Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown problems


  • This topic is locked This topic is locked
33 replies to this topic

#1 McClain_Dugger

McClain_Dugger

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 01 September 2014 - 12:37 AM

Multiple process running duplicate processes and causing computer to malfunction and turn off no memory think I'm infected with a trojan or something I don't know I need help and I'm willing to do anything asked of me by the people who help here thank you for whenever you come to me

BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 05 September 2014 - 08:51 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

How is the computer running?
Wait for further instructions.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 09 September 2014 - 09:01 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 09 September 2014 - 01:01 PM

This topic has been re-opened at the request of the person who originally posted.

#5 McClain_Dugger

McClain_Dugger
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 09 September 2014 - 07:17 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Protection, 9/9/2014 4:24:57 PM, SYSTEM, MINE-PC, Protection, Malware Protection, Starting, 
Protection, 9/9/2014 4:24:57 PM, SYSTEM, MINE-PC, Protection, Malware Protection, Started, 
Protection, 9/9/2014 4:24:57 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Starting, 
Update, 9/9/2014 4:25:32 PM, SYSTEM, MINE-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.8.21.1, 
Update, 9/9/2014 4:25:37 PM, SYSTEM, MINE-PC, Manual, Malware Database, 2014.3.4.9, 2014.9.9.6, 
Protection, 9/9/2014 4:25:37 PM, SYSTEM, MINE-PC, Protection, Refresh, Starting, 
Protection, 9/9/2014 4:27:42 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Started, 
Protection, 9/9/2014 4:27:44 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 9/9/2014 4:27:45 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 9/9/2014 4:28:23 PM, SYSTEM, MINE-PC, Protection, Refresh, Success, 
Protection, 9/9/2014 4:28:23 PM, SYSTEM, MINE-PC, Protection, Refresh, Starting, 
Protection, 9/9/2014 4:28:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Starting, 
Protection, 9/9/2014 4:28:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Started, 
Protection, 9/9/2014 4:28:24 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 9/9/2014 4:28:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 9/9/2014 4:28:49 PM, SYSTEM, MINE-PC, Protection, Refresh, Success, 
Protection, 9/9/2014 4:28:50 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Starting, 
Protection, 9/9/2014 4:28:51 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Started, 
Detection, 9/9/2014 4:29:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 55747, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:29:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 55747, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:29:36 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 55748, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:30:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 56319, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:33:12 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 59426, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:33:12 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 59426, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:33:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 59471, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:33:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 59472, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:34:36 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60577, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:35:01 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60909, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:36:16 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61553, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:36:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61554, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:36:19 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61553, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:36:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 61603, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:36:26 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 61611, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:37:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 62145, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:37:26 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 62145, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:37:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 62147, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:37:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 62147, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:37:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 62148, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:38:10 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 62635, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:38:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 62702, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:38:16 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 62703, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:38:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 62839, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:38:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 63246, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:38:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 63247, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:39:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 63715, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:39:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 63716, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:39:38 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 63793, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:39:39 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 63794, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:39:57 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 64052, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:40:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 64717, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:43:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 50609, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:43:26 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 50609, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:43:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 50791, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:44:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 51188, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:45:16 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 51940, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:45:54 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 52124, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:46:12 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 52256, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:46:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 52285, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:46:19 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 52309, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:46:45 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 52595, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:47:31 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 53239, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:47:32 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 53240, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:47:33 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 53270, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:47:34 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 53271, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:47:45 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 53419, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:47:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53421, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:48:37 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 54016, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:48:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54132, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:48:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 54133, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:49:32 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 55092, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:49:34 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 55093, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:49:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 55351, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:49:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 55352, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:04 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 57051, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:04 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 57052, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 57245, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:51:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 57245, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:51:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 57384, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:51:36 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57521, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:37 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57522, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:37 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57521, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:44 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57653, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:45 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57654, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:51 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57751, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:51:52 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57752, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:52:01 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57884, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:52:02 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 57885, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:52:45 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 58790, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:52:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 58819, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:52:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.220, n65adserv.com, 58820, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:53:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 59372, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:53:21 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 59509, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:53:57 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 59997, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:54:06 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.87, xmlclick-t.com, 60090, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:54:06 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.87, xmlclick-t.com, 60090, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:54:06 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.87, xmlclick-t.com, 60091, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:54:44 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60556, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:55:03 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60794, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:55:44 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 61623, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:56:04 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 61758, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:56:08 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 61765, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:56:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 61939, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:56:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 61990, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:57:54 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 62730, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:58:07 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 62962, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:58:53 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 63626, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 4:58:55 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 63638, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 4:59:55 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 64529, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:00:37 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65159, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:01:20 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 49652, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:01:22 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 49657, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:01:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 49748, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:01:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 49749, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:02:06 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.95, xmlclick-t.com, 50359, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:02:07 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.95, xmlclick-t.com, 50359, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:02:08 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.95, xmlclick-t.com, 50360, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:02:08 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 50367, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:03:00 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 51064, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:04:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 52237, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:04:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 52270, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:05:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 52959, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:05:55 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 53313, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:05:59 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 53379, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:06:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53669, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:06:59 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 54098, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:07:00 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 54103, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:07:05 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 54186, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:07:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54295, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:07:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 54510, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:07:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 54509, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:08:00 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54798, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:08:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54923, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:08:34 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 55025, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:09:00 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 55333, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:09:11 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 55430, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:09:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 55481, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:09:44 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 55952, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:09:44 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 55953, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:10:01 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 56088, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:10:11 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 56161, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:10:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 56261, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:11:02 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 56568, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:11:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 56729, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:11:11 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 56741, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:11:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 56857, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:11:59 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 57155, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:12:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 57273, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:12:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 57347, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:12:37 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 57421, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:13:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 58299, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:13:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 58407, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:13:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 58408, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:13:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 58407, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:14:02 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 58916, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:14:11 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 59089, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:14:20 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 59158, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:14:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 59225, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:14:43 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 59311, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:15:13 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 59545, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:15:20 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 59595, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:15:20 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 59596, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:15:21 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 59601, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:16:20 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60327, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:16:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 60389, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:16:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 109.104.119.48, lastversiondownload.com, 60562, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:16:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 109.104.119.48, lastversiondownload.com, 60563, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:16:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 109.104.119.48, lastversiondownload.com, 60562, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:17:39 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 61085, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:17:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61103, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:17:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61104, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:18:32 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 61900, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:19:33 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 63276, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:19:54 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.87, xmlclick-t.com, 63456, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:19:54 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.87, xmlclick-t.com, 63457, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:20:03 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 63622, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:20:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.87, xmlclick-t.com, 63698, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:20:10 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.87, xmlclick-t.com, 63699, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:21:24 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 65019, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:21:37 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 65323, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:21:50 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 65445, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:21:50 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 65444, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:21:54 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 65500, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:22:16 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 49314, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:22:34 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 49621, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:22:55 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49811, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:24:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 51150, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:24:32 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 51200, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:25:32 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 51929, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:25:33 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 51928, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:25:56 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 52219, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:26:08 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 52326, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:26:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 52461, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:26:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 52464, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:27:08 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 52983, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:27:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53137, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:27:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53238, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:27:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 53252, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:28:19 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53598, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:28:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 53645, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:28:59 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 53931, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:29:13 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54068, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:29:19 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54157, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:29:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 54245, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:30:19 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 54830, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:30:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54919, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:30:40 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 54981, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:30:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 54982, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:30:42 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 54983, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:31:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 55776, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:33:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 57813, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:33:55 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 58276, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:34:07 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 58358, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:35:00 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 58966, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:35:00 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 58969, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:35:17 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 59133, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:35:36 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 59380, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:35:36 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 59381, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:36:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.95, xmlclick-t.com, 60068, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:36:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.95, xmlclick-t.com, 60069, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:37:07 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60685, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:37:34 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 61011, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:38:07 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 61404, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:39:27 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 62297, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:39:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 62300, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:39:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 62486, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:40:10 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 63048, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:40:19 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 63149, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:40:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 63604, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:41:20 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 5.149.250.194, 64064, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:41:21 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 5.149.250.194, 64064, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:41:21 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 5.149.250.194, 64065, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:41:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 64513, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:42:01 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 64789, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:42:47 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 49199, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:42:51 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 49234, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:43:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 49589, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:43:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49596, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:43:44 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 50239, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:43:45 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 50240, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:43:51 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 50314, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:44:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 50830, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:44:31 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 51025, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:45:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 51825, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:46:54 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53120, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:47:32 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 53628, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:47:33 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 53629, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:47:50 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 53755, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:47:54 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53776, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:47:57 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 53777, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:47:59 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 53793, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:48:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53856, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:48:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 53900, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:48:48 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54312, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:48:54 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54414, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:49:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 54698, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:49:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 54851, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:50:14 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 55832, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:50:19 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 55861, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:50:42 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 56085, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:50:45 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 56178, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:50:56 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 56359, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:50:56 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 56360, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:51:42 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 57048, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:51:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 57073, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:52:11 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 57388, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:52:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 57879, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:53:00 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 58139, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:53:11 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 58289, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:53:34 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 58525, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:53:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 58759, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:54:11 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 59191, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:54:20 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 59295, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:54:20 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 59296, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:54:46 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 59845, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:54:53 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 60089, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:55:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61287, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:55:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61288, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:55:37 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 61352, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:55:56 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61758, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:55:56 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 61759, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:57:49 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 63582, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:58:05 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 63918, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:58:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 64054, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 5:58:32 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.236, n103adserv.com, 64111, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:58:33 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.236, n103adserv.com, 64111, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:58:33 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.236, n103adserv.com, 64112, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:58:49 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 64326, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:59:05 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 64594, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:59:13 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.236, n103adserv.com, 64795, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:59:13 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.236, n103adserv.com, 64796, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:59:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 64966, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:59:24 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 64972, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:59:24 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 64976, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:59:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.236, n103adserv.com, 65008, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 5:59:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 212.124.127.236, n103adserv.com, 65009, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:00:03 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 65373, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:00:03 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 65379, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:00:05 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 65385, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:00:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 65444, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:00:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 65445, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:00:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 65474, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:00:18 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 65475, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:00:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49168, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:00:24 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49172, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:00:24 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49175, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:01:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 49817, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:01:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 49818, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:01:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49889, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:01:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 49900, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:02:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 50903, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:02:49 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 51203, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:03:05 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 51526, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:03:07 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 51527, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:03:26 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 51682, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:03:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 51898, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:03:52 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 52047, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:04:27 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 52562, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:04:39 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.91, xmlclick-t.com, 52703, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:04:39 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.91, xmlclick-t.com, 52702, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:04:40 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.91, xmlclick-t.com, 52703, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:04:52 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 52806, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:05:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 53141, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:05:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 53140, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:08:23 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 55920, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:08:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 55921, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:08:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 55993, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:09:24 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 56674, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:10:49 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 57558, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:10:50 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 57557, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:11:12 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 57812, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:11:13 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 57813, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:12:25 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 58893, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:13:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.85, xmlclick-g.com, 59868, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:13:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 60118, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:13:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 60119, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:13:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 60251, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:13:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 60252, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:14:21 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 60901, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:14:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 61043, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:15:02 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 61624, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:15:03 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.83, xmlclick-t.com, 61625, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:15:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 62022, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:15:49 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 62292, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:16:33 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 62738, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:17:33 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 63395, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:18:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.88, xmlka.com, 63914, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:18:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.88, xmlka.com, 63915, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:18:29 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.88, xmlka.com, 63914, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:19:05 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.88, xmlka.com, 64148, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:19:05 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.88, xmlka.com, 64149, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:19:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 64178, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:19:10 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 64179, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:19:17 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 64236, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:19:24 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 64255, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:19:31 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 64298, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:20:21 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 64597, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:20:40 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 64735, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:20:40 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 64736, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:21:11 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 64944, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:21:22 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 65019, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:21:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 65164, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:22:05 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 65341, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:22:28 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 49187, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:22:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 49261, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:22:41 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.193.211, 49262, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:23:16 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 95.215.1.57, 49650, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:23:21 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 49705, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:24:09 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 50436, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Detection, 9/9/2014 6:24:16 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 31.184.192.90, 4682b4.com, 50499, Outbound, C:\Windows\SysWOW64\dllhost.exe, 
Protection, 9/9/2014 6:44:58 PM, SYSTEM, MINE-PC, Protection, Malware Protection, Starting, 
Protection, 9/9/2014 6:44:58 PM, SYSTEM, MINE-PC, Protection, Malware Protection, Started, 
Protection, 9/9/2014 6:44:58 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Starting, 
Protection, 9/9/2014 6:46:15 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, Started, 
Detection, 9/9/2014 6:47:54 PM, SYSTEM, MINE-PC, Protection, Malware Protection, File, Trojan.Agent.CS, C:\Users\Matthew\AppData\Roaming\YzKoyfVn\KCdnUMrZ\gonUDgVo\JvhQkKnBp.exe, Quarantine, [6238509b413a42f45d75ed65ac54dd23]
Detection, 9/9/2014 6:58:44 PM, Matthew, MINE-PC, Protection, Malware Protection, File, Trojan.Agent.CS, c:\users\matthew\appdata\roaming\yzkoyfvn\kcdnumrz\gonudgvo\jvhqkknbp.exe, Quarantine, [6238509b413a42f45d75ed65ac54dd23]
Protection, 9/9/2014 6:58:47 PM, SYSTEM, MINE-PC, Protection, SDKQuarantine, 2, Failed, c:\users\matthew\appdata\roaming\yzkoyfvn\kcdnumrz\gonudgvo\jvhqkknbp.exe, 
Error, 9/9/2014 6:58:47 PM, SYSTEM, MINE-PC, Protection, SDKQuarantine, 2, Failed, c:\users\matthew\appdata\roaming\yzkoyfvn\kcdnumrz\gonudgvo\jvhqkknbp.exe, 
Detection, 9/9/2014 6:59:07 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 49229, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:59:07 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 49229, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 6:59:36 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.93, xmlclick-g.com, 49254, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 7:00:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 49294, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 7:00:35 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 49294, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 7:01:30 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 49311, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 7:03:49 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 50159, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 7:03:49 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 50160, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 7:03:50 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.81, xmlclick-g.com, 50159, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
Detection, 9/9/2014 7:06:08 PM, SYSTEM, MINE-PC, Protection, Malicious Website Protection, IP, 88.214.197.89, xmlclick-g.com, 50975, Outbound, C:\Users\Matthew\AppData\LocalLow\VolunteerAssistant\VinylVisual\browser.exe, 
 
