Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet connection but Browsers will not work


  • This topic is locked This topic is locked
25 replies to this topic

#1 satnerd

satnerd

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 12 October 2014 - 08:35 PM

Gateway laptop running Vista home premium is connected to internet but browsers will not work. I have downloaded & installed over 150 updates that were available to this PC but cant connect to the net via Chrome or IE.When I received the laptop it would connect to Internet & browsers did work but was almost unusable due to the pop ups. I went thru it & uninstalled all the toolbars, download optimizers & all the other fluff that didn't appear to be legitimate software. The ones I wasn't sure of, I googled to be sure it was safe to remove. After getting it running good & smooth I attempted to get online but got nothing. Network properties shows that it is connected. Windows update does work as I downloaded over 150 updates for it & now it is totally up to date. I've ran Ad-Aware, Spybot, Vipre virus scan, rkill, malware bytes, Emisoft toolkit & Junkware remover. I've did all the different variables of ip config , flush, reset, & reset winsock & other variables I could find. I can ping google & get the the ping results with packet size & time. I've tried connecting in safe mode, no luck. Also, it will not connect via Ethernet either. I've also tried resetting my router & installing a wifi dongle. Those options didn't work either 

 

the log from DDS is posted below. 

 

Thanks for any help you can provide,

 

Anthony

 

 

DS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 9.0.8112.16575
Run by Grammie at 21:22:52 on 2014-10-12
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3996.2689 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u
uSearchAssistant = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{538EBB85-5A50-4096-B200-319AC64200C1} : NameServer = 8.8.8.8,8.8.8.4
TCP: Interfaces\{98D494D3-B324-496A-BFCE-BF1AFDCDF1D6} : DHCPNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R2 ETService;Empowering Technology Service;C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-9-1 24576]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2008-1-20 27648]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-11 1809720]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2014-10-7 293376]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-8-19 126976]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-10-11 25816]
R3 NETw5v64;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ;C:\Windows\System32\drivers\NETw5v64.sys [2008-8-19 4730368]
R3 O2MDRDR;O2MDRDR;C:\Windows\System32\drivers\o2mdx64.sys [2008-5-13 62424]
R3 O2SDRDR;O2SDRDR;C:\Windows\System32\drivers\o2sdx64.sys [2008-6-11 51800]
R3 SYMNDISV;SYMNDISV;C:\Windows\System32\drivers\symndisv.sys [2009-2-19 47664]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2008-2-21 393728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-11 860472]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2008-8-19 33584]
S3 cleanhlp;cleanhlp;C:\EEK\bin\cleanhlp64.sys [2014-10-11 57024]
S3 gfiark;gfiark;C:\Windows\System32\drivers\gfiark.sys [2014-10-11 41032]
S3 gfiutil;gfiutil;C:\Windows\System32\drivers\gfiutil.sys [2014-10-11 31264]
S3 GT72NDISIPXP;GT 72 IP NDIS;C:\Windows\System32\drivers\Gt51Ip.sys [2008-2-18 124928]
S3 GT72UBUS;GT 72 U BUS;C:\Windows\System32\drivers\gt72ubus.sys [2008-2-8 80896]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-10-11 64216]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTWlanU.sys [2014-10-8 1479312]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-16 50176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-9-11 1012344]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2014-10-3 90776]
.
=============== File Associations ===============
.
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2014-10-13 00:15:48 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-04 13:56:59 78848 ----a-w- C:\Windows\SysWow64\inseng.dll
2014-09-22 06:42:39 278152 ------w- C:\Windows\System32\MpSigStub.exe
2014-09-09 06:40:37 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 06:24:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-08-29 17:01:54 101694776 ----a-w- C:\Windows\System32\mrt.exe
2014-08-23 01:05:12 304128 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-23 00:42:45 390144 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-22 23:38:23 2782208 ----a-w- C:\Windows\System32\win32k.sys
2014-08-15 15:48:56 17868288 ----a-w- C:\Windows\System32\mshtml.dll
2014-08-15 15:36:31 10920960 ----a-w- C:\Windows\System32\ieframe.dll
2014-08-15 15:35:56 2339328 ----a-w- C:\Windows\System32\jscript9.dll
2014-08-15 15:31:44 1384960 ----a-w- C:\Windows\System32\urlmon.dll
2014-08-15 15:31:16 1392128 ----a-w- C:\Windows\System32\wininet.dll
2014-08-15 15:30:08 599040 ----a-w- C:\Windows\System32\vbscript.dll
2014-08-15 15:30:06 816640 ----a-w- C:\Windows\System32\jscript.dll
2014-08-15 15:30:00 1494016 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-08-15 15:29:52 237056 ----a-w- C:\Windows\System32\url.dll
2014-08-15 15:29:49 2156032 ----a-w- C:\Windows\System32\iertutil.dll
2014-08-15 15:29:45 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2014-08-15 15:29:33 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-08-15 15:29:25 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2014-08-15 15:29:14 453120 ----a-w- C:\Windows\System32\dxtmsft.dll
2014-08-15 15:29:08 282112 ----a-w- C:\Windows\System32\dxtrans.dll
2014-08-15 15:29:03 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll
2014-08-15 15:29:01 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2014-08-15 15:28:56 11264 ----a-w- C:\Windows\System32\msfeedssync.exe
2014-08-15 15:28:53 248320 ----a-w- C:\Windows\System32\ieui.dll
2014-08-15 15:28:50 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-08-15 15:28:47 12800 ----a-w- C:\Windows\System32\mshta.exe
2014-08-15 14:51:34 12363264 ----a-w- C:\Windows\SysWow64\mshtml.dll
2014-08-15 14:42:27 1810432 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-08-15 14:42:11 9739776 ----a-w- C:\Windows\SysWow64\ieframe.dll
2014-08-15 14:37:24 1137664 ----a-w- C:\Windows\SysWow64\urlmon.dll
2014-08-15 14:37:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-08-15 14:36:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-08-15 14:35:56 1802240 ----a-w- C:\Windows\SysWow64\iertutil.dll
2014-08-15 14:35:47 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-08-15 14:35:46 231936 ----a-w- C:\Windows\SysWow64\url.dll
2014-08-15 14:35:41 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2014-08-15 14:35:35 717824 ----a-w- C:\Windows\SysWow64\jscript.dll
2014-08-15 14:35:34 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-08-15 14:35:21 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2014-08-15 14:35:14 223232 ----a-w- C:\Windows\SysWow64\dxtrans.dll
2014-08-15 14:35:13 353792 ----a-w- C:\Windows\SysWow64\dxtmsft.dll
2014-08-15 14:35:07 41472 ----a-w- C:\Windows\SysWow64\msfeedsbs.dll
2014-08-15 14:34:55 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2014-08-15 14:34:53 10752 ----a-w- C:\Windows\SysWow64\msfeedssync.exe
2014-08-15 14:34:49 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2014-08-15 14:34:48 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2014-08-15 14:34:47 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-25 06:35:46 875688 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47:06 869544 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
.
============= FINISH: 21:23:23.58 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:32 PM

