____ () C:\Users\19newaccount51\Desktop\Documents\Vista firewall exceptions not working.odt
2014-02-12 15:34 - 2014-02-12 12:40 - 00048676 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_2.odt
2014-02-12 15:15 - 2014-02-28 11:17 - 00002744 _____ () C:\Users\19newaccount51\Desktop\FSS.txt
2014-02-12 13:21 - 2014-02-12 13:21 - 00000651 _____ () C:\Users\19newaccount51\Desktop\JRT.txt 02-12-2014 safemode.txt
2014-02-12 12:01 - 2014-02-12 12:01 - 00042445 _____ () C:\Users\19newaccount51\Desktop\Documents\RootRepeal & rootkit unhooker - System infected    MALWAREBYTES FORUM.odt
2014-02-12 11:02 - 2014-02-12 12:04 - 00036419 _____ () C:\Users\19newaccount51\Desktop\Documents\How to Use Rootkit Unhooker.odt
2014-02-12 09:37 - 2014-02-12 10:09 - 00049315 _____ () C:\Users\19newaccount51\Desktop\PROCESSES, DLLS, MUI FILES, Native Images (NI) ,MUI Files, Safe or Threat, Linked files  DLL, OCX and SS What web hosting is best for us  System Explorer dev team blog about system management, security and more..odt
2014-02-12 08:57 - 2014-02-12 09:10 - 00013760 _____ () C:\Users\19newaccount51\Desktop\ESET ONLINE SCANNER WENS 02 12 2014 – 42 THREATS  4.52HR SCAN 367819 FILES ...USER “MD” SO MANY  MALWARE  PROBS TFM HAD TO CREATE 2ND USER ACCT SCAN TIME ABOUT 1HR LONGER.odt
2014-02-12 03:16 - 2014-02-12 03:16 - 00017333 _____ () C:\Users\19newaccount51\Desktop\ESET Online scanner faq.odt
2014-02-12 02:58 - 2014-02-27 01:04 - 00065217 _____ () C:\Users\19newaccount51\Desktop\FDCCSecuringMicrosoftWindowsVistaSystem virusmalwareinfect spyware secur file polic configur system adm user patch network setting install boot update download internet remote assit computer manage log event.odt
2014-02-12 02:58 - 2014-01-22 12:53 - 00040042 _____ () C:\Users\19newaccount51\Desktop\Environmental Water Testing Lab - Dallas, Tx.odt
2014-02-12 02:58 - 2014-01-19 03:27 - 00130983 _____ () C:\Users\19newaccount51\Desktop\Documents\Data-Photo-Music - Recovery with Testdisk boot CDs available for download, tutorials, step-by-step.odt
2014-02-12 02:58 - 2014-01-17 14:29 - 00022251 _____ () C:\Users\19newaccount51\Desktop\DUAL MONITOR MANAGER CALLED - EasyMon 1.6.7.odt
2014-02-12 02:58 - 2014-01-14 15:05 - 00022058 _____ () C:\Users\19newaccount51\Desktop\Environmental Insurance Brokers-Agents and Risk Management Consultants - what they cover re - legionella.odt
2014-02-12 02:58 - 2014-01-14 10:39 - 00018968 _____ () C:\Users\19newaccount51\Desktop\Everything – can search,display,print file names any folder then copy past delete.odt
2014-02-12 02:58 - 2014-01-10 13:31 - 00009988 _____ () C:\Users\19newaccount51\Desktop\Demographics DALLAS SHORTFORM.odt
2014-02-12 02:58 - 2014-01-10 13:18 - 00037449 _____ () C:\Users\19newaccount51\Desktop\Dallas City and Metro Demographics FOR FOR REAL ESTATE DEVELOPERS.odt
2014-02-12 02:58 - 2014-01-10 13:03 - 00081237 _____ () C:\Users\19newaccount51\Desktop\Dallas County, Texas ECONOMIC DEVELOPEMENT COUNCIL STATS MAPS.odt
2014-02-12 02:58 - 2014-01-10 12:33 - 00009581 _____ () C:\Users\19newaccount51\Desktop\Dallas City and Metro Demographics.odt
2014-02-12 02:58 - 2014-01-09 02:28 - 00018613 _____ () C:\Users\19newaccount51\Desktop\Environmental Legionella Isolation Techniques Evaluation (ELITE) Program.odt
2014-02-12 02:58 - 2014-01-06 10:55 - 00044530 _____ () C:\Users\19newaccount51\Desktop\Environmental Safety Technologies, Inc and employees linkedin profiles.odt
2014-02-12 02:58 - 2014-01-06 07:04 - 00021124 _____ () C:\Users\19newaccount51\Desktop\DEMOGRAPHICS OF COUNTIES THAT TFM KNOWS.odt
2014-02-12 02:58 - 2013-12-30 16:52 - 00016327 _____ () C:\Users\19newaccount51\Desktop\Eyeglass store buying guide – from Consumer Reoports  June 2013 cut and paste file.odt
2014-02-12 02:58 - 2013-12-08 02:22 - 00743233 _____ () C:\Users\19newaccount51\Desktop\dehydration rehydration euhydration from - medicine science in sport s and exercise.odt
2014-02-12 02:58 - 2013-11-20 09:49 - 00023005 _____ () C:\Users\19newaccount51\Desktop\Dr. Web LiveCD-LiveUSB 6.0.2 11-12-2013 HOW TO.odt
2014-02-12 02:58 - 2013-11-20 00:36 - 00086024 _____ () C:\Users\19newaccount51\Desktop\Dry rot, wet rot, brown rot - wood decay, prevention, and treatment from university websites.odt
2014-02-12 02:58 - 2013-10-27 12:22 - 00018290 _____ () C:\Users\19newaccount51\Desktop\Executor of Will Duties & Responsibilities - Letter of Instruction Sample Template tags death dead.odt
2014-02-12 02:58 - 2013-10-17 11:22 - 00016738 _____ () C:\Users\19newaccount51\Desktop\Delete the previous owner registration details from your laptop or desktop computer.odt
2014-02-12 02:58 - 2013-10-10 23:34 - 00017305 _____ () C:\Users\19newaccount51\Desktop\EPA Registered NATURAL Biopesticides.odt
2014-02-12 02:58 - 2013-10-01 01:13 - 00043488 _____ () C:\Users\19newaccount51\Desktop\Fitness tips from one of standup paddling’s biggest names.odt
2014-02-12 02:58 - 2013-09-17 04:29 - 00065820 _____ () C:\Users\19newaccount51\Desktop\Diagnose And Fix A Dead Hard Drive To Recover Data  BY TINA SIEBER VIA MAKEUSEOF.odt
2014-02-12 02:58 - 2013-09-13 10:54 - 00016125 _____ () C:\Users\19newaccount51\Desktop\DISD Magnet Program FAQs DEALY TAG TOWNVIEW.odt
2014-02-12 02:58 - 2013-09-13 10:27 - 00026795 _____ () C:\Users\19newaccount51\Desktop\DISD  Transportation Services BUS ROUTE PICK UP DROP OFF.odt
2014-02-12 02:58 - 2013-09-08 23:49 - 00039637 _____ () C:\Users\19newaccount51\Desktop\Documents\DECISION MAKING - THE HUMAN PROCESS OF, HOW TO DO, FLOW CHARTS AND METHODS OF DEVELOPING.odt
2014-02-12 02:58 - 2013-08-31 12:46 - 00026720 _____ () C:\Users\19newaccount51\Desktop\Electrolyte Water Recipe – DR OZ & BOB HARPER.odt
2014-02-12 02:58 - 2013-08-21 16:32 - 00611210 _____ () C:\Users\19newaccount51\Desktop\Dick Miller, Krystal, and Eric ENVIROMENTAL SAFETY TECHNOLOGIES, Dick Miller's - parts of the site copied & pasted here, together with  Dick Miller's 2013 happy new year - 2012 recap letter.odt
2014-02-12 02:58 - 2013-08-21 16:20 - 00611219 _____ () C:\Users\19newaccount51\Desktop\Dick Miller, Krystal, and Eric.odt
2014-02-12 02:58 - 2013-08-21 15:06 - 00607797 _____ () C:\Users\19newaccount51\Desktop\ENVIROMENTAL SAFETY TECHNOLOGIES, Dick Miller's - parts of the site copied & pasted here, together with  Dick Miller's 2013 happy new year - 2012 recap letter.odt
2014-02-12 02:58 - 2013-08-21 11:35 - 00047173 _____ () C:\Users\19newaccount51\Desktop\Federal Desktop Core Configuration recommendations.odt
2014-02-12 02:58 - 2013-07-01 00:46 - 00055588 _____ () C:\Users\19newaccount51\Desktop\Evernote Search Tips & Tricks.odt
2014-02-12 02:58 - 2013-06-09 18:33 - 00030174 _____ () C:\Users\19newaccount51\Desktop\Do You Really Need to Safely Remove USB Sticks - HTG Explains.odt
2014-02-12 02:58 - 2013-05-08 10:54 - 00025253 _____ () C:\Users\19newaccount51\Desktop\Dark side of Free Software.odt
2014-02-12 02:58 - 2013-04-25 01:16 - 00023370 _____ () C:\Users\19newaccount51\Desktop\Demystifying text for high-impact messages - typographyfor all.odt
2014-02-12 02:50 - 2013-12-22 16:57 - 00862844 _____ () C:\Users\19newaccount51\Desktop\CBE  LOW Fe++ DATA.odt
2014-02-12 02:50 - 2013-10-22 11:38 - 00035147 _____ () C:\Users\19newaccount51\Desktop\COMPUTERHOPE.COM SiteMap Catagories.odt
2014-02-12 02:50 - 2013-10-05 03:16 - 00026769 _____ () C:\Users\19newaccount51\Desktop\Documents\Characteristics of Gifted & Talented Students.odt
2014-02-12 02:50 - 2013-09-09 22:41 - 00026844 _____ () C:\Users\19newaccount51\Desktop\Computer Forensics Ask an Expert All About.odt
2014-02-12 02:49 - 2014-01-22 12:12 - 00025007 _____ () C:\Users\19newaccount51\Desktop\Booting the Avira AntiVir Rescue System from USB flash drives or SDHC memory cards version 3.6.9 with internet update function.odt
2014-02-12 02:49 - 2014-01-17 03:46 - 00029519 _____ () C:\Users\19newaccount51\Desktop\Booting  Avira AntiVir Rescue System from USB flash drives or SDHC version 3.6.9 internet update, using HP USB Disk Storage Format Tool , UNetbootin.odt
2014-02-12 02:49 - 2013-12-30 23:28 - 00035656 _____ () C:\Users\19newaccount51\Desktop\Car batteries and tires and Prius from consumer reports from website dec 2013dec.odt
2014-02-12 02:49 - 2013-07-30 23:08 - 00020310 _____ () C:\Users\19newaccount51\Desktop\BUILD A PC MPM-TFM AUG 2013 FRYS PROMO - CPU HEATSINK FAN M-BOARD, RAM, H-DRIVE, DVD-CD BURNER-PLAYER , CASE N P. SUPPLY, V-CARD.odt
2014-02-12 02:49 - 2013-06-27 01:17 - 00025767 _____ () C:\Users\19newaccount51\Desktop\Borrow ebooks from your local library... without even going there.odt
2014-02-12 02:49 - 2013-06-15 20:18 - 00032262 _____ () C:\Users\19newaccount51\Desktop\Canon Cartridge 210 and 210XL Black AND  Color Cartridge211 and 211XL.odt
2014-02-12 02:49 - 2013-05-10 20:52 - 00038550 _____ () C:\Users\19newaccount51\Desktop\canon refill instructions.odt
2014-02-12 02:46 - 2014-01-27 02:19 - 00019632 _____ () C:\Users\19newaccount51\Desktop\Best Free CD-DVD Emulation Software gizmos.odt
2014-02-12 02:46 - 2014-01-20 01:12 - 00040933 _____ () C:\Users\19newaccount51\Desktop\BEST FREE FILE MANAGER - Create, Edit, Rename, Copy, Delete, Modify Attributes, Compare, Search ,FTP Client, File Splitting, Backup & Restore Jan 2014.odt
2014-02-12 02:46 - 2014-01-17 20:31 - 00016590 _____ () C:\Users\19newaccount51\Desktop\Documents\Backup Software list by MALWAREBYTES and Rules of Thumb and practices Nov 07 2013 from Malwarebytes Forum → General Computer Support and Security Updates → PC Self Help Articles and Guides.odt
2014-02-12 02:46 - 2014-01-12 13:49 - 00022575 _____ () C:\Users\19newaccount51\Desktop\Best Free Hard Drive Backup Program DEC 2013.odt
2014-02-12 02:46 - 2014-01-11 23:48 - 00025685 _____ () C:\Users\19newaccount51\Desktop\BEST FREE HARD DISK CD DVD DATA RECOVERY- REPAIR-UNDELETE UTILITIES best free jan 2014.odt
2014-02-12 02:46 - 2014-01-11 15:52 - 00020986 _____ () C:\Users\19newaccount51\Desktop\Best Free PC Tune-up Program utilities- temp files, registry,cleaner,inernet traces and more tags file Computer dec 2013.odt
2014-02-12 02:46 - 2014-01-04 21:48 - 00060826 _____ () C:\Users\19newaccount51\Desktop\Best Free Windows Desktop SoftwareUpdated 24 December 2013 by GIZMO.odt
2014-02-12 02:46 - 2014-01-04 17:41 - 00055792 _____ () C:\Users\19newaccount51\Desktop\Best Free Portable ApplicationsAS OF JAN2014.odt
2014-02-12 02:46 - 2014-01-03 15:17 - 00013459 _____ () C:\Users\19newaccount51\Desktop\AutoRecovery save of Magic palabras that facilitate portals (2).odt
2014-02-12 02:46 - 2014-01-02 12:23 - 00112734 _____ () C:\Users\19newaccount51\Desktop\Atkins diet-From Wikipedia.odt
2014-02-12 02:46 - 2014-01-01 01:04 - 00047575 _____ () C:\Users\19newaccount51\Desktop\Best Websites For Your Career - 2013.odt
2014-02-12 02:46 - 2013-12-30 23:38 - 00013371 _____ () C:\Users\19newaccount51\Desktop\AutoRecovery save of Magic palabras that facilitate portals.odt
2014-02-12 02:46 - 2013-12-17 21:52 - 00688308 _____ () C:\Users\19newaccount51\Desktop\APPLIANCES,  - HOLY CRAP DETAILED FUNCTION DIY DIAGNOSIS MAINTAIN REPAIR REBUILD REPLACEMENT TAGS MOTOR ENGINE SWITCH PUMP  ELECTRIC GAS NATURAL PROPANE.odt
2014-02-12 02:46 - 2013-10-17 10:52 - 00063095 _____ () C:\Users\19newaccount51\Desktop\Best Tech Websites – by Vic Laurie, Ian Richards (gizmo) and midnight cowboy.odt
2014-02-12 02:46 - 2013-10-17 10:23 - 00018457 _____ () C:\Users\19newaccount51\Desktop\Documents\Best Freeware Download Sites by Vic Laurie done for Gizmos best free.odt
2014-02-12 02:46 - 2013-10-02 22:34 - 00164681 _____ () C:\Users\19newaccount51\Desktop\ANXIETY,  STRESS REACTIVITY, HIGHLY SENSITIVE, ANGER, ENVY, GUILT, OCD, NEUROTICISM, PERSONALITY TRAIT,  MOOD DISORDERS, ADHD,.odt
2014-02-12 02:46 - 2013-09-17 06:24 - 00023664 _____ () C:\Users\19newaccount51\Desktop\BIOS Explained - Boot Order, Video Memory, Saving, Resets & Optimum Defaults - tags PC motherboard chip set recognize hdd drive.odt
2014-02-12 02:46 - 2013-09-17 02:05 - 00025696 _____ () C:\Users\19newaccount51\Desktop\BEST PORTABLE APPS PER MAKEUSEOF.COM  - You can download and install these on a USB stick, an external hard drive, or any other portable device that you carry with you.odt
2014-02-12 02:46 - 2013-09-11 19:07 - 00055119 _____ () C:\Users\19newaccount51\Desktop\Documents\Best Free Windows Driver Backup and Restore and Update Monitor.odt
2014-02-12 02:46 - 2013-08-21 23:01 - 00081534 _____ () C:\Users\19newaccount51\Desktop\Big Data for Better Performance (BigData) BY BUD KEEGAN OLPEN2STUDY.odt
2014-02-12 02:46 - 2013-08-17 17:18 - 00059412 _____ () C:\Users\19newaccount51\Desktop\Documents\Anemia Overview.odt
2014-02-12 02:46 - 2013-08-17 12:06 - 00030103 _____ () C:\Users\19newaccount51\Desktop\Documents\Anemia describes the condition in which the number of red blood cells in your blood is low..odt
2014-02-12 02:46 - 2013-06-15 05:27 - 00025581 _____ () C:\Users\19newaccount51\Desktop\Best Free Technical Support Sites.odt
2014-02-12 02:46 - 2013-05-11 16:45 - 00032055 _____ () C:\Users\19newaccount51\Desktop\Best Free Disk Space Analyzer.odt
2014-02-12 02:46 - 2013-04-29 11:45 - 00024249 _____ () C:\Users\19newaccount51\Desktop\Better Living Through Portable Apps.odt
2014-02-12 02:40 - 2014-01-15 11:34 - 00032516 _____ () C:\Users\19newaccount51\Desktop\2013 Review Of 3rd-Party Pollution Exclusion Decisions.odt
2014-02-12 02:40 - 2013-10-21 13:20 - 00050071 _____ () C:\Users\19newaccount51\Desktop\25 Amazing Uses for Baking Soda You've Never Thought Of.odt
2014-02-12 02:40 - 2013-09-04 08:52 - 00023416 _____ () C:\Users\19newaccount51\Desktop\14 tips and tricks to speed up Vista from techradar...and 5 ways to Speed up Windows Vista from wikihow.odt
2014-02-12 02:40 - 2013-07-22 05:43 - 00019328 _____ () C:\Users\19newaccount51\Desktop\10 GREAT TEXAS Comptroller resources for citizens..odt
2014-02-12 02:40 - 2013-06-27 01:17 - 00043142 _____ () C:\Users\19newaccount51\Desktop\50 essential photography tips tags pic digital camera.odt
2014-02-12 02:40 - 2013-06-25 14:26 - 00036193 _____ () C:\Users\19newaccount51\Desktop\40 ways to fix your PC before you call an expert.odt
2014-02-12 02:37 - 2013-12-08 02:03 - 00056923 _____ () C:\Users\19newaccount51\Desktop\6-pack flat abs equals simply - body core muscle strength training.odt
2014-02-12 02:37 - 2013-10-09 23:50 - 00045248 _____ () C:\Users\19newaccount51\Desktop\6 Things Bad Breath Signals About Your Health.odt
2014-02-12 02:15 - 2013-06-22 00:46 - 00025766 _____ () C:\Users\19newaccount51\Desktop\Contemporary Acoustic Treatment.htm
2014-02-12 02:15 - 2013-05-23 03:31 - 00029592 _____ () C:\Users\19newaccount51\Desktop\Your inkjet printer's dirty little secret (1_26_11).htm
2014-02-12 02:15 - 2010-12-28 08:51 - 00076481 _____ () C:\Users\19newaccount51\Desktop\How to disassemble Compaq Presario F700 notebook    Inside my laptop.htm
2014-02-12 02:13 - 2014-02-12 02:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\HP D110 PHOTOSMART EPRINT ALL IN ONE
2014-02-12 02:13 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Your inkjet printer's dirty little secret (1_26_11)_files
2014-02-12 02:13 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How to disassemble Compaq Presario F700 notebook    Inside my laptop_files
2014-02-12 02:13 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Contemporary Acoustic Treatment_files
2014-02-12 02:13 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Connected  Your Complete Guide To Home Networking_files
2014-02-12 02:09 - 2014-01-17 13:10 - 01273555 _____ () C:\Users\19newaccount51\Desktop\WinUSB Maker.7z
2014-02-12 01:58 - 2014-02-01 04:32 - 28026504 _____ (Panda Security ) C:\Users\19newaccount51\Desktop\PandaCloudCleaner.exe
2014-02-12 01:58 - 2014-01-17 03:25 - 00410696 _____ (www.patchmypc.net) C:\Users\19newaccount51\Desktop\PatchMyPC.exe
2014-02-12 01:56 - 2014-01-27 02:11 - 00050477 _____ () C:\Users\19newaccount51\Desktop\Defogger.exe
2014-02-12 01:56 - 2014-01-17 15:35 - 01944072 _____ () C:\Users\19newaccount51\Desktop\INSTHOUSECALLSetupSpecialistSign-in460.exe
2014-02-12 01:56 - 2014-01-15 20:22 - 00050688 _____ (Atribune.org) C:\Users\19newaccount51\Desktop\ATF-Cleaner.exe
2014-02-12 01:40 - 2014-02-12 01:41 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Anything Legionella EST Dick Miller Shanna
2014-02-12 01:40 - 2014-02-12 01:40 - 00000000 ____D () C:\Users\19newaccount51\Desktop\ANYTHING TREC
2014-02-12 01:40 - 2014-02-12 01:40 - 00000000 ____D () C:\Users\19newaccount51\Desktop\ANYTHING HARD DRIVE COMPUTER
2014-02-12 01:40 - 2014-01-13 14:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Anything Guide but not computer
2014-02-12 01:39 - 2013-04-09 08:14 - 115235872 _____ () C:\Users\19newaccount51\Desktop\launch.exe
2014-02-12 01:39 - 2012-07-11 17:33 - 00139264 _____ () C:\Users\19newaccount51\Desktop\RKUnhookerLE.EXE
2014-02-12 01:39 - 2012-06-26 16:25 - 00286864 _____ () C:\Users\19newaccount51\Desktop\drivedetect.exe
2014-02-12 01:37 - 2013-04-23 18:21 - 15102976 _____ (MiniTool Solution Ltd. ) C:\Users\19newaccount51\Desktop\MiniToolPartitionWizardHomeEdition7point8_pwhe78.exe
2014-02-12 01:37 - 2013-04-07 14:23 - 00448512 _____ (OldTimer Tools) C:\Users\19newaccount51\Desktop\TFC.exe
2014-02-12 00:14 - 2014-02-17 22:54 - 00000000 ____D () C:\Users\19newaccount51\Desktop\rkill
2014-02-11 22:01 - 2014-02-05 02:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-11 22:01 - 2014-02-05 02:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-11 22:01 - 2014-02-05 02:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-11 22:01 - 2014-02-05 02:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-11 22:01 - 2014-02-05 02:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-11 22:01 - 2014-02-05 02:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-11 22:01 - 2014-02-05 02:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-11 22:01 - 2014-02-05 02:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-11 22:01 - 2014-02-05 02:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-11 22:01 - 2014-02-05 02:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-11 22:01 - 2014-02-05 02:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-11 22:01 - 2014-02-05 02:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-11 22:01 - 2014-02-05 02:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-11 22:01 - 2014-02-05 02:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-11 22:01 - 2014-02-05 02:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-11 22:01 - 2014-02-05 02:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-11 21:43 - 2014-02-11 21:43 - 00000404 _____ () C:\Users\19newaccount51\Desktop\disecting - firewallapi.dl - fwdonothingonobject - EAT @explorer.exe
2014-02-11 18:53 - 2014-02-11 18:53 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\SUPERAntiSpyware.com
2014-02-11 18:16 - 2013-12-04 20:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 16:53 - 2014-02-11 16:53 - 03781520 _____ (Auslogics) C:\Users\19newaccount51\Downloads\ausdiskdefragportable.exe
2014-02-11 16:49 - 2014-02-11 16:49 - 00014609 _____ () C:\Users\19newaccount51\Desktop\Documents\first trend micro rootktbuster02-11-2014.odt
2014-02-11 14:46 - 2014-02-12 19:14 - 00002325 _____ () C:\Users\Public\Desktop\SlimCleaner.lnk
2014-02-11 14:46 - 2014-02-11 14:47 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-02-11 14:46 - 2014-02-11 14:46 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\SlimWare Utilities Inc
2014-02-11 14:09 - 2014-02-13 19:51 - 00023148 _____ () C:\Users\19newaccount51\Desktop\Thomas F. Murphy resume             distilled by copy-paste.odt
2014-02-11 12:23 - 2014-02-11 12:23 - 00027691 _____ () C:\Users\19newaccount51\Desktop\Documents\BEFORE You POST(Please read this Procedure Before Requesting Assistance).odt
2014-02-11 12:22 - 2014-02-11 12:22 - 00026721 _____ () C:\Users\19newaccount51\Desktop\Documents\HP Support Forums all lightsblinking.odt
2014-02-11 12:21 - 2014-02-11 12:21 - 00015409 _____ () C:\Users\19newaccount51\Desktop\Documents\How Spybot - Search & Destroy protects against the installation of Spyware-Malware.odt
2014-02-11 12:20 - 2014-02-11 12:20 - 00012398 _____ () C:\Users\19newaccount51\Desktop\Documents\ESET ONLINE SCAN 02092014 - 41 THREATS detected.odt
2014-02-11 12:19 - 2014-02-11 12:19 - 00015023 _____ () C:\Users\19newaccount51\Desktop\Documents\User Account Control (UAC) is a new.odt
2014-02-11 12:19 - 2014-02-11 12:19 - 00014314 _____ () C:\Users\19newaccount51\Desktop\Documents\Compress and uncompress files (zip files).odt
2014-02-11 12:17 - 2014-02-11 12:17 - 00016797 _____ () C:\Users\19newaccount51\Desktop\Documents\Keyboard shortcuts Windows Vista.odt
2014-02-11 12:16 - 2014-02-11 12:16 - 00013576 _____ () C:\Users\19newaccount51\Desktop\Documents\Create keyboard shortcuts to open programs.odt
2014-02-11 12:15 - 2014-02-11 12:15 - 00015130 _____ () C:\Users\19newaccount51\Desktop\Documents\Internet Explorer keyboard shortcuts.odt
2014-02-11 11:07 - 2014-02-15 16:19 - 00000000 ____D () C:\Users\19newaccount51\Desktop\mbar
2014-02-11 11:07 - 2014-02-11 11:07 - 00000424 _____ () C:\Users\19newaccount51\Desktop\cc_20140211_110714.reg
2014-02-11 10:00 - 2014-02-11 10:01 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Downloads\unhide.exe
2014-02-11 09:37 - 2014-02-11 09:37 - 00095434 _____ () C:\Users\19newaccount51\Desktop\Autorun Deleter.zip
2014-02-11 09:30 - 2014-02-11 09:30 - 00014600 _____ () C:\Users\19newaccount51\Desktop\CleanAutoRun utility for restoration of executable files (.exe, .bat, .cmd, .com, .pif).odt
2014-02-11 09:26 - 2014-02-27 12:17 - 00016275 _____ () C:\Users\19newaccount51\Desktop\RKill 2.6.5.0.odt
2014-02-11 09:24 - 2014-02-11 09:24 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Downloads\rkill.exe
2014-02-11 09:23 - 2014-02-11 09:23 - 00022647 _____ () C:\Users\19newaccount51\Desktop\Unhide.exe - A introduction as to what this program does.odt
2014-02-11 09:20 - 2014-02-11 09:20 - 00792064 _____ (TangoSoft) C:\Users\19newaccount51\Downloads\Re-Enable v2.exe
2014-02-11 09:09 - 2014-02-11 09:09 - 00014672 _____ () C:\Users\19newaccount51\Desktop\Internet Explorer DEP(enable) - do I need it.odt
2014-02-11 09:03 - 2014-02-11 09:03 - 00006278 _____ () C:\Users\19newaccount51\Desktop\cc_20140211_090306.reg
2014-02-11 09:00 - 2014-02-11 09:01 - 00070441 _____ () C:\Users\19newaccount51\Desktop\Documents\1338 files 1.349 GB of Sys temp files....I know I have at least an mbr virus as the awsMbr scan shows – see log.   But maybe a boat load more.odt
2014-02-11 08:51 - 2014-02-11 08:51 - 00015103 _____ () C:\Users\19newaccount51\Desktop\Malwarebytes Anti-Rootkit.odt
2014-02-11 08:37 - 2014-02-26 23:39 - 00016399 _____ () C:\Users\19newaccount51\Desktop\How To Restore The Master Boot Record Step By Step With Mbrfix Utility.odt
2014-02-11 08:35 - 2014-02-11 08:35 - 00015285 _____ () C:\Users\19newaccount51\Desktop\how to restore the master boot record step by dstep.odt
2014-02-11 08:32 - 2014-02-11 08:32 - 00370943 _____ () C:\Users\19newaccount51\Downloads\gmer.zip
2014-02-11 08:31 - 2014-02-11 08:31 - 01600368 _____ () C:\Users\19newaccount51\Downloads\AVG_Uploader_Free_en.exe
2014-02-11 08:30 - 2014-02-11 08:30 - 00025342 _____ () C:\Users\19newaccount51\Desktop\ntkrnlpa.exe CLASSPNP.SYS Disk.sys ACPI.sys hal.dll atapi.sys
2014-02-11 06:10 - 2014-02-11 06:10 - 02447334 _____ () C:\Users\19newaccount51\AppData\Local\[j0002]-[p01].bmp
2014-02-11 04:41 - 2014-02-11 04:41 - 04102163 _____ () C:\Users\19newaccount51\Downloads\tdsskiller update.zip
2014-02-11 04:35 - 2014-02-11 04:35 - 03813376 _____ () C:\Users\19newaccount51\Downloads\RogueKiller.exe
2014-02-11 04:16 - 2014-02-09 01:37 - 60341952 _____ () C:\Users\19newaccount51\Desktop\PS_AIO_07_D110_USW_Basic_Win_enu_140_126.exe
2014-02-11 04:06 - 2014-02-11 04:11 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Folder with hp110a printer basic installerfor use with Printers - Add printer
2014-02-11 03:26 - 2014-02-11 03:26 - 00027672 _____ () C:\Users\19newaccount51\Desktop\Documents\BEFORE You POSTPlease read this Procedure Before Requesting Assistance2.odt
2014-02-11 03:15 - 2014-02-11 03:16 - 00011194 _____ () C:\Users\19newaccount51\Desktop\Documents\CUSTOMIZE THE START MENU, WINDOWS TOOL BAR, NOTIFICATION BAR.odt
2014-02-11 03:10 - 2014-02-11 03:37 - 00014473 _____ () C:\Users\19newaccount51\Desktop\Documents\Check your hard disk for errors AND AUTO REPAIR ON THE FLY.odt
2014-02-11 03:06 - 2014-02-11 03:06 - 00014431 _____ () C:\Users\19newaccount51\Desktop\Documents\Add a second monitor.odt
2014-02-11 03:05 - 2014-02-11 03:05 - 00015869 _____ () C:\Users\19newaccount51\Desktop\Documents\Video cardS - frequently asked questions.odt
2014-02-11 02:52 - 2014-02-11 03:16 - 00030646 _____ () C:\Users\19newaccount51\Desktop\Documents\Installing new hardware – USB, PRINTER, FIX DRIVER PROBS, FINDING OEM DRIVERS, Add a 2ND MONITOR VISTA  recommended links.odt
2014-02-11 02:46 - 2014-02-11 03:17 - 00015504 _____ () C:\Users\19newaccount51\Desktop\Documents\Add a local printer (USB) -  AND ADD A  NETWORK PRINTER.odt
2014-02-11 02:26 - 2014-02-11 02:26 - 00280204 _____ () C:\Users\19newaccount51\Downloads\WindowsUpdateDiagnostic.diagcab
2014-02-11 02:22 - 2014-02-11 02:23 - 00019766 _____ () C:\Users\19newaccount51\Desktop\Documents\Tips for fixing common driver problems – ALSO SEE CLEAN BOOT.odt
2014-02-11 02:17 - 2014-02-11 03:16 - 00017293 _____ () C:\Users\19newaccount51\Desktop\Documents\How to perform a clean boot in Windows ….start Windows by using a minimal set of drivers and startup programs.odt
2014-02-11 02:11 - 2014-02-11 03:36 - 00022182 _____ () C:\Users\19newaccount51\Desktop\Documents\Use the System File Checker tool to repair missing or corrupted system files.odt
2014-02-11 01:46 - 2014-02-11 01:46 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.Performance.Run.exe
2014-02-11 01:33 - 2014-02-11 01:33 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\HP
2014-02-10 22:44 - 2014-02-10 22:44 - 00028512 _____ () C:\Users\19newaccount51\Desktop\cc_20140210_224414.reg
2014-02-10 22:35 - 2014-02-10 22:35 - 00026653 _____ () C:\Users\19newaccount51\Desktop\BLEEPING SOLUTIONS FEB 2014.odt
2014-02-10 22:32 - 2014-02-10 22:32 - 04845384 _____ (Piriform Ltd) C:\Users\19newaccount51\Downloads\PRIFORMS SPECCY - spsetup125.exe
2014-02-10 21:57 - 2014-02-10 21:58 - 00015547 _____ () C:\Users\19newaccount51\Desktop\DVD BURNER AND MEDIA FORMATING OR  ERASING OR WRITING STOPS.odt
2014-02-10 19:44 - 2014-02-11 01:33 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\HP
2014-02-10 19:41 - 2014-02-10 20:42 - 00075977 _____ () C:\Windows\hpqins01.dat
2014-02-10 18:49 - 2014-02-10 18:52 - 146110512 _____ () C:\Users\19newaccount51\Desktop\PS_AIO_07_D110_USW_Full_Win_enu_140_126.exe
2014-02-10 18:49 - 2014-02-10 18:51 - 59319576 _____ () C:\Users\19newaccount51\Downloads\HP-ePrint-win-4.6.60.12747.exe
2014-02-10 18:44 - 2014-02-11 06:07 - 00001814 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-02-10 18:43 - 2014-02-10 18:43 - 06123336 _____ () C:\Users\19newaccount51\Downloads\HPPSdr.exe
2014-02-10 18:08 - 2014-02-11 12:26 - 00000000 ____D () C:\Users\19newaccount51\Desktop\docs from md transfered in safe mode - Copy
2014-02-10 18:08 - 2014-02-10 18:08 - 00000000 ____D () C:\Users\19newaccount51\Desktop\docs from md transfered in safe mode - Copy (2)
2014-02-10 15:00 - 2014-02-11 14:08 - 00023204 _____ () C:\Users\19newaccount51\Desktop\tfm resume distilled by copy-paste.odt
2014-02-10 12:52 - 2014-02-11 03:16 - 00051042 _____ () C:\Users\19newaccount51\Desktop\HP Photosmart e-All-in-One Printer Series D110.odt
2014-02-10 12:28 - 2014-02-10 12:28 - 00027673 _____ () C:\Users\19newaccount51\Desktop\read this before posting.odt
2014-02-10 11:46 - 2014-02-10 11:46 - 00801088 _____ (SlimWare Utilities, Inc.) C:\Users\19newaccount51\Downloads\SlimCleaner-setup.exe
2014-02-10 11:13 - 2014-02-10 11:13 - 00000042 _____ () C:\Users\19newaccount51\Desktop\Documents\ESET ONLINE SCAN 02092014 - 41 THREAT.txt
2014-02-10 01:17 - 2014-02-25 00:00 - 00001964 _____ () C:\Users\19newaccount51\Desktop\cdcheck.ini
2014-02-10 01:17 - 2014-02-10 01:17 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Help
2014-02-10 01:16 - 2014-02-10 01:16 - 01499261 _____ () C:\Users\19newaccount51\Downloads\CDCheck.zip
2014-02-10 00:46 - 2014-02-10 00:46 - 00004848 _____ () C:\Users\19newaccount51\Desktop\cc_20140210_004626.reg
2014-02-09 23:56 - 2014-02-09 23:56 - 00025438 _____ () C:\Users\19newaccount51\Desktop\CD DVD FORMAT, ERASE, RECORD, MASTER VS OPEN RECORD, USE IN OTHER PCs OR PLAYERS.odt
2014-02-09 17:16 - 2014-02-09 18:02 - 01575702 _____ () C:\Users\19newaccount51\Desktop\Documents\PARTITION, FORMAT DISK -  NEW WINDOWS INSTALL GUIDES.odt
2014-02-09 14:09 - 2014-02-14 09:45 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\HpUpdate
2014-02-09 12:52 - 2014-02-09 12:52 - 00028784 _____ () C:\Users\19newaccount51\Desktop\Documents\Performing an HP laptop notebook System Recovery  or reinstall(Windows Vista).odt
2014-02-09 10:54 - 2014-02-09 11:06 - 02447334 _____ () C:\Users\19newaccount51\AppData\Local\[j0002]-[p04].bmp
2014-02-09 02:39 - 2014-02-09 02:39 - 00000000 ____D () C:\Users\19newaccount51\Desktop\tweaking.com_windows_repair_aio
2014-02-09 02:14 - 2014-02-11 04:34 - 00172500 _____ () C:\Windows\hpoins46.dat
2014-02-09 02:14 - 2009-12-01 16:07 - 00000601 _____ () C:\Windows\hpomdl46.dat
2014-02-09 01:23 - 2014-02-09 01:23 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\IObit
 