(end)


#6 McClain_Dugger

McClain_Dugger
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 09 September 2014 - 08:04 PM

# AdwCleaner v3.309 - Report created 09/09/2014 at 19:33:54
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Matthew - MINE-PC
# Running from : C:\Users\Matthew\Downloads\adwcleaner_3.309.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\ProgramData\VooMuuSA
Folder Deleted : C:\ProgramData\w3i
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\iLivid
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\StartNow Toolbar
Folder Deleted : C:\Program Files (x86)\w3i
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Uninstaller
Folder Deleted : C:\Users\Babs\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Babs\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Babs\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Matthew\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\Matthew\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Matthew\AppData\Local\Lucky Savings
Folder Deleted : C:\Users\Matthew\AppData\Local\PackageAware
Folder Deleted : C:\Users\Matthew\AppData\Roaming\GrabPro
Folder Deleted : C:\Users\Matthew\AppData\Roaming\StartNow Toolbar
Folder Deleted : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : ProgramUpdateCheck
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings-InternalInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings-InternalInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fast-youtube-downloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_fast-youtube-downloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_wings-of-prey_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_wings-of-prey_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\iVIDI Plugin
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossrider
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trusted Software Assistant_is1
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17239
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Google Chrome v37.0.2062.103
 
[ File : C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=US&userid=feff1117-81b8-6b37-d4ec-88c6f1b7eb87&searchtype=ds&q={searchTerms}&installDate=29/08/2013
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=US&userid=feff1117-81b8-6b37-d4ec-88c6f1b7eb87&searchtype=ds&q={searchTerms}&installDate=29/08/2013
Deleted [Startup_urls] : hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=US&userid=feff1117-81b8-6b37-d4ec-88c6f1b7eb87&searchtype=hp&installDate=29/08/2013
Deleted [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
 
[ File : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
 
*************************
 
AdwCleaner[R0].txt - [18819 octets] - [09/09/2014 19:19:12]
AdwCleaner[S0].txt - [17552 octets] - [09/09/2014 19:33:54]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17613 octets] ##########


#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 10 September 2014 - 08:12 AM


Please post the log from the Farbar Recovery tool.