Posted 17 October 2014 - 08:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/551748 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:08:32 PM

Posted 18 October 2014 - 05:07 AM


Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)


FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > Windows 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#4 satnerd

satnerd
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 18 October 2014 - 05:38 PM

Hello & thanks for your assistance! the .txt files are listed below

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Grammie (administrator) on LAUREN-PC on 18-10-2014 18:14:45
Running from F:\
Loaded Profiles: Grammie &  (Available profiles: Grammie)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(O2Micro International) C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\RacAgent.exe
(Arcadesafari) C:\Users\Grammie\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1406597573-3072972600-3789216215-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-1406597573-3072972600-3789216215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {DCF46DE4-C3CD-443F-ACFE-6F1FCD7CDF07} URL = 
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{538EBB85-5A50-4096-B200-319AC64200C1}: [NameServer] 8.8.8.8,8.8.8.4
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKCU\...\Firefox\Extensions: [module@com.arcadesafari.firefox] - C:\Users\Grammie\AppData\Local\Arcadesafari\module@com.arcadesafari.firefox
FF Extension: Arcadesafari - C:\Users\Grammie\AppData\Local\Arcadesafari\module@com.arcadesafari.firefox [2012-10-01]
 
Chrome: 
=======
CHR Profile: C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-11]
CHR Extension: (Google Drive) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11]
CHR Extension: (Google Search) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11]
CHR Extension: (Skype Click to Call) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-11]
CHR Extension: (Gmail) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11]
CHR HKCU\...\Chrome\Extension: [mokddliohlpldjpgnnoohcmejajpblfn] - C:\Users\Grammie\AppData\Local\CRE\mokddliohlpldjpgnnoohcmejajpblfn.crx []
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-01-31]
CHR HKLM-x32\...\Chrome\Extension: [mokddliohlpldjpgnnoohcmejajpblfn] - C:\Users\Grammie\AppData\Local\CRE\mokddliohlpldjpgnnoohcmejajpblfn.crx [2013-01-31]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [1371136 2008-04-30] (Intel® Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 o2flash; C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [826368 2008-04-30] (Intel® Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S1 Beep; No ImagePath
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-10-12] (Emsisoft GmbH)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124928 2008-02-18] (Option N.V.)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2008-02-08] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.)
S3 int15.sys; C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BCM2045NMD\int15.sys [69632 2003-10-01] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [62424 2008-05-13] (O2Micro )
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [341504 2008-04-01] (Realtek Semiconductor Corporation                           )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1479312 2013-03-05] (Realtek Semiconductor Corporation                           )
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [30088 2008-08-22] ()
R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [16432 2009-02-19] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172080 2008-08-19] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [145456 2009-02-19] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [47664 2009-02-19] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [28720 2009-02-19] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [266800 2009-02-19] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [X]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-18 18:13 - 2014-10-18 18:14 - 00000000 ____D () C:\FRST
2014-10-12 21:24 - 2014-10-12 21:24 - 00006661 _____ () C:\Users\Grammie\Desktop\attach.txt
2014-10-12 21:24 - 2014-10-12 21:23 - 00013090 _____ () C:\Users\Grammie\Desktop\dds.txt
2014-10-12 20:40 - 2014-10-12 20:40 - 00020729 _____ () C:\ComboFix.txt
2014-10-12 20:24 - 2014-10-12 20:40 - 00000000 ____D () C:\Qoobox
2014-10-12 20:24 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-12 20:24 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-12 20:24 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-12 20:23 - 2014-10-12 20:38 - 00000000 ____D () C:\Windows\erdnt
2014-10-12 16:01 - 2014-10-12 16:01 - 00099839 _____ () C:\Users\Grammie\Desktop\CheckResults.txt
2014-10-12 15:55 - 2014-10-12 15:55 - 00023674 _____ () C:\malwarebytes.txt
2014-10-12 11:21 - 2014-10-12 11:21 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-12 11:18 - 2014-10-12 11:21 - 00002496 _____ () C:\Users\Grammie\Desktop\Rkill.txt
2014-10-12 11:15 - 2014-10-12 11:15 - 00003874 _____ () C:\Users\Grammie\Desktop\JRT.txt
2014-10-12 11:10 - 2014-10-12 11:10 - 00000000 ____D () C:\Windows\ERUNT
2014-10-11 21:59 - 2014-10-12 00:34 - 00000000 ____D () C:\VIPRERESCUE
2014-10-11 21:59 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2014-10-11 21:59 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2014-10-11 21:57 - 2014-10-11 21:57 - 00000693 _____ () C:\Users\Grammie\Desktop\Start Emsisoft Emergency Kit.lnk
2014-10-11 21:56 - 2014-10-11 22:21 - 00000000 ____D () C:\EEK
2014-10-11 21:52 - 2014-10-12 21:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 21:52 - 2014-10-11 21:52 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-11 21:52 - 2014-10-11 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-11 21:51 - 2014-10-11 21:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-11 21:51 - 2014-10-11 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-11 21:51 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-11 21:51 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-11 21:51 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-11 20:50 - 2014-10-11 20:50 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-11 20:50 - 2014-10-11 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-11 20:49 - 2014-10-18 18:15 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 20:49 - 2014-10-18 18:13 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 20:49 - 2014-10-11 20:49 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-11 20:49 - 2014-10-11 20:49 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-11 18:10 - 2014-10-11 18:14 - 00000732 _____ () C:\Users\Grammie\AppData\Local\d3d9caps64.dat
2014-10-11 17:57 - 2014-10-12 01:00 - 00006941 _____ () C:\WirelessDiagLog.csv
2014-10-11 17:56 - 2014-10-11 17:56 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\Intel
2014-10-08 11:53 - 2014-10-08 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2014-10-08 11:51 - 2013-03-05 14:14 - 01479312 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\rtwlanu.sys
2014-10-08 11:51 - 2013-03-05 14:14 - 01479312 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTWlanU.sys
2014-10-08 11:51 - 2013-02-25 07:56 - 00007873 _____ () C:\Windows\system32\netrtwlanu.cat
2014-10-08 11:50 - 2014-10-08 11:50 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-10-07 22:13 - 2014-10-07 22:13 - 00000000 ____D () C:\Users\Public\CyberLink
2014-10-07 22:13 - 2014-10-07 22:13 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\CyberLink
2014-10-07 21:19 - 2007-12-24 02:29 - 00145890 _____ () C:\Windows\system32\Drivers\HSFProf.cty
2014-10-07 21:19 - 2007-11-01 05:22 - 01481216 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAX_DPV.sys
2014-10-07 21:19 - 2007-11-01 05:19 - 00293376 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAXHWAZL.sys
2014-10-07 21:19 - 2007-11-01 05:18 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAX_CNXT.sys