#12 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 28 February 2014 - 01:27 PM

PART 2 OF 2 FRST.TXT

 

 

2014-02-09 00:54 - 2013-02-07 12:35 - 02347384 _____ (ESET) C:\Users\19newaccount51\Desktop\ESETSmartInstaller.exe
2014-02-09 00:52 - 2014-02-09 00:52 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Auslogics
2014-02-09 00:50 - 2014-02-09 00:50 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Stegisoft
2014-02-08 23:05 - 2014-02-08 23:05 - 00000000 ____D () C:\MATS
2014-02-08 22:15 - 2014-02-25 22:25 - 00000000 ____D () C:\Users\19newaccount51\Desktop\ALL SCAN LOGS - Copy
2014-02-08 22:14 - 2014-02-08 22:14 - 00003392 _____ () C:\Users\19newaccount51\Desktop\cc_20140208_221402.reg
2014-02-08 21:01 - 2014-02-08 21:01 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Wise PC 1stAid
2014-02-08 18:55 - 2014-02-11 18:51 - 00021314 _____ () C:\Users\19newaccount51\Desktop\THOMAS F MURPHY RESUME SCEINCE ADDENDUM.odt
2014-02-08 18:37 - 2014-02-11 17:57 - 00000000 ____D () C:\Users\19newaccount51\Desktop\docs from md transfered in safe mode
2014-02-08 18:33 - 2014-02-25 19:12 - 00000000 ____D () C:\Users\19newaccount51\Downloads\TMRBLog
2014-02-08 18:33 - 2014-02-08 18:33 - 00000000 ____D () C:\Users\19newaccount51\Downloads\log
2014-02-08 18:17 - 2014-02-27 17:52 - 00000512 _____ () C:\Users\19newaccount51\Desktop\MBR.dat
2014-02-08 17:45 - 2014-02-08 17:45 - 15865392 _____ (Trend Micro Inc.) C:\Users\19newaccount51\Downloads\RootkitBusterv5.0-1083.exe
2014-02-08 17:42 - 2014-02-08 17:42 - 04071672 _____ (Bitdefender LLC) C:\Users\19newaccount51\Downloads\BDUSBImmunizerLauncher.exe
2014-02-08 17:35 - 2014-02-08 17:35 - 02812752 _____ (Phrozen Software™ Solutions © 2013 ) C:\Users\19newaccount51\Downloads\PhrozenVirusTotalUploaderV3_setup.exe
2014-02-08 17:32 - 2014-02-08 17:32 - 00000246 _____ () C:\Users\19newaccount51\Desktop\Free Anti-Virus Tools Freeware downloads and reviews from SnapFiles.URL
2014-02-08 17:08 - 2014-02-08 17:08 - 00011722 _____ () C:\Users\19newaccount51\Desktop\cc_20140208_170853.reg
2014-02-08 16:55 - 2014-02-26 14:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-08 16:41 - 2014-02-08 16:41 - 00001881 _____ () C:\Users\UpdatusUser\Desktop\VirusTotal Uploader 2.2.lnk
2014-02-08 16:41 - 2014-02-08 16:41 - 00001881 _____ () C:\Users\md\Desktop\VirusTotal Uploader 2.2.lnk
2014-02-08 16:41 - 2014-02-08 16:41 - 00001881 _____ () C:\Users\19newaccount51\Desktop\VirusTotal Uploader 2.2.lnk
2014-02-08 16:41 - 2014-02-08 16:41 - 00000000 ____D () C:\Program Files\VirusTotalUploader2
2014-02-08 16:40 - 2014-02-08 16:40 - 00142744 _____ () C:\Users\19newaccount51\Downloads\vtuploader2.2.exe
2014-02-08 15:58 - 2014-02-08 15:58 - 00054857 _____ () C:\Users\19newaccount51\Desktop\KASPER TDSS ROOTKIT TOOL.odt
2014-02-08 15:31 - 2014-02-08 15:31 - 00037826 _____ () C:\Users\19newaccount51\Desktop\Malware Removal Guide for Windows JAN2 2013.odt
2014-02-08 15:15 - 2014-02-08 15:19 - 00052546 _____ () C:\Users\19newaccount51\Desktop\40 Online Backup Services Reviewed.odt
2014-02-08 15:06 - 2014-02-26 13:28 - 00077379 _____ () C:\Users\19newaccount51\Desktop\How Spybot - Search  Destroy protects against the installation of Spyware Malware.odt
2014-02-08 15:03 - 2014-02-08 15:03 - 00018872 _____ () C:\Users\19newaccount51\Desktop\User Account Control (UAC) is a new feature.odt
2014-02-08 14:57 - 2014-02-08 14:57 - 00019816 _____ () C:\Users\19newaccount51\Desktop\Internet Explorer keyboard shortcuts.odt
2014-02-08 14:57 - 2014-02-08 14:57 - 00019145 _____ () C:\Users\19newaccount51\Desktop\Create keyboard shortcuts to open programs.odt
2014-02-08 14:56 - 2014-02-08 14:56 - 00021029 _____ () C:\Users\19newaccount51\Desktop\Compress and uncompress files (zip files).odt
2014-02-08 14:43 - 2014-02-08 14:43 - 00037594 _____ () C:\Users\19newaccount51\Desktop\Documents\BEFORE You POSTPlease read this Procedure Before Requesting Assistance.odt
2014-02-08 14:42 - 2014-02-08 14:42 - 00019713 _____ () C:\Users\19newaccount51\Desktop\Documents\How Spybot - Search  Destroy protects against the installation of Spyware Malware.odt
2014-02-08 14:17 - 2014-02-08 14:17 - 00031559 _____ () C:\Users\19newaccount51\Desktop\Fix Internet Connection after Malware Removal - Select Real Security.htm
2014-02-08 14:17 - 2014-02-08 14:17 - 00029171 _____ () C:\Users\19newaccount51\Desktop\Programs Won't Open in Windows - Select Real Security.htm
2014-02-08 14:17 - 2014-02-08 14:17 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Programs Won't Open in Windows - Select Real Security_files
2014-02-08 14:17 - 2014-02-08 14:17 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Fix Internet Connection after Malware Removal - Select Real Security_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00164869 _____ () C:\Users\19newaccount51\Desktop\Microsoft Fix it Solution Center  troubleshooting software issues.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00051166 _____ () C:\Users\19newaccount51\Desktop\[Rescue CD] Tutorial for Avira Rescue CD - Tips and tricks - Avira Support Forum.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00049010 _____ () C:\Users\19newaccount51\Desktop\How to record Kaspersky Rescue Disk 10 to a CD_DVD and boot my computer from the disk.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00038977 _____ () C:\Users\19newaccount51\Desktop\Re-Enable II.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00034538 _____ () C:\Users\19newaccount51\Desktop\Computer Security Checklist for Windows - Select Real Security.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00024436 _____ () C:\Users\19newaccount51\Desktop\Dr.Web CureIt! — download free anti-virus! Cure viruses, Best free anti-virus scanner!.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Re-Enable II_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Microsoft Fix it Solution Center  troubleshooting software issues_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How to record Kaspersky Rescue Disk 10 to a CD_DVD and boot my computer from the disk_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Dr.Web CureIt! — download free anti-virus! Cure viruses, Best free anti-virus scanner!_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Computer Security Checklist for Windows - Select Real Security_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\[Rescue CD] Tutorial for Avira Rescue CD - Tips and tricks - Avira Support Forum_files
2014-02-08 14:15 - 2014-02-08 14:15 - 00042348 _____ () C:\Users\19newaccount51\Desktop\Unhide Download.htm
2014-02-08 14:15 - 2014-02-08 14:15 - 00029182 _____ () C:\Users\19newaccount51\Desktop\How to Speed Up a Slow Computer - Select Real Security.htm
2014-02-08 14:15 - 2014-02-08 14:15 - 00013999 _____ () C:\Users\19newaccount51\Desktop\How do I clear the Java cache.htm
2014-02-08 14:15 - 2014-02-08 14:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Unhide Download_files
2014-02-08 14:15 - 2014-02-08 14:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How to Speed Up a Slow Computer - Select Real Security_files
2014-02-08 14:15 - 2014-02-08 14:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How do I clear the Java cache_files
2014-02-08 14:13 - 2014-02-08 14:13 - 02925182 _____ () C:\Users\19newaccount51\Downloads\tweaking.com_windows_repair_aio(1).zip
2014-02-08 14:12 - 2014-02-08 14:12 - 05072752 _____ () C:\Users\19newaccount51\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-02-08 14:09 - 2014-02-08 14:09 - 01931088 _____ (Symantec Corporation) C:\Users\19newaccount51\Downloads\FixTDSS.exe
2014-02-08 14:08 - 2014-02-08 14:08 - 00060402 _____ () C:\Users\19newaccount51\Desktop\Malware Removal Guide for Windows - Select Real Security.htm
2014-02-08 14:08 - 2014-02-08 14:08 - 00029390 _____ () C:\Users\19newaccount51\Desktop\Stop Malware Processes and Fix File Associations - Select Real Security.htm
2014-02-08 14:08 - 2014-02-08 14:08 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Stop Malware Processes and Fix File Associations - Select Real Security_files
2014-02-08 14:08 - 2014-02-08 14:08 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Malware Removal Guide for Windows - Select Real Security_files
2014-02-08 14:07 - 2014-02-08 14:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Desktop\rkill.com
2014-02-08 14:06 - 2014-02-08 14:06 - 00982016 _____ (Farbar) C:\Users\19newaccount51\Downloads\MiniToolBox.exe
2014-02-07 22:53 - 2014-02-07 22:53 - 00000000 ____D () C:\Program Files\Reason
2014-02-07 20:07 - 2014-02-07 20:08 - 00805920 _____ (Hewlett-Packard Company ) C:\Users\19newaccount51\Desktop\HPC700LaptopStorageDriverIntelSATA_AHCI_For newHDD-tfm-sp37005.exe
2014-02-07 11:01 - 2014-02-07 11:01 - 00005602 _____ () C:\Users\19newaccount51\Downloads\HitmanPro_20140207_1101.log
2014-02-07 10:13 - 2014-02-07 10:13 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Malwarebytes
2014-02-07 10:10 - 2014-02-07 10:10 - 00018155 _____ () C:\Users\19newaccount51\Downloads\minitoolboxResult.txt
2014-02-07 10:08 - 2014-02-23 12:19 - 00000619 _____ () C:\Users\19newaccount51\Desktop\Result.txt
2014-02-07 10:06 - 2014-02-07 10:06 - 00000226 _____ () C:\Users\19newaccount51\Desktop\Microsoft Fix it Solution Center troubleshooting software issues.URL
2014-02-07 10:05 - 2014-02-07 10:05 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Desktop\unhide.exe
2014-02-07 10:04 - 2014-02-07 10:04 - 02925182 _____ () C:\Users\19newaccount51\Desktop\tweaking.com_windows_repair_aio.zip
2014-02-07 10:02 - 2014-02-19 22:06 - 01931088 _____ (Symantec Corporation) C:\Users\19newaccount51\Desktop\FixTDSS.exe
2014-02-07 10:02 - 2014-02-07 10:03 - 09988304 _____ (SurfRight B.V.) C:\Users\19newaccount51\Desktop\HitmanPro.exe
2014-02-07 10:02 - 2014-02-07 10:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\19newaccount51\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-07 10:02 - 2014-02-07 10:02 - 07510800 _____ (Malwarebytes Corporation ) C:\Users\19newaccount51\Downloads\mbam-rules.exe
2014-02-07 10:01 - 2014-02-07 10:01 - 00982016 _____ (Farbar) C:\Users\19newaccount51\Desktop\MiniToolBox.exe
2014-02-07 09:55 - 2014-02-27 10:24 - 00000000 ____D () C:\Users\19newaccount51\Desktop\RK_Quarantine
2014-02-07 09:52 - 2014-02-07 09:52 - 00023526 _____ () C:\Users\19newaccount51\Desktop\cc_20140207_095158.reg
2014-02-07 09:12 - 2014-02-07 09:13 - 00860176 _____ (Microsoft Corporation) C:\Users\19newaccount51\Desktop\mssstool32.exe
2014-02-06 23:13 - 2014-02-06 23:13 - 01988024 _____ (Reason Company Software Inc.) C:\Users\19newaccount51\Downloads\herdProtectScan_Setup.exe
2014-02-06 23:13 - 2014-02-06 23:13 - 01975384 _____ (Reason Company Software Inc.) C:\Users\19newaccount51\Desktop\herdProtectScan_Portable.exe
2014-02-06 22:12 - 2014-02-16 19:20 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Google
2014-02-06 21:42 - 2014-02-06 21:43 - 98417424 _____ (Microsoft Corporation) C:\Users\19newaccount51\Desktop\msert.exe
2014-02-06 20:15 - 2014-02-06 20:15 - 01528184 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\GenuineCheck.exe
2014-02-06 18:54 - 2014-02-06 18:54 - 02657376 _____ (Safer Networking Limited ) C:\Users\19newaccount51\Downloads\netalyz-0.4.2.4.exe
2014-02-06 18:24 - 2014-02-06 18:24 - 00688992 ____R (Swearware) C:\Users\19newaccount51\Desktop\dds.com
2014-02-06 14:56 - 2014-02-06 14:56 - 00001411 _____ () C:\Windows\system32\rrr.lnk
2014-02-06 14:56 - 2014-02-06 14:56 - 00000988 _____ () C:\Users\19newaccount51\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2014-02-06 14:56 - 2014-02-06 14:56 - 00000935 _____ () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Free.lnk
2014-02-06 14:56 - 2014-02-06 14:56 - 00000911 _____ () C:\Users\19newaccount51\Desktop\AnVir Task Manager Free.lnk
2014-02-06 14:56 - 2014-02-06 14:56 - 00000370 _____ () C:\Windows\Tasks\RegOrganizerQuickLaunch.job
2014-02-06 14:56 - 2014-02-06 14:56 - 00000294 _____ () C:\Windows\Tasks\AnVir Task Manager.job
2014-02-06 14:56 - 2014-02-06 14:56 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free
2014-02-06 14:56 - 2014-02-06 14:56 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\ChemTable Software
2014-02-06 14:56 - 2014-02-06 14:56 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\ChemTable Software
2014-02-06 14:56 - 2014-02-06 14:56 - 00000000 ____D () C:\Program Files\Reg Organizer
2014-02-06 14:55 - 2014-02-06 14:56 - 00000000 ____D () C:\Program Files\AnVir Task Manager Free
2014-02-06 14:54 - 2014-02-06 14:55 - 06894152 _____ () C:\Users\19newaccount51\Downloads\taskfree.exe
2014-02-06 14:24 - 2014-02-06 14:24 - 06894152 _____ () C:\Users\19newaccount51\Downloads\avirtaskmanagerfree.exe
2014-02-06 14:16 - 2014-02-06 14:16 - 00040828 _____ () C:\Users\19newaccount51\Desktop\Security Task Manager review prompted by tfm concern about dll.host.odt
2014-02-06 13:30 - 2014-02-11 08:55 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\CrashDumps
2014-02-06 02:06 - 2014-02-11 17:00 - 00000000 ____D () C:\ProgramData\Auslogics
2014-02-06 02:04 - 2014-02-06 02:05 - 00042848 _____ () C:\Users\19newaccount51\Desktop\cc_20140206_020303.reg  look at100 some reg issues afterinastalling portable aps and deleting inspectapedia and fine home building web sites.reg
2014-02-06 00:39 - 2014-02-06 00:39 - 00025099 _____ () C:\Users\19newaccount51\Desktop\Spyware Removal Guide  gizmos.odt
2014-02-06 00:24 - 2014-02-06 14:26 - 00056508 _____ () C:\Users\19newaccount51\Desktop\Portable Applications Best Free from gizmo.odt
2014-02-05 15:26 - 2014-02-05 15:26 - 03307552 _____ (PortableApps.com) C:\Users\19newaccount51\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2014-02-05 15:00 - 2014-02-06 14:29 - 00029652 _____ () C:\Users\19newaccount51\Desktop\Pordabl apps.odt
2014-02-05 14:56 - 2014-02-05 14:56 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\LibreOffice
2014-02-05 14:00 - 2014-02-05 14:32 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Adobe
2014-02-05 14:00 - 2014-02-05 14:00 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Macromedia
2014-02-05 13:59 - 2014-02-17 22:53 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Mozilla
2014-02-05 13:59 - 2014-02-05 13:59 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Mozilla
2014-02-05 10:58 - 2014-02-23 16:27 - 00063936 _____ () C:\Users\19newaccount51\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-05 10:58 - 2014-02-05 10:58 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\AVAST Software
2014-02-05 10:57 - 2014-02-23 19:36 - 00001980 _____ () C:\Users\19newaccount51\Desktop\Google Chrome.lnk
2014-02-05 10:57 - 2014-02-21 21:54 - 00000000 ____D () C:\Users\19newaccount51
2014-02-05 10:57 - 2014-02-05 10:57 - 00000970 _____ () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-05 10:57 - 2014-02-05 10:57 - 00000965 _____ () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-02-05 10:57 - 2014-02-05 10:57 - 00000936 _____ () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-02-05 10:57 - 2014-02-05 10:57 - 00000020 ___SH () C:\Users\19newaccount51\ntuser.ini
2014-02-05 10:57 - 2014-02-05 10:57 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\VirtualStore
2014-02-05 10:57 - 2014-01-28 17:17 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Macromedia
2014-02-05 10:57 - 2013-03-22 07:14 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-05 10:57 - 2013-03-22 07:14 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-05 10:53 - 2014-02-23 16:13 - 00284520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-05 10:38 - 2014-02-05 10:38 - 00000277 _____ () C:\Users\md\Desktop\reset.bat
2014-02-05 04:02 - 2014-02-05 04:02 - 00284404 _____ () C:\Users\md\Desktop\MGlogs.zip
2014-02-05 03:57 - 2014-02-05 04:02 - 00284404 _____ () C:\MGlogs.zip
2014-02-05 03:57 - 2014-02-05 04:02 - 00000000 ____D () C:\MGtools
2014-02-05 03:48 - 2014-02-05 03:48 - 00000639 _____ () C:\Users\md\Desktop\JRT.txt
2014-02-05 03:32 - 2014-02-05 03:32 - 00001166 _____ () C:\Users\md\Desktop\security checkup.txt
2014-02-05 03:17 - 2014-02-05 03:17 - 00004069 _____ () C:\Users\md\Desktop\FSS.txt  many win services messed up.txt
2014-02-05 00:52 - 2014-02-05 00:52 - 00001358 _____ () C:\Users\md\Desktop\Re-enables known Internet Protocols .txt
2014-02-05 00:51 - 2014-02-05 00:51 - 00017244 _____ () C:\Users\md\Desktop\re-enable services detection Services  tfm no idea how to interpret.txt
2014-02-05 00:44 - 2014-02-05 00:44 - 00003130 _____ () C:\Users\md\Desktop\unhide.txt  deleted explorer no-run, taskmanger  need to recover short cuts.txt
2014-02-05 00:08 - 2014-02-05 00:08 - 00001563 _____ () C:\Users\md\Desktop\RKreport[0]_S_02052014_000826.txt
2014-02-05 00:07 - 2014-02-05 00:07 - 00001663 _____ () C:\Users\md\Desktop\RKreport[0]_D_02052014_000455.txt  disablereg tools, and cmd.txt
2014-02-05 00:04 - 2014-02-05 00:04 - 00001663 _____ () C:\Users\md\Desktop\RKreport[0]_D_02052014_000455.txt
2014-02-05 00:03 - 2014-02-05 00:03 - 00001624 _____ () C:\Users\md\Desktop\RKreport[0]_S_02052014_000340.txt
2014-02-04 22:57 - 2014-02-04 23:20 - 00003130 _____ () C:\Users\md\Desktop\unhide.txt
2014-02-04 22:56 - 2014-02-04 22:56 - 00004906 _____ () C:\Users\md\Desktop\Rkill.txt i ran malwarebytes, then re-enable - not much turned on in this list.txt
2014-02-04 22:25 - 2014-02-04 22:25 - 00019428 _____ () C:\Users\md\Desktop\CCleaner registry issue analysis.txt
2014-02-04 22:08 - 2014-02-04 22:08 - 00004906 _____ () C:\Users\md\Desktop\Rkill.txt  now works only in safe mode , normal mode it hangs on  - unsigned certificates.txt
2014-02-04 21:29 - 2014-02-04 21:29 - 00034170 _____ () C:\Users\md\Desktop\rootkitunhookerReport.txt
2014-02-04 17:10 - 2014-02-04 22:55 - 00004906 _____ () C:\Users\md\Desktop\Rkill.txt
2014-02-04 17:07 - 2014-02-04 17:07 - 00001360 _____ () C:\Users\md\Desktop\FixExec.txt
2014-02-04 14:49 - 2014-02-04 14:50 - 00040381 _____ () C:\Users\md\Desktop\mimitoobox byfarber safemode problems Result.txt
2014-02-04 14:25 - 2014-02-05 00:30 - 00000483 _____ () C:\Users\md\Desktop\mbrReport.txt
2014-02-04 12:43 - 2014-01-30 17:03 - 00000639 _____ () C:\Users\19newaccount51\Desktop\JRT 1-30-2014 run after diagnostic boot and rkil run prior to scan - Copy.txt
2014-02-04 12:28 - 2014-01-24 09:55 - 00086505 _____ () C:\Users\md\Desktop\SELECTREALSECURITY - STEP BY STEP - ALL APPS USED FOR MALWARE REMOVAL - Copy.odt
2014-02-04 11:26 - 2014-02-24 12:20 - 00000000 ____D () C:\Users\md\Desktop\RK rogue killer, and all other reports during malware infection Dec 2013-Feb 2014
2014-02-03 20:52 - 2014-02-03 20:52 - 00001358 _____ () C:\Users\md\Desktop\Re-enables known Protocols .txt
2014-02-03 20:49 - 2014-02-03 20:49 - 00017244 _____ () C:\Users\md\Desktop\re-enable services detection Services.txt
2014-02-03 20:36 - 2014-02-03 20:36 - 00013602 _____ () C:\Users\md\Desktop\cc_20140203_203602.reg
2014-02-03 18:33 - 2014-02-03 18:37 - 00001557 _____ () C:\Users\md\Desktop\help and support notworking, but also no unrcogniz locol network and no internet.txt
2014-02-03 13:53 - 2014-02-03 13:53 - 03796480 _____ () C:\Users\md\Desktop\RogueKiller(6).exe
2014-02-02 23:57 - 2014-02-02 23:58 - 00000000 ____D () C:\Program Files\stinger
2014-02-02 23:48 - 2014-02-02 23:49 - 00015663 _____ () C:\Users\md\Desktop\How to remove viruses with Panda Cloud Cleaner Rescue ISO.odt
2014-02-02 23:39 - 2014-02-28 11:00 - 00000382 _____ () C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job
2014-02-02 17:46 - 2014-02-02 17:46 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-02-02 14:34 - 2014-02-02 19:04 - 00025653 _____ () C:\Users\md\Desktop\RogueKiller offical tutorial see also file on tfm hdd about adlice additioal spps.odt
2014-02-02 14:11 - 2014-02-02 14:18 - 00023971 _____ () C:\Users\md\Desktop\ADlice makers of RogueKiller addition app packages for malware help.odt
2014-02-02 12:22 - 2014-02-02 12:27 - 00000388 _____ () C:\Windows\Tasks\Wise PC 1stAid Task.job
2014-02-01 23:47 - 2014-02-03 12:18 - 00001649 _____ () C:\Windows\system32\PCloudCleanerService.log
2014-02-01 22:13 - 2014-02-01 22:13 - 00000000 ____D () C:\Users\md\Desktop\rkill
2014-02-01 19:21 - 2014-02-02 18:56 - 00076382 _____ () C:\Users\md\Desktop\HTTP COPY WEBSITE DOCUMENTATION STEP BY STEP GUIDE.odt
2014-02-01 19:04 - 2014-02-01 19:04 - 00030258 _____ () C:\Users\md\Desktop\Inspectapedia error log 02-01-2014.odt
2014-02-01 17:46 - 2014-02-01 17:46 - 00018656 _____ () C:\Windows\system32\autochk.exe.bak
2014-02-01 04:33 - 2014-02-23 00:49 - 00000000 ____D () C:\Program Files\Panda Security
2014-02-01 04:26 - 2014-02-01 04:26 - 28026504 _____ (Panda Security ) C:\Users\md\Desktop\PandaCloudCleaner.exe
2014-02-01 03:42 - 2014-02-01 03:42 - 00000000 ____D () C:\Users\md\AppData\Roaming\QuickScan
2014-02-01 03:11 - 2014-02-01 11:14 - 00054899 _____ () C:\Users\md\Desktop\Vista & Windows 7 Malware Removal-Cleaning Procedure BY CHASlANG MAJORGEEKS.odt
2014-02-01 03:10 - 2014-02-01 03:10 - 01990574 _____ () C:\MGtools.exe
2014-01-31 20:50 - 2014-01-31 22:49 - 00037738 _____ () C:\Users\md\Desktop\Gmer rootkit at gmer.net documentation.odt
2014-01-31 20:16 - 2014-01-31 20:16 - 00005058 _____ () C:\Users\md\Desktop\cc_20140131_201612.reg
2014-01-31 18:53 - 2014-01-31 18:53 - 00014490 _____ () C:\Users\md\Desktop\How to Use Rootkit Unhooker.odt
2014-01-31 11:35 - 2014-02-07 09:03 - 00000000 ____D () C:\CCE_Quarantine
2014-01-30 22:20 - 2014-02-14 09:59 - 00000867 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-30 17:03 - 2014-01-30 17:03 - 00000639 _____ () C:\Users\19newaccount51\Desktop\JRT 1-30-2014 run after diagnostic boot and rkil run prior to scan.txt
2014-01-30 13:54 - 2014-01-30 13:54 - 00001973 _____ () C:\Users\md\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-01-30 13:54 - 2014-01-30 13:54 - 00000000 ____D () C:\Users\md\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com