#8 McClain_Dugger

McClain_Dugger
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 12 September 2014 - 10:10 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Babs (administrator) on MINE-PC on 12-09-2014 10:03:40
Running from C:\Users\Babs\Desktop\New folder
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\nacl64.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2010-10-14] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3195248 2010-03-05] (Dell Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5470208 2011-09-04] (Dell Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4144448 2010-11-10] (Dell, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [RazerGameBooster] => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2014-02-25] (Razer Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] => "C:\windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1775670845-2207748126-3420140166-1003\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKU\S-1-5-21-1775670845-2207748126-3420140166-1003\...\Run: [GoogleChromeAutoLaunch_C272C81C5FE6AB511D24B1EA2BBA46CA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-03] (Google Inc.)
HKU\S-1-5-21-1775670845-2207748126-3420140166-1003\...\Run: [Google Update] => C:\Users\Babs\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-08] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Babs\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
Startup: C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StripSaver2.lnk
ShortcutTarget: StripSaver2.lnk -> C:\Program Files (x86)\StripSaver2\StripSaver2.exe (No File)
Startup: C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (No File)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC8ED8654557ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKCU - DefaultScope {732EDB5E-84EA-462F-9A0F-0D49927976B2} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {732EDB5E-84EA-462F-9A0F-0D49927976B2} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: CrossRider -> {A876E312-7D08-401a-B7A6-FAFC5DC2F292} -> C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll ()
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Users\Babs\AppData\Roaming\Mozilla\Firefox\Profiles\spmmyxyt.default
FF DefaultSearchEngine: Ask.com
FF SelectedSearchEngine: Ask.com
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=716DFE98-C4E4-4970-878F-2B10482671EC&apn_ptnrs=&apn_sauid=FE09EC2D-3B6C-461E-A6C1-A25BB9AC6D91&apn_dtid=OSJ000&&q=
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Babs\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Babs\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Babs\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Babs\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Babs\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Babs\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Babs\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\netsight@nielsen.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=US&userid=feff1117-81b8-6b37-d4ec-88c6f1b7eb87&searchtype=hp&installDate=29/08/2013"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U7) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll No File
CHR Plugin: (RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-11]
CHR Extension: (Google Search) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-11]
CHR Extension: (Ghostery) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-09-05]
CHR Extension: (Google Wallet) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR Extension: (Gmail) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-11]
CHR HKLM-x32\...\Chrome\Extension: [jgceplfonlgodadnpognljgdjlcnpjnh] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\extension.crx []
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4950016 2011-09-04] (Dell Inc.) [File not signed]
S2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 libusb0_x64; C:\Windows\System32\DRIVERS\AU\libusb0_x64.sys [16896 2009-12-01] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S1 nnfwdk; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\nnfwdk64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-12 10:02 - 2014-09-12 10:03 - 00000000 ____D () C:\Users\Babs\Desktop\New folder
2014-09-12 10:01 - 2014-09-12 10:01 - 02105856 _____ (Farbar) C:\Users\Babs\Downloads\FRST64 (1).exe
2014-09-12 10:00 - 2014-09-12 10:03 - 00000000 ____D () C:\FRST
2014-09-12 10:00 - 2014-09-12 10:00 - 02105856 _____ (Farbar) C:\Users\Babs\Downloads\FRST64.exe
2014-09-11 03:52 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-11 03:52 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-11 03:52 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-11 03:52 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:52 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-11 03:51 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-11 03:51 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-11 03:51 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-11 03:51 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-11 03:51 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-11 03:51 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-11 03:51 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-11 03:51 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-11 03:51 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-11 03:51 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-11 03:51 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-11 03:51 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-11 03:51 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-11 03:51 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-11 03:51 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-11 03:51 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-11 03:51 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-11 03:51 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:51 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-11 03:51 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-11 03:51 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:51 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-11 03:51 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:51 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-11 03:51 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-11 03:51 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-11 03:51 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-11 03:51 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-11 03:51 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-11 03:51 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-11 03:51 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-11 03:51 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-11 03:51 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-11 03:51 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-11 03:51 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-11 03:51 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-11 03:51 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:51 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-11 03:51 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-11 03:51 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-11 03:51 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-11 03:51 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-11 03:51 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-11 03:51 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-11 03:51 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-11 03:51 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:51 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-11 03:51 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-11 03:51 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-11 03:51 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-11 03:51 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-10 21:26 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-10 21:26 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-10 21:26 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-10 21:26 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-10 21:26 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-09 19:46 - 2014-09-09 19:46 - 00017850 _____ () C:\Users\Matthew\Desktop\AdwCleaner[S0].txt
2014-09-09 19:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-09-09 19:18 - 2014-09-09 19:35 - 00000000 ____D () C:\AdwCleaner
2014-09-09 19:17 - 2014-09-09 19:17 - 01370467 _____ () C:\Users\Matthew\Downloads\adwcleaner_3.309.exe
2014-09-09 16:24 - 2014-09-12 08:21 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-09 16:23 - 2014-09-09 16:23 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-09 16:23 - 2014-09-09 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-09 16:23 - 2014-09-09 16:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-09 16:23 - 2014-09-09 16:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-09 16:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-09-09 16:23 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-09-09 16:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-09-09 16:17 - 2014-09-09 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Matthew\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-08 21:52 - 2014-09-12 09:57 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003UA.job
2014-09-08 21:52 - 2014-09-11 21:57 - 00000852 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003Core.job
2014-09-08 21:52 - 2014-09-08 21:52 - 00895120 _____ (Google Inc.) C:\Users\Babs\Downloads\GoogleVoiceAndVideoSetup.exe
2014-09-08 21:52 - 2014-09-08 21:52 - 00003876 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003UA
2014-09-08 21:52 - 2014-09-08 21:52 - 00003480 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003Core
2014-09-06 01:09 - 2014-09-09 10:21 - 00000000 ____D () C:\Program Files (x86)\War Thunder
2014-09-06 01:09 - 2014-09-06 01:09 - 00001116 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-09-06 01:09 - 2014-09-06 01:09 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder
2014-09-06 01:07 - 2014-09-06 01:08 - 04440696 _____ (Gaijin Entertainment ) C:\Users\Babs\Downloads\wt_launcher_1.0.1.396.exe
2014-09-04 21:36 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\Babs\AppData\Local\Targem
2014-09-04 20:56 - 2014-09-04 20:56 - 04130216 _____ ( ) C:\Users\Babs\Downloads\starconf_launcher_1.0.1.21.exe
2014-09-04 20:56 - 2014-09-04 20:56 - 00000825 _____ () C:\Users\Babs\Desktop\ Star Conflict Launcher.lnk
2014-09-04 20:56 - 2014-09-04 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Conflict
2014-09-03 23:40 - 2014-09-03 23:40 - 00000938 _____ () C:\Users\Babs\Desktop\TeamSpeak 3 Client.lnk
2014-09-03 23:40 - 2014-09-03 23:40 - 00000000 ____D () C:\Users\Babs\Desktop\New folde
2014-09-03 23:38 - 2014-09-03 23:38 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Babs\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2014-09-03 23:20 - 2014-09-12 06:26 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\TS3Client
2014-09-03 23:20 - 2014-09-03 23:20 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-09-03 08:06 - 2014-09-03 08:06 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\raidcall
2014-09-03 07:47 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\Babs\Documents\My Games
2014-09-02 17:22 - 2014-09-02 17:22 - 00000959 _____ () C:\Users\Matthew\Desktop\~$tice when you scope in the cross hairs move up either to the left or to the right every time.docx.crypted
2014-09-02 17:22 - 2014-09-02 17:22 - 00000959 _____ () C:\Users\Matthew\Desktop\~$h period petty project.docx.crypted
2014-09-02 17:21 - 2014-09-02 17:21 - 00057111 _____ () C:\Users\Matthew\Desktop\The Untold Chornicles.docx.crypted
2014-09-02 17:21 - 2014-09-02 17:21 - 00000959 _____ () C:\Users\Matthew\Desktop\~$Got Served.docx.crypted
2014-09-02 17:21 - 2014-09-02 17:21 - 00000959 _____ () C:\Users\Matthew\Desktop\~$anium Glass.docx.crypted
2014-09-02 17:01 - 2014-09-02 17:01 - 00001535 _____ () C:\Users\Matthew\Desktop\Somewhere Yesterday.txt.crypted
2014-09-02 16:58 - 2014-09-02 16:58 - 00114863 _____ () C:\Users\Matthew\Desktop\FAFSA SAR.png.crypted
2014-09-02 16:58 - 2014-09-02 16:58 - 00037359 _____ () C:\Users\Matthew\Desktop\DxDiag.txt.crypted
2014-09-02 16:58 - 2014-09-02 16:58 - 00025935 _____ () C:\Users\Matthew\Desktop\DataDetails.xls.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00149255 _____ () C:\Users\Matthew\Documents\tumblr_mhrzsxyDWG1rewy69o1_500.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00081399 _____ () C:\Users\Matthew\Documents\once-in-a-while-right-in-the-middle-of-an-ordinary-life-love-gives.gif.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00079119 _____ () C:\Users\Matthew\Documents\tumblr_m2gd9n1oNw1r1zx3fo1_500.png.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00060207 _____ () C:\Users\Matthew\Documents\wmp eula.rtf.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00054391 _____ () C:\Users\Matthew\Documents\tumblr_mefu66sKK21r30f6io1_500.png.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00048703 _____ () C:\Users\Matthew\Documents\nice65.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00039839 _____ () C:\Users\Matthew\Documents\tumblr_mhtx9v08NQ1rm73xho1_500.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00038919 _____ () C:\Users\Matthew\Desktop\64Bit.DxDiag.txt.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00019439 _____ () C:\Users\Matthew\Desktop\1001298_499643270120222_624099729_n.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00019343 _____ () C:\Users\Matthew\Documents\tumblr_mh5f3hFXPM1rbs1e0o1_500.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00016655 _____ () C:\Users\Matthew\Documents\Real talk.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00000959 _____ () C:\Users\Matthew\Documents\~$http.docx.crypted
2014-09-02 16:51 - 2014-09-02 17:22 - 01160367 ____H () C:\Users\Matthew\AppData\Roaming\92CA.tmp.txt