2014-10-07 21:19 - 2007-10-18 02:37 - 00010240 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio64.sys
2014-10-07 03:00 - 2014-08-15 11:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-07 03:00 - 2014-08-15 11:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-07 03:00 - 2014-08-15 11:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-07 03:00 - 2014-08-15 11:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-07 03:00 - 2014-08-15 11:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-07 03:00 - 2014-08-15 11:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-07 03:00 - 2014-08-15 11:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-07 03:00 - 2014-08-15 11:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-07 03:00 - 2014-08-15 11:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-07 03:00 - 2014-08-15 11:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-07 03:00 - 2014-08-15 11:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-07 03:00 - 2014-08-15 11:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-07 03:00 - 2014-08-15 11:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-07 03:00 - 2014-08-15 11:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-07 03:00 - 2014-08-15 11:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-07 03:00 - 2014-08-15 11:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-07 03:00 - 2014-08-15 11:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-07 03:00 - 2014-08-15 11:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-07 03:00 - 2014-08-15 11:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-07 03:00 - 2014-08-15 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-07 03:00 - 2014-08-15 11:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-07 03:00 - 2014-08-15 10:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-07 03:00 - 2014-08-15 10:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-07 03:00 - 2014-08-15 10:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-07 03:00 - 2014-08-15 10:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-07 03:00 - 2014-08-15 10:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-07 03:00 - 2014-08-15 10:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-07 03:00 - 2014-08-15 10:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-07 03:00 - 2014-08-15 10:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-07 03:00 - 2014-08-15 10:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-07 03:00 - 2014-08-15 10:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-07 03:00 - 2014-08-15 10:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-07 03:00 - 2014-08-15 10:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-07 03:00 - 2014-08-15 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-07 03:00 - 2014-08-15 10:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-07 03:00 - 2014-08-15 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-07 03:00 - 2014-08-15 10:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-07 03:00 - 2014-08-15 10:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-07 03:00 - 2014-08-15 10:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-07 03:00 - 2014-08-15 10:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-07 03:00 - 2014-08-15 10:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-07 03:00 - 2014-08-15 10:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-04 16:24 - 2014-10-04 16:24 - 00000680 _____ () C:\Users\Grammie\AppData\Local\d3d9caps.dat
2014-10-04 16:20 - 2014-10-04 16:20 - 00000000 ____D () C:\Windows\OPTIONS
2014-10-04 16:20 - 2014-10-04 16:20 - 00000000 ____D () C:\Program Files (x86)\REALTEK RTL8187SE Wireless LAN Driver
2014-10-04 16:20 - 2008-04-01 15:00 - 00341504 _____ (Realtek Semiconductor Corporation ) C:\Windows\system\rtl8187Se.sys
2014-10-04 16:10 - 2014-10-04 16:10 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\TMP
2014-10-04 16:08 - 2014-10-04 16:09 - 00006094 _____ () C:\Windows\DPINST.LOG
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\ProgramData\Intel
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\Program Files\Intel
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-10-04 10:26 - 2014-10-18 18:15 - 00003698 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8F6A8C0E-F539-4AC4-B805-96D261C96B6B}
2014-10-04 09:57 - 2014-10-04 09:57 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-10-04 09:57 - 2014-10-04 09:57 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-10-04 09:57 - 2014-10-04 09:57 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-10-04 09:57 - 2014-10-04 09:57 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-04 09:57 - 2014-10-04 09:57 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-10-04 09:57 - 2014-10-04 09:57 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-10-04 09:57 - 2014-10-04 09:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-10-04 09:56 - 2014-10-04 09:56 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-10-04 09:56 - 2014-10-04 09:56 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-10-04 09:56 - 2014-10-04 09:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-10-04 09:49 - 2013-08-26 23:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-10-04 09:49 - 2013-08-26 23:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-10-04 09:49 - 2013-08-26 23:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-10-04 09:49 - 2013-08-26 23:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-10-04 09:49 - 2013-08-26 22:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-10-04 09:49 - 2013-08-26 22:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-10-04 09:49 - 2013-08-26 22:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-10-04 09:49 - 2013-08-26 22:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-10-04 09:49 - 2013-08-26 22:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-04 09:49 - 2013-08-26 22:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-10-04 09:49 - 2013-08-26 22:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-10-04 09:49 - 2013-08-26 22:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-10-04 09:49 - 2013-08-26 22:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-10-04 09:49 - 2013-08-26 21:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-10-04 09:49 - 2013-08-26 21:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-10-04 09:49 - 2013-08-26 21:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-10-04 09:49 - 2013-08-26 21:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-10-04 09:48 - 2011-03-12 18:52 - 01653760 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-10-04 09:48 - 2011-03-12 17:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-10-04 09:32 - 2014-10-04 09:32 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-04 09:30 - 2014-10-12 20:42 - 00071686 _____ () C:\Windows\PFRO.log
2014-10-04 09:28 - 2014-10-04 09:28 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-10-04 09:28 - 2014-10-04 09:28 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-10-04 09:28 - 2014-10-04 09:28 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-10-04 09:27 - 2014-10-04 09:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-10-04 09:26 - 2014-10-04 09:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-10-03 20:55 - 2006-11-02 15:22 - 00525792 _____ (Microsoft Corporation) C:\Windows\system32\difxapi.dll