==================== One Month Modified Files and Folders =======

2099-12-12 09:08 - 2404-12-12 09:08 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2099-12-12 09:08 - 2404-12-12 09:08 - 05115672 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 03629824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 01824000 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 01677568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2099-12-12 09:08 - 2404-12-12 09:08 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2099-12-12 09:08 - 2013-12-03 05:20 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2099-11-24 02:25 - 2403-11-24 02:25 - 13881600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 02929048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2099-11-24 02:25 - 2403-11-24 02:25 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 01097984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 00865592 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2099-11-24 02:25 - 2403-11-24 02:25 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-28 11:21 - 2014-02-28 11:20 - 00014986 _____ () C:\Users\19newaccount51\Desktop\FRST.txt
2014-02-28 11:20 - 2014-02-28 11:20 - 00000000 ____D () C:\FRST
2014-02-28 11:19 - 2014-02-24 09:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-28 11:18 - 2014-02-28 11:18 - 00002744 _____ () C:\Users\19newaccount51\Desktop\FSS.txt Feb 28, 2014.txt
2014-02-28 11:17 - 2014-02-12 15:15 - 00002744 _____ () C:\Users\19newaccount51\Desktop\FSS.txt
2014-02-28 11:11 - 2014-02-28 11:11 - 01143808 _____ (Farbar) C:\Users\19newaccount51\Desktop\FRST.exe
2014-02-28 11:10 - 2014-02-28 11:10 - 00409600 _____ (Farbar) C:\Users\19newaccount51\Desktop\FSS.exe
2014-02-28 11:00 - 2014-02-02 23:39 - 00000382 _____ () C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job
2014-02-28 10:49 - 2014-02-28 10:27 - 00041442 _____ () C:\Users\19newaccount51\Desktop\How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Scanners – and even  WINPatrol.odt
2014-02-28 10:49 - 2014-02-28 09:59 - 00029480 _____ () C:\Users\19newaccount51\Desktop\SearhConduit won't remove – and a cure by Broni 44,000+ malware posts in Techspot.com alone.odt
2014-02-28 10:44 - 2013-03-21 07:44 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 10:34 - 2006-11-02 06:47 - 00004976 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-28 10:34 - 2006-11-02 06:47 - 00004976 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-28 09:48 - 2014-02-28 01:37 - 00023372 _____ () C:\Users\19newaccount51\Desktop\How to use ComboFix -  The real honest-to-god step-by-step feb 2014.odt
2014-02-28 09:20 - 2014-02-25 23:15 - 00017955 _____ () C:\Windows\WindowsUpdate.log
2014-02-28 05:44 - 2013-03-21 07:44 - 00000874 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-28 00:29 - 2014-02-27 23:53 - 00026916 _____ () C:\Users\19newaccount51\Desktop\Fixes that jason or screen name jntkwx of bleepingcomputer has done.odt
2014-02-28 00:29 - 2014-02-27 22:13 - 00020108 _____ () C:\Users\19newaccount51\Desktop\Disecting my scans with jason of bleepingcomputer-   RogueKiller, DDS, ComboFix, asMBR,.odt
2014-02-27 22:33 - 2014-02-27 22:17 - 00020653 _____ () C:\Users\19newaccount51\Desktop\MBR master boot record issues, diagnosis, repairs.odt
2014-02-27 21:29 - 2014-02-27 20:42 - 00018028 _____ () C:\Users\19newaccount51\Desktop\Lawrence Abrams, owner of technology site BleepingComputer.com describes how Scam Antivirus App Spreads Malware.odt
2014-02-27 21:02 - 2014-02-27 18:48 - 00023011 _____ () C:\Users\19newaccount51\Desktop\How to remove a Trojan, Virus, Worm, or other Malware by Lawrence Abrams of bleepingcomputer.odt
2014-02-27 20:45 - 2014-02-27 18:01 - 00013269 _____ () C:\Users\19newaccount51\Desktop\myTFM  letter to JASON OF BC.odt
2014-02-27 20:42 - 2014-02-27 19:31 - 00013032 _____ () C:\Users\19newaccount51\Desktop\My PC status after ComboFix and aswMBR for Jason of BC.odt
2014-02-27 17:52 - 2014-02-27 17:52 - 00002042 _____ () C:\Users\19newaccount51\Desktop\aswMBR-Thursday 02-17-2014.txt
2014-02-27 17:52 - 2014-02-08 18:17 - 00000512 _____ () C:\Users\19newaccount51\Desktop\MBR.dat
2014-02-27 17:38 - 2014-02-27 16:34 - 00010032 _____ () C:\Users\19newaccount51\Desktop\Avast AGV Comodo Norton Trendmicro McAfee Sophos Super Anti Spyware Microsoft ESET scan Gmer Awcleaner Ccleaner R kill OTL Mini tool box firewall security anti virus malware bytes root kit buster.odt
2014-02-27 17:34 - 2014-02-27 13:45 - 00013440 _____ () C:\Users\19newaccount51\Desktop\jason of BC - my first reply1.odt
2014-02-27 17:33 - 2014-02-27 17:33 - 04745728 _____ (AVAST Software) C:\Users\19newaccount51\Desktop\aswmbr.exe
2014-02-27 16:26 - 2014-02-27 16:02 - 00009466 _____ () C:\Users\19newaccount51\Desktop\Avast antivirus anti-virus   antimalwarebytes rootkitbusterv5 RogueKiller HitmanPro.odt
2014-02-27 16:08 - 2014-02-27 15:40 - 00010873 _____ () C:\Users\19newaccount51\Desktop\more for jason at BC.odt
2014-02-27 15:12 - 2014-02-27 15:08 - 00035985 _____ () C:\Users\19newaccount51\Desktop\ComboFixLOG FOR JASON 14-02-24.02 - 19newaccount51 02-27-2014  1425.odt
2014-02-27 14:54 - 2014-02-27 14:54 - 00095164 _____ () C:\ComboFix.txt
2014-02-27 14:54 - 2014-02-27 14:22 - 00000000 ____D () C:\Qoobox
2014-02-27 14:54 - 2006-11-02 05:18 - 00000000 ___RD () C:\Users\Public
2014-02-27 14:54 - 2006-11-02 05:18 - 00000000 ___RD () C:\Users\Default
2014-02-27 14:40 - 2014-02-15 01:36 - 00000000 ____D () C:\Windows\ERDNT
2014-02-27 14:39 - 2006-11-02 04:33 - 00759542 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 14:36 - 2014-01-19 00:35 - 00000000 ____D () C:\Users\md\AppData\Roaming\Wise Care 365
2014-02-27 14:35 - 2006-11-02 04:23 - 00000215 _____ () C:\Windows\system.ini
2014-02-27 14:34 - 2014-02-27 14:34 - 00000552 _____ () C:\Windows\PFRO.log
2014-02-27 14:34 - 2006-11-02 07:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-27 14:34 - 2006-11-02 06:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-27 14:33 - 2006-11-02 07:01 - 00032642 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-27 14:13 - 2014-02-27 14:12 - 05185084 ____R (Swearware) C:\Users\19newaccount51\Desktop\ComboFix.exe
2014-02-27 13:27 - 2014-02-27 13:27 - 00013254 _____ () C:\Users\19newaccount51\Desktop\latest iterationposted for BC.odt
2014-02-27 13:26 - 2014-02-27 13:26 - 00013254 _____ () C:\Users\19newaccount51\Desktop\Jason from BC instructions.odt
2014-02-27 12:56 - 2014-02-27 12:56 - 00020720 _____ () C:\Users\19newaccount51\Desktop\Comprehensive List of 26 Bootable Antivirus Rescue CDs for Offline Scanning.odt
2014-02-27 12:33 - 2014-02-27 12:30 - 00025794 _____ () C:\Users\19newaccount51\Desktop\The Dirty Little Secret Of Inkjet Printers the odt file.odt
2014-02-27 12:18 - 2014-02-27 12:17 - 00016274 _____ () C:\Users\19newaccount51\Desktop\RKill 2.6.5.0  a how to.odt
2014-02-27 12:17 - 2014-02-11 09:26 - 00016275 _____ () C:\Users\19newaccount51\Desktop\RKill 2.6.5.0.odt
2014-02-27 10:27 - 2014-02-27 10:27 - 00001905 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02272014_102738.txt
2014-02-27 10:25 - 2014-02-27 10:25 - 00002068 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02272014_102404.txt   3-HJ POL  3-FWAPI hooked.txt
2014-02-27 10:24 - 2014-02-27 10:24 - 00002068 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02272014_102404.txt
2014-02-27 10:24 - 2014-02-07 09:55 - 00000000 ____D () C:\Users\19newaccount51\Desktop\RK_Quarantine
2014-02-27 10:22 - 2014-02-27 10:22 - 00002026 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02272014_102227.txt
2014-02-27 10:17 - 2014-02-21 09:29 - 00000000 ____D () C:\Users\19newaccount51\Desktop\tdsskiller(1)
2014-02-27 10:15 - 2014-02-27 10:15 - 04110135 _____ () C:\Users\19newaccount51\Desktop\tdsskiller(1).zip
2014-02-27 10:14 - 2014-02-23 15:23 - 00002466 _____ () C:\Users\19newaccount51\Desktop\Rkill.txt
2014-02-27 01:34 - 2014-02-27 01:34 - 00011899 _____ () C:\Users\19newaccount51\Desktop\Unhide by Lawrence Abrams Grinler.odt
2014-02-27 01:33 - 2014-02-27 01:33 - 00011899 _____ () C:\Users\19newaccount51\Desktop\Documents\Unhide by Lawrence Abrams Grinler.odt
2014-02-27 01:32 - 2014-02-27 01:32 - 00017965 _____ () C:\Users\19newaccount51\Desktop\How to remove an tcpip error.odt
2014-02-27 01:31 - 2014-02-27 01:30 - 00016642 _____ () C:\Users\19newaccount51\Desktop\Documents\Re-enable version 2.odt
2014-02-27 01:28 - 2014-02-27 01:28 - 00020176 _____ () C:\Users\19newaccount51\Desktop\Documents\3 Tools to Help Remove Toolbars and their Leftovers by  www.raymond.cc blog.odt
2014-02-27 01:13 - 2014-02-26 18:11 - 00018087 _____ () C:\Users\19newaccount51\Desktop\TFM BLEEPING LETTER.odt
2014-02-27 01:12 - 2014-02-26 23:40 - 00015422 _____ () C:\Users\19newaccount51\Desktop\How Touse and Gather OTL Output.odt
2014-02-27 01:12 - 2014-02-18 13:44 - 00016045 _____ () C:\Users\19newaccount51\Desktop\ClamAV memory scan scan  canceled by user ran only 1 min 12 sec note results  a ton of permission denied.odt
2014-02-27 01:04 - 2014-02-12 02:58 - 00065217 _____ () C:\Users\19newaccount51\Desktop\FDCCSecuringMicrosoftWindowsVistaSystem virusmalwareinfect spyware secur file polic configur system adm user patch network setting install boot update download internet remote assit computer manage log event.odt
2014-02-26 23:52 - 2014-02-26 23:50 - 00027879 _____ () C:\Users\19newaccount51\Desktop\BEFORE You POST Please read this Procedure Before Requesting Assistance -  spybo tinfo forums.odt
2014-02-26 23:48 - 2014-02-14 10:14 - 00220377 _____ () C:\Users\19newaccount51\Desktop\WIGI adlice URL history uploadremoteremote  server error  forbidden.odt
2014-02-26 23:41 - 2014-02-26 23:41 - 00602112 _____ (OldTimer Tools) C:\Users\19newaccount51\Downloads\OTL.exe
2014-02-26 23:39 - 2014-02-11 08:37 - 00016399 _____ () C:\Users\19newaccount51\Desktop\How To Restore The Master Boot Record Step By Step With Mbrfix Utility.odt
2014-02-26 23:18 - 2014-02-26 22:42 - 00037069 _____ () C:\Users\19newaccount51\Desktop\bleepingcomputer.com  List of the 30+ different topic  forums.odt
2014-02-26 22:54 - 2014-02-25 14:54 - 00003794 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02252014_144611.txt       reg entriesHJ POL PUM  removed, but still have - donothing, disable task, reg, and comodo listed under drivers.txt
2014-02-26 21:44 - 2014-02-26 16:17 - 00024165 _____ () C:\Users\19newaccount51\Desktop\dds.txt
2014-02-26 16:27 - 2014-02-26 16:25 - 00022918 _____ () C:\Users\19newaccount51\Desktop\DDS LOG ON 2-26-2014  - TFM KLNOWS THAT THE DISABLE POLICES REG KEYS ARE PRESENT.odt
2014-02-26 16:17 - 2014-02-26 16:17 - 00008368 _____ () C:\Users\19newaccount51\Desktop\attach.txt
2014-02-26 16:12 - 2014-02-26 16:12 - 00042335 _____ () C:\Users\19newaccount51\Desktop\Device Manager Windows - Troubleshooting AND Using  FROM U WISCONSON MADISON.odt
2014-02-26 15:55 - 2014-02-26 15:55 - 00029145 _____ () C:\Users\19newaccount51\Desktop\Slow Computer-Bowser Check Here First It May Not Be Malware  - BLEEPINGCOMPUTER.odt
2014-02-26 15:06 - 2014-02-26 14:56 - 00022917 _____ () C:\Users\19newaccount51\Desktop\Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help.odt
2014-02-26 14:53 - 2014-02-26 14:52 - 00039195 _____ () C:\Users\19newaccount51\Desktop\bleepingcomputer.com  forums.odt
2014-02-26 14:39 - 2014-02-26 14:39 - 00003881 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02262014_143753.txt  DISABLE TASKmGR REGISTRYTOOLS CMD.txt
2014-02-26 14:37 - 2014-02-26 14:37 - 00003881 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02262014_143753.txt
2014-02-26 14:33 - 2014-02-08 16:55 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-26 13:30 - 2014-02-26 13:30 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\FixItCenter
2014-02-26 13:28 - 2014-02-08 15:06 - 00077379 _____ () C:\Users\19newaccount51\Desktop\How Spybot - Search  Destroy protects against the installation of Spyware Malware.odt
2014-02-26 02:39 - 2014-02-19 20:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-02-26 02:18 - 2014-02-26 02:18 - 00022834 _____ () C:\Users\19newaccount51\Desktop\THE REAL LIST OF MALWARE SCANNERS  -  FROM BLEEPING.odt
2014-02-26 02:17 - 2014-02-20 18:28 - 00002000 _____ () C:\Users\19newaccount51\Desktop\AviraAntiVirRemovalTool_en.log
2014-02-26 02:06 - 2014-02-26 02:05 - 00021730 _____ () C:\Users\19newaccount51\Desktop\How to remove a Trojan, Virus, Worm, or other Malware   TFM READ THIS.odt
2014-02-26 01:57 - 2014-02-26 01:57 - 00000230 _____ () C:\Users\19newaccount51\Downloads\RemVimes.reg
2014-02-26 01:53 - 2014-02-26 01:53 - 00020630 _____ () C:\Users\19newaccount51\Desktop\Removal Guide -  FROM BLEEPING RE LIVE SUPPORT OPTIMIZER.odt
2014-02-26 01:42 - 2014-02-26 01:41 - 00112342 _____ () C:\Users\19newaccount51\Desktop\SECURITYCHECK BY SCREEN317.odt
2014-02-26 01:37 - 2014-02-26 01:37 - 00987425 _____ () C:\Users\19newaccount51\Downloads\SecurityCheck.exe
2014-02-26 01:19 - 2014-02-26 01:16 - 00024032 _____ () C:\Users\19newaccount51\Desktop\Unhide.exe is a program that will revert many of the changes on your computer caused by the FakeHDD family of rogue anti-spyware programs.odt
2014-02-26 01:13 - 2014-02-26 01:12 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Downloads\unhide(1).exe
2014-02-26 01:07 - 2014-02-26 01:07 - 00011512 _____ () C:\Users\19newaccount51\Desktop\Rkill.txt  wow 30 times faster at quelling all processes and any malware from 30minites to 1min 12 sec did removing 2 reg keys by unhide achieve this.odt
2014-02-26 01:07 - 2014-02-26 01:07 - 00011508 _____ () C:\Users\19newaccount51\Desktop\Documents\Rkill.txt  wow 30 times faster at quelling all processes and any malware from 30minites to 1min 12 sec did removing 2 reg keys by unhide achieve this.txt
2014-02-26 01:05 - 2014-02-26 01:00 - 00027072 _____ () C:\Users\19newaccount51\Desktop\Documents\RKill - What it does and What it Doesn't - A brief introduction to the program.odt
2014-02-26 00:51 - 2014-02-26 00:51 - 00002466 _____ () C:\Users\19newaccount51\Desktop\Rkill.txt  wow 30 times faster at quelling all processes and any malware from 30minites to 1min 12 sec did removing 2 reg keys by unhide achieve this.txt
2014-02-25 23:20 - 2014-02-25 23:20 - 00006610 _____ () C:\Users\19newaccount51\Desktop\AdwCleaner[S44].txt  2-25-2014  check it out.txt
2014-02-25 23:11 - 2014-02-25 15:20 - 00003100 _____ () C:\Users\19newaccount51\Desktop\unhide.txt
2014-02-25 23:02 - 2014-02-25 23:02 - 04621264 _____ () C:\Users\19newaccount51\Downloads\SpyBHORemover(1).zip
2014-02-25 22:47 - 2014-02-25 22:46 - 00328496 _____ () C:\Users\19newaccount51\Downloads\vista-32-StartMenu-reset-BleepingComp.exe
2014-02-25 22:25 - 2014-02-08 22:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\ALL SCAN LOGS - Copy
2014-02-25 22:13 - 2014-02-25 22:13 - 00002377 _____ () C:\Users\19newaccount51\Desktop\ESET ONLINE SCANNER TUES 23, 2014 – 21 TREATS.txt
2014-02-25 19:16 - 2013-10-20 17:36 - 00000000 ____D () C:\AdwCleaner
2014-02-25 19:12 - 2014-02-25 19:12 - 00205072 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-02-25 19:12 - 2014-02-08 18:33 - 00000000 ____D () C:\Users\19newaccount51\Downloads\TMRBLog
2014-02-25 19:06 - 2014-02-25 19:06 - 00008414 _____ () C:\Users\19newaccount51\Desktop\HitmanPro_20140225_1906.logcheckout the unknwns here.log
2014-02-25 18:41 - 2014-02-25 18:41 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-25 18:39 - 2014-02-25 18:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\19newaccount51\Downloads\mbam-setup-1.75.0.1300(1).exe
2014-02-25 18:37 - 2014-02-25 18:37 - 00065232 _____ (Malwarebytes) C:\Users\19newaccount51\Downloads\regassassin-setup-1.03(1).exe
2014-02-25 18:21 - 2014-02-25 18:21 - 00001149 _____ () C:\Users\19newaccount51\Desktop\Specialist Sign-in.lnk
2014-02-25 18:21 - 2014-02-25 18:21 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Instant Housecall
2014-02-25 18:21 - 2014-02-25 18:21 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Instant Housecall
2014-02-25 16:01 - 2014-02-25 16:01 - 00002590 _____ () C:\Users\19newaccount51\Desktop\Rkill.txt after unhide, RK, nowr-kill, will follow with panda cleaner.txt
2014-02-25 16:01 - 2014-02-24 15:57 - 00001096 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-02-25 15:59 - 2014-02-25 15:59 - 00002937 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02252014_155919.txt  after running unhide.txt
2014-02-25 15:05 - 2014-02-25 15:05 - 00002832 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02252014_150203.txt   2nd scan after removal to confirm removal.txt
2014-02-25 14:18 - 2014-02-25 14:18 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.WinMediaPlayer.FISC.148316786607172117.1.2.Run.exe
2014-02-25 14:18 - 2014-02-25 14:18 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.Performance.FISC.148316786607172117.1.4.Run.exe
2014-02-25 14:18 - 2014-02-25 14:18 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.dvd.FISC.148316786607172117.1.1.Run.exe
2014-02-25 14:18 - 2014-02-25 14:18 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.Devices.FISC.148316786607172117.1.3.Run.exe
2014-02-25 14:13 - 2014-02-25 14:13 - 01789242 _____ () C:\Users\19newaccount51\Downloads\rcss_dll_restore.zip
2014-02-25 13:26 - 2014-02-25 14:59 - 00022033 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_33.odt
2014-02-25 13:25 - 2014-02-25 14:59 - 00018480 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_32.odt
2014-02-25 13:13 - 2014-02-25 13:13 - 01769928 _____ (Malwarebytes ) C:\Users\19newaccount51\Downloads\mbae-setup-0.09.5.1000(1).exe
2014-02-25 13:12 - 2014-02-25 13:12 - 12589848 _____ (Malwarebytes Corp.) C:\Users\19newaccount51\Downloads\mbar-1.07.0.1009.exe
2014-02-25 12:46 - 2014-02-25 14:59 - 00025240 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_19_1.odt
2014-02-25 12:46 - 2014-02-25 14:59 - 00020219 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_20_1.odt
2014-02-25 12:25 - 2014-02-25 14:59 - 00025625 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_8_1.odt
2014-02-25 12:24 - 2014-02-25 14:59 - 00020190 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_6_1.odt
2014-02-25 11:32 - 2014-02-25 11:32 - 01093707 _____ (Tangosoft) C:\Users\19newaccount51\Downloads\reenable-setup.exe
2014-02-25 11:31 - 2014-02-25 11:31 - 00792064 _____ (TangoSoft) C:\Users\19newaccount51\Downloads\Re-Enable v2_liteEdition.exe
2014-02-25 08:26 - 2014-02-24 17:23 - 00027977 _____ () C:\Users\19newaccount51\Desktop\Panda Cloud Cleaner Help  and Feb 23, 2014 reg key and policy highjacks disinfected..odt
2014-02-25 01:14 - 2014-02-25 01:14 - 00002765 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02252014_010958.txt PANDA DELETED THESE 3 HOOKED THINGS, SUDDENLY PATCHMYPC DETECTED AS SUSPICIOUS PATH.txt
2014-02-25 01:03 - 2014-02-25 01:03 - 03818496 _____ () C:\Users\19newaccount51\Desktop\RogueKiller(1).exe
2014-02-25 00:53 - 2014-02-25 00:53 - 00020150 _____ () C:\Users\19newaccount51\Desktop\Online Virus Scanners.odt
2014-02-25 00:53 - 2014-02-25 00:53 - 00017927 _____ () C:\Users\19newaccount51\Desktop\How to Remove a Windows Virus.odt
2014-02-25 00:52 - 2014-02-25 00:52 - 00015893 _____ () C:\Users\19newaccount51\Desktop\Antivirus Bootable Rescue CDs.odt