2014-09-02 16:51 - 2014-09-02 16:51 - 00297415 _____ () C:\Users\Matthew\Documents\keep-calm-and-love-sleep-96_large.png.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00245887 _____ () C:\Users\Matthew\Documents\depositphotos_5986451-Broken-green-glass-heart-isolated-on-black-background.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00097095 _____ () C:\Users\Matthew\Documents\47451_153094484836523_24820656_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00088743 _____ () C:\Users\Matthew\Documents\167956_1269257068469_1158684_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00075879 _____ () C:\Users\Matthew\Documents\depressing-depression-i-miss-you-sad-heartbroken-love-moving-on-hurt-quotes-102106.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00069863 _____ () C:\Users\Matthew\Documents\482118_449328245138887_1625866560_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00059495 _____ () C:\Users\Matthew\Documents\broken-heart-26.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00053447 _____ () C:\Users\Matthew\Documents\559806_433859893365227_301203935_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00047391 _____ () C:\Users\Matthew\Documents\media_12201887.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00035655 _____ () C:\Users\Matthew\Documents\6cef4c8a98cefdc66631995817d2f9d3.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00035559 _____ () C:\Users\Matthew\Documents\loved.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00033343 _____ () C:\Users\Matthew\Documents\broken-hearted-quotes.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00031335 _____ () C:\Users\Matthew\Documents\Broken-Friendship-Quotes.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00025103 _____ () C:\Users\Matthew\Documents\226814_436546833087630_1500394734_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00024103 _____ () C:\Users\Matthew\Documents\heart-broken-love-quotes-Favim.com-436369.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00022143 _____ () C:\Users\Matthew\Documents\533546_4437810378211_492901919_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00018735 _____ () C:\Users\Matthew\Documents\feelinglonelyquotes.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00017775 _____ () C:\Users\Matthew\Documents\C.docx.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00016223 _____ () C:\Users\Matthew\Documents\AT&T High Speed Internet Installation.htm.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00013623 _____ () C:\Users\Matthew\Documents\http.docx.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00007175 _____ () C:\Users\Matthew\Documents\images.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00005895 _____ () C:\Users\Matthew\Documents\images (1).jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00002223 _____ () C:\Users\Matthew\Documents\KEYS POEM 4 U READ DAILY MATTHEW I LOVEYOU BAE.txt.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00001951 _____ () C:\Users\Matthew\Documents\2.8,9.13.txt.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00000000 ____H () C:\Users\Matthew\AppData\Roaming\92CA.tmp
2014-09-02 16:27 - 2014-09-02 16:27 - 00003056 _____ () C:\windows\System32\Tasks\{C9413B0D-E6BA-93EE-F1DE-C5E9E9A36E5F}
2014-09-02 16:27 - 2014-09-02 16:27 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\YzKoyfVn
2014-08-30 23:03 - 2014-08-30 23:03 - 00000085 _____ () C:\windows\wininit.ini
2014-08-30 21:39 - 2014-08-30 21:39 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-08-30 21:38 - 2014-08-30 23:04 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-30 21:38 - 2014-08-30 23:03 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-29 20:41 - 2014-08-29 20:41 - 00001034 _____ () C:\Users\Matthew\Downloads\Matthew Dugger Resume.txt
2014-08-29 19:10 - 2014-08-29 19:10 - 00000224 _____ () C:\Users\Matthew\Desktop\Heroes & Generals.url
2014-08-29 17:55 - 2014-08-29 17:55 - 00000993 _____ () C:\Users\Matthew\Desktop\Steam.exe - Shortcut.lnk
2014-08-29 17:24 - 2014-08-29 17:24 - 05160608 _____ (McAfee, Inc.) C:\Users\Matthew\Downloads\McAfeeSetup (1).exe
2014-08-29 17:24 - 2014-08-29 17:24 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-08-29 17:24 - 2014-06-20 10:30 - 00189912 _____ (McAfee, Inc.) C:\windows\system32\mfevtps.exe
2014-08-29 17:23 - 2014-08-29 17:23 - 05160608 _____ (McAfee, Inc.) C:\Users\Matthew\Downloads\McAfeeSetup.exe
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{F3ED71B2-866A-4D36-AF61-C45396A50914}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{BDABDD65-7542-4063-B8A6-5A663333DC70}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{5A5DF764-E983-4E28-946C-85A5430EDC53}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{48463961-EEB1-41E6-850F-DF35FB255706}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{3530DE84-B9D2-4E69-8101-BDD061E8EA67}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{20A81EF2-1AB5-4BF3-9FFA-4E0FFBDEE348}
2014-08-29 10:54 - 2014-08-29 10:54 - 00002976 _____ () C:\windows\System32\Tasks\{436CF9D7-24FA-42E1-B972-6E4159D38F2F}
2014-08-29 10:52 - 2014-09-09 19:40 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\uTorrent
2014-08-29 10:52 - 2014-08-29 10:52 - 01938256 _____ (BitTorrent Inc.) C:\Users\Matthew\Downloads\uTorrent (1).exe
2014-08-28 22:00 - 2014-08-28 22:00 - 00000000 __SHD () C:\found.001
2014-08-28 21:45 - 2014-08-28 21:45 - 00000278 _____ () C:\windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-28 21:45 - 2013-12-18 22:09 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-28 21:45 - 2013-12-18 22:04 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-28 21:45 - 2013-12-18 22:04 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-28 21:45 - 2013-12-18 22:03 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-28 21:31 - 2014-08-29 17:55 - 00000000 ___HD () C:\Users\Matthew\AppData\Local\Ubisoft
2014-08-28 20:59 - 2014-08-28 20:59 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-28 20:59 - 2014-08-28 20:59 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-28 20:48 - 2014-08-28 20:48 - 00000222 _____ () C:\Users\Matthew\Desktop\Tom Clancy's Ghost Recon Phantoms - NA.url
2014-08-28 19:30 - 2014-08-28 19:30 - 00000222 _____ () C:\Users\Matthew\Desktop\Contagion.url
2014-08-28 14:35 - 2014-08-28 14:35 - 00000222 _____ () C:\Users\Matthew\Desktop\War Thunder.url
2014-08-28 14:30 - 2014-08-28 14:30 - 00244120 _____ () C:\Users\Matthew\Downloads\Firefox Setup Stub 31.0.exe
2014-08-28 14:25 - 2014-09-03 06:26 - 00000000 ____D () C:\Users\Matthew\Desktop\Steam
2014-08-28 14:25 - 2014-08-28 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-28 14:24 - 2014-08-28 14:24 - 01141680 _____ () C:\Users\Matthew\Downloads\SteamSetup (1).exe
2014-08-28 14:23 - 2014-08-28 14:23 - 00002984 _____ () C:\windows\System32\Tasks\{8987F665-7812-4488-9F7E-C81E2A0318E2}
2014-08-28 14:20 - 2014-08-28 14:20 - 00000876 _____ () C:\Users\Matthew\Desktop\BitTorrent.lnk
2014-08-28 14:20 - 2014-08-28 14:20 - 00000856 ____H () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{E1D9D0E0-BDF3-45F0-9B67-65E305185F19}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{D0F84CC7-8A30-4280-8374-B188DB238051}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{A8A5A5CC-60CF-45B0-943D-BC1B0A9DA9B5}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{A399CA9A-DA12-4A51-8DFF-68FDE16C7D6C}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{597D131A-6305-49D2-AFF3-9AB65AC33763}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{4E634920-17F2-45A4-958D-0FD2D103A82C}
2014-08-28 14:12 - 2014-08-28 14:12 - 00002976 _____ () C:\windows\System32\Tasks\{8AF87845-01E5-4F20-95DA-8623824B1F63}
2014-08-28 14:03 - 2014-08-28 14:03 - 00000000 ____D () C:\Users\Matthew\Downloads\uTorrentPortable
2014-08-28 14:02 - 2014-08-28 14:03 - 02360248 _____ (PortableApps.com) C:\Users\Matthew\Downloads\uTorrentPortable_3.4.2.33080_online.paf.exe
2014-08-28 13:47 - 2014-08-28 13:47 - 01938256 _____ (BitTorrent Inc.) C:\Users\Matthew\Downloads\uTorrent.exe
2014-08-28 01:15 - 2014-08-29 19:10 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-28 01:05 - 2014-08-28 01:06 - 01141680 _____ () C:\Users\Matthew\Downloads\SteamSetup.exe
2014-08-27 14:36 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-27 14:36 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-27 14:36 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-26 18:25 - 2014-08-26 18:25 - 00114352 _____ (GameRanger Technologies) C:\Users\Matthew\Downloads\GameRangerSetup.exe
2014-08-26 02:11 - 2014-08-26 02:11 - 00000000 ____D () C:\Users\Matthew\AppData\Local\BrowserMobile
2014-08-26 00:20 - 2014-08-06 21:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-26 00:20 - 2014-08-06 21:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-26 00:20 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-26 00:20 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-25 22:24 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-25 22:24 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-25 22:24 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-25 22:24 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-25 22:24 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-25 22:24 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-25 22:24 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-25 22:24 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-25 22:24 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-25 22:24 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-25 22:23 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-25 22:23 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-25 22:23 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-25 22:23 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-08-25 19:04 - 2014-08-26 10:07 - 00000000 ____D () C:\Users\Matthew\Documents\ArcheAge
2014-08-25 16:10 - 2014-08-26 10:11 - 00000000 ___HD () C:\Users\Matthew\AppData\Local\Glyph
2014-08-25 16:10 - 2014-08-25 16:10 - 00000000 ____D () C:\ProgramData\Glyph
2014-08-25 16:08 - 2014-08-25 16:09 - 31901296 _____ (Trion Worlds Inc.) C:\Users\Matthew\Downloads\GlyphInstall.exe
2014-08-22 09:58 - 2014-08-22 16:51 - 00000000 ____D () C:\Users\Matthew\Desktop\Playstation 2
2014-08-22 08:26 - 2014-08-22 16:51 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-08-22 08:25 - 2014-08-22 16:51 - 00000000 ____D () C:\d3cb5cd7c5832347d3cc3b13
2014-08-22 08:25 - 2014-08-22 08:25 - 07878008 _____ (Microsoft Corporation) C:\Users\Matthew\Downloads\Xbox360_64Eng.exe
2014-08-22 05:11 - 2014-08-22 05:11 - 00074919 _____ () C:\Users\Matthew\Downloads\recruitment.htm
2014-08-22 05:03 - 2014-08-22 05:03 - 00010358 _____ () C:\Users\Matthew\Downloads\settings.htm
2014-08-22 01:12 - 2014-08-22 01:15 - 359983357 _____ () C:\Users\Matthew\Downloads\DCS_World_1.2.10.30996.495-346-5.bin
2014-08-21 21:23 - 2014-08-21 21:23 - 00055542 _____ () C:\Users\Matthew\Downloads\joinsite.htm
2014-08-21 20:41 - 2014-08-25 05:13 - 00000000 ____D () C:\Users\Matthew\Desktop\T Games
2014-08-21 20:26 - 2014-08-21 20:26 - 00000000 ____D () C:\Users\Matthew\Downloads\OrigSnds
2014-08-21 20:26 - 2012-08-17 02:57 - 00000000 ____D () C:\Users\Matthew\Downloads\menu
2014-08-21 20:26 - 2012-08-11 00:35 - 00000000 ____D () C:\Users\Matthew\Downloads\narration
2014-08-21 20:26 - 2012-08-11 00:34 - 00000000 ____D () C:\Users\Matthew\Downloads\item
2014-08-21 20:24 - 2012-08-19 22:44 - 00000595 _____ () C:\Users\Matthew\Downloads\settings.ini
2014-08-21 20:24 - 2012-08-19 22:44 - 00000000 ____D () C:\Users\Matthew\Downloads\data
2014-08-21 20:24 - 2012-08-18 02:30 - 00000320 _____ () C:\Users\Matthew\Downloads\control.ini
2014-08-21 20:24 - 2012-08-18 01:59 - 05328670 _____ (Project Crusade Team) C:\Users\Matthew\Downloads\SSBC084.exe
2014-08-21 20:24 - 2012-08-17 02:58 - 00000000 ____D () C:\Users\Matthew\Downloads\fighter
2014-08-21 20:24 - 2012-08-11 00:30 - 00000000 ____D () C:\Users\Matthew\Downloads\crowd
2014-08-21 20:24 - 2012-08-11 00:29 - 00000000 ____D () C:\Users\Matthew\Downloads\stages
2014-08-21 20:24 - 2012-02-27 05:06 - 00032512 _____ () C:\Users\Matthew\Downloads\Phenix American.ttf
2014-08-21 20:24 - 2009-11-03 17:15 - 00366080 _____ (Firelight Technologies) C:\Users\Matthew\Downloads\fmodex.dll
2014-08-21 20:24 - 2009-11-03 17:15 - 00090624 _____ () C:\Users\Matthew\Downloads\GMFMODSimple.dll
2014-08-21 20:24 - 2009-06-10 23:26 - 00097516 _____ () C:\Users\Matthew\Downloads\LaoUI.ttf
2014-08-21 20:24 - 2009-06-10 23:26 - 00088700 _____ () C:\Users\Matthew\Downloads\LaoUIb.ttf
2014-08-21 20:24 - 2007-05-28 20:29 - 00043008 _____ () C:\Users\Matthew\Downloads\39dll.dll
2014-08-21 20:05 - 2014-08-29 16:52 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\Tunngle
2014-08-21 20:05 - 2014-08-29 16:52 - 00000000 ____D () C:\ProgramData\Tunngle
2014-08-21 20:05 - 2014-08-21 20:08 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-08-21 20:05 - 2014-08-21 20:05 - 00003394 _____ () C:\windows\System32\Tasks\SidebarExecute
2014-08-21 20:05 - 2014-08-21 20:05 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-08-21 20:05 - 2014-08-21 20:05 - 00000000 ____D () C:\Users\Matthew\Documents\Tunngle
2014-08-21 20:05 - 2014-08-21 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-08-21 20:05 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys
2014-08-21 20:03 - 2014-08-21 20:03 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Matthew\Downloads\Tunngle_Setup_v4.5.1.4b (1).exe
2014-08-21 20:01 - 2014-08-21 20:01 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Matthew\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-08-21 11:08 - 2014-08-21 11:08 - 00044935 _____ () C:\5fbaa024-22a6-4c4d-86e3-d75b3db83ae0.dmp
2014-08-20 10:33 - 2014-08-20 10:33 - 00040857 _____ () C:\Users\Matthew\Downloads\themelayout.htm
2014-08-19 04:19 - 2014-08-19 04:19 - 00000000 ____D () C:\Users\Matthew\Desktop\17AD