2014-10-03 20:08 - 2009-09-24 22:27 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-10-03 20:08 - 2009-09-24 22:10 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-10-03 20:08 - 2009-09-24 22:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-10-03 20:08 - 2009-09-24 22:09 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-10-03 20:08 - 2009-09-24 22:07 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-10-03 20:08 - 2009-09-24 22:04 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2014-10-03 20:08 - 2009-09-24 21:36 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-10-03 20:08 - 2009-09-24 21:35 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-10-03 20:08 - 2009-09-24 21:35 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-10-03 20:08 - 2009-09-24 21:33 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-10-03 20:08 - 2009-09-24 21:33 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-10-03 20:08 - 2009-09-24 21:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2014-10-03 20:08 - 2009-09-24 21:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2014-10-03 20:08 - 2009-09-24 21:31 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-10-03 20:07 - 2009-09-30 21:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2014-10-03 20:07 - 2009-09-30 21:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2014-10-03 20:07 - 2009-09-30 21:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2014-10-03 20:07 - 2009-09-30 21:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2014-10-03 20:07 - 2009-09-30 21:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2014-10-03 20:07 - 2009-09-30 21:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2014-10-03 20:07 - 2009-09-30 21:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll
2014-10-03 20:07 - 2009-09-30 21:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2014-10-03 20:07 - 2009-09-30 21:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2014-10-03 20:07 - 2009-09-30 20:52 - 02727936 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-10-03 20:07 - 2009-09-30 20:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-10-03 20:07 - 2009-09-30 20:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2014-10-03 20:07 - 2009-09-30 20:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2014-10-03 20:07 - 2009-09-30 20:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2014-10-03 20:05 - 2009-08-04 04:12 - 01103872 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-10-03 20:05 - 2009-08-04 04:02 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-10-03 19:55 - 2014-08-22 21:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-10-03 19:55 - 2014-08-22 20:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-03 19:55 - 2014-08-22 19:38 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-03 19:30 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-10-03 19:30 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-10-03 19:30 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-10-03 19:30 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-10-03 19:30 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-10-03 19:30 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-10-03 19:30 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-10-03 19:30 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-10-03 19:30 - 2009-07-14 08:19 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2014-10-03 19:30 - 2009-07-14 08:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winusb.dll
2014-10-03 19:12 - 2014-10-04 09:57 - 00005078 _____ () C:\Windows\IE9_main.log
2014-10-03 18:43 - 2014-06-26 18:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-03 18:43 - 2014-06-26 18:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-10-03 18:43 - 2014-06-26 18:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-03 18:43 - 2014-06-26 18:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-10-03 18:43 - 2014-06-26 18:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-10-03 18:43 - 2014-06-26 18:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-03 18:43 - 2014-06-06 00:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-03 18:43 - 2014-06-06 00:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-03 18:35 - 2009-09-09 22:07 - 03815424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-10-03 18:35 - 2009-09-09 22:06 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-10-03 18:35 - 2009-09-09 22:05 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-10-03 18:35 - 2009-09-09 22:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2014-10-03 18:35 - 2009-09-09 22:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2014-10-03 18:35 - 2009-09-09 22:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-10-03 18:34 - 2012-02-29 11:37 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-10-03 18:34 - 2012-02-29 11:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-10-03 18:34 - 2012-02-29 09:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-10-03 18:14 - 2014-09-09 02:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-03 18:14 - 2014-09-09 02:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-10-03 18:03 - 2014-10-12 20:50 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-10-03 17:57 - 2010-04-06 04:34 - 00345984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-10-03 17:56 - 2014-10-03 17:56 - 00000000 ____D () C:\Users\Grammie\AppData\Local\Microsoft Help
2014-10-03 07:51 - 2014-06-13 20:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-10-03 07:51 - 2014-06-13 20:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-10-03 07:51 - 2014-03-25 12:30 - 12900864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-03 07:51 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-03 07:51 - 2013-10-11 00:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-10-03 07:51 - 2013-10-11 00:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-10-03 07:51 - 2013-10-10 22:29 - 00217074 _____ () C:\Windows\system32\WFP.TMF
2014-10-03 07:51 - 2013-10-10 22:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-10-03 07:51 - 2013-08-02 10:06 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-10-03 07:51 - 2013-08-02 00:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-10-03 07:51 - 2013-07-09 08:04 - 01585256 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-03 07:51 - 2013-07-09 08:04 - 01168088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-03 07:51 - 2013-07-08 00:51 - 04691904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-03 07:51 - 2013-07-08 00:20 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-10-03 07:51 - 2013-07-08 00:18 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-10-03 07:51 - 2013-07-08 00:15 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-10-03 07:51 - 2013-07-08 00:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-10-03 07:51 - 2013-07-07 21:39 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-10-03 07:51 - 2013-07-07 21:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-10-03 07:51 - 2013-07-07 21:39 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-10-03 07:51 - 2013-03-09 00:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-10-03 07:51 - 2013-03-08 21:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-10-03 07:51 - 2012-05-01 10:29 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-03 07:51 - 2012-02-01 11:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2014-10-03 07:51 - 2011-02-22 10:47 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-10-03 07:51 - 2011-02-22 10:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-10-03 07:50 - 2014-01-30 06:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-10-03 07:50 - 2014-01-30 03:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-10-03 07:50 - 2013-06-15 09:27 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2014-10-03 07:50 - 2013-06-15 07:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-03 07:50 - 2013-03-03 15:13 - 01513320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-10-03 07:50 - 2012-09-25 12:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-10-03 07:50 - 2012-09-25 12:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-10-03 07:50 - 2011-12-14 12:38 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-10-03 07:50 - 2011-12-14 12:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-10-03 07:50 - 2010-05-04 15:40 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-10-03 07:50 - 2010-05-04 15:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshsq.dll