2014-02-25 00:20 - 2014-02-24 23:52 - 00021444 _____ () C:\Users\19newaccount51\Desktop\How to remove trojans, spyware, rogues and other malware FROM MALWARETIPS.COM
2014-02-25 00:00 - 2014-02-10 01:17 - 00001964 _____ () C:\Users\19newaccount51\Desktop\cdcheck.ini
2014-02-24 22:17 - 2014-02-24 22:10 - 00023851 _____ () C:\Users\19newaccount51\Desktop\Best free antivirus software 2014 -techradar.com
2014-02-24 22:05 - 2014-02-24 20:32 - 00179026 _____ () C:\Users\19newaccount51\Desktop\Tom's Guide - Free Antivirus Software The Best of 2013.odt
2014-02-24 17:25 - 2014-02-24 17:25 - 00000691 _____ () C:\Users\19newaccount51\Desktop\PCloudCleaner   Panda Cloud Cleaner - tfm mid-Dec, 2013 to  Feb 23, 2014 reg key and policy highjacks disinfected.txt
2014-02-24 15:56 - 2014-02-24 15:56 - 00036144 _____ () C:\Users\19newaccount51\Desktop\3 Ways to Save Money on Your Cable, Phone and Internet Bills.odt
2014-02-24 14:54 - 2014-02-24 14:54 - 00033350 _____ () C:\Users\19newaccount51\Desktop\good bleepingcomputer malware technique copied 02-24-2014.odt
2014-02-24 13:55 - 2014-02-24 13:55 - 00002003 _____ () C:\Users\19newaccount51\Desktop\FarberSS 02-24-2014.txt
2014-02-24 13:53 - 2014-02-24 13:53 - 00002003 _____ () C:\Users\19newaccount51\Downloads\FSS.txt
2014-02-24 13:37 - 2014-02-24 13:37 - 00006488 _____ () C:\Users\19newaccount51\Desktop\AdwCleaner[S43]     I think IE has been hooked - only browser with never any cleaning as  here by AdwCleaner, also can't reset it withavast Browser cleaner reseter1.txt
2014-02-24 13:36 - 2014-02-24 13:36 - 00006488 _____ () C:\Users\19newaccount51\Desktop\AdwCleaner[S43]     I think IE has been hooked - only browser with never any cleaning as  here by AdwCleaner, also can't reset it withavast Browser cleaner reseter.txt
2014-02-24 12:40 - 2014-02-24 12:40 - 10711752 _____ (SUPERAdBlocker.com and SUPERAntiSpyware.com) C:\Users\19newaccount51\Desktop\SASDEFINITIONS.EXE
2014-02-24 12:21 - 2014-02-24 12:21 - 00000620 _____ () C:\Users\19newaccount51\Downloads\minitoolbox 1-23-2014Result.txt
2014-02-24 12:20 - 2014-02-04 11:26 - 00000000 ____D () C:\Users\md\Desktop\RK rogue killer, and all other reports during malware infection Dec 2013-Feb 2014
2014-02-24 11:38 - 2014-02-24 11:38 - 00001377 _____ () C:\Users\19newaccount51\Desktop\JRT i did tweaking default repair then reboot, r-kill, rogueKiller, and now JRT maybe repaired all my problems with Int. Explorer see results.txt
2014-02-24 11:38 - 2014-02-24 11:38 - 00001325 _____ () C:\Users\19newaccount51\Desktop\JRT i did tweaking default repair then reboot, r-kill, rogueKiller, and now JRT maybe repaired all my problems with Int. Explorer see results.lnk
2014-02-24 11:24 - 2014-02-24 11:24 - 00060544 _____ () C:\Users\19newaccount51\Desktop\10 Cheap Things to Carry Around in Your Tech Toolkit.odt
2014-02-24 11:22 - 2014-02-24 11:22 - 00026464 _____ () C:\Users\19newaccount51\Desktop\6 Ways To Free Up Space On Your Windows Computer.odt
2014-02-24 11:20 - 2014-02-24 11:20 - 00064453 _____ () C:\Users\19newaccount51\Desktop\10 Steps To Take When You Discover Malware On Your Compute.odt
2014-02-24 11:16 - 2014-02-24 11:15 - 00022703 _____ () C:\Users\19newaccount51\Desktop\6 Tips to Save Money on PC Repairs.odt
2014-02-24 11:11 - 2014-02-24 11:11 - 00026268 _____ () C:\Users\19newaccount51\Desktop\Windows Update Everything You Need To Know.odt
2014-02-24 10:46 - 2014-02-24 10:46 - 00043188 _____ () C:\Users\19newaccount51\Desktop\Here’s how to avoid Exploding iPhones.odt
2014-02-24 10:41 - 2014-02-24 09:45 - 00029851 _____ () C:\Users\19newaccount51\Desktop\PatchMyPC - This Useful Small Program Makes Updating Your PC Software Easier.odt
2014-02-24 10:24 - 2014-02-24 10:24 - 00047713 _____ () C:\Users\19newaccount51\Desktop\What is the FAFSA -  Free Application for Federal Student Aid.odt
2014-02-24 09:18 - 2014-02-24 09:18 - 00130048 _____ (CodePlex Community) C:\Users\19newaccount51\Desktop\Microsoft.Win32.TaskScheduler.dll
2014-02-24 09:11 - 2014-01-16 14:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-24 09:11 - 2014-01-16 14:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-24 00:11 - 2013-11-26 01:44 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-02-23 23:40 - 2014-02-23 23:22 - 00015019 _____ () C:\Users\19newaccount51\Desktop\Documents\install Java online for Firefox.odt
2014-02-23 23:39 - 2014-02-23 23:39 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Oracle
2014-02-23 23:35 - 2013-10-01 09:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-23 23:34 - 2014-02-23 23:34 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-02-23 23:32 - 2014-02-23 23:33 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-02-23 23:32 - 2014-02-23 23:33 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-02-23 23:32 - 2014-02-23 23:33 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-02-23 23:32 - 2014-02-23 23:33 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-02-23 23:11 - 2014-02-23 23:11 - 00010662 _____ () C:\Users\19newaccount51\Desktop\How do I install Java online for Firefox on Windows  - Print-friendly Page.htm
2014-02-23 23:11 - 2014-02-23 23:11 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How do I install Java online for Firefox on Windows  - Print-friendly Page_files
2014-02-23 23:09 - 2014-02-23 22:55 - 00000000 ____D () C:\Users\19newaccount51\Desktop\JavaRa-2.5
2014-02-23 22:38 - 2014-02-23 22:38 - 00156058 _____ () C:\Users\19newaccount51\Desktop\JavaRa-2.5.zip
2014-02-23 22:32 - 2014-02-23 22:32 - 00017358 _____ () C:\Users\19newaccount51\Desktop\JavaRa 2.0 Documentation.odt
2014-02-23 21:41 - 2014-02-23 21:41 - 00013456 _____ () C:\Users\19newaccount51\Desktop\install PROGRAMS PER CCLEANER 02-23-2014  PRINT THIS.txt
2014-02-23 21:05 - 2014-02-23 21:05 - 00040626 _____ () C:\Users\19newaccount51\Desktop\COPY OF Printers - Install, network, diagnose, troubleshoot, repair  from windows help and support.odt
2014-02-23 21:04 - 2014-02-23 21:04 - 00027249 _____ () C:\Users\19newaccount51\Desktop\COPY OF MICROSOFT ON SECURITY -  FEB 23, 2014 - COMPLETE SET OF RECOMMENDATIONS, SOLUTIONS, DIAGNOSIS, TROUBLESHOOT -  FROM MS HELP AND SUPPORT-.odt
2014-02-23 21:03 - 2014-02-23 21:03 - 00030514 _____ () C:\Users\19newaccount51\Desktop\COPY OF Troubleshoot Wired and wireless network problems - from windows help and support.odt
2014-02-23 21:03 - 2014-02-23 21:03 - 00030513 _____ () C:\Users\19newaccount51\Desktop\Troubleshoot Wired and wireless network problems - from windows help and support.odt
2014-02-23 21:02 - 2014-02-23 21:02 - 00018287 _____ () C:\Users\19newaccount51\Desktop\COPY OF how to use MS  Internet Explprer Security and privacy features.odt
2014-02-23 20:57 - 2014-02-23 20:55 - 216141824 _____ () C:\Users\19newaccount51\Desktop\LibreOffice_4.1.5_Win_x86.msi
2014-02-23 20:44 - 2014-02-23 20:44 - 00026503 _____ () C:\Users\19newaccount51\Desktop\MICROSOFT ON SECURITY -  FEB 23, 2014 - COMPLETE SET OF RECOMMENDATIONS, SOLUTIONS, DIAGNOSIS, TROUBLESHOOT -  FROM MS HELP AND SUPPORT-.odt
2014-02-23 20:13 - 2014-02-23 20:13 - 00030821 _____ () C:\Users\19newaccount51\Desktop\Documents\Troubleshoot Wired and wireless network problems - from windows help and support.odt
2014-02-23 20:00 - 2014-02-23 20:00 - 00040611 _____ () C:\Users\19newaccount51\Desktop\Documents\Printers - Install, network, diagnose, troubleshoot, repair  from windows help and support.odt
2014-02-23 19:59 - 2014-02-23 19:59 - 00040608 _____ () C:\Users\19newaccount51\Desktop\Documents\Printers - Install, network, diagnose, troubleshoot, repair.odt
2014-02-23 19:58 - 2014-02-23 19:58 - 00018282 _____ () C:\Users\19newaccount51\Desktop\Documents\how to use MS  Internet Explprer Security and privacy features.odt
2014-02-23 19:56 - 2014-02-23 19:56 - 00022300 _____ () C:\Users\19newaccount51\Desktop\Documents\Troubleshoot network problems - from windows help and support.odt
2014-02-23 19:36 - 2014-02-05 10:57 - 00001980 _____ () C:\Users\19newaccount51\Desktop\Google Chrome.lnk
2014-02-23 18:51 - 2014-02-23 18:50 - 00549426 _____ () C:\Users\19newaccount51\Desktop\WhyIGotInfected.exe
2014-02-23 16:27 - 2014-02-05 10:58 - 00063936 _____ () C:\Users\19newaccount51\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-23 16:13 - 2014-02-05 10:53 - 00284520 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-23 16:10 - 2013-04-07 00:51 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-23 15:30 - 2014-02-23 15:30 - 00002936 _____ () C:\Users\19newaccount51\Desktop\Rkill   ROGUEKILLER STOPPED - I EXITED THE APP SO WHY IS THE NEED TO STOP WITH RKILL NOW - WILL NOW RUN TWEAKING IN NORMAL MODE, NO NETWORK AV FW.txt
2014-02-23 15:29 - 2014-02-23 15:29 - 00002936 _____ () C:\Users\19newaccount51\Desktop\Rkill   ROGUEKILLER STOPPED - I EXITED THE APP SO WHY IS THE NEED TO STOP WITH RKILL NOW - WILL NOW RUN TWEAKING IN NORMAL MODE.txt
2014-02-23 15:22 - 2014-02-23 15:22 - 00002626 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02232014_151848   HOOKED  DO NOTHING, ENABLE MEMTRACINGM SETmEMlEAKpOLICY.txt
2014-02-23 15:13 - 2014-02-19 20:52 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Notepad++
2014-02-23 15:10 - 2014-02-23 15:10 - 00070447 _____ () C:\Users\19newaccount51\Desktop\Documents\NOTEPAD++    DOCUMENTATION.odt
2014-02-23 14:47 - 2014-02-23 14:47 - 00002661 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02232014_144708    3 hooked.txt
2014-02-23 14:33 - 2014-02-22 23:50 - 00052928 _____ () C:\Users\19newaccount51\Desktop\Documents\bleeping account setup info 022102014.odt
2014-02-23 13:14 - 2014-02-23 14:02 - 00029473 _____ () C:\Users\19newaccount51\Desktop\untitled_19.odt
2014-02-23 13:13 - 2014-02-23 14:02 - 00013152 _____ () C:\Users\19newaccount51\Desktop\untitled_8.odt
2014-02-23 13:06 - 2014-02-23 13:06 - 00787408 _____ () C:\Users\19newaccount51\Downloads\Tweaking.com-svchost.exe_Lookup_Tool.exe
2014-02-23 12:48 - 2014-02-23 14:02 - 00070195 _____ () C:\Users\19newaccount51\Desktop\untitled_2_1.odt
2014-02-23 12:39 - 2014-02-23 12:39 - 00013660 _____ () C:\Users\19newaccount51\Desktop\installed programs per Ccleaner 02-23-2014   record a list of download sites for future lookup ook and remove like nirsoft.txt
2014-02-23 12:19 - 2014-02-07 10:08 - 00000619 _____ () C:\Users\19newaccount51\Desktop\Result.txt
2014-02-23 00:49 - 2014-02-23 00:40 - 00000000 ____D () C:\ProgramData\Panda Security
2014-02-23 00:49 - 2014-02-01 04:33 - 00000000 ____D () C:\Program Files\Panda Security
2014-02-23 00:47 - 2014-02-23 00:41 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Panda Security
2014-02-22 23:38 - 2014-02-22 23:38 - 00023185 _____ () C:\Users\19newaccount51\Desktop\Documents\How to create a command-line toolkit for Windows.odt
2014-02-22 23:22 - 2014-02-22 23:21 - 00000464 _____ () C:\Users\19newaccount51\Desktop\fsbl-20140223052133.log
2014-02-22 22:36 - 2014-02-22 15:37 - 00107962 _____ () C:\Users\19newaccount51\Desktop\europe for betty.odt
2014-02-22 22:24 - 2014-02-22 22:24 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Adobe
2014-02-22 15:56 - 2014-02-22 15:56 - 00218600 _____ () C:\Users\19newaccount51\Desktop\eurail travel time between cities.odt
2014-02-22 14:58 - 2014-02-22 14:58 - 00036656 _____ () C:\Users\19newaccount51\Desktop\PC and NETWORK HomeGroup from start to finish.odt
2014-02-22 14:57 - 2014-02-22 14:57 - 00016819 _____ () C:\Users\19newaccount51\Desktop\Install or remove a hard disk drive.odt
2014-02-22 14:56 - 2014-02-22 14:56 - 00015494 _____ () C:\Users\19newaccount51\Desktop\Formatting disks and drives frequently asked questions.odt
2014-02-22 14:56 - 2014-02-22 14:33 - 00046316 _____ () C:\Users\19newaccount51\Desktop\DRIVERS - DIAGNOSE, SEARCH FOR, INSTALL,AUTO AND MAN UPDATE, REMOVE, ROOLBACK,.odt
2014-02-22 14:23 - 2014-02-22 14:21 - 00025567 _____ () C:\Users\19newaccount51\Desktop\wuauclt exe from ccleaner reg cleaner and missing win update from april 2013.odt
2014-02-22 14:14 - 2014-02-22 14:14 - 00028481 _____ () C:\Users\19newaccount51\Desktop\Documents\wuauclt exe from ccleaner reg cleaner and missing win update from april 2013.odt
2014-02-22 00:27 - 2014-02-22 00:27 - 01241834 _____ () C:\Users\19newaccount51\Desktop\adwcleaner.exe
2014-02-22 00:19 - 2014-02-22 11:10 - 00020562 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_2_3.odt
2014-02-21 22:37 - 2014-02-21 22:37 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Comodo
2014-02-21 22:10 - 2014-02-20 00:02 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\FreeFixer
2014-02-21 22:03 - 2014-02-21 22:03 - 00000326 _____ () C:\Windows\Tasks\FreeFixer background scan.job
2014-02-21 22:02 - 2014-02-21 22:02 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
2014-02-21 21:55 - 2014-02-21 21:54 - 00000000 ____D () C:\Users\19newaccount51\Desktop\AntiRootkit
2014-02-21 21:54 - 2014-02-21 21:54 - 00000000 ____D () C:\Users\19newaccount51\Pavark
2014-02-21 21:54 - 2014-02-05 10:57 - 00000000 ____D () C:\Users\19newaccount51
2014-02-21 21:52 - 2014-02-21 21:52 - 00003722 _____ () C:\Users\19newaccount51\Desktop\Documents\BHOScanReport.html
2014-02-21 21:46 - 2014-02-21 21:46 - 00000000 ____D () C:\Users\19newaccount51\Desktop\SpyBHORemover
2014-02-21 21:45 - 2014-02-21 21:45 - 02019064 _____ () C:\Users\19newaccount51\Downloads\SpyBHORemover.zip
2014-02-21 20:12 - 2014-02-21 20:12 - 00026872 _____ (Symantec Corporation) C:\Windows\system32\Drivers\FixTDSS.sys
2014-02-21 20:12 - 2014-02-21 20:12 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\FixTDSS
2014-02-21 20:09 - 2014-02-21 20:09 - 00002144 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_S_02212014_191240  after an onslot of many anti-mal scans and a safe-mode tweaking session i still hav 02-20-2014e these creeps.txt
2014-02-21 16:02 - 2006-11-02 04:23 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_996
2014-02-21 15:32 - 2014-02-21 15:32 - 00002007 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02212014_153119    not  disable task,  cmd, registry tools,.txt
2014-02-21 14:41 - 2014-02-21 14:41 - 00015800 _____ () C:\Users\19newaccount51\Desktop\HitmanPro_20140221_1438   C-WINDOWS-SYTEM32-DRIVERS-dasBOOT.SYS  AND  DASBOOTF .SYS, IEFRAME.DLL- ALSO - PRSBDRVR.SYS
2014-02-21 11:26 - 2014-02-21 21:56 - 00019227 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_20.odt
2014-02-21 11:25 - 2014-02-21 21:56 - 00018957 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_2_2.odt
2014-02-21 11:25 - 2014-02-21 21:56 - 00018441 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_19.odt
2014-02-21 11:25 - 2014-02-21 21:56 - 00018081 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_8.odt
2014-02-21 10:48 - 2014-02-21 21:56 - 00017373 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_6.odt
2014-02-21 08:37 - 2014-02-21 08:37 - 00001740 _____ () C:\Users\19newaccount51\Desktop\RKreport[0]_D_02212014_083633  disable task, and reg.txt
2014-02-21 07:46 - 2014-02-21 07:46 - 00002184 _____ () C:\Users\19newaccount51\Desktop\STARTUP ITEMS CCLEANER 02-20-2014startup.txt
2014-02-21 07:45 - 2014-02-21 07:45 - 00013704 _____ () C:\Users\19newaccount51\Desktop\INSTALLED PROGRAMS PER CCLEANER 02-20-2014install.txt
2014-02-21 07:38 - 2014-02-21 07:01 - 00026622 _____ () C:\Users\19newaccount51\Desktop\format a write-protected USB flash drive or memory card.odt
2014-02-21 07:07 - 2014-02-21 07:07 - 00032653 _____ () C:\Users\19newaccount51\Desktop\vEDIO - MINIDV,VHS, BLUE-RAY, DVD - HOW TO COPY, CONVERT, BURN.odt
2014-02-21 06:59 - 2014-02-21 06:59 - 00019958 _____ () C:\Users\19newaccount51\Desktop\Documents\Using pIRIFORM Speccy.odt
2014-02-21 04:42 - 2014-02-21 04:29 - 00027750 _____ () C:\Users\19newaccount51\Desktop\Documents\SPECCY REPORT 02-20-2014.odt
2014-02-21 04:26 - 2014-02-21 04:26 - 00052979 _____ () C:\Users\19newaccount51\Desktop\SPECCY REPORT 02-20-2014LONDON.txt
2014-02-21 04:26 - 2014-02-21 04:22 - 00000000 ____D () C:\Users\19newaccount51\Desktop\PortableZipNoInstallerPiriformSpeccyspsetup125
2014-02-21 04:25 - 2014-02-21 04:25 - 00013557 _____ () C:\Users\19newaccount51\Desktop\SPECCY REPORT 02-20-20`14LONDON.speccy
2014-02-21 04:11 - 2014-02-21 04:11 - 00021473 _____ () C:\Users\19newaccount51\Desktop\Documents\Beginner Geek How to Host Your Own Website on Windows.odt
2014-02-21 04:08 - 2014-02-21 04:08 - 00032654 _____ () C:\Users\19newaccount51\Desktop\How to Run a Last Pass Security Audit - and why it can't wait.odt
2014-02-21 04:05 - 2014-02-21 04:01 - 00019987 _____ () C:\Users\19newaccount51\Desktop\Add Take Ownership to Explorer Right-Click Menu in Win 7, 8 or Vista.odt
2014-02-21 03:59 - 2014-02-21 03:58 - 00019199 _____ () C:\Users\19newaccount51\Desktop\HTG Explains What BCC Is and Why You’re a Terrible Person If You Don’t Use It Correctly Or At All.odt
2014-02-21 03:52 - 2014-02-21 03:52 - 00015605 _____ () C:\Users\19newaccount51\Desktop\CCleaner v3.07.1457 wants to unset firewall settings - invalid firewall rule.odt
2014-02-21 03:38 - 2014-02-21 03:38 - 00026801 _____ () C:\Users\19newaccount51\Desktop\system explorer - some esplaination.odt
2014-02-21 03:38 - 2014-02-21 03:09 - 00024991 _____ () C:\Users\19newaccount51\Desktop\How To Display A List Of All Installed Network Adapters.odt
2014-02-21 03:38 - 2014-02-21 03:00 - 00041197 _____ () C:\Users\19newaccount51\Desktop\Updating Any Driver Automatically Using Driver Packs.odt
2014-02-21 03:38 - 2014-02-21 02:29 - 00023006 _____ () C:\Users\19newaccount51\Desktop\Copy Files From A Dead Computer with usb adpter to a working PC.odt
2014-02-21 03:38 - 2014-02-21 02:20 - 00026831 _____ () C:\Users\19newaccount51\Desktop\Copy Files From A Failing Hard Drive.odt
2014-02-21 03:37 - 2014-02-21 03:37 - 00030632 _____ () C:\Users\19newaccount51\Desktop\hard drive backup, where the space is - or not.odt
2014-02-21 03:37 - 2014-02-21 03:37 - 00014631 _____ () C:\Users\19newaccount51\Desktop\Prevent Viruses Infecting A Memory Card.odt
2014-02-21 03:36 - 2014-02-21 03:36 - 00017616 _____ () C:\Users\19newaccount51\Desktop\Securely Erase A Hard Drive – DBAN May Not Be Sufficient.odt
2014-02-21 03:35 - 2014-02-21 03:35 - 00048365 _____ () C:\Users\19newaccount51\Desktop\How To Check If A Hard Drive Is Failing, copy files from, stuck in PIO mode, and more.odt
2014-02-21 03:34 - 2014-02-21 02:16 - 00048525 _____ () C:\Users\19newaccount51\Desktop\How To Check If A Hard Drive Is Failing, stuck in PIO mode,.odt
2014-02-21 03:33 - 2014-02-21 03:33 - 00021259 _____ () C:\Users\19newaccount51\Desktop\USB Flash drives ERRORS and FIXES.odt
2014-02-21 03:13 - 2014-02-21 03:13 - 00026092 _____ () C:\Users\19newaccount51\Desktop\How To Change Permissions Of A Registry Key.odt
2014-02-21 03:07 - 2014-02-21 03:06 - 00027041 _____ () C:\Users\19newaccount51\Desktop\How To Check If A Computer Is Overheating Tfm especailly laptop and netbooks.odt
2014-02-21 03:05 - 2014-02-21 03:05 - 00016815 _____ () C:\Users\19newaccount51\Desktop\How To Check If A Computer Is Overheating.odt
2014-02-21 03:02 - 2014-02-21 02:51 - 00031641 _____ () C:\Users\19newaccount51\Desktop\Fix The Not Enough Free Disk Space Error On USB Flash Drives.odt
2014-02-21 01:46 - 2014-02-21 01:46 - 00031516 _____ () C:\Users\19newaccount51\Desktop\How to Fix the “Firefox Is Already Running” Error.odt