2014-08-16 03:02 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-16 03:02 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-16 03:02 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-16 03:02 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-16 03:02 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-16 03:02 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-16 03:02 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-16 03:02 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-15 20:26 - 2014-07-15 22:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-15 20:26 - 2014-07-15 21:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-15 20:25 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-15 20:25 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-15 20:25 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-15 20:25 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-15 20:25 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-15 20:25 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-15 20:25 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-15 20:25 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-15 20:24 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-15 20:24 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-14 14:56 - 2014-08-14 14:56 - 00067387 _____ () C:\Users\Matthew\Downloads\chat.htm
2014-08-13 18:31 - 2014-08-13 18:32 - 00076347 _____ () C:\Users\Matthew\Downloads\members.htm
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-12 10:03 - 2014-09-12 10:02 - 00000000 ____D () C:\Users\Babs\Desktop\New folder
2014-09-12 10:03 - 2014-09-12 10:00 - 00000000 ____D () C:\FRST
2014-09-12 10:01 - 2014-09-12 10:01 - 02105856 _____ (Farbar) C:\Users\Babs\Downloads\FRST64 (1).exe
2014-09-12 10:00 - 2014-09-12 10:00 - 02105856 _____ (Farbar) C:\Users\Babs\Downloads\FRST64.exe
2014-09-12 09:57 - 2014-09-08 21:52 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003UA.job
2014-09-12 09:39 - 2012-09-24 21:07 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000UA1cd9ac2766d1ed0.job
2014-09-12 08:21 - 2014-09-09 16:24 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 06:26 - 2014-09-03 23:20 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\TS3Client
2014-09-12 06:26 - 2011-09-04 03:28 - 01879105 _____ () C:\windows\WindowsUpdate.log
2014-09-11 21:57 - 2014-09-08 21:52 - 00000852 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003Core.job
2014-09-11 20:39 - 2012-09-24 21:07 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000Core1cd9ac275e2b72f.job
2014-09-11 04:32 - 2009-07-13 23:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-11 04:32 - 2009-07-13 23:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 04:25 - 2010-11-20 22:47 - 00542502 _____ () C:\windows\PFRO.log
2014-09-11 04:25 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-11 03:44 - 2011-09-04 03:39 - 00791570 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:44 - 2009-07-14 00:13 - 00791570 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-11 03:40 - 2014-01-27 12:07 - 00001945 _____ () C:\windows\epplauncher.mif
2014-09-11 03:40 - 2014-01-27 12:06 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 03:38 - 2014-01-27 12:06 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-11 03:38 - 2014-01-27 12:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-11 03:35 - 2013-09-19 07:28 - 00000000 ____D () C:\windows\system32\MRT
2014-09-11 03:07 - 2012-02-11 01:48 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-10 07:26 - 2011-09-04 04:21 - 00000000 ____D () C:\windows\PCHEALTH
2014-09-10 07:24 - 2012-04-06 03:00 - 00000000 ____D () C:\ProgramData\YTD YouTube Downloader & Converter
2014-09-10 07:24 - 2011-11-20 12:14 - 00000000 ____D () C:\ProgramData\InstallMate
2014-09-09 19:49 - 2013-08-29 04:31 - 00001360 _____ () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-09 19:46 - 2014-09-09 19:46 - 00017850 _____ () C:\Users\Matthew\Desktop\AdwCleaner[S0].txt
2014-09-09 19:40 - 2014-08-29 10:52 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\uTorrent
2014-09-09 19:40 - 2011-11-19 17:32 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\Skype
2014-09-09 19:35 - 2014-09-09 19:18 - 00000000 ____D () C:\AdwCleaner
2014-09-09 19:17 - 2014-09-09 19:17 - 01370467 _____ () C:\Users\Matthew\Downloads\adwcleaner_3.309.exe
2014-09-09 16:23 - 2014-09-09 16:23 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-09 16:23 - 2014-09-09 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-09 16:23 - 2014-09-09 16:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-09 16:23 - 2014-09-09 16:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-09 16:18 - 2014-09-09 16:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Matthew\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-09 15:37 - 2013-06-02 21:15 - 00000000 ____D () C:\Users\Matthew\Documents\Razer
2014-09-09 10:21 - 2014-09-06 01:09 - 00000000 ____D () C:\Program Files (x86)\War Thunder
2014-09-09 02:43 - 2014-01-10 17:15 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\Skype
2014-09-08 21:53 - 2012-10-11 07:21 - 00000000 ____D () C:\Users\Babs\AppData\Local\Google
2014-09-08 21:53 - 2012-05-29 16:59 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\Mozilla
2014-09-08 21:52 - 2014-09-08 21:52 - 00895120 _____ (Google Inc.) C:\Users\Babs\Downloads\GoogleVoiceAndVideoSetup.exe
2014-09-08 21:52 - 2014-09-08 21:52 - 00003876 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003UA
2014-09-08 21:52 - 2014-09-08 21:52 - 00003480 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003Core
2014-09-07 11:09 - 2011-09-04 04:09 - 00000000 ____D () C:\ProgramData\Sonic
2014-09-07 11:06 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-06 01:09 - 2014-09-06 01:09 - 00001116 _____ () C:\Users\Public\Desktop\WarThunder.lnk
2014-09-06 01:09 - 2014-09-06 01:09 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder
2014-09-06 01:08 - 2014-09-06 01:07 - 04440696 _____ (Gaijin Entertainment ) C:\Users\Babs\Downloads\wt_launcher_1.0.1.396.exe
2014-09-04 21:36 - 2014-09-04 21:36 - 00000000 ____D () C:\Users\Babs\AppData\Local\Targem
2014-09-04 21:36 - 2014-09-03 07:47 - 00000000 ____D () C:\Users\Babs\Documents\My Games
2014-09-04 20:56 - 2014-09-04 20:56 - 04130216 _____ ( ) C:\Users\Babs\Downloads\starconf_launcher_1.0.1.21.exe
2014-09-04 20:56 - 2014-09-04 20:56 - 00000825 _____ () C:\Users\Babs\Desktop\ Star Conflict Launcher.lnk
2014-09-04 20:56 - 2014-09-04 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Conflict
2014-09-03 23:40 - 2014-09-03 23:40 - 00000938 _____ () C:\Users\Babs\Desktop\TeamSpeak 3 Client.lnk
2014-09-03 23:40 - 2014-09-03 23:40 - 00000000 ____D () C:\Users\Babs\Desktop\New folde
2014-09-03 23:38 - 2014-09-03 23:38 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Babs\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2014-09-03 23:20 - 2014-09-03 23:20 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-09-03 08:06 - 2014-09-03 08:06 - 00000000 ____D () C:\Users\Babs\AppData\Roaming\raidcall
2014-09-03 07:47 - 2012-01-01 13:28 - 00000000 ___HD () C:\windows\msdownld.tmp
2014-09-03 07:14 - 2012-05-29 16:55 - 00117832 _____ () C:\Users\Babs\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-03 06:26 - 2014-08-28 14:25 - 00000000 ____D () C:\Users\Matthew\Desktop\Steam
2014-09-03 05:50 - 2013-03-14 12:33 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\TS3Client
2014-09-02 17:54 - 2011-11-20 12:19 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\vlc
2014-09-02 17:22 - 2014-09-02 17:22 - 00000959 _____ () C:\Users\Matthew\Desktop\~$tice when you scope in the cross hairs move up either to the left or to the right every time.docx.crypted
2014-09-02 17:22 - 2014-09-02 17:22 - 00000959 _____ () C:\Users\Matthew\Desktop\~$h period petty project.docx.crypted
2014-09-02 17:22 - 2014-09-02 16:51 - 01160367 ____H () C:\Users\Matthew\AppData\Roaming\92CA.tmp.txt
2014-09-02 17:21 - 2014-09-02 17:21 - 00057111 _____ () C:\Users\Matthew\Desktop\The Untold Chornicles.docx.crypted
2014-09-02 17:21 - 2014-09-02 17:21 - 00000959 _____ () C:\Users\Matthew\Desktop\~$Got Served.docx.crypted
2014-09-02 17:21 - 2014-09-02 17:21 - 00000959 _____ () C:\Users\Matthew\Desktop\~$anium Glass.docx.crypted
2014-09-02 17:21 - 2012-02-26 14:46 - 00000000 ____D () C:\Users\Matthew\Desktop\TI Emulator
2014-09-02 17:01 - 2014-09-02 17:01 - 00001535 _____ () C:\Users\Matthew\Desktop\Somewhere Yesterday.txt.crypted
2014-09-02 17:01 - 2013-11-18 06:45 - 00000000 ____D () C:\Users\Matthew\Desktop\Pictures of me
2014-09-02 17:01 - 2012-09-20 05:13 - 00000000 ____D () C:\Users\Matthew\Desktop\OLD
2014-09-02 17:00 - 2014-07-08 08:42 - 00000000 ____D () C:\Users\Matthew\Desktop\New folder
2014-09-02 16:58 - 2014-09-02 16:58 - 00114863 _____ () C:\Users\Matthew\Desktop\FAFSA SAR.png.crypted
2014-09-02 16:58 - 2014-09-02 16:58 - 00037359 _____ () C:\Users\Matthew\Desktop\DxDiag.txt.crypted
2014-09-02 16:58 - 2014-09-02 16:58 - 00025935 _____ () C:\Users\Matthew\Desktop\DataDetails.xls.crypted
2014-09-02 16:58 - 2014-05-30 06:19 - 00000000 ____D () C:\Users\Matthew\Desktop\Camera2
2014-09-02 16:58 - 2012-06-22 08:59 - 00000000 ____D () C:\Users\Matthew\Desktop\Cool Photos For Inspiration
2014-09-02 16:56 - 2014-03-28 07:15 - 00000000 ____D () C:\Users\Matthew\Desktop\Camera
2014-09-02 16:54 - 2014-09-02 16:54 - 00149255 _____ () C:\Users\Matthew\Documents\tumblr_mhrzsxyDWG1rewy69o1_500.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00081399 _____ () C:\Users\Matthew\Documents\once-in-a-while-right-in-the-middle-of-an-ordinary-life-love-gives.gif.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00079119 _____ () C:\Users\Matthew\Documents\tumblr_m2gd9n1oNw1r1zx3fo1_500.png.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00060207 _____ () C:\Users\Matthew\Documents\wmp eula.rtf.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00054391 _____ () C:\Users\Matthew\Documents\tumblr_mefu66sKK21r30f6io1_500.png.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00048703 _____ () C:\Users\Matthew\Documents\nice65.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00039839 _____ () C:\Users\Matthew\Documents\tumblr_mhtx9v08NQ1rm73xho1_500.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00038919 _____ () C:\Users\Matthew\Desktop\64Bit.DxDiag.txt.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00019439 _____ () C:\Users\Matthew\Desktop\1001298_499643270120222_624099729_n.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00019343 _____ () C:\Users\Matthew\Documents\tumblr_mh5f3hFXPM1rbs1e0o1_500.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00016655 _____ () C:\Users\Matthew\Documents\Real talk.jpg.crypted
2014-09-02 16:54 - 2014-09-02 16:54 - 00000959 _____ () C:\Users\Matthew\Documents\~$http.docx.crypted
2014-09-02 16:54 - 2014-06-20 12:36 - 00000000 ____D () C:\Users\Matthew\Documents\PHONES
2014-09-02 16:54 - 2013-09-19 06:42 - 00000000 ____D () C:\Users\Matthew\Documents\School Work
2014-09-02 16:54 - 2012-09-09 09:55 - 00000000 ____D () C:\Users\Matthew\Documents\Writings
2014-09-02 16:51 - 2014-09-02 16:51 - 00297415 _____ () C:\Users\Matthew\Documents\keep-calm-and-love-sleep-96_large.png.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00245887 _____ () C:\Users\Matthew\Documents\depositphotos_5986451-Broken-green-glass-heart-isolated-on-black-background.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00097095 _____ () C:\Users\Matthew\Documents\47451_153094484836523_24820656_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00088743 _____ () C:\Users\Matthew\Documents\167956_1269257068469_1158684_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00075879 _____ () C:\Users\Matthew\Documents\depressing-depression-i-miss-you-sad-heartbroken-love-moving-on-hurt-quotes-102106.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00069863 _____ () C:\Users\Matthew\Documents\482118_449328245138887_1625866560_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00059495 _____ () C:\Users\Matthew\Documents\broken-heart-26.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00053447 _____ () C:\Users\Matthew\Documents\559806_433859893365227_301203935_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00047391 _____ () C:\Users\Matthew\Documents\media_12201887.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00035655 _____ () C:\Users\Matthew\Documents\6cef4c8a98cefdc66631995817d2f9d3.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00035559 _____ () C:\Users\Matthew\Documents\loved.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00033343 _____ () C:\Users\Matthew\Documents\broken-hearted-quotes.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00031335 _____ () C:\Users\Matthew\Documents\Broken-Friendship-Quotes.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00025103 _____ () C:\Users\Matthew\Documents\226814_436546833087630_1500394734_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00024103 _____ () C:\Users\Matthew\Documents\heart-broken-love-quotes-Favim.com-436369.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00022143 _____ () C:\Users\Matthew\Documents\533546_4437810378211_492901919_n.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00018735 _____ () C:\Users\Matthew\Documents\feelinglonelyquotes.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00017775 _____ () C:\Users\Matthew\Documents\C.docx.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00016223 _____ () C:\Users\Matthew\Documents\AT&T High Speed Internet Installation.htm.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00013623 _____ () C:\Users\Matthew\Documents\http.docx.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00007175 _____ () C:\Users\Matthew\Documents\images.jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00005895 _____ () C:\Users\Matthew\Documents\images (1).jpg.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00002223 _____ () C:\Users\Matthew\Documents\KEYS POEM 4 U READ DAILY MATTHEW I LOVEYOU BAE.txt.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00001951 _____ () C:\Users\Matthew\Documents\2.8,9.13.txt.crypted
2014-09-02 16:51 - 2014-09-02 16:51 - 00000000 ____H () C:\Users\Matthew\AppData\Roaming\92CA.tmp
2014-09-02 16:51 - 2013-02-14 20:27 - 00000000 ____D () C:\Users\Matthew\Documents\AT&T High Speed Internet Installation_files