2014-10-03 07:49 - 2013-04-24 00:09 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-10-03 07:49 - 2013-04-24 00:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-10-03 07:49 - 2013-04-23 22:10 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-10-03 07:49 - 2013-04-23 21:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-10-03 07:49 - 2013-04-17 09:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-10-03 07:49 - 2013-04-17 08:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-10-03 07:49 - 2012-11-20 00:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-03 07:49 - 2012-11-20 00:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-03 07:48 - 2014-04-05 00:26 - 01417664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-03 07:48 - 2014-04-04 22:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-10-03 07:48 - 2013-10-03 11:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-03 07:48 - 2013-10-03 08:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-03 07:48 - 2013-07-12 05:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-10-03 07:48 - 2013-07-10 05:47 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-10-03 07:48 - 2013-07-10 05:42 - 01303552 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-10-03 07:48 - 2013-06-04 00:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-10-03 07:48 - 2013-06-04 00:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-10-03 07:48 - 2013-06-03 22:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-10-03 07:48 - 2013-06-03 21:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-10-03 07:48 - 2011-11-16 12:43 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-10-03 07:48 - 2011-11-16 12:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-10-03 07:48 - 2011-10-25 12:13 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-03 07:48 - 2011-10-25 11:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-03 07:48 - 2011-10-14 13:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-10-03 07:48 - 2011-10-14 13:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mcicda.dll
2014-10-03 07:48 - 2011-10-14 13:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mciwave.dll
2014-10-03 07:48 - 2011-10-14 13:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2014-10-03 07:48 - 2011-10-14 12:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-10-03 07:48 - 2011-10-14 12:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciseq.dll
2014-10-03 07:48 - 2011-08-25 12:20 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-10-03 07:48 - 2011-08-25 12:19 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-10-03 07:48 - 2011-08-25 12:19 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-10-03 07:48 - 2011-08-25 12:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-10-03 07:48 - 2011-08-25 12:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-10-03 07:48 - 2011-08-25 12:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-10-03 07:48 - 2011-08-25 09:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2014-10-03 07:48 - 2011-08-25 09:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaccrc.dll
2014-10-03 07:48 - 2011-06-15 12:16 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-10-03 07:48 - 2011-06-15 12:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-10-03 07:48 - 2011-01-20 12:17 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-10-03 07:48 - 2011-01-20 12:17 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-10-03 07:48 - 2011-01-20 12:16 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-03 07:48 - 2011-01-20 12:16 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-10-03 07:48 - 2011-01-20 12:16 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-10-03 07:48 - 2011-01-20 12:16 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-10-03 07:48 - 2011-01-20 12:14 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-03 07:48 - 2011-01-20 12:14 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-03 07:48 - 2011-01-20 12:08 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-10-03 07:48 - 2011-01-20 12:07 - 01075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-10-03 07:48 - 2011-01-20 12:07 - 00586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-10-03 07:48 - 2011-01-20 12:07 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-10-03 07:48 - 2011-01-20 12:06 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-03 07:48 - 2011-01-20 12:04 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-03 07:48 - 2011-01-20 12:04 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-03 07:48 - 2011-01-20 11:01 - 03068416 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-10-03 07:48 - 2011-01-20 10:59 - 01032192 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-10-03 07:48 - 2011-01-20 10:58 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-10-03 07:48 - 2011-01-20 10:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-10-03 07:48 - 2011-01-20 10:42 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-10-03 07:48 - 2011-01-20 10:41 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-10-03 07:48 - 2011-01-20 10:40 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-10-03 07:48 - 2011-01-20 10:40 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-10-03 07:48 - 2011-01-20 10:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-03 07:48 - 2011-01-20 10:28 - 01554432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-10-03 07:48 - 2011-01-20 10:25 - 00847360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2014-10-03 07:48 - 2011-01-20 10:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-10-03 07:48 - 2011-01-20 10:15 - 00979456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFH264Dec.dll
2014-10-03 07:48 - 2011-01-20 10:14 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFHEAACdec.dll
2014-10-03 07:48 - 2011-01-20 10:14 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4src.dll
2014-10-03 07:48 - 2011-01-20 10:14 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-10-03 07:47 - 2014-04-26 14:21 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-10-03 07:47 - 2014-04-26 12:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-10-03 07:47 - 2014-02-06 00:21 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-10-03 07:47 - 2014-02-05 21:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-10-03 07:47 - 2012-08-21 07:50 - 00267648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-10-03 07:47 - 2011-10-14 13:30 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-10-03 07:47 - 2011-10-14 12:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-10-03 07:46 - 2013-10-22 05:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-10-03 07:46 - 2013-10-22 03:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-10-03 07:46 - 2013-10-11 00:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-10-03 07:46 - 2013-10-11 00:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-10-03 07:46 - 2013-10-10 22:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-10-03 07:46 - 2013-10-10 22:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-10-03 07:46 - 2013-10-10 22:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-10-03 07:46 - 2013-10-10 22:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-10-03 07:46 - 2013-10-10 22:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2014-10-03 07:46 - 2013-10-10 20:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-10-03 07:46 - 2013-10-10 20:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-10-03 07:46 - 2013-07-20 06:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-03 07:46 - 2013-07-20 06:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-03 07:46 - 2013-07-16 05:25 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-10-03 07:46 - 2013-07-16 00:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-10-03 07:46 - 2013-07-08 00:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-03 07:46 - 2013-07-08 00:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-03 07:46 - 2013-07-08 00:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-10-03 07:46 - 2013-07-08 00:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-03 07:46 - 2013-07-08 00:12 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-03 07:46 - 2013-07-08 00:12 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-10-03 07:46 - 2013-07-04 00:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-10-03 07:46 - 2013-07-04 00:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-10-03 07:46 - 2013-02-11 22:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-10-03 07:46 - 2012-11-22 00:22 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-10-03 07:46 - 2012-11-21 23:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2014-10-03 07:46 - 2012-06-04 11:29 - 00516480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-10-03 07:46 - 2012-06-01 20:22 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-03 07:46 - 2012-06-01 20:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-03 07:46 - 2012-06-01 20:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-03 07:46 - 2011-11-16 12:42 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-10-03 07:46 - 2011-11-16 12:41 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-03 07:46 - 2011-11-16 10:34 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-10-03 07:45 - 2014-06-06 04:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-10-03 07:45 - 2014-06-06 03:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-10-03 07:45 - 2014-03-10 02:26 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-10-03 07:45 - 2014-03-10 02:26 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-10-03 07:45 - 2014-03-09 21:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-10-03 07:45 - 2014-03-09 21:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-10-03 07:45 - 2013-10-30 00:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-10-03 07:45 - 2013-10-29 23:55 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-10-03 07:45 - 2013-10-29 22:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-10-03 07:45 - 2013-06-28 22:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-10-03 07:45 - 2013-06-28 22:25 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-10-03 07:45 - 2013-06-28 22:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-10-03 07:45 - 2013-06-28 22:25 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-10-03 07:45 - 2013-06-26 19:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-10-03 07:45 - 2013-06-26 19:00 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-10-03 07:45 - 2013-06-26 19:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-10-03 07:45 - 2013-03-08 00:18 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-10-03 07:45 - 2012-11-08 00:26 - 01570816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-03 07:45 - 2012-11-07 23:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-03 07:45 - 2012-06-29 12:20 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-10-03 07:45 - 2012-06-29 12:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-10-03 07:45 - 2012-05-11 12:34 - 00788480 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-10-03 07:45 - 2012-05-11 11:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2014-10-03 07:45 - 2012-03-20 19:34 - 00072576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-10-03 07:45 - 2011-11-18 14:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-03 07:45 - 2011-11-18 13:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-03 07:45 - 2011-05-05 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-10-03 07:45 - 2011-05-05 10:17 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-10-03 07:44 - 2013-03-08 00:17 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-03 07:44 - 2013-03-07 23:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-03 07:43 - 2014-06-02 17:30 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-03 07:43 - 2014-06-02 17:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-03 07:43 - 2014-06-02 17:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-03 07:43 - 2014-06-02 17:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-03 07:43 - 2014-06-02 16:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-10-03 07:43 - 2014-06-02 06:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-03 07:43 - 2014-06-02 06:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-10-03 07:43 - 2014-06-02 06:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-03 07:43 - 2014-05-30 03:10 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-10-03 07:43 - 2013-05-02 00:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-10-03 07:43 - 2013-05-02 00:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-10-03 07:43 - 2013-05-02 00:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2014-10-03 07:43 - 2011-07-29 12:08 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-10-03 07:43 - 2011-07-29 12:08 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-10-03 07:43 - 2011-07-29 12:06 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-10-03 07:43 - 2011-07-29 12:06 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-10-03 07:43 - 2011-07-29 12:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-10-03 07:43 - 2011-07-29 12:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-10-03 07:43 - 2011-07-29 12:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-10-03 07:43 - 2011-07-29 12:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-10-03 07:36 - 2012-11-02 06:45 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-10-03 07:36 - 2012-11-02 06:45 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2014-10-03 07:36 - 2012-11-02 06:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-10-03 07:36 - 2012-11-02 04:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-10-03 07:36 - 2012-11-02 04:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2014-10-03 07:21 - 2012-01-09 12:16 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-10-03 07:21 - 2012-01-09 11:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-03 07:06 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-10-03 07:06 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-03 07:06 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-03 07:06 - 2012-06-02 18:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-03 07:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-03 07:06 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-03 07:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-03 07:06 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-03 06:50 - 2014-10-03 06:51 - 00456980 _____ () C:\Users\Grammie\AppData\Local\dd_vcredistMSI5BD5.txt
2014-10-03 06:50 - 2014-10-03 06:51 - 00017798 _____ () C:\Users\Grammie\AppData\Local\dd_vcredistUI5BD5.txt
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-10-03 03:46 - 2014-10-03 03:55 - 00595450 _____ () C:\Windows\dd_vcredistMSI4F49.txt
2014-10-03 03:46 - 2014-10-03 03:55 - 00215676 _____ () C:\Windows\dd_vcredistUI4F49.txt
2014-10-03 03:06 - 2014-10-03 03:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-02 23:20 - 2014-09-22 02:42 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-02 22:03 - 2014-10-02 22:03 - 00004320 _____ () C:\Users\Grammie\Documents\cc_20141002_220257.reg
2014-10-02 22:01 - 2014-10-04 09:27 - 00019866 _____ () C:\Windows\setupact.log
2014-10-02 22:01 - 2014-10-02 22:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-02 18:33 - 2014-10-02 18:33 - 00000000 ____D () C:\ProgramData\AT&T
2014-10-02 18:23 - 2014-10-02 18:32 - 00000000 ____D () C:\Program Files\Recuva
2014-10-02 18:23 - 2014-10-02 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-10-02 18:22 - 2014-10-02 18:29 - 00000000 ____D () C:\Program Files (x86)\Tbccint
2014-10-02 18:19 - 2014-10-02 18:19 - 04210920 _____ (Piriform Ltd) C:\Users\Grammie\Downloads\rcsetup151.exe
2014-10-02 18:16 - 2014-10-02 18:16 - 04965896 _____ (Piriform Ltd) C:\Users\Grammie\Downloads\ccsetup418.exe