2014-02-21 01:36 - 2014-02-21 01:36 - 00013704 _____ () C:\Users\19newaccount51\Desktop\Documents\Ccleaner list of installed programs - time to weed out using revo Uninstaller.txt
2014-02-21 01:33 - 2014-02-21 00:00 - 00024802 _____ () C:\Users\19newaccount51\Desktop\Speccy – Piriforms pc system information tool.odt
2014-02-21 01:31 - 2014-02-21 00:33 - 00012251 _____ () C:\Users\19newaccount51\Desktop\WonderHowTo.com Fresh Hacks For a Changing World. Delivering the zeitgeist's most delightful how-tos, hacks, pro-tips, and insider secrets.odt
2014-02-21 01:28 - 2014-02-21 00:01 - 00021012 _____ () C:\Users\19newaccount51\Desktop\How can I do format and reinstall Windows Vista Home Premium on my notebook.odt
2014-02-21 01:24 - 2014-02-21 00:59 - 00028898 _____ () C:\Users\19newaccount51\Desktop\Replacing A Broken DVD Or CD Drive - from techlogin.com
2014-02-21 01:24 - 2014-02-21 00:34 - 00025952 _____ () C:\Users\19newaccount51\Desktop\techlogin.com
2014-02-21 01:23 - 2014-02-21 01:23 - 00027212 _____ () C:\Users\19newaccount51\Desktop\How To Check Which Type Of RAM You Need For Upgrading.odt
2014-02-21 01:23 - 2014-02-21 01:09 - 00028095 _____ () C:\Users\19newaccount51\Desktop\Troubleshooting A Faulty hdd hard drive SATA Port.odt
2014-02-21 00:45 - 2014-02-21 00:44 - 00029892 _____ () C:\Users\19newaccount51\Desktop\How To Partition A Hard Drive from techlogin.com
2014-02-21 00:28 - 2014-02-20 22:08 - 00023439 _____ () C:\Users\19newaccount51\Desktop\Remotely Access Computers for Free With These 15 Free Remote Access Software Tools By Tim Fisher.odt
2014-02-21 00:26 - 2014-02-21 00:24 - 00024456 _____ () C:\Users\19newaccount51\Desktop\apple mac - speed it up - multiple articles.odt
2014-02-20 23:58 - 2014-02-20 23:58 - 00035377 _____ () C:\Users\19newaccount51\Desktop\Replaceing hard drive from wilders security.odt
2014-02-20 23:35 - 2014-02-20 23:35 - 05160095 _____ () C:\Users\19newaccount51\Desktop\PortableZipNoInstallerPiriformSpeccyspsetup125.zip
2014-02-20 23:34 - 2014-02-20 23:34 - 03780920 _____ (Piriform Ltd) C:\Users\19newaccount51\Downloads\spsetup125_slim.exe
2014-02-20 23:09 - 2014-02-20 23:09 - 04845384 _____ (Piriform Ltd) C:\Users\19newaccount51\Downloads\Piriforms-SpeccyPCinfosetup125.exe
2014-02-20 22:16 - 2014-02-20 22:15 - 00017994 _____ () C:\Users\19newaccount51\Desktop\Backblaze, an Online Backup Service - A Full Review of.odt
2014-02-20 21:07 - 2014-02-20 21:06 - 00202088 _____ () C:\Users\19newaccount51\Desktop\Documents\World of 7 Billion Video Entry Received.odt
2014-02-20 21:01 - 2014-02-20 18:55 - 00020173 _____ () C:\Users\19newaccount51\Desktop\Documents\songs, U_2 Adele, bob Marley, los lonely boys, one direction.odt
2014-02-20 17:04 - 2014-02-20 14:00 - 00032389 _____ () C:\Users\19newaccount51\Desktop\How to Get More Plus out of Notepad++.odt
2014-02-20 17:04 - 2014-02-20 13:03 - 00021764 _____ () C:\Users\19newaccount51\Desktop\Oracle Java JRE 1.7 Expression.execute and SunToolkit.get Field fail to restrict access to privileged code.odt
2014-02-20 17:04 - 2014-02-20 10:51 - 00027323 _____ () C:\Users\19newaccount51\Desktop\Guides and Tips for Using Four Popular Free Applications.odt
2014-02-20 15:49 - 2014-02-20 15:47 - 00027021 _____ () C:\Users\19newaccount51\Desktop\Best Pre-Workout Foods   eat before excersise.odt
2014-02-20 15:37 - 2014-02-20 15:37 - 00014396 _____ () C:\Users\19newaccount51\Desktop\chords crowded house, eagle-eyed cherry.odt
2014-02-20 14:57 - 2014-02-20 13:40 - 00026983 _____ () C:\Users\19newaccount51\Desktop\10 Useful Features Hidden in VLC, The Swiss Army Knife of Media Players  FOUND VIA VIC LAURIE BLEEPINGCOMPTER.odt
2014-02-20 14:53 - 2014-02-20 14:50 - 00040653 _____ () C:\Users\19newaccount51\Desktop\Fixit - 10 Sub-Catagories in reddits.com Every Fixer Should Know.odt
2014-02-20 13:52 - 2014-02-20 13:50 - 00020449 _____ () C:\Users\19newaccount51\Desktop\Documents\PainT.NET The Best Image Editor Available That You Should Download.odt
2014-02-20 13:36 - 2014-02-20 12:42 - 00023789 _____ () C:\Users\19newaccount51\Desktop\General Removal Instructions  by F-secure.odt
2014-02-20 13:31 - 2014-02-20 12:59 - 00013958 _____ () C:\Users\19newaccount51\Desktop\Disabling System Restore on Windows Vista  by F-support.odt
2014-02-20 13:29 - 2014-02-20 13:29 - 00015650 _____ () C:\Users\19newaccount51\Desktop\Disabling Java Plug-ins IN EACH BROWSER by F-secure.odt
2014-02-20 13:28 - 2014-02-20 12:39 - 00015471 _____ () C:\Users\19newaccount51\Desktop\Disabling Java Plug-ins by F-secure.odt
2014-02-20 13:18 - 2014-02-20 13:17 - 00013590 _____ () C:\Users\19newaccount51\Desktop\Dont Dream Its Over Chords by Crowded House.odt
2014-02-20 13:09 - 2014-02-20 13:09 - 00012696 _____ () C:\Users\19newaccount51\Desktop\f-SECURE Health Check.odt
2014-02-20 13:08 - 2014-02-20 12:30 - 00029150 _____ () C:\Users\19newaccount51\Desktop\F-secure apps to clean malware.odt
2014-02-20 13:07 - 2014-02-20 13:07 - 00014029 _____ () C:\Users\19newaccount51\Desktop\APPLE FLASHBACK MALWARE REMOVAL BY F-SECURE.odt
2014-02-20 12:31 - 2014-02-20 11:23 - 00003866 _____ () C:\Users\19newaccount51\Desktop\fsbl-20140220172316.log
2014-02-20 10:52 - 2014-02-20 10:51 - 00162662 _____ () C:\Users\19newaccount51\Desktop\Access violation at affress 743dc111 in module nemesisInteropmodule,dll.odt
2014-02-20 01:05 - 2014-02-20 01:05 - 04102163 _____ () C:\Users\19newaccount51\Downloads\tdsskiller.zip
2014-02-20 00:33 - 2014-02-21 14:22 - 01037734 _____ (Thisisu) C:\Users\19newaccount51\Desktop\JRT_NEW.exe
2014-02-20 00:15 - 2014-02-20 00:02 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\FreeFixer
2014-02-20 00:11 - 2014-02-19 23:57 - 00137866 _____ () C:\Users\19newaccount51\Desktop\FREEFIXER - User's Manual FEB 2014.odt
2014-02-20 00:02 - 2014-02-20 00:02 - 00013354 _____ () C:\Users\19newaccount51\Desktop\What is aswSnx.sys, AND cmdguard.sys
2014-02-20 00:01 - 2014-02-20 00:01 - 00000000 ____D () C:\Program Files\FreeFixer
2014-02-19 23:59 - 2014-02-19 23:59 - 02551343 _____ (Kephyr) C:\Users\19newaccount51\Desktop\freefixersetup.exe
2014-02-19 22:51 - 2014-01-16 13:27 - 00000000 ____D () C:\Program Files\Recuva
2014-02-19 22:21 - 2014-02-19 22:12 - 316506608 _____ (Norman Shark AS) C:\Users\19newaccount51\Downloads\Norman_Malware_Cleaner.exe
2014-02-19 22:18 - 2014-02-19 22:18 - 01137360 _____ (F-Secure Corporation) C:\Users\19newaccount51\Desktop\f-SecureBlackLightRootKitToolfsbl.exe
2014-02-19 22:16 - 2014-02-19 22:16 - 00790064 _____ () C:\Users\19newaccount51\Desktop\SophosConflickerRemovalTool_ssconftool_10_sfx.exe
2014-02-19 22:14 - 2014-02-19 22:14 - 00366627 _____ (Avira GmbH) C:\Users\19newaccount51\Desktop\AviraAntiVirRemovalTool_en.exe
2014-02-19 22:13 - 2014-02-19 23:38 - 00031165 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_3.odt
2014-02-19 22:13 - 2014-02-19 22:13 - 04130896 _____ (PC Tools) C:\Users\19newaccount51\Desktop\avinstall.exe
2014-02-19 22:08 - 2014-02-19 22:07 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\19newaccount51\Desktop\mbam-setup-1.75.0.1300(1).exe
2014-02-19 22:06 - 2014-02-07 10:02 - 01931088 _____ (Symantec Corporation) C:\Users\19newaccount51\Desktop\FixTDSS.exe
2014-02-19 20:59 - 2014-02-19 20:59 - 00001041 _____ () C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2014-02-19 20:59 - 2013-08-27 00:46 - 00000000 ____D () C:\Program Files\Wise
2014-02-19 20:53 - 2014-02-19 20:53 - 00002084 _____ () C:\Users\Public\Desktop\Tweaking.com - Simple System Tweaker.lnk
2014-02-19 20:53 - 2014-02-19 20:53 - 00001078 _____ () C:\Users\19newaccount51\Desktop\Revo Uninstaller.lnk
2014-02-19 20:53 - 2014-02-19 20:53 - 00000797 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-02-19 20:53 - 2014-02-19 20:53 - 00000000 ____D () C:\Program Files\Speccy
2014-02-19 20:53 - 2013-04-07 00:12 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-02-19 20:52 - 2014-02-19 20:52 - 00001854 _____ () C:\Users\19newaccount51\Desktop\Process Hacker 2.lnk
2014-02-19 20:52 - 2014-02-19 20:52 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-19 20:52 - 2014-02-19 20:52 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Paint.NET
2014-02-19 20:52 - 2014-02-19 20:52 - 00000000 ____D () C:\Program Files\Process Hacker 2
2014-02-19 20:52 - 2014-02-19 20:52 - 00000000 ____D () C:\Program Files\Notepad++
2014-02-19 20:52 - 2014-01-16 13:27 - 00001655 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-02-19 20:49 - 2014-02-19 20:49 - 00001671 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-02-19 20:48 - 2013-03-21 07:44 - 00000000 ____D () C:\Program Files\Google
2014-02-19 20:47 - 2014-02-19 20:47 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\querftsq.sys
2014-02-19 20:46 - 2014-02-19 20:46 - 00000983 _____ () C:\Users\19newaccount51\Desktop\Auslogics DiskDefrag.lnk
2014-02-19 20:46 - 2014-02-19 20:46 - 00000000 ____D () C:\Program Files\Auslogics
2014-02-19 20:43 - 2013-05-15 21:45 - 00000000 ____D () C:\Program Files\7-Zip
2014-02-19 20:40 - 2014-02-19 23:38 - 00072734 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_2_1.odt
2014-02-19 15:42 - 2014-02-19 15:42 - 00005948 _____ () C:\Users\19newaccount51\Desktop\cc_20140219_154216.reg
2014-02-19 14:11 - 2014-02-19 14:11 - 00000773 _____ () C:\Users\19newaccount51\Desktop\JRT.txt  2-19-2014 Google Blacklisted Policy removed.txt
2014-02-19 03:16 - 2014-02-19 01:17 - 00095255 _____ () C:\Users\19newaccount51\Desktop\Anemia considerations from livestrong.com
2014-02-19 02:07 - 2014-02-19 02:07 - 00019482 _____ () C:\Users\19newaccount51\Desktop\AVAST CHAPTER ON USING THE VIRUS CHEST.odt
2014-02-19 02:00 - 2014-02-18 23:40 - 00070190 _____ () C:\Users\19newaccount51\Desktop\Documents\BLOOD DISORDER OR DISEASE -MINUS-  -HEART  TFM GOOGLED THE PRECEDING WITH IMAGES OF.odt
2014-02-19 01:46 - 2014-02-19 01:28 - 00178010 _____ () C:\Users\19newaccount51\Desktop\AVAST VIRUS CHEST LIST AS OF 02-19-2014  0125.odt
2014-02-19 01:46 - 2014-02-19 01:19 - 00015643 _____ () C:\Users\19newaccount51\Desktop\AVAST VIRUS CHEST CONSIDERATIONS.odt
2014-02-19 01:18 - 2014-02-19 01:18 - 00015168 _____ () C:\Users\19newaccount51\Desktop\small nastys that like us humans.odt
2014-02-18 23:38 - 2014-02-18 23:38 - 00086402 _____ () C:\Users\19newaccount51\Desktop\IMAGES OF BLOOD DISORDER OR DISEASE -HEART.odt
2014-02-18 23:33 - 2014-02-18 23:33 - 00005796 _____ () C:\Users\19newaccount51\Desktop\blood disease  sickle-cell anemia -- Britannica Online Encyclopedia.htm
2014-02-18 23:33 - 2014-02-18 23:33 - 00000000 ____D () C:\Users\19newaccount51\Desktop\blood disease  sickle-cell anemia -- Britannica Online Encyclopedia_files
2014-02-18 23:10 - 2014-02-18 22:37 - 00015316 _____ () C:\Users\19newaccount51\Desktop\AFTER RK,MBAMANTIROOT, MBAM, SAS, AVAST QUICK SCAN STILL 30 PLUS EATsTFM JUST NOTICED HAVEN'T HAD AVAST FULL SCAN CHEDULED SINCE.odt
2014-02-18 17:20 - 2014-02-18 17:20 - 00015641 _____ () C:\Users\19newaccount51\Desktop\TFM COPY-PASTED THE MBR RAW DATA DURING SCAN.odt
2014-02-18 17:09 - 2014-02-18 17:09 - 00011559 _____ () C:\Users\19newaccount51\Desktop\SAS SCAN ONLY COOKIES 32 BUT ORIGINAL SAN RESULTS HIGHLIGHTED THE BOLD FACE.odt
2014-02-18 15:35 - 2014-02-18 14:39 - 00019467 _____ () C:\Users\19newaccount51\Desktop\SUPERANTISPYWARE FINDS Trojan.Dropper fake found during SAS scan NOTE THE HOOOKS ARE NOT CONSIDERED BAD.odt
2014-02-18 15:35 - 2013-03-24 21:33 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-18 14:24 - 2014-02-18 14:16 - 00038216 _____ () C:\Users\19newaccount51\Desktop\BLEEPINGCOMPUTER FEB 01 2014 NICE SERIES OF STEPS.odt
2014-02-18 13:52 - 2014-02-18 13:52 - 00012854 _____ () C:\Users\19newaccount51\Desktop\HitmanPro_2014-021-8_1240     iframedll -  WRP  Run   - at C-windows-system32.log at the end of the run display screen read threats  11.odt
2014-02-18 13:45 - 2014-02-18 13:45 - 00016128 _____ () C:\Users\19newaccount51\Desktop\Documents\ClamAV memory scan scan  canceled by user ran only 1 min 12 sec note results  a pages of lines - ton of permission denied.odt
2014-02-18 13:36 - 2014-02-18 13:36 - 00014022 _____ () C:\Users\19newaccount51\Desktop\area network is working and no Hjs but over 30 policy HJsi turned file sharing off after this scan.odt
2014-02-18 13:35 - 2014-02-18 13:35 - 00012871 _____ () C:\Users\19newaccount51\Desktop\area network is working and no Hjs i turned file sharing off after this scan.odt
2014-02-17 22:54 - 2014-02-12 00:14 - 00000000 ____D () C:\Users\19newaccount51\Desktop\rkill
2014-02-17 22:53 - 2014-02-05 13:59 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Mozilla
2014-02-17 22:36 - 2014-02-17 22:36 - 00023323 _____ () C:\Users\19newaccount51\Desktop\PortableApps.com
2014-02-17 21:31 - 2014-02-17 21:31 - 00118535 _____ () C:\Users\19newaccount51\Desktop\TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 2332 ran with all options see bolded.odt
2014-02-17 21:20 - 2014-02-17 21:20 - 00118015 _____ () C:\Users\19newaccount51\Desktop\TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 2332   ran with all options  checked including modules-  rebooted to prepare for ascan - no threat detcted  will no.odt
2014-02-16 19:20 - 2014-02-06 22:12 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Google
2014-02-15 18:17 - 2014-02-15 18:17 - 00012490 _____ () C:\Users\19newaccount51\Desktop\UNHIDE by bleeping computer WOW -1. detected and deleted - disable taskMrg, and two no-run  policies but 2. I need to creat a temp file.odt
2014-02-15 18:15 - 2014-02-15 18:13 - 00011859 _____ () C:\Users\19newaccount51\Desktop\UNHIDE by bleeping computer WOW - detected and deleted - disable taskMrg, and two no-run  policies.odt
2014-02-15 16:19 - 2014-02-11 11:07 - 00000000 ____D () C:\Users\19newaccount51\Desktop\mbar
2014-02-15 16:19 - 2014-01-22 13:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-15 02:55 - 2014-02-15 02:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\19newaccount51\Downloads\mbar-1.07.0.1009(1).exe
2014-02-15 02:55 - 2014-02-15 02:55 - 00065232 _____ (Malwarebytes) C:\Users\19newaccount51\Downloads\regassassin-setup-1.03.exe
2014-02-15 02:55 - 2014-02-15 02:54 - 01769928 _____ (Malwarebytes ) C:\Users\19newaccount51\Downloads\mbae-setup-0.09.5.1000.exe
2014-02-15 01:57 - 2014-02-15 01:57 - 00001186 _____ () C:\Users\19newaccount51\Desktop\cc_20140215_015704.reg
2014-02-15 01:52 - 2014-02-15 01:52 - 00080214 _____ () C:\Users\19newaccount51\Desktop\Documents\1. Malwarebytes Forum  → Malware Removal Support  → Malware Removal Help  → Resolved HijackThis Logs - the 101 page version.odt
2014-02-15 01:52 - 2014-02-15 01:52 - 00036903 _____ () C:\Users\19newaccount51\Desktop\1. Malwarebytes Forum  → Malware Removal Support  → Malware Removal Help  → Resolved HijackThis Logs  the 20 page version.odt
2014-02-15 01:34 - 2014-02-15 01:34 - 00020703 _____ () C:\Users\19newaccount51\Desktop\Canon pixma mx340 -  tfm - notes i have taken that work - Reset ink level,or new cartridge reset.odt
2014-02-15 01:32 - 2014-02-14 13:43 - 00080365 _____ () C:\Users\19newaccount51\Desktop\Documents\1. Malwarebytes Forum  → Malware Removal Support  → Malware Removal Help  → Resolved HijackThis Logs.odt
2014-02-15 00:28 - 2014-02-15 00:28 - 00024640 _____ () C:\Users\19newaccount51\Desktop\Documents\ERUNT - The Emergency Recovery Utility NT  Registry Backup and Restore for Windows.odt
2014-02-15 00:25 - 2014-02-15 00:21 - 00024326 _____ () C:\Users\19newaccount51\Desktop\Documents\ERUNT - The Emergency Recovery Utility NT   -  readme file.odt
2014-02-15 00:19 - 2014-02-15 00:17 - 00000000 ____D () C:\Program Files\ERUNT
2014-02-15 00:08 - 2014-02-15 00:07 - 00000000 _____ () C:\Users\19newaccount51\Desktop\LogAnalyZer.ini
2014-02-15 00:03 - 2014-02-15 00:02 - 00791393 _____ (Lars Hederer ) C:\Users\19newaccount51\Desktop\erunt-setup.exe
2014-02-14 21:06 - 2014-02-14 21:04 - 00020694 _____ () C:\Users\19newaccount51\Desktop\Documents\Canon pixma mx340 -  Reset ink level,or new cartridge reset.odt
2014-02-14 21:00 - 2014-02-14 14:45 - 00020469 _____ () C:\Users\19newaccount51\Desktop\Documents\Canon pixma mx340 -  Reset ink level, cartridge not installed.odt
2014-02-14 13:15 - 2014-02-14 13:15 - 00019905 _____ () C:\Users\19newaccount51\Desktop\Documents\DDS 02-14-2014  1315.txt
2014-02-14 12:29 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Branding
2014-02-14 11:50 - 2013-03-21 22:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-14 10:29 - 2014-02-14 10:29 - 00018160 _____ () C:\Users\19newaccount51\Desktop\Troubleshoot Adobe Reader installation Windows feb 2014.odt
2014-02-14 09:59 - 2014-01-30 22:20 - 00000867 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-14 09:59 - 2013-12-20 02:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 09:58 - 2014-02-14 09:58 - 00282840 _____ (Mozilla) C:\Users\19newaccount51\Downloads\Firefox Setup Stub 27.0.1.exe
2014-02-14 09:55 - 2014-02-14 09:55 - 00773632 _____ (Robert Simpson, et al.) C:\Users\19newaccount51\AppData\Roaming\System.Data.SQLite.dll
2014-02-14 09:46 - 2014-02-14 09:46 - 00002176 _____ () C:\Users\19newaccount51\Desktop\cc_20140214_094608.reg
2014-02-14 09:45 - 2014-02-09 14:09 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\HpUpdate
2014-02-14 09:38 - 2014-02-14 09:34 - 00000968 _____ () C:\Users\19newaccount51\Desktop\Continue Zip Extractor Installation.lnk
2014-02-13 19:51 - 2014-02-13 19:51 - 00020756 _____ () C:\Users\19newaccount51\Desktop\Thomas F. Murphy resume prepared for Environmental Safety Technologies.odt
2014-02-13 19:51 - 2014-02-11 14:09 - 00023148 _____ () C:\Users\19newaccount51\Desktop\Thomas F. Murphy resume             distilled by copy-paste.odt
2014-02-13 19:50 - 2014-02-13 19:46 - 00020756 _____ () C:\Users\19newaccount51\Desktop\Documents\Thomas F. Murphy resume prepared for Environmental Safety Technologies.odt
2014-02-13 19:41 - 2014-02-13 19:41 - 00008267 _____ () C:\Users\19newaccount51\Desktop\Documents\Thomas F. Murphy resume for Environmental Safety Technologies.odt
2014-02-13 16:39 - 2013-07-09 10:16 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-02-13 16:37 - 2014-02-13 16:37 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.Printing.Run.exe
2014-02-13 16:32 - 2014-02-13 16:32 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-13 16:31 - 2014-02-13 16:31 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-02-13 16:28 - 2014-02-13 16:28 - 00000000 ____D () C:\HP Universal Print Driver
2014-02-13 16:26 - 2014-02-13 16:26 - 00001650 _____ () C:\Users\19newaccount51\Desktop\cc_20140213_162629.reg
2014-02-13 16:19 - 2014-02-13 16:19 - 00016002 _____ () C:\Users\19newaccount51\Desktop\How To Fix Ieframe.dll Errors.odt
2014-02-13 16:19 - 2014-02-13 16:15 - 00022458 _____ () C:\Users\19newaccount51\Desktop\HP Universal Print Driver for Windows.odt
2014-02-13 16:19 - 2013-03-24 10:49 - 00032079 _____ () C:\ProgramData\hpzinstall.log
2014-02-13 16:14 - 2014-02-13 16:14 - 17344800 _____ () C:\Users\19newaccount51\Desktop\upd-pcl6-x32-5.8.0.17508.exe
2014-02-13 14:06 - 2014-02-13 14:04 - 00016170 _____ () C:\Users\19newaccount51\Desktop\How to enable  -  disable command prompt.odt
2014-02-13 13:40 - 2014-02-13 11:44 - 00010107 _____ () C:\Users\19newaccount51\Desktop\Documents\DICK MILLER EMAIL NOT RECIEVED.odt
2014-02-13 13:27 - 2014-02-13 13:26 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Canon