2014-09-02 16:27 - 2014-09-02 16:27 - 00003056 _____ () C:\windows\System32\Tasks\{C9413B0D-E6BA-93EE-F1DE-C5E9E9A36E5F}
2014-09-02 16:27 - 2014-09-02 16:27 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\YzKoyfVn
2014-09-02 14:41 - 2014-04-01 23:32 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunderDev
2014-09-02 11:55 - 2011-11-28 14:46 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\SoftGrid Client
2014-09-01 09:29 - 2012-06-19 14:08 - 00000902 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-09-01 00:04 - 2009-07-14 00:08 - 00032622 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-08-30 23:04 - 2014-08-30 21:38 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-30 23:03 - 2014-08-30 23:03 - 00000085 _____ () C:\windows\wininit.ini
2014-08-30 23:03 - 2014-08-30 21:38 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-30 21:40 - 2014-03-15 22:50 - 00000000 ____D () C:\Users\TEMP
2014-08-30 21:39 - 2014-08-30 21:39 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-08-29 20:41 - 2014-08-29 20:41 - 00001034 _____ () C:\Users\Matthew\Downloads\Matthew Dugger Resume.txt
2014-08-29 19:10 - 2014-08-29 19:10 - 00000224 _____ () C:\Users\Matthew\Desktop\Heroes & Generals.url
2014-08-29 19:10 - 2014-08-28 01:15 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-29 17:55 - 2014-08-29 17:55 - 00000993 _____ () C:\Users\Matthew\Desktop\Steam.exe - Shortcut.lnk
2014-08-29 17:55 - 2014-08-28 21:31 - 00000000 ___HD () C:\Users\Matthew\AppData\Local\Ubisoft
2014-08-29 17:24 - 2014-08-29 17:24 - 05160608 _____ (McAfee, Inc.) C:\Users\Matthew\Downloads\McAfeeSetup (1).exe
2014-08-29 17:24 - 2014-08-29 17:24 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-08-29 17:24 - 2011-09-04 04:23 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-29 17:23 - 2014-08-29 17:23 - 05160608 _____ (McAfee, Inc.) C:\Users\Matthew\Downloads\McAfeeSetup.exe
2014-08-29 16:52 - 2014-08-21 20:05 - 00000000 ___HD () C:\Users\Matthew\AppData\Roaming\Tunngle
2014-08-29 16:52 - 2014-08-21 20:05 - 00000000 ____D () C:\ProgramData\Tunngle
2014-08-29 16:45 - 2011-11-19 17:32 - 00000000 ____D () C:\ProgramData\Skype
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{F3ED71B2-866A-4D36-AF61-C45396A50914}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{BDABDD65-7542-4063-B8A6-5A663333DC70}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{5A5DF764-E983-4E28-946C-85A5430EDC53}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{48463961-EEB1-41E6-850F-DF35FB255706}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{3530DE84-B9D2-4E69-8101-BDD061E8EA67}
2014-08-29 10:55 - 2014-08-29 10:55 - 00002976 _____ () C:\windows\System32\Tasks\{20A81EF2-1AB5-4BF3-9FFA-4E0FFBDEE348}
2014-08-29 10:54 - 2014-08-29 10:54 - 00002976 _____ () C:\windows\System32\Tasks\{436CF9D7-24FA-42E1-B972-6E4159D38F2F}
2014-08-29 10:52 - 2014-08-29 10:52 - 01938256 _____ (BitTorrent Inc.) C:\Users\Matthew\Downloads\uTorrent (1).exe
2014-08-29 10:52 - 2013-11-19 07:55 - 00000856 _____ () C:\Users\Matthew\Desktop\µTorrent.lnk
2014-08-29 10:52 - 2013-11-19 07:55 - 00000836 ____H () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-08-28 22:00 - 2014-08-28 22:00 - 00000000 __SHD () C:\found.001
2014-08-28 21:47 - 2013-12-30 07:54 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-28 21:45 - 2014-08-28 21:45 - 00000278 _____ () C:\windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-28 21:45 - 2012-02-25 22:41 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-28 20:59 - 2014-08-28 20:59 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-28 20:59 - 2014-08-28 20:59 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-28 20:56 - 2012-11-10 11:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-28 20:48 - 2014-08-28 20:48 - 00000222 _____ () C:\Users\Matthew\Desktop\Tom Clancy's Ghost Recon Phantoms - NA.url
2014-08-28 19:30 - 2014-08-28 19:30 - 00000222 _____ () C:\Users\Matthew\Desktop\Contagion.url
2014-08-28 14:35 - 2014-08-28 14:35 - 00000222 _____ () C:\Users\Matthew\Desktop\War Thunder.url
2014-08-28 14:30 - 2014-08-28 14:30 - 00244120 _____ () C:\Users\Matthew\Downloads\Firefox Setup Stub 31.0.exe
2014-08-28 14:25 - 2014-08-28 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-28 14:24 - 2014-08-28 14:24 - 01141680 _____ () C:\Users\Matthew\Downloads\SteamSetup (1).exe
2014-08-28 14:23 - 2014-08-28 14:23 - 00002984 _____ () C:\windows\System32\Tasks\{8987F665-7812-4488-9F7E-C81E2A0318E2}
2014-08-28 14:20 - 2014-08-28 14:20 - 00000876 _____ () C:\Users\Matthew\Desktop\BitTorrent.lnk
2014-08-28 14:20 - 2014-08-28 14:20 - 00000856 ____H () C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{E1D9D0E0-BDF3-45F0-9B67-65E305185F19}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{D0F84CC7-8A30-4280-8374-B188DB238051}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{A8A5A5CC-60CF-45B0-943D-BC1B0A9DA9B5}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{A399CA9A-DA12-4A51-8DFF-68FDE16C7D6C}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{597D131A-6305-49D2-AFF3-9AB65AC33763}
2014-08-28 14:13 - 2014-08-28 14:13 - 00002976 _____ () C:\windows\System32\Tasks\{4E634920-17F2-45A4-958D-0FD2D103A82C}
2014-08-28 14:12 - 2014-08-28 14:12 - 00002976 _____ () C:\windows\System32\Tasks\{8AF87845-01E5-4F20-95DA-8623824B1F63}
2014-08-28 14:03 - 2014-08-28 14:03 - 00000000 ____D () C:\Users\Matthew\Downloads\uTorrentPortable
2014-08-28 14:03 - 2014-08-28 14:02 - 02360248 _____ (PortableApps.com) C:\Users\Matthew\Downloads\uTorrentPortable_3.4.2.33080_online.paf.exe
2014-08-28 13:47 - 2014-08-28 13:47 - 01938256 _____ (BitTorrent Inc.) C:\Users\Matthew\Downloads\uTorrent.exe
2014-08-28 03:21 - 2009-07-13 23:45 - 00438768 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-28 02:05 - 2011-09-04 04:07 - 00234563 _____ () C:\windows\DirectX.log
2014-08-28 01:06 - 2014-08-28 01:05 - 01141680 _____ () C:\Users\Matthew\Downloads\SteamSetup.exe
2014-08-26 18:25 - 2014-08-26 18:25 - 00114352 _____ (GameRanger Technologies) C:\Users\Matthew\Downloads\GameRangerSetup.exe
2014-08-26 10:11 - 2014-08-25 16:10 - 00000000 ___HD () C:\Users\Matthew\AppData\Local\Glyph
2014-08-26 10:07 - 2014-08-25 19:04 - 00000000 ____D () C:\Users\Matthew\Documents\ArcheAge
2014-08-26 02:11 - 2014-08-26 02:11 - 00000000 ____D () C:\Users\Matthew\AppData\Local\BrowserMobile
2014-08-26 00:21 - 2014-07-10 14:42 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-25 16:10 - 2014-08-25 16:10 - 00000000 ____D () C:\ProgramData\Glyph
2014-08-25 16:09 - 2014-08-25 16:08 - 31901296 _____ (Trion Worlds Inc.) C:\Users\Matthew\Downloads\GlyphInstall.exe
2014-08-25 05:13 - 2014-08-21 20:41 - 00000000 ____D () C:\Users\Matthew\Desktop\T Games
2014-08-25 01:01 - 2011-11-18 17:27 - 00000000 ____D () C:\Users\Matthew
2014-08-22 21:07 - 2014-08-27 14:36 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-22 20:45 - 2014-08-27 14:36 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-22 19:59 - 2014-08-27 14:36 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-22 16:51 - 2014-08-22 09:58 - 00000000 ____D () C:\Users\Matthew\Desktop\Playstation 2
2014-08-22 16:51 - 2014-08-22 08:26 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-08-22 16:51 - 2014-08-22 08:25 - 00000000 ____D () C:\d3cb5cd7c5832347d3cc3b13
2014-08-22 16:51 - 2012-05-29 16:54 - 00000000 ____D () C:\Users\Babs
2014-08-22 16:51 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\registration
2014-08-22 08:25 - 2014-08-22 08:25 - 07878008 _____ (Microsoft Corporation) C:\Users\Matthew\Downloads\Xbox360_64Eng.exe
2014-08-22 08:20 - 2013-03-12 12:23 - 00000000 ____D () C:\Users\Matthew\Documents\My Games
2014-08-22 05:11 - 2014-08-22 05:11 - 00074919 _____ () C:\Users\Matthew\Downloads\recruitment.htm
2014-08-22 05:03 - 2014-08-22 05:03 - 00010358 _____ () C:\Users\Matthew\Downloads\settings.htm
2014-08-22 01:15 - 2014-08-22 01:12 - 359983357 _____ () C:\Users\Matthew\Downloads\DCS_World_1.2.10.30996.495-346-5.bin
2014-08-21 21:23 - 2014-08-21 21:23 - 00055542 _____ () C:\Users\Matthew\Downloads\joinsite.htm
2014-08-21 20:26 - 2014-08-21 20:26 - 00000000 ____D () C:\Users\Matthew\Downloads\OrigSnds
2014-08-21 20:13 - 2011-11-18 17:27 - 00117832 _____ () C:\Users\Matthew\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 20:08 - 2014-08-21 20:05 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-08-21 20:05 - 2014-08-21 20:05 - 00003394 _____ () C:\windows\System32\Tasks\SidebarExecute
2014-08-21 20:05 - 2014-08-21 20:05 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-08-21 20:05 - 2014-08-21 20:05 - 00000000 ____D () C:\Users\Matthew\Documents\Tunngle
2014-08-21 20:05 - 2014-08-21 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-08-21 20:03 - 2014-08-21 20:03 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Matthew\Downloads\Tunngle_Setup_v4.5.1.4b (1).exe
2014-08-21 20:01 - 2014-08-21 20:01 - 04055968 _____ (Tunngle.net GmbH ) C:\Users\Matthew\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-08-21 11:08 - 2014-08-21 11:08 - 00044935 _____ () C:\5fbaa024-22a6-4c4d-86e3-d75b3db83ae0.dmp
2014-08-20 11:44 - 2011-11-25 18:01 - 00000000 ____D () C:\windows\System32\Tasks\Games
2014-08-20 10:33 - 2014-08-20 10:33 - 00040857 _____ () C:\Users\Matthew\Downloads\themelayout.htm
2014-08-19 13:05 - 2014-09-11 03:51 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-19 12:39 - 2014-09-11 03:51 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-19 04:19 - 2014-08-19 04:19 - 00000000 ____D () C:\Users\Matthew\Desktop\17AD
2014-08-18 18:01 - 2014-09-11 03:51 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-18 17:29 - 2014-09-11 03:52 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-18 17:29 - 2014-09-11 03:51 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-18 17:26 - 2014-09-11 03:51 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-18 17:20 - 2014-09-11 03:51 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-18 17:19 - 2014-09-11 03:51 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-18 17:15 - 2014-09-11 03:51 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-18 17:15 - 2014-09-11 03:51 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-18 17:14 - 2014-09-11 03:51 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-18 17:14 - 2014-09-11 03:51 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-18 17:08 - 2014-09-11 03:51 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-18 17:08 - 2014-09-11 03:51 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-18 17:08 - 2014-09-11 03:51 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-18 17:05 - 2014-09-11 03:52 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-18 17:03 - 2014-09-11 03:51 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-18 17:03 - 2014-09-11 03:51 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-18 17:03 - 2014-09-11 03:51 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-18 16:57 - 2014-09-11 03:52 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-18 16:56 - 2014-09-11 03:51 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-18 16:51 - 2014-09-11 03:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-18 16:46 - 2014-09-11 03:51 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-18 16:45 - 2014-09-11 03:51 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 16:45 - 2014-09-11 03:51 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-18 16:44 - 2014-09-11 03:52 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-18 16:44 - 2014-09-11 03:51 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-18 16:42 - 2014-09-11 03:51 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-18 16:40 - 2014-09-11 03:51 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-18 16:39 - 2014-09-11 03:51 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-18 16:39 - 2014-09-11 03:51 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-18 16:39 - 2014-09-11 03:51 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-18 16:38 - 2014-09-11 03:51 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-18 16:37 - 2014-09-11 03:52 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-18 16:36 - 2014-09-11 03:51 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-18 16:35 - 2014-09-11 03:51 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-18 16:27 - 2014-09-11 03:51 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-18 16:25 - 2014-09-11 03:51 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-18 16:25 - 2014-09-11 03:51 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-18 16:23 - 2014-09-11 03:51 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-18 16:23 - 2014-09-11 03:51 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-18 16:22 - 2014-09-11 03:51 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 16:19 - 2014-09-11 03:51 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-18 16:17 - 2014-09-11 03:51 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-18 16:17 - 2014-09-11 03:51 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-18 16:16 - 2014-09-11 03:51 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-18 16:15 - 2014-09-11 03:51 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-18 16:15 - 2014-09-11 03:51 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-18 16:09 - 2014-09-11 03:51 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-18 16:08 - 2014-09-11 03:51 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-18 16:07 - 2014-09-11 03:51 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-18 15:55 - 2014-09-11 03:51 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-18 15:46 - 2014-09-11 03:51 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-18 15:38 - 2014-09-11 03:51 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-18 15:38 - 2014-09-11 03:51 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-18 15:36 - 2014-09-11 03:51 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-16 03:52 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-08-14 14:56 - 2014-08-14 14:56 - 00067387 _____ () C:\Users\Matthew\Downloads\chat.htm
2014-08-13 18:32 - 2014-08-13 18:31 - 00076347 _____ () C:\Users\Matthew\Downloads\members.htm
 