2014-10-02 18:16 - 2014-10-02 18:16 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-02 18:16 - 2014-10-02 18:16 - 00000772 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-02 18:16 - 2014-10-02 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-02 18:16 - 2014-10-02 18:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-02 18:12 - 2014-10-11 19:19 - 00000000 ____D () C:\Windows\pss
2014-10-02 18:10 - 2014-10-02 18:10 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\InstallShield
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-18 18:15 - 2013-04-15 21:21 - 00000476 _____ () C:\Windows\Tasks\Arcadesafari.job
2014-10-18 18:14 - 2008-09-01 09:44 - 01996501 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 18:13 - 2013-07-02 19:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-12 21:01 - 2006-11-02 08:46 - 00802740 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-12 20:54 - 2008-09-01 09:55 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml
2014-10-12 20:54 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-12 20:54 - 2006-11-02 11:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-12 20:54 - 2006-11-02 11:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-12 20:52 - 2008-08-19 16:17 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-10-12 20:52 - 2006-11-02 11:42 - 00032650 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-12 20:37 - 2006-11-02 08:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-11 20:50 - 2008-12-26 11:18 - 00000000 ____D () C:\Users\Grammie\AppData\Local\Google
2014-10-11 20:49 - 2008-12-25 22:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-11 18:38 - 2008-08-19 17:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-11 17:00 - 2008-12-25 22:43 - 00000000 ____D () C:\Users\Grammie
2014-10-07 21:21 - 2008-09-01 09:47 - 00000000 ____D () C:\Program Files\CONEXANT
2014-10-06 07:16 - 2011-09-18 01:08 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\Skype
2014-10-04 16:20 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\system
2014-10-04 16:16 - 2008-09-01 09:46 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-10-04 16:09 - 2006-11-02 09:33 - 00000000 __RHD () C:\Users\Default
2014-10-04 10:22 - 2008-12-25 22:45 - 00000981 _____ () C:\Users\Grammie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-04 10:22 - 2008-12-25 22:45 - 00000951 _____ () C:\Users\Grammie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-10-04 10:21 - 2007-07-11 21:49 - 00000000 ____D () C:\Windows\Panther
2014-10-04 10:19 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\rescache
2014-10-04 10:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-04 10:14 - 2006-11-02 09:33 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-10-04 10:14 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-04 10:09 - 2008-08-19 17:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-04 09:57 - 2013-05-22 18:25 - 00796544 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-04 09:57 - 2006-11-02 08:16 - 00008798 _____ () C:\Windows\SysWOW64\icrav03.rat
2014-10-04 09:57 - 2006-11-02 08:16 - 00001988 _____ () C:\Windows\SysWOW64\ticrf.rat
2014-10-04 09:57 - 2006-11-02 02:36 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2014-10-04 09:57 - 2006-11-02 02:36 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2014-10-04 09:30 - 2006-11-02 11:21 - 00305976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-04 09:28 - 2006-11-02 11:07 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\th-TH
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\he-IL
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\et-EE
2014-10-04 09:28 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-10-04 09:28 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-10-04 09:27 - 2006-11-02 09:33 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-03 06:50 - 2008-08-19 17:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-03 06:50 - 2006-11-02 09:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-03 04:21 - 2008-12-25 22:45 - 00000917 _____ () C:\Users\Grammie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-10-03 04:17 - 2010-07-31 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Collaboration
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Movie Maker
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files (x86)\Windows Calendar
2014-10-03 04:13 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Gallery
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\SLUI
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\SLUI
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\setup
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\oobe
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\migwiz
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-10-03 04:13 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-10-03 04:13 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\servicing
2014-10-03 04:13 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\IME
2014-10-03 03:21 - 2011-09-18 01:08 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-03 03:21 - 2011-09-18 01:08 - 00000000 ____D () C:\ProgramData\Skype
2014-10-03 03:19 - 2008-08-19 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2014-10-03 03:19 - 2008-08-19 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-10-03 03:10 - 2010-08-04 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-02 22:09 - 2008-08-19 17:36 - 00000000 ____D () C:\ProgramData\Napster
2014-10-02 22:01 - 2009-02-15 12:41 - 00000000 ____D () C:\Windows\Minidump
2014-10-02 18:38 - 2009-09-09 23:40 - 00000000 ____D () C:\Program Files\Google
2014-10-02 18:38 - 2008-12-25 22:45 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\Symantec
2014-10-02 18:30 - 2008-12-25 22:44 - 00000000 ____D () C:\ProgramData\Google
2014-10-02 18:27 - 2008-08-19 17:19 - 00000000 ____D () C:\ProgramData\Symantec
2014-10-02 18:26 - 2008-08-19 17:20 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-10-02 18:18 - 2013-04-16 17:32 - 00000866 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-12 21:01
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-10-2014 01
Ran by Grammie at 2014-10-18 18:15:41
Running from F:\
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{404BB1FF-A84F-432F-B77B-301E88E8D1C7}) (Version: 3.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arcadesafari (HKCU\...\Arcadesafari) (Version:  - Arcadesafari)
Bonjour (HKLM\...\{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}) (Version: 2.0.1.2 - Apple Inc.)
Camera Assistant Software for Gateway (HKLM-x32\...\{39098402-3F7A-4257-A4AE-FC1181D1B40B}) (Version: 1.7.056.0328 - Chicony Electronics Co.,Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.75.0.0 - Conexant)
CyberLink Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.5.4316 - CyberLink Corp.)
Driver Installer (HKLM\...\{08BE46F7-166A-4716-8603-75518EA54B3F}) (Version: 2.3.0.797 - Option NV)
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.52 - WildTangent)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3003 - Acer Incorporated)
GearDrvs (x32 Version: 1.00.0000 - GEAR Software) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.2.0 - Conexant Systems)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel® Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{96D5EB02-DE18-4DCD-A713-929B4461CA8D}) (Version: 9.1.1.12 - Apple Inc.)
Java™ 6 Update 5 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\{5254156F-AA77-499A-B7C1-D5581D44E788}) (Version: 10.55.3.3 - Marvell)
Marvell® Wireless Card Software Package (HKLM\...\{090A4D4C-24B2-4248-BFF2-AC30D2E0676B}) (Version: 2.0.32.3 - Marvell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Money Essentials (HKLM-x32\...\Money2007b) (Version: 16 - Microsoft)
Microsoft Money Shared Libraries (x32 Version: 16.0.0.705 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
O2Micro Flash Memory Card Reader Driver (x64) (HKLM\...\{B059BBA1-D29C-4EFC-83CE-1FBAFA0021F2}) (Version: 3.24 - O2Micro)