2014-02-13 04:41 - 2014-02-12 22:21 - 00000000 ____D () C:\Users\19newaccount51\Doctor Web
2014-02-12 19:17 - 2013-03-21 04:10 - 00000000 ____D () C:\Windows\Panther
2014-02-12 19:17 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-02-12 19:14 - 2014-02-11 14:46 - 00002325 _____ () C:\Users\Public\Desktop\SlimCleaner.lnk
2014-02-12 18:32 - 2014-02-12 18:32 - 07265600 _____ (Bitdefender LLC) C:\Users\19newaccount51\Downloads\BootkitRemoval_x86.exe
2014-02-12 18:16 - 2014-02-12 18:16 - 00147456 _____ () C:\Users\19newaccount51\Desktop\catchme.exe
2014-02-12 18:15 - 2014-02-12 18:15 - 00017584 _____ () C:\Users\19newaccount51\Desktop\Documents\List of Anti-Rootkits.odt
2014-02-12 18:11 - 2014-02-12 18:11 - 00634925 _____ () C:\Users\19newaccount51\Downloads\RkU3.8.389.593.rar
2014-02-12 16:39 - 2014-02-12 16:39 - 00002604 _____ () C:\Users\19newaccount51\Desktop\cc_20140212_163932.reg TFM LOOK THIS OVER.reg
2014-02-12 16:31 - 2014-02-12 16:27 - 00028823 _____ () C:\Users\19newaccount51\Desktop\GREAT ROOTKIT MALWARE EXCERSE FROM BLEEPING.odt
2014-02-12 16:27 - 2014-02-12 16:26 - 00029353 _____ () C:\Users\19newaccount51\Desktop\Kaspersky AV has identified tcpip.sys vital windows file BSOD with out it as malware  Can't get rid of rootkit infection - tcpip.odt
2014-02-12 16:23 - 2014-02-12 16:23 - 00029182 _____ () C:\Users\19newaccount51\Desktop\Documents\Kaspersky AV has identified tcpip.sys vital windows file BSOD with out it as malware  Can't get rid of rootkit infection - tcpip.sys
2014-02-12 16:21 - 2014-02-12 16:21 - 00015602 _____ () C:\Users\19newaccount51\Desktop\Documents\Publish a Snapshot using Speccy  for blepping computer.odt
2014-02-12 16:19 - 2014-02-12 16:16 - 00032055 _____ () C:\Users\19newaccount51\Desktop\Documents\Vista firewall exceptions not working.odt
2014-02-12 13:21 - 2014-02-12 13:21 - 00000651 _____ () C:\Users\19newaccount51\Desktop\JRT.txt 02-12-2014 safemode.txt
2014-02-12 12:40 - 2014-02-12 15:34 - 00048676 _____ () C:\Users\19newaccount51\Desktop\Documents\untitled_2.odt
2014-02-12 12:04 - 2014-02-12 11:02 - 00036419 _____ () C:\Users\19newaccount51\Desktop\Documents\How to Use Rootkit Unhooker.odt
2014-02-12 12:01 - 2014-02-12 12:01 - 00042445 _____ () C:\Users\19newaccount51\Desktop\Documents\RootRepeal & rootkit unhooker - System infected    MALWAREBYTES FORUM.odt
2014-02-12 10:09 - 2014-02-12 09:37 - 00049315 _____ () C:\Users\19newaccount51\Desktop\PROCESSES, DLLS, MUI FILES, Native Images (NI) ,MUI Files, Safe or Threat, Linked files  DLL, OCX and SS What web hosting is best for us  System Explorer dev team blog about system management, security and more..odt
2014-02-12 09:10 - 2014-02-12 08:57 - 00013760 _____ () C:\Users\19newaccount51\Desktop\ESET ONLINE SCANNER WENS 02 12 2014 – 42 THREATS  4.52HR SCAN 367819 FILES ...USER “MD” SO MANY  MALWARE  PROBS TFM HAD TO CREATE 2ND USER ACCT SCAN TIME ABOUT 1HR LONGER.odt
2014-02-12 03:16 - 2014-02-12 03:16 - 00017333 _____ () C:\Users\19newaccount51\Desktop\ESET Online scanner faq.odt
2014-02-12 02:15 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\HP D110 PHOTOSMART EPRINT ALL IN ONE
2014-02-12 02:13 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Your inkjet printer's dirty little secret (1_26_11)_files
2014-02-12 02:13 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How to disassemble Compaq Presario F700 notebook    Inside my laptop_files
2014-02-12 02:13 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Contemporary Acoustic Treatment_files
2014-02-12 02:13 - 2014-02-12 02:13 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Connected  Your Complete Guide To Home Networking_files
2014-02-12 01:41 - 2014-02-12 01:40 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Anything Legionella EST Dick Miller Shanna
2014-02-12 01:40 - 2014-02-12 01:40 - 00000000 ____D () C:\Users\19newaccount51\Desktop\ANYTHING TREC
2014-02-12 01:40 - 2014-02-12 01:40 - 00000000 ____D () C:\Users\19newaccount51\Desktop\ANYTHING HARD DRIVE COMPUTER
2014-02-11 22:49 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-11 22:42 - 2013-07-20 17:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-11 22:35 - 2006-11-02 04:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-11 21:43 - 2014-02-11 21:43 - 00000404 _____ () C:\Users\19newaccount51\Desktop\disecting - firewallapi.dl - fwdonothingonobject - EAT @explorer.exe
2014-02-11 18:53 - 2014-02-11 18:53 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\SUPERAntiSpyware.com
2014-02-11 18:51 - 2014-02-08 18:55 - 00021314 _____ () C:\Users\19newaccount51\Desktop\THOMAS F MURPHY RESUME SCEINCE ADDENDUM.odt
2014-02-11 17:57 - 2014-02-08 18:37 - 00000000 ____D () C:\Users\19newaccount51\Desktop\docs from md transfered in safe mode
2014-02-11 17:00 - 2014-02-06 02:06 - 00000000 ____D () C:\ProgramData\Auslogics
2014-02-11 16:53 - 2014-02-11 16:53 - 03781520 _____ (Auslogics) C:\Users\19newaccount51\Downloads\ausdiskdefragportable.exe
2014-02-11 16:49 - 2014-02-11 16:49 - 00014609 _____ () C:\Users\19newaccount51\Desktop\Documents\first trend micro rootktbuster02-11-2014.odt
2014-02-11 14:47 - 2014-02-11 14:46 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-02-11 14:46 - 2014-02-11 14:46 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\SlimWare Utilities Inc
2014-02-11 14:08 - 2014-02-10 15:00 - 00023204 _____ () C:\Users\19newaccount51\Desktop\tfm resume distilled by copy-paste.odt
2014-02-11 12:26 - 2014-02-10 18:08 - 00000000 ____D () C:\Users\19newaccount51\Desktop\docs from md transfered in safe mode - Copy
2014-02-11 12:23 - 2014-02-11 12:23 - 00027691 _____ () C:\Users\19newaccount51\Desktop\Documents\BEFORE You POST(Please read this Procedure Before Requesting Assistance).odt
2014-02-11 12:22 - 2014-02-11 12:22 - 00026721 _____ () C:\Users\19newaccount51\Desktop\Documents\HP Support Forums all lightsblinking.odt
2014-02-11 12:21 - 2014-02-11 12:21 - 00015409 _____ () C:\Users\19newaccount51\Desktop\Documents\How Spybot - Search & Destroy protects against the installation of Spyware-Malware.odt
2014-02-11 12:20 - 2014-02-11 12:20 - 00012398 _____ () C:\Users\19newaccount51\Desktop\Documents\ESET ONLINE SCAN 02092014 - 41 THREATS detected.odt
2014-02-11 12:19 - 2014-02-11 12:19 - 00015023 _____ () C:\Users\19newaccount51\Desktop\Documents\User Account Control (UAC) is a new.odt
2014-02-11 12:19 - 2014-02-11 12:19 - 00014314 _____ () C:\Users\19newaccount51\Desktop\Documents\Compress and uncompress files (zip files).odt
2014-02-11 12:17 - 2014-02-11 12:17 - 00016797 _____ () C:\Users\19newaccount51\Desktop\Documents\Keyboard shortcuts Windows Vista.odt
2014-02-11 12:16 - 2014-02-11 12:16 - 00013576 _____ () C:\Users\19newaccount51\Desktop\Documents\Create keyboard shortcuts to open programs.odt
2014-02-11 12:15 - 2014-02-11 12:15 - 00015130 _____ () C:\Users\19newaccount51\Desktop\Documents\Internet Explorer keyboard shortcuts.odt
2014-02-11 11:07 - 2014-02-11 11:07 - 00000424 _____ () C:\Users\19newaccount51\Desktop\cc_20140211_110714.reg
2014-02-11 10:01 - 2014-02-11 10:00 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Downloads\unhide.exe
2014-02-11 09:37 - 2014-02-11 09:37 - 00095434 _____ () C:\Users\19newaccount51\Desktop\Autorun Deleter.zip
2014-02-11 09:30 - 2014-02-11 09:30 - 00014600 _____ () C:\Users\19newaccount51\Desktop\CleanAutoRun utility for restoration of executable files (.exe, .bat, .cmd, .com, .pif).odt
2014-02-11 09:24 - 2014-02-11 09:24 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Downloads\rkill.exe
2014-02-11 09:23 - 2014-02-11 09:23 - 00022647 _____ () C:\Users\19newaccount51\Desktop\Unhide.exe - A introduction as to what this program does.odt
2014-02-11 09:20 - 2014-02-11 09:20 - 00792064 _____ (TangoSoft) C:\Users\19newaccount51\Downloads\Re-Enable v2.exe
2014-02-11 09:09 - 2014-02-11 09:09 - 00014672 _____ () C:\Users\19newaccount51\Desktop\Internet Explorer DEP(enable) - do I need it.odt
2014-02-11 09:03 - 2014-02-11 09:03 - 00006278 _____ () C:\Users\19newaccount51\Desktop\cc_20140211_090306.reg
2014-02-11 09:01 - 2014-02-11 09:00 - 00070441 _____ () C:\Users\19newaccount51\Desktop\Documents\1338 files 1.349 GB of Sys temp files....I know I have at least an mbr virus as the awsMbr scan shows – see log.   But maybe a boat load more.odt
2014-02-11 08:55 - 2014-02-06 13:30 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\CrashDumps
2014-02-11 08:51 - 2014-02-11 08:51 - 00015103 _____ () C:\Users\19newaccount51\Desktop\Malwarebytes Anti-Rootkit.odt
2014-02-11 08:35 - 2014-02-11 08:35 - 00015285 _____ () C:\Users\19newaccount51\Desktop\how to restore the master boot record step by dstep.odt
2014-02-11 08:32 - 2014-02-11 08:32 - 00370943 _____ () C:\Users\19newaccount51\Downloads\gmer.zip
2014-02-11 08:31 - 2014-02-11 08:31 - 01600368 _____ () C:\Users\19newaccount51\Downloads\AVG_Uploader_Free_en.exe
2014-02-11 08:30 - 2014-02-11 08:30 - 00025342 _____ () C:\Users\19newaccount51\Desktop\ntkrnlpa.exe CLASSPNP.SYS Disk.sys ACPI.sys hal.dll atapi.sys
2014-02-11 06:10 - 2014-02-11 06:10 - 02447334 _____ () C:\Users\19newaccount51\AppData\Local\[j0002]-[p01].bmp
2014-02-11 06:07 - 2014-02-10 18:44 - 00001814 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-02-11 04:41 - 2014-02-11 04:41 - 04102163 _____ () C:\Users\19newaccount51\Downloads\tdsskiller update.zip
2014-02-11 04:35 - 2014-02-11 04:35 - 03813376 _____ () C:\Users\19newaccount51\Downloads\RogueKiller.exe
2014-02-11 04:34 - 2014-02-09 02:14 - 00172500 _____ () C:\Windows\hpoins46.dat
2014-02-11 04:11 - 2014-02-11 04:06 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Folder with hp110a printer basic installerfor use with Printers - Add printer
2014-02-11 03:40 - 2013-03-24 10:52 - 00000000 ____D () C:\Program Files\HP
2014-02-11 03:37 - 2014-02-11 03:10 - 00014473 _____ () C:\Users\19newaccount51\Desktop\Documents\Check your hard disk for errors AND AUTO REPAIR ON THE FLY.odt
2014-02-11 03:36 - 2014-02-11 02:11 - 00022182 _____ () C:\Users\19newaccount51\Desktop\Documents\Use the System File Checker tool to repair missing or corrupted system files.odt
2014-02-11 03:26 - 2014-02-11 03:26 - 00027672 _____ () C:\Users\19newaccount51\Desktop\Documents\BEFORE You POSTPlease read this Procedure Before Requesting Assistance2.odt
2014-02-11 03:17 - 2014-02-11 02:46 - 00015504 _____ () C:\Users\19newaccount51\Desktop\Documents\Add a local printer (USB) -  AND ADD A  NETWORK PRINTER.odt
2014-02-11 03:16 - 2014-02-11 03:15 - 00011194 _____ () C:\Users\19newaccount51\Desktop\Documents\CUSTOMIZE THE START MENU, WINDOWS TOOL BAR, NOTIFICATION BAR.odt
2014-02-11 03:16 - 2014-02-11 02:52 - 00030646 _____ () C:\Users\19newaccount51\Desktop\Documents\Installing new hardware – USB, PRINTER, FIX DRIVER PROBS, FINDING OEM DRIVERS, Add a 2ND MONITOR VISTA  recommended links.odt
2014-02-11 03:16 - 2014-02-11 02:17 - 00017293 _____ () C:\Users\19newaccount51\Desktop\Documents\How to perform a clean boot in Windows ….start Windows by using a minimal set of drivers and startup programs.odt
2014-02-11 03:16 - 2014-02-10 12:52 - 00051042 _____ () C:\Users\19newaccount51\Desktop\HP Photosmart e-All-in-One Printer Series D110.odt
2014-02-11 03:06 - 2014-02-11 03:06 - 00014431 _____ () C:\Users\19newaccount51\Desktop\Documents\Add a second monitor.odt
2014-02-11 03:05 - 2014-02-11 03:05 - 00015869 _____ () C:\Users\19newaccount51\Desktop\Documents\Video cardS - frequently asked questions.odt
2014-02-11 02:26 - 2014-02-11 02:26 - 00280204 _____ () C:\Users\19newaccount51\Downloads\WindowsUpdateDiagnostic.diagcab
2014-02-11 02:23 - 2014-02-11 02:22 - 00019766 _____ () C:\Users\19newaccount51\Desktop\Documents\Tips for fixing common driver problems – ALSO SEE CLEAN BOOT.odt
2014-02-11 01:46 - 2014-02-11 01:46 - 00347816 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\MicrosoftFixit.Performance.Run.exe
2014-02-11 01:33 - 2014-02-11 01:33 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\HP
2014-02-11 01:33 - 2014-02-10 19:44 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\HP
2014-02-10 22:44 - 2014-02-10 22:44 - 00028512 _____ () C:\Users\19newaccount51\Desktop\cc_20140210_224414.reg
2014-02-10 22:35 - 2014-02-10 22:35 - 00026653 _____ () C:\Users\19newaccount51\Desktop\BLEEPING SOLUTIONS FEB 2014.odt
2014-02-10 22:32 - 2014-02-10 22:32 - 04845384 _____ (Piriform Ltd) C:\Users\19newaccount51\Downloads\PRIFORMS SPECCY - spsetup125.exe
2014-02-10 21:58 - 2014-02-10 21:57 - 00015547 _____ () C:\Users\19newaccount51\Desktop\DVD BURNER AND MEDIA FORMATING OR  ERASING OR WRITING STOPS.odt
2014-02-10 20:42 - 2014-02-10 19:41 - 00075977 _____ () C:\Windows\hpqins01.dat
2014-02-10 19:44 - 2006-11-02 04:23 - 00000179 _____ () C:\Windows\win.ini
2014-02-10 18:52 - 2014-02-10 18:49 - 146110512 _____ () C:\Users\19newaccount51\Desktop\PS_AIO_07_D110_USW_Full_Win_enu_140_126.exe
2014-02-10 18:51 - 2014-02-10 18:49 - 59319576 _____ () C:\Users\19newaccount51\Downloads\HP-ePrint-win-4.6.60.12747.exe
2014-02-10 18:43 - 2014-02-10 18:43 - 06123336 _____ () C:\Users\19newaccount51\Downloads\HPPSdr.exe
2014-02-10 18:08 - 2014-02-10 18:08 - 00000000 ____D () C:\Users\19newaccount51\Desktop\docs from md transfered in safe mode - Copy (2)
2014-02-10 12:28 - 2014-02-10 12:28 - 00027673 _____ () C:\Users\19newaccount51\Desktop\read this before posting.odt
2014-02-10 11:46 - 2014-02-10 11:46 - 00801088 _____ (SlimWare Utilities, Inc.) C:\Users\19newaccount51\Downloads\SlimCleaner-setup.exe
2014-02-10 11:13 - 2014-02-10 11:13 - 00000042 _____ () C:\Users\19newaccount51\Desktop\Documents\ESET ONLINE SCAN 02092014 - 41 THREAT.txt
2014-02-10 01:17 - 2014-02-10 01:17 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Help
2014-02-10 01:16 - 2014-02-10 01:16 - 01499261 _____ () C:\Users\19newaccount51\Downloads\CDCheck.zip
2014-02-10 00:46 - 2014-02-10 00:46 - 00004848 _____ () C:\Users\19newaccount51\Desktop\cc_20140210_004626.reg
2014-02-09 23:56 - 2014-02-09 23:56 - 00025438 _____ () C:\Users\19newaccount51\Desktop\CD DVD FORMAT, ERASE, RECORD, MASTER VS OPEN RECORD, USE IN OTHER PCs OR PLAYERS.odt
2014-02-09 18:02 - 2014-02-09 17:16 - 01575702 _____ () C:\Users\19newaccount51\Desktop\Documents\PARTITION, FORMAT DISK -  NEW WINDOWS INSTALL GUIDES.odt
2014-02-09 12:52 - 2014-02-09 12:52 - 00028784 _____ () C:\Users\19newaccount51\Desktop\Documents\Performing an HP laptop notebook System Recovery  or reinstall(Windows Vista).odt
2014-02-09 11:06 - 2014-02-09 10:54 - 02447334 _____ () C:\Users\19newaccount51\AppData\Local\[j0002]-[p04].bmp
2014-02-09 03:16 - 2006-11-02 04:23 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_596
2014-02-09 02:39 - 2014-02-09 02:39 - 00000000 ____D () C:\Users\19newaccount51\Desktop\tweaking.com_windows_repair_aio
2014-02-09 01:37 - 2014-02-11 04:16 - 60341952 _____ () C:\Users\19newaccount51\Desktop\PS_AIO_07_D110_USW_Basic_Win_enu_140_126.exe
2014-02-09 01:23 - 2014-02-09 01:23 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\IObit
2014-02-09 01:20 - 2013-10-16 22:11 - 00000000 ____D () C:\ProgramData\Skype
2014-02-09 00:52 - 2014-02-09 00:52 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Auslogics
2014-02-09 00:51 - 2013-05-07 20:39 - 00000000 ____D () C:\Program Files\UltraFileSearch
2014-02-09 00:50 - 2014-02-09 00:50 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Stegisoft
2014-02-08 23:05 - 2014-02-08 23:05 - 00000000 ____D () C:\MATS
2014-02-08 22:14 - 2014-02-08 22:14 - 00003392 _____ () C:\Users\19newaccount51\Desktop\cc_20140208_221402.reg
2014-02-08 21:01 - 2014-02-08 21:01 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Wise PC 1stAid
2014-02-08 18:33 - 2014-02-08 18:33 - 00000000 ____D () C:\Users\19newaccount51\Downloads\log
2014-02-08 17:45 - 2014-02-08 17:45 - 15865392 _____ (Trend Micro Inc.) C:\Users\19newaccount51\Downloads\RootkitBusterv5.0-1083.exe
2014-02-08 17:42 - 2014-02-08 17:42 - 04071672 _____ (Bitdefender LLC) C:\Users\19newaccount51\Downloads\BDUSBImmunizerLauncher.exe
2014-02-08 17:35 - 2014-02-08 17:35 - 02812752 _____ (Phrozen Software™ Solutions © 2013 ) C:\Users\19newaccount51\Downloads\PhrozenVirusTotalUploaderV3_setup.exe
2014-02-08 17:32 - 2014-02-08 17:32 - 00000246 _____ () C:\Users\19newaccount51\Desktop\Free Anti-Virus Tools Freeware downloads and reviews from SnapFiles.URL
2014-02-08 17:08 - 2014-02-08 17:08 - 00011722 _____ () C:\Users\19newaccount51\Desktop\cc_20140208_170853.reg
2014-02-08 16:41 - 2014-02-08 16:41 - 00001881 _____ () C:\Users\UpdatusUser\Desktop\VirusTotal Uploader 2.2.lnk
2014-02-08 16:41 - 2014-02-08 16:41 - 00001881 _____ () C:\Users\md\Desktop\VirusTotal Uploader 2.2.lnk
2014-02-08 16:41 - 2014-02-08 16:41 - 00001881 _____ () C:\Users\19newaccount51\Desktop\VirusTotal Uploader 2.2.lnk
2014-02-08 16:41 - 2014-02-08 16:41 - 00000000 ____D () C:\Program Files\VirusTotalUploader2
2014-02-08 16:40 - 2014-02-08 16:40 - 00142744 _____ () C:\Users\19newaccount51\Downloads\vtuploader2.2.exe
2014-02-08 15:58 - 2014-02-08 15:58 - 00054857 _____ () C:\Users\19newaccount51\Desktop\KASPER TDSS ROOTKIT TOOL.odt
2014-02-08 15:31 - 2014-02-08 15:31 - 00037826 _____ () C:\Users\19newaccount51\Desktop\Malware Removal Guide for Windows JAN2 2013.odt
2014-02-08 15:19 - 2014-02-08 15:15 - 00052546 _____ () C:\Users\19newaccount51\Desktop\40 Online Backup Services Reviewed.odt
2014-02-08 15:03 - 2014-02-08 15:03 - 00018872 _____ () C:\Users\19newaccount51\Desktop\User Account Control (UAC) is a new feature.odt
2014-02-08 14:57 - 2014-02-08 14:57 - 00019816 _____ () C:\Users\19newaccount51\Desktop\Internet Explorer keyboard shortcuts.odt
2014-02-08 14:57 - 2014-02-08 14:57 - 00019145 _____ () C:\Users\19newaccount51\Desktop\Create keyboard shortcuts to open programs.odt
2014-02-08 14:56 - 2014-02-08 14:56 - 00021029 _____ () C:\Users\19newaccount51\Desktop\Compress and uncompress files (zip files).odt
2014-02-08 14:43 - 2014-02-08 14:43 - 00037594 _____ () C:\Users\19newaccount51\Desktop\Documents\BEFORE You POSTPlease read this Procedure Before Requesting Assistance.odt
2014-02-08 14:42 - 2014-02-08 14:42 - 00019713 _____ () C:\Users\19newaccount51\Desktop\Documents\How Spybot - Search  Destroy protects against the installation of Spyware Malware.odt
2014-02-08 14:17 - 2014-02-08 14:17 - 00031559 _____ () C:\Users\19newaccount51\Desktop\Fix Internet Connection after Malware Removal - Select Real Security.htm
2014-02-08 14:17 - 2014-02-08 14:17 - 00029171 _____ () C:\Users\19newaccount51\Desktop\Programs Won't Open in Windows - Select Real Security.htm
2014-02-08 14:17 - 2014-02-08 14:17 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Programs Won't Open in Windows - Select Real Security_files