Some content of TEMP:
====================
C:\Users\Matthew\AppData\Local\Temp\Quarantine.exe
C:\Users\Matthew\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Matthew\AppData\Local\Temp\xvz_sgg4.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2012-07-18 03:58
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Babs at 2014-09-12 10:05:44
Running from C:\Users\Babs\Desktop\New folder
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip 9.20) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.4.402.278 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.2.26485 - Ask.com) <==== ATTENTION
Bejeweled 2 Deluxe (HKLM-x32\...\Bejeweled 2 Deluxe) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell Perks Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.0.6 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.39 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.39 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.202 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Driver Manager (HKLM-x32\...\{686695ED-BB3F-415D-B0DB-18CF535F7B50}) (Version: 7 - Driver Manager)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.18 - Dell Inc.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Free File Viewer 2011 (HKLM-x32\...\FreeFileViewer_is1) (Version:  - Bitberry Software) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6304.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2827 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java™ 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java™ 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LameACM (HKLM-x32\...\LameACM) (Version:  - )
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Minecraft1.6.1 (HKLM-x32\...\Minecraft1.6.1) (Version:  - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1398 - Electronic Arts)
NexperiaTM System Solution Software (HKLM-x32\...\NexperiaTM System Solution) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Studio 12 (HKLM-x32\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.1.3.6605 - Pinnacle Systems)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.6.0 - Dell Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.0-1.0.10926.49 - raidcall.com)
RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 2.40 - Philipp Winterberg)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Star Conflict Launcher 1.0.1.21 (HKLM-x32\...\StarConflictLauncher_is1) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
System - Driver - System update (HKLM-x32\...\System Driver) (Version: "1.1.1" - "System")
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version:  - Ubisoft Singapore)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
War Thunder Launcher 1.0.1.340 (HKLM-x32\...\{abc8eea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
War Thunder Launcher 1.0.1.396 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
YTD Video Downloader 3.9.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1775670845-2207748126-3420140166-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Babs\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1775670845-2207748126-3420140166-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Babs\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
04-09-2014 12:08:38 Windows Update
07-09-2014 12:12:02 Windows Update
11-09-2014 08:02:04 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0281DD96-7F31-420E-A4CC-C395669A5F27} - System32\Tasks\{57B89BC9-FEBA-4D68-8D06-52A2C034C841} => C:\Users\Matthew\Desktop\~Get Your Files Here\Bitdefender Antivirus Plus 2013 16.18.0.1406 x64\Activator\Activator_2.0BETA3.exe
Task: {0D85AA0D-80D3-43AF-BEC7-FF6A2E7BD692} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1775670845-2207748126-3420140166-1000
Task: {0E46B44C-307E-4813-AE6A-D7F383259022} - System32\Tasks\{F54A7788-7A4D-4D99-9B45-73AE9387861C} => C:\Users\Matthew\Desktop\~Get Your Files Here\Bitdefender Antivirus Plus 2013 16.18.0.1406 x64\Activator\Activator_2.0BETA3.exe
Task: {13D877BD-9C94-416C-A171-0D2DA2F416FE} - System32\Tasks\{D0F84CC7-8A30-4280-8374-B188DB238051} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {17D3DC08-D1DF-420B-AADB-86CEFA417FFF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000Core1cd9f75381e11c8 => C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {2B8F94CC-EC76-456D-93D3-A48EAEEBEA7E} - System32\Tasks\{8AF87845-01E5-4F20-95DA-8623824B1F63} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {2C238C0A-5CAF-4F2F-95D3-DE4EAB86D7DF} - System32\Tasks\{99739DBD-8E8C-4B1C-ADCB-D3FC09D90A90} => C:\Program Files (x86)\War Thunder\launcher.exe [2014-09-03] (Gaijin Entertainment)
Task: {2DF7C834-15C0-4543-A94E-C0F7E782486B} - System32\Tasks\{436CF9D7-24FA-42E1-B972-6E4159D38F2F} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {3BA551F6-C640-41B4-B64B-57ED9629C0FD} - System32\Tasks\{3530DE84-B9D2-4E69-8101-BDD061E8EA67} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {3E984820-5F7A-46BD-95CE-79AA5DF937E4} - System32\Tasks\{E1D9D0E0-BDF3-45F0-9B67-65E305185F19} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {47806AEE-AC9F-4E55-B142-427395D8CA21} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {74B77D44-36FE-41C6-A7BF-ADA731DF909F} - System32\Tasks\{F7FC6C43-1004-4AF0-B461-0346E705AF5D} => C:\Users\Matthew\Desktop\~Get Your Files Here\Bitdefender Antivirus Plus 2013 16.18.0.1406 x64\Activator\Activator_2.0BETA3.exe
Task: {804F38CE-05E7-4E00-9C71-C8F5C19234E2} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {8137EB6E-2DB6-4C2A-B361-BD93A8BEA8AD} - System32\Tasks\{597D131A-6305-49D2-AFF3-9AB65AC33763} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {827B1DEC-EFB9-4033-8352-628D6E12A90F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003Core => C:\Users\Babs\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-08] (Google Inc.)
Task: {88DA43A0-28C3-4B6D-8E47-C43DCCD0BAAE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000Core1cd9ac275e2b72f => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-19] (Google Inc.)
Task: {973761DB-3D77-4CBD-B22B-FA903291854A} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {9A4DA800-9737-4DD8-A0C2-C202706507F6} - System32\Tasks\GoogleUpdateTaskMachineCore1cda5e1c8bd1263 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04] (Google Inc.)
Task: {9E2E8D6E-0A40-408E-BF6C-E0B2E4E1A99C} - System32\Tasks\{F3ED71B2-866A-4D36-AF61-C45396A50914} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {9F509F5D-7247-4BD7-9C4B-AF42AB4D2034} - System32\Tasks\{94D487A4-EDEE-4495-B745-0692BFDE2E87} => C:\Users\Matthew\Desktop\~Get Your Files Here\Bitdefender Antivirus Plus 2013 16.18.0.1406 x64\Activator\Activator_2.0BETA3.exe
Task: {ACF37806-8205-47AB-A3E2-5E864F513FB9} - System32\Tasks\{A399CA9A-DA12-4A51-8DFF-68FDE16C7D6C} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {AE0DB55E-B97B-443E-93A9-0A49137CD6B8} - System32\Tasks\{BDABDD65-7542-4063-B8A6-5A663333DC70} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {B7ECE5B4-3F10-4652-9F25-ABC9DF0876C6} - System32\Tasks\{754F339F-F191-41F5-9765-CC7BBF475B06} => C:\Users\Matthew\Desktop\~Get Your Files Here\Bitdefender Antivirus Plus 2013 16.18.0.1406 x64\Activator\Activator_2.0BETA3.exe
Task: {B914E2AC-5DB2-4D46-8F4F-38F5C853B598} - System32\Tasks\{C9413B0D-E6BA-93EE-F1DE-C5E9E9A36E5F} => C:\Users\Matthew\AppData\Roaming\YzKoyfVn\KCdnUMrZ\gonUDgVo\JvhQkKnBp.exe
Task: {BE13D3CA-202D-4BB7-964A-0E2CFEF51E79} - System32\Tasks\{48463961-EEB1-41E6-850F-DF35FB255706} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {C1364867-2FEF-47A3-ADED-DC368C67C626} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000UA1cd9f7538515788 => C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {DA9722B6-CF6A-4C9B-BA2A-F26A4DE41F95} - System32\Tasks\{8987F665-7812-4488-9F7E-C81E2A0318E2} => C:\Users\Matthew\AppData\Roaming\BitTorrent\BitTorrent.exe
Task: {DF4FAC73-1D9D-46B1-AB6D-54CE11810218} - System32\Tasks\{94DDEFDB-71AF-47AF-AECF-BB0337DC6768} => C:\Program Files (x86)\War Thunder\launcher.exe [2014-09-03] (Gaijin Entertainment)
Task: {E1BB086D-D3F5-40F1-ACD7-1B9182229E4D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003UA => C:\Users\Babs\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-08] (Google Inc.)
Task: {E3B935D0-6F16-41A4-A06A-0BF25C60FC19} - System32\Tasks\{A8A5A5CC-60CF-45B0-943D-BC1B0A9DA9B5} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {E774E7E6-FB34-41CE-BAB2-91C2B50C8E97} - System32\Tasks\GoogleUpdateTaskMachineUA1cda5e1cca735b7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04] (Google Inc.)
Task: {EBA41BCE-6B56-41CF-B78F-9F617BDF01BC} - System32\Tasks\SmartDefrag3_Schedule => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)
Task: {EBAAE57D-C4DB-454E-AFBD-B3A9DD878993} - System32\Tasks\{20A81EF2-1AB5-4BF3-9FFA-4E0FFBDEE348} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {F446CB3B-F3CF-4C39-AFE7-70BA364F8EFE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000UA1cd9ac2766d1ed0 => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-19] (Google Inc.)
Task: {F7D0BE42-367D-4B73-AB8F-3C07C5594997} - System32\Tasks\{4E634920-17F2-45A4-958D-0FD2D103A82C} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: {F9642AB0-1E5F-4D7A-995C-C50173BBB07D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {FFD7AD47-FDD6-45D1-AC2A-41BEA387FC1B} - System32\Tasks\{5A5DF764-E983-4E28-946C-85A5430EDC53} => C:\Users\Matthew\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-01] (BitTorrent Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000Core1cd9f75381e11c8.job => C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000UA1cd9f7538515788.job => C:\Users\Matthew\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cda5e1c8bd1263.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cda5e1cca735b7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000Core1cd9ac275e2b72f.job => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1000UA1cd9ac2766d1ed0.job => C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003Core.job => C:\Users\Babs\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1775670845-2207748126-3420140166-1003UA.job => C:\Users\Babs\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-12-30 17:09 - 2005-06-07 13:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-17 10:35 - 2010-11-17 10:35 - 00514544 ____N () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2014-01-10 00:26 - 2014-01-10 00:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-04 03:34 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2010-11-24 22:44 - 2010-11-24 22:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2014-01-10 00:28 - 2014-01-10 00:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-09-10 19:49 - 2014-09-03 22:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-10 19:49 - 2014-09-03 22:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-10 19:49 - 2014-09-03 22:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-10 19:49 - 2014-09-03 22:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-10 19:49 - 2014-09-03 22:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-02-28 08:33 - 2014-02-28 08:33 - 00148480 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\quazip.dll
2014-02-27 08:46 - 2014-02-27 08:46 - 00864768 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 08:45 - 2014-02-27 08:45 - 00677376 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 08:43 - 2014-08-04 08:43 - 00092104 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-08-04 08:43 - 2014-08-04 08:43 - 00105416 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 08:46 - 2014-02-27 08:46 - 00025600 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 08:46 - 2014-02-27 08:46 - 00242688 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 08:45 - 2014-08-04 08:45 - 00477128 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 08:45 - 2014-08-04 08:45 - 00484808 _____ () C:\Users\Babs\Desktop\New folde\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
Name: Nielsen WFP Driver
Description: Nielsen WFP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: nnfwdk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/11/2014 04:29:32 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed
 