QuickTime (HKLM-x32\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
REALTEK RTL8187SE Wireless LAN Driver (HKLM-x32\...\{D4EEC21C-04F0-4CF4-8078-82C11E38EF11}) (Version: Package:1.00.0035 Driver:6.9057.401.2008 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.6.11664 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.2.3.0 - Synaptics)
TP-LINK TL-WN725N_TL-WN723N Driver (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
WIDCOMM Bluetooth Software 6.1.0.2200 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.2200 -  )
Windows Live Messenger (HKLM-x32\...\{571700F0-DB9D-4B3A-B03D-35A14BB5939F}) (Version: 8.1.0178.00 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
04-10-2014 20:18:09 Device Driver Package Install: Ralink Technology, Corp. Network adapters
07-10-2014 07:00:18 Windows Update
07-10-2014 22:46:11 Windows Update
08-10-2014 15:51:37 Installed TP-LINK Wireless Configuration Utility and Driver
08-10-2014 15:52:06 Device Driver Package Install: TP-LINK TECHNOLOGIES CO. Network adapters
08-10-2014 16:14:50 Installed TP-LINK Wireless Configuration Utility and Driver
11-10-2014 20:58:11 Device Driver Package Install: Marvell Network adapters
11-10-2014 20:59:55 Device Driver Package Install: Intel Network adapters
11-10-2014 21:26:17 Windows Update
11-10-2014 22:37:12 Removed Wireless LAN Adapter
13-10-2014 00:51:06 Quitado VAFPlayer
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 08:34 - 2014-10-12 20:37 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0A706F34-DFAC-4308-8651-C9450668D4EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-11] (Google Inc.)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {48FFB3AC-FF8F-4FF4-99AD-80F9EF9BAD93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-11] (Google Inc.)
Task: {4AA2137E-90F6-4342-8F3F-E83E889E4D33} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {4E946E6C-49EC-4FD9-8F58-EB5AF1752C5D} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {6D5E096F-00FA-4771-97C9-CB0B58484A30} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {76919F88-4ECC-4228-B7EF-0CFCC1D4449D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Grammie => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A0A3B314-2CDE-46B0-83DE-AA9809FFDE8C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-02] (Adobe Systems Incorporated)
Task: {CD1EE914-2583-46F6-80C3-EAF0937D2C73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {E3F8DB18-3731-4BB0-A40A-5A159F88F6C9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {FAA218DA-057D-4C3B-BEA7-555D381F8F70} - System32\Tasks\Arcadesafari => C:\Users\Grammie\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [2013-04-15] (Arcadesafari)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Arcadesafari.job => C:\Users\Grammie\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2007-09-06 10:27 - 2007-09-06 10:27 - 01331712 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2008-04-30 19:45 - 2008-04-30 19:45 - 00335872 _____ () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2008-09-01 09:55 - 2008-06-11 14:18 - 00024576 _____ () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
2008-09-01 09:55 - 2008-09-01 09:55 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2008-09-01 09:55 - 2008-09-01 09:55 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2008-09-01 09:55 - 2008-09-01 09:55 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll
2008-09-01 09:55 - 2008-09-01 09:55 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll
2008-09-01 09:55 - 2008-09-01 09:55 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2008-09-01 09:55 - 2008-09-01 09:55 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BigFix.lnk => C:\Windows\pss\BigFix.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Grammie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Grammie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Grammie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^StrongVaultApp.lnk => C:\Windows\pss\StrongVaultApp.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Grammie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^wkcalrem.LNK => C:\Windows\pss\wkcalrem.LNK.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AT&T Communication Manager => "C:\Program Files (x86)\AT&T\Communication Manager\ATTCM.exe" -a
MSCONFIG\startupreg: BackupAgent => C:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exe
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Grammie\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: Camera Assistant Software => "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"
MSCONFIG\startupreg: ccApp => "c:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: eRecoveryService => 
MSCONFIG\startupreg: GoogleChromeAutoLaunch_6F91AE55419E601FC9A45FC1A7DF2965 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAAnotif => "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IminentMessenger => "C:\Program Files (x86)\Iminent\Iminent.Messengers.exe" 7F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: New Acer AlaunchX => c:\Acer\Preload\Command\AlaunchX\LaunchAlaunchX.exe
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: osCheck => "c:\Program Files (x86)\Norton 360\osCheck.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchProtect => C:\Users\Grammie\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => "C:\Program Files (x86)\SearchProtect\bin\cltmng.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SMessaging => "C:\Users\Grammie\AppData\Local\Strongvault Online Backup\SMessaging.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Trigger New Acer AlaunchX => c:\Acer\Preload\Command\AlaunchX\AppInRun.exe
MSCONFIG\startupreg: WebCake Desktop => "C:\Users\Grammie\AppData\Roaming\WebCake\WebCakeDesktop.exe"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WindowsWelcomeCenter => rundll32.exe oobefldr.dll,ShowWelcomeCenter
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1406597573-3072972600-3789216215-500 - Administrator - Disabled)
Grammie (S-1-5-21-1406597573-3072972600-3789216215-1000 - Administrator - Enabled) => C:\Users\Grammie
Guest (S-1-5-21-1406597573-3072972600-3789216215-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/12/2014 09:38:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/12/2014 09:38:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
 
System errors:
=============
Error: (10/12/2014 08:54:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
 
Error: (10/12/2014 08:43:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
 
Error: (10/12/2014 08:37:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: PEVSystemStart
 
Error: (10/12/2014 08:37:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (10/12/2014 08:31:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: PEVSystemStart
 
Error: (10/12/2014 08:15:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000MBAMScheduler
 
Error: (10/12/2014 03:53:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000MBAMScheduler
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-18 18:15:33.699
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:15:33.450
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:15:33.223
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:15:32.992
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:15:32.639
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:15:32.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:15:32.146
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:15:31.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:14:58.540
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-18 18:14:58.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 44%
Total physical RAM: 3996 MB
Available physical RAM: 2215.13 MB
Total Pagefile: 8187.28 MB
Available Pagefile: 6229.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:111.44 GB) (Free:44.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:111.44 GB) (Free:111.35 GB) NTFS
Drive f: (USB) (Removable) (Total:0.96 GB) (Free:