2014-02-08 14:17 - 2014-02-08 14:17 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Fix Internet Connection after Malware Removal - Select Real Security_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00164869 _____ () C:\Users\19newaccount51\Desktop\Microsoft Fix it Solution Center  troubleshooting software issues.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00051166 _____ () C:\Users\19newaccount51\Desktop\[Rescue CD] Tutorial for Avira Rescue CD - Tips and tricks - Avira Support Forum.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00049010 _____ () C:\Users\19newaccount51\Desktop\How to record Kaspersky Rescue Disk 10 to a CD_DVD and boot my computer from the disk.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00038977 _____ () C:\Users\19newaccount51\Desktop\Re-Enable II.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00034538 _____ () C:\Users\19newaccount51\Desktop\Computer Security Checklist for Windows - Select Real Security.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00024436 _____ () C:\Users\19newaccount51\Desktop\Dr.Web CureIt! — download free anti-virus! Cure viruses, Best free anti-virus scanner!.htm
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Re-Enable II_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Microsoft Fix it Solution Center  troubleshooting software issues_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How to record Kaspersky Rescue Disk 10 to a CD_DVD and boot my computer from the disk_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Dr.Web CureIt! — download free anti-virus! Cure viruses, Best free anti-virus scanner!_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Computer Security Checklist for Windows - Select Real Security_files
2014-02-08 14:16 - 2014-02-08 14:16 - 00000000 ____D () C:\Users\19newaccount51\Desktop\[Rescue CD] Tutorial for Avira Rescue CD - Tips and tricks - Avira Support Forum_files
2014-02-08 14:15 - 2014-02-08 14:15 - 00042348 _____ () C:\Users\19newaccount51\Desktop\Unhide Download.htm
2014-02-08 14:15 - 2014-02-08 14:15 - 00029182 _____ () C:\Users\19newaccount51\Desktop\How to Speed Up a Slow Computer - Select Real Security.htm
2014-02-08 14:15 - 2014-02-08 14:15 - 00013999 _____ () C:\Users\19newaccount51\Desktop\How do I clear the Java cache.htm
2014-02-08 14:15 - 2014-02-08 14:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Unhide Download_files
2014-02-08 14:15 - 2014-02-08 14:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How to Speed Up a Slow Computer - Select Real Security_files
2014-02-08 14:15 - 2014-02-08 14:15 - 00000000 ____D () C:\Users\19newaccount51\Desktop\How do I clear the Java cache_files
2014-02-08 14:13 - 2014-02-08 14:13 - 02925182 _____ () C:\Users\19newaccount51\Downloads\tweaking.com_windows_repair_aio(1).zip
2014-02-08 14:12 - 2014-02-08 14:12 - 05072752 _____ () C:\Users\19newaccount51\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-02-08 14:09 - 2014-02-08 14:09 - 01931088 _____ (Symantec Corporation) C:\Users\19newaccount51\Downloads\FixTDSS.exe
2014-02-08 14:08 - 2014-02-08 14:08 - 00060402 _____ () C:\Users\19newaccount51\Desktop\Malware Removal Guide for Windows - Select Real Security.htm
2014-02-08 14:08 - 2014-02-08 14:08 - 00029390 _____ () C:\Users\19newaccount51\Desktop\Stop Malware Processes and Fix File Associations - Select Real Security.htm
2014-02-08 14:08 - 2014-02-08 14:08 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Stop Malware Processes and Fix File Associations - Select Real Security_files
2014-02-08 14:08 - 2014-02-08 14:08 - 00000000 ____D () C:\Users\19newaccount51\Desktop\Malware Removal Guide for Windows - Select Real Security_files
2014-02-08 14:07 - 2014-02-08 14:07 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Desktop\rkill.com
2014-02-08 14:06 - 2014-02-08 14:06 - 00982016 _____ (Farbar) C:\Users\19newaccount51\Downloads\MiniToolBox.exe
2014-02-07 22:53 - 2014-02-07 22:53 - 00000000 ____D () C:\Program Files\Reason
2014-02-07 20:08 - 2014-02-07 20:07 - 00805920 _____ (Hewlett-Packard Company ) C:\Users\19newaccount51\Desktop\HPC700LaptopStorageDriverIntelSATA_AHCI_For newHDD-tfm-sp37005.exe
2014-02-07 12:40 - 2006-11-02 04:23 - 00000741 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_248
2014-02-07 12:28 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\tapi
2014-02-07 11:01 - 2014-02-07 11:01 - 00005602 _____ () C:\Users\19newaccount51\Downloads\HitmanPro_20140207_1101.log
2014-02-07 10:13 - 2014-02-07 10:13 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Malwarebytes
2014-02-07 10:10 - 2014-02-07 10:10 - 00018155 _____ () C:\Users\19newaccount51\Downloads\minitoolboxResult.txt
2014-02-07 10:06 - 2014-02-07 10:06 - 00000226 _____ () C:\Users\19newaccount51\Desktop\Microsoft Fix it Solution Center troubleshooting software issues.URL
2014-02-07 10:05 - 2014-02-07 10:05 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\19newaccount51\Desktop\unhide.exe
2014-02-07 10:04 - 2014-02-07 10:04 - 02925182 _____ () C:\Users\19newaccount51\Desktop\tweaking.com_windows_repair_aio.zip
2014-02-07 10:03 - 2014-02-07 10:02 - 09988304 _____ (SurfRight B.V.) C:\Users\19newaccount51\Desktop\HitmanPro.exe
2014-02-07 10:02 - 2014-02-07 10:02 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\19newaccount51\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-07 10:02 - 2014-02-07 10:02 - 07510800 _____ (Malwarebytes Corporation ) C:\Users\19newaccount51\Downloads\mbam-rules.exe
2014-02-07 10:01 - 2014-02-07 10:01 - 00982016 _____ (Farbar) C:\Users\19newaccount51\Desktop\MiniToolBox.exe
2014-02-07 09:52 - 2014-02-07 09:52 - 00023526 _____ () C:\Users\19newaccount51\Desktop\cc_20140207_095158.reg
2014-02-07 09:50 - 2013-04-02 20:30 - 00000000 ____D () C:\Windows\Minidump
2014-02-07 09:13 - 2014-02-07 09:12 - 00860176 _____ (Microsoft Corporation) C:\Users\19newaccount51\Desktop\mssstool32.exe
2014-02-07 09:03 - 2014-01-31 11:35 - 00000000 ____D () C:\CCE_Quarantine
2014-02-06 23:13 - 2014-02-06 23:13 - 01988024 _____ (Reason Company Software Inc.) C:\Users\19newaccount51\Downloads\herdProtectScan_Setup.exe
2014-02-06 23:13 - 2014-02-06 23:13 - 01975384 _____ (Reason Company Software Inc.) C:\Users\19newaccount51\Desktop\herdProtectScan_Portable.exe
2014-02-06 21:43 - 2014-02-06 21:42 - 98417424 _____ (Microsoft Corporation) C:\Users\19newaccount51\Desktop\msert.exe
2014-02-06 20:15 - 2014-02-06 20:15 - 01528184 _____ (Microsoft Corporation) C:\Users\19newaccount51\Downloads\GenuineCheck.exe
2014-02-06 18:54 - 2014-02-06 18:54 - 02657376 _____ (Safer Networking Limited ) C:\Users\19newaccount51\Downloads\netalyz-0.4.2.4.exe
2014-02-06 18:24 - 2014-02-06 18:24 - 00688992 ____R (Swearware) C:\Users\19newaccount51\Desktop\dds.com
2014-02-06 14:56 - 2014-02-06 14:56 - 00001411 _____ () C:\Windows\system32\rrr.lnk
2014-02-06 14:56 - 2014-02-06 14:56 - 00000988 _____ () C:\Users\19newaccount51\Desktop\Reg Organizer - a PC performance improvement utility.lnk
2014-02-06 14:56 - 2014-02-06 14:56 - 00000935 _____ () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Free.lnk
2014-02-06 14:56 - 2014-02-06 14:56 - 00000911 _____ () C:\Users\19newaccount51\Desktop\AnVir Task Manager Free.lnk
2014-02-06 14:56 - 2014-02-06 14:56 - 00000370 _____ () C:\Windows\Tasks\RegOrganizerQuickLaunch.job
2014-02-06 14:56 - 2014-02-06 14:56 - 00000294 _____ () C:\Windows\Tasks\AnVir Task Manager.job
2014-02-06 14:56 - 2014-02-06 14:56 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free
2014-02-06 14:56 - 2014-02-06 14:56 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\ChemTable Software
2014-02-06 14:56 - 2014-02-06 14:56 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\ChemTable Software
2014-02-06 14:56 - 2014-02-06 14:56 - 00000000 ____D () C:\Program Files\Reg Organizer
2014-02-06 14:56 - 2014-02-06 14:55 - 00000000 ____D () C:\Program Files\AnVir Task Manager Free
2014-02-06 14:55 - 2014-02-06 14:54 - 06894152 _____ () C:\Users\19newaccount51\Downloads\taskfree.exe
2014-02-06 14:29 - 2014-02-05 15:00 - 00029652 _____ () C:\Users\19newaccount51\Desktop\Pordabl apps.odt
2014-02-06 14:26 - 2014-02-06 00:24 - 00056508 _____ () C:\Users\19newaccount51\Desktop\Portable Applications Best Free from gizmo.odt
2014-02-06 14:24 - 2014-02-06 14:24 - 06894152 _____ () C:\Users\19newaccount51\Downloads\avirtaskmanagerfree.exe
2014-02-06 14:16 - 2014-02-06 14:16 - 00040828 _____ () C:\Users\19newaccount51\Desktop\Security Task Manager review prompted by tfm concern about dll.host.odt
2014-02-06 02:05 - 2014-02-06 02:04 - 00042848 _____ () C:\Users\19newaccount51\Desktop\cc_20140206_020303.reg  look at100 some reg issues afterinastalling portable aps and deleting inspectapedia and fine home building web sites.reg
2014-02-06 00:55 - 2013-05-03 23:37 - 00000000 ____D () C:\My Web Sites
2014-02-06 00:39 - 2014-02-06 00:39 - 00025099 _____ () C:\Users\19newaccount51\Desktop\Spyware Removal Guide  gizmos.odt
2014-02-05 15:26 - 2014-02-05 15:26 - 03307552 _____ (PortableApps.com) C:\Users\19newaccount51\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2014-02-05 14:56 - 2014-02-05 14:56 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\LibreOffice
2014-02-05 14:32 - 2014-02-05 14:00 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\Adobe
2014-02-05 14:00 - 2014-02-05 14:00 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Macromedia
2014-02-05 13:59 - 2014-02-05 13:59 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\Mozilla
2014-02-05 10:58 - 2014-02-05 10:58 - 00000000 ____D () C:\Users\19newaccount51\AppData\Roaming\AVAST Software
2014-02-05 10:57 - 2014-02-05 10:57 - 00000970 _____ () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-05 10:57 - 2014-02-05 10:57 - 00000965 _____ () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-02-05 10:57 - 2014-02-05 10:57 - 00000936 _____ () C:\Users\19newaccount51\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-02-05 10:57 - 2014-02-05 10:57 - 00000020 ___SH () C:\Users\19newaccount51\ntuser.ini
2014-02-05 10:57 - 2014-02-05 10:57 - 00000000 ____D () C:\Users\19newaccount51\AppData\Local\VirtualStore
2014-02-05 10:46 - 2013-06-15 06:05 - 00000000 ____D () C:\Users\md\Desktop\WINDOWS- GUIDES,CURES,RECOVERY,IMPROVEMENTS
2014-02-05 10:38 - 2014-02-05 10:38 - 00000277 _____ () C:\Users\md\Desktop\reset.bat
2014-02-05 10:36 - 2006-11-02 04:23 - 00000021 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140206-191932.backup
2014-02-05 04:43 - 2013-11-02 08:29 - 00000000 ____D () C:\Users\md\Downloads\TMRBLog
2014-02-05 04:02 - 2014-02-05 04:02 - 00284404 _____ () C:\Users\md\Desktop\MGlogs.zip
2014-02-05 04:02 - 2014-02-05 03:57 - 00284404 _____ () C:\MGlogs.zip
2014-02-05 04:02 - 2014-02-05 03:57 - 00000000 ____D () C:\MGtools
2014-02-05 03:48 - 2014-02-05 03:48 - 00000639 _____ () C:\Users\md\Desktop\JRT.txt
2014-02-05 03:46 - 2013-04-23 05:19 - 00000000 ____D () C:\JRT
2014-02-05 03:32 - 2014-02-05 03:32 - 00001166 _____ () C:\Users\md\Desktop\security checkup.txt
2014-02-05 03:17 - 2014-02-05 03:17 - 00004069 _____ () C:\Users\md\Desktop\FSS.txt  many win services messed up.txt
2014-02-05 02:58 - 2014-02-11 22:01 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 02:56 - 2014-02-11 22:01 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 02:53 - 2014-02-11 22:01 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 02:51 - 2014-02-11 22:01 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 02:50 - 2014-02-11 22:01 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 02:49 - 2014-02-11 22:01 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 02:49 - 2014-02-11 22:01 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 02:48 - 2014-02-11 22:01 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 02:48 - 2014-02-11 22:01 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 02:48 - 2014-02-11 22:01 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 02:48 - 2014-02-11 22:01 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 02:48 - 2014-02-11 22:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 02:47 - 2014-02-11 22:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 02:47 - 2014-02-11 22:01 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 02:47 - 2014-02-11 22:01 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 02:46 - 2014-02-11 22:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-05 01:17 - 2014-01-28 13:25 - 00049685 _____ () C:\Users\md\Desktop\New topic using combo fix adn otl  tfm api issuses.odt
2014-02-05 00:52 - 2014-02-05 00:52 - 00001358 _____ () C:\Users\md\Desktop\Re-enables known Internet Protocols .txt
2014-02-05 00:51 - 2014-02-05 00:51 - 00017244 _____ () C:\Users\md\Desktop\re-enable services detection Services  tfm no idea how to interpret.txt
2014-02-05 00:44 - 2014-02-05 00:44 - 00003130 _____ () C:\Users\md\Desktop\unhide.txt  deleted explorer no-run, taskmanger  need to recover short cuts.txt
2014-02-05 00:30 - 2014-02-04 14:25 - 00000483 _____ () C:\Users\md\Desktop\mbrReport.txt
2014-02-05 00:26 - 2014-01-22 13:25 - 00000000 ____D () C:\Users\md\Desktop\mbar
2014-02-05 00:08 - 2014-02-05 00:08 - 00001563 _____ () C:\Users\md\Desktop\RKreport[0]_S_02052014_000826.txt
2014-02-05 00:07 - 2014-02-05 00:07 - 00001663 _____ () C:\Users\md\Desktop\RKreport[0]_D_02052014_000455.txt  disablereg tools, and cmd.txt
2014-02-05 00:04 - 2014-02-05 00:04 - 00001663 _____ () C:\Users\md\Desktop\RKreport[0]_D_02052014_000455.txt
2014-02-05 00:04 - 2014-01-10 03:23 - 00000000 ____D () C:\Users\md\Desktop\RK_Quarantine
2014-02-05 00:03 - 2014-02-05 00:03 - 00001624 _____ () C:\Users\md\Desktop\RKreport[0]_S_02052014_000340.txt
2014-02-04 23:20 - 2014-02-04 22:57 - 00003130 _____ () C:\Users\md\Desktop\unhide.txt
2014-02-04 22:56 - 2014-02-04 22:56 - 00004906 _____ () C:\Users\md\Desktop\Rkill.txt i ran malwarebytes, then re-enable - not much turned on in this list.txt
2014-02-04 22:55 - 2014-02-04 17:10 - 00004906 _____ () C:\Users\md\Desktop\Rkill.txt
2014-02-04 22:25 - 2014-02-04 22:25 - 00019428 _____ () C:\Users\md\Desktop\CCleaner registry issue analysis.txt
2014-02-04 22:08 - 2014-02-04 22:08 - 00004906 _____ () C:\Users\md\Desktop\Rkill.txt  now works only in safe mode , normal mode it hangs on  - unsigned certificates.txt
2014-02-04 21:29 - 2014-02-04 21:29 - 00034170 _____ () C:\Users\md\Desktop\rootkitunhookerReport.txt
2014-02-04 17:09 - 2013-10-20 17:17 - 00773632 _____ (Robert Simpson, et al.) C:\Users\md\AppData\Roaming\System.Data.SQLite.dll
2014-02-04 17:07 - 2014-02-04 17:07 - 00001360 _____ () C:\Users\md\Desktop\FixExec.txt
2014-02-04 14:50 - 2014-02-04 14:49 - 00040381 _____ () C:\Users\md\Desktop\mimitoobox byfarber safemode problems Result.txt
2014-02-03 23:47 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Help
2014-02-03 22:57 - 2013-10-16 22:12 - 00000000 ____D () C:\Users\md\AppData\Roaming\Skype
2014-02-03 22:57 - 2013-04-21 01:16 - 00000000 ____D () C:\Users\md\AppData\Roaming\Free Download Manager
2014-02-03 20:52 - 2014-02-03 20:52 - 00001358 _____ () C:\Users\md\Desktop\Re-enables known Protocols .txt
2014-02-03 20:49 - 2014-02-03 20:49 - 00017244 _____ () C:\Users\md\Desktop\re-enable services detection Services.txt
2014-02-03 20:36 - 2014-02-03 20:36 - 00013602 _____ () C:\Users\md\Desktop\cc_20140203_203602.reg
2014-02-03 19:52 - 2006-11-02 04:23 - 00000741 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_677
2014-02-03 18:37 - 2014-02-03 18:33 - 00001557 _____ () C:\Users\md\Desktop\help and support notworking, but also no unrcogniz locol network and no internet.txt
2014-02-03 18:13 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Registration
2014-02-03 17:03 - 2014-01-26 23:15 - 00000000 ____D () C:\Program Files\FileHippo.com
2014-02-03 17:03 - 2013-04-21 01:16 - 00000000 ____D () C:\Program Files\Free Download Manager
2014-02-03 14:23 - 2006-11-02 04:22 - 39321600 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-02-03 14:23 - 2006-11-02 04:22 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-02-03 14:23 - 2006-11-02 04:22 - 00053248 _____ () C:\Windows\system32\config\SAM.bak
2014-02-03 14:23 - 2006-11-02 04:22 - 00020480 _____ () C:\Windows\system32\config\SECURITY.bak
2014-02-03 13:53 - 2014-02-03 13:53 - 03796480 _____ () C:\Users\md\Desktop\RogueKiller(6).exe
2014-02-03 12:18 - 2014-02-01 23:47 - 00001649 _____ () C:\Windows\system32\PCloudCleanerService.log
2014-02-02 23:58 - 2014-02-02 23:57 - 00000000 ____D () C:\Program Files\stinger
2014-02-02 23:49 - 2014-02-02 23:48 - 00015663 _____ () C:\Users\md\Desktop\How to remove viruses with Panda Cloud Cleaner Rescue ISO.odt
2014-02-02 19:38 - 2013-03-24 09:35 - 00000000 ____D () C:\Program Files\Canon
2014-02-02 19:04 - 2014-02-02 14:34 - 00025653 _____ () C:\Users\md\Desktop\RogueKiller offical tutorial see also file on tfm hdd about adlice additioal spps.odt
2014-02-02 18:56 - 2014-02-01 19:21 - 00076382 _____ () C:\Users\md\Desktop\HTTP COPY WEBSITE DOCUMENTATION STEP BY STEP GUIDE.odt
2014-02-02 17:46 - 2014-02-02 17:46 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-02-02 17:46 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-02-02 14:18 - 2014-02-02 14:11 - 00023971 _____ () C:\Users\md\Desktop\ADlice makers of RogueKiller addition app packages for malware help.odt
2014-02-02 12:27 - 2014-02-02 12:22 - 00000388 _____ () C:\Windows\Tasks\Wise PC 1stAid Task.job
2014-02-01 22:13 - 2014-02-01 22:13 - 00000000 ____D () C:\Users\md\Desktop\rkill
2014-02-01 19:04 - 2014-02-01 19:04 - 00030258 _____ () C:\Users\md\Desktop\Inspectapedia error log 02-01-2014.odt
2014-02-01 17:46 - 2014-02-01 17:46 - 00018656 _____ () C:\Windows\system32\autochk.exe.bak
2014-02-01 11:36 - 2013-11-05 04:46 - 00000000 ____D () C:\Users\md\AppData\Local\CrashDumps
2014-02-01 11:14 - 2014-02-01 03:11 - 00054899 _____ () C:\Users\md\Desktop\Vista & Windows 7 Malware Removal-Cleaning Procedure BY CHASlANG MAJORGEEKS.odt
2014-02-01 04:32 - 2014-02-12 01:58 - 28026504 _____ (Panda Security ) C:\Users\19newaccount51\Desktop\PandaCloudCleaner.exe
2014-02-01 04:26 - 2014-02-01 04:26 - 28026504 _____ (Panda Security ) C:\Users\md\Desktop\PandaCloudCleaner.exe
2014-02-01 03:42 - 2014-02-01 03:42 - 00000000 ____D () C:\Users\md\AppData\Roaming\QuickScan
2014-02-01 03:10 - 2014-02-01 03:10 - 01990574 _____ () C:\MGtools.exe
2014-01-31 22:49 - 2014-01-31 20:50 - 00037738 _____ () C:\Users\md\Desktop\Gmer rootkit at gmer.net documentation.odt
2014-01-31 20:16 - 2014-01-31 20:16 - 00005058 _____ () C:\Users\md\Desktop\cc_20140131_201612.reg
2014-01-31 18:53 - 2014-01-31 18:53 - 00014490 _____ () C:\Users\md\Desktop\How to Use Rootkit Unhooker.odt
2014-01-31 18:11 - 2013-12-03 03:52 - 00000000 ____D () C:\Users\md\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Password Recovery Package
2014-01-31 01:23 - 2006-11-02 04:23 - 00000741 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_429
2014-01-31 00:53 - 2013-06-29 05:45 - 00000000 ____D () C:\Windows\pss
2014-01-30 22:04 - 2013-04-15 13:39 - 00000680 _____ () C:\Users\md\AppData\Local\d3d9caps.dat
2014-01-30 17:03 - 2014-02-04 12:43 - 00000639 _____ () C:\Users\19newaccount51\Desktop\JRT 1-30-2014 run after diagnostic boot and rkil run prior to scan - Copy.txt
2014-01-30 17:03 - 2014-01-30 17:03 - 00000639 _____ () C:\Users\19newaccount51\Desktop\JRT 1-30-2014 run after diagnostic boot and rkil run prior to scan.txt
2014-01-30 13:54 - 2014-01-30 13:54 - 00001973 _____ () C:\Users\md\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-01-30 13:54 - 2014-01-30 13:54 - 00000000 ____D () C:\Users\md\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-01-30 11:14 - 2013-11-07 18:10 - 00000512 _____ () C:\Users\md\Desktop\MBR.dat
2014-01-30 05:54 - 2006-11-02 06:37 - 00262144 _____ () C:\Windows\system32\config\BCD-Template