Error: (09/11/2014 04:29:01 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Too many failures while downloading ranges: 2
 
Error: (09/11/2014 04:27:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2014 03:02:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1775670845-2207748126-3420140166-1004.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {a5ec15bb-0313-4e21-beb2-9c809b85b1bd}
 
Error: (09/10/2014 07:30:38 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed
 
Error: (09/10/2014 07:30:07 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Too many failures while downloading ranges: 2
 
Error: (09/10/2014 07:28:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/09/2014 08:19:42 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed
 
Error: (09/09/2014 08:19:12 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Too many failures while downloading ranges: 2
 
Error: (09/09/2014 08:17:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (09/12/2014 06:26:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (09/12/2014 06:26:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (09/12/2014 06:26:04 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (09/12/2014 06:26:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (09/12/2014 06:26:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (09/12/2014 06:26:00 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (09/12/2014 06:21:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (09/12/2014 06:21:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (09/12/2014 06:21:48 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (09/11/2014 11:06:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
 
Microsoft Office Sessions:
=========================
Error: (09/11/2014 04:29:32 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
 
Error: (09/11/2014 04:29:01 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
 
Error: (09/11/2014 04:27:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/11/2014 03:02:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1775670845-2207748126-3420140166-1004.bak)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {a5ec15bb-0313-4e21-beb2-9c809b85b1bd}
 
Error: (09/10/2014 07:30:38 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
 
Error: (09/10/2014 07:30:07 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
 
Error: (09/10/2014 07:28:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/09/2014 08:19:42 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
 
Error: (09/09/2014 08:19:12 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
 
Error: (09/09/2014 08:17:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-01-28 06:38:47.876
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_003\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-01-28 06:28:42.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_002\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-01-28 01:14:12.701
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_002\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-01-28 01:05:17.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_002\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-01-28 00:49:05.781
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00174_002\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-01-28 00:32:52.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender 2013\active virus control\avc3_000_001\avcuf64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU P6200 @ 2.13GHz
Percentage of memory in use: 48%
Total physical RAM: 3894.7 MB
Available physical RAM: 2021.43 MB
Total Pagefile: 7892.88 MB
Available Pagefile: 5303.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:283.34 GB) (Free:68.46 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 0EA9FC92)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 12 September 2014 - 01:36 PM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Babs\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
ShortcutTarget: StripSaver2.lnk -> C:\Program Files (x86)\StripSaver2\StripSaver2.exe (No File)
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (No File)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: CrossRider -> {A876E312-7D08-401a-B7A6-FAFC5DC2F292} -> C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll ()
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
FF DefaultSearchEngine: Ask.com
FF SelectedSearchEngine: Ask.com
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=716DFE98-C4E4-4970-878F-2B10482671EC&apn_ptnrs=&apn_sauid=FE09EC2D-3B6C-461E-A6C1-A25BB9AC6D91&apn_dtid=OSJ000&&q=
FF SearchEngineOrder.1: Ask.com
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\npfirefoxtracker.dll No File
CHR StartupUrls: Default -> "hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=US&userid=feff1117-81b8-6b37-d4ec-88c6f1b7eb87&searchtype=hp&installDate=29/08/2013"
CHR Plugin: (Skype Toolbars) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll No File
CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Ghostery) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-09-05]
CHR HKLM-x32\...\Chrome\Extension: [jgceplfonlgodadnpognljgdjlcnpjnh] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\extension.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S1 nnfwdk; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\nnfwdk64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
C:\Users\Matthew\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Matthew\AppData\Local\Temp\xvz_sgg4.dll
Task: C:\windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is the computer running now?

#10 McClain_Dugger

McClain_Dugger
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 12 September 2014 - 02:07 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Babs at 2014-09-12 14:04:08 Run:1
Running from C:\Users\Babs\Desktop\New folder
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Babs\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (No File)
ShortcutTarget: StripSaver2.lnk -> C:\Program Files (x86)\StripSaver2\StripSaver2.exe (No File)
ShortcutTarget: Trillian.lnk -> C:\Program Files (x86)\Trillian\trillian.exe (No File)
ShellIconOverlayIdentifiers: SugarSyncBackedUp -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncPending -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncRoot -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
ShellIconOverlayIdentifiers: SugarSyncShared -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: CrossRider -> {A876E312-7D08-401a-B7A6-FAFC5DC2F292} -> C:\Program Files (x86)\CrossriderWebApps\Crossrider.dll ()
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
FF DefaultSearchEngine: Ask.com
FF SelectedSearchEngine: Ask.com
FF Keyword.URL: hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=716DFE98-C4E4-4970-878F-2B10482671EC&apn_ptnrs=&apn_sauid=FE09EC2D-3B6C-461E-A6C1-A25BB9AC6D91&apn_dtid=OSJ000&&q=
FF SearchEngineOrder.1: Ask.com
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\FirefoxAddOns\npfirefoxtracker.dll No File
CHR StartupUrls: Default -> "hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=US&userid=feff1117-81b8-6b37-d4ec-88c6f1b7eb87&searchtype=hp&installDate=29/08/2013"
CHR Plugin: (Skype Toolbars) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll No File
CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No File
CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No File
CHR Plugin: (RealDownloader Plugin) - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Ghostery) - C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-09-05]
CHR HKLM-x32\...\Chrome\Extension: [jgceplfonlgodadnpognljgdjlcnpjnh] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\extension.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 NielsenUpdate; C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S1 nnfwdk; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\nnfwdk64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
C:\Users\Matthew\AppData\Local\Temp\SymcPCCUInstaller.exe
C:\Users\Matthew\AppData\Local\Temp\xvz_sgg4.dll
Task: C:\windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
 
*****************
 
C:\Users\Babs\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe not found.
C:\Program Files (x86)\StripSaver2\StripSaver2.exe not found.
C:\Program Files (x86)\Trillian\trillian.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncBackedUp" => Key deleted successfully.
"HKCR\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncPending" => Key deleted successfully.
"HKCR\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncRoot" => Key deleted successfully.
"HKCR\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}" => Key deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SugarSyncShared" => Key deleted successfully.
"HKCR\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A876E312-7D08-401a-B7A6-FAFC5DC2F292}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{A876E312-7D08-401a-B7A6-FAFC5DC2F292}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} => value deleted successfully.
"HKCR\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}" => Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox Keyword.URL deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@nielsen/FirefoxTracker" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll not found.
C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
C:\windows\SysWOW64\npDeployJava1.dll not found.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll not found.
C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll not found.
C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll not found.
C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll not found.
C:\Users\Babs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh" => Key deleted successfully.
"C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\extension.crx" => File/Directory not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
NielsenUpdate => Service deleted successfully.
EagleX64 => Service deleted successfully.
nnfwdk => Service deleted successfully.
WinRing0_1_2_0 => Service deleted successfully.
C:\Users\Matthew\AppData\Local\Temp\SymcPCCUInstaller.exe => Moved successfully.
C:\Users\Matthew\AppData\Local\Temp\xvz_sgg4.dll => Moved successfully.
C:\windows\Tasks\FreeFileViewerUpdateChecker.job => Moved successfully.
C:\windows\Tasks\PC Optimizer Pro64 startups.job => Moved successfully.
 
==== End of Fixlog ====


#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 13 September 2014 - 08:15 AM

Please post the log from the Security Check scan. (Post No 9)

How is the computer running?

#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 19 September 2014 - 08:49 AM

Are you still with me?

#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 25 September 2014 - 10:18 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:31 PM

Posted 26 September 2014 - 12:32 PM

This topic has been re-opened at the request of the person who originally posted.

#15 McClain_Dugger

McClain_Dugger
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:03:31 PM

Posted 27 September 2014 - 10:39 AM

Hey so after I did the last thing that I posted it ran smoother for a while.....now however scvhost eats up a lot of physical memory at certain points of the day causing the entire system to slow to the point of this websites name lol.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users