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 02:43

==================== End Of Log ============================



#13 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 28 February 2014 - 10:46 PM

Hi Jason,

 

A short stop.

I need to pack this desktop, and go off-line, soon to make way for house construction.

I'll be on-line (I'll post if sooner )by 6pm central time on Sunday

Jason, thank you for your help so far, I feel great relief just knowing

we are putting our heads into this problem.

I look forward to your next instructions

t.murphytfm



#14 t.murphytfm

t.murphytfm
  • Topic Starter

  • Members
  • 98 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:07:41 AM

Posted 01 March 2014 - 04:54 AM

Hi Jason,

 

I'm getting an Error Message saying I cannot upload my screenshots with "that image extension"

 

So, is there an image extension that is allowed?  or,  What to do?

 

I have stripped out the screenshots so this post would upload to you.  Thank you  t.murphytfm

___________________________________________________________________________________

 

 

 

So, I rebooted about an hour ago and I received a number alerts, most

from WINPatrol.

 

I didn't allow changes figuring I should inform you first, so here are the screenshots with comments:

 

On start up, WIN SEC CENTER alerts: Comodo and Windows FW are turned off – actually Comodo says it is turned on (see next screenshot)

 

WinPatrol alerts a change in the IE Search Page:  I clicked “no”

 

Please look at numbers 6,7,8,and10 in the recent documents – I don't know those documents, yet I get many different declarations like these when ever I I click the recent doc folder - for as long as I have had documents.

Normal?

 

This may be a default app. - But, 1. with no description,,and 2. no company name - I clicked “NO” - if its legit, it has already popped up repeatedly

 

Here I clicked - no



#15 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:08:41 AM

Posted 01 March 2014 - 09:23 AM

t.murphytfm,

 

Before we proceed - I noticed in some of your logs that it appears you received help with malware removal from a different forum a couple months ago, and may also be getting help now (in addition to this topic).

 

If you have already posted logs at another forum or if you're seeking help at another forum, please let me know.

 

The reason for this is that conflicting advice can be given in both topics. If helper XYZ in the other topic says to do "this", and I say to do "that"....everybody is confused when said advice doesn't work. Nobody has a clue what the other is trying to do, and we get nowhere. And we certainly can't coordinate advice between two topics and multiple helpers. That's why double-posting about the same computer/problem is a bad idea.


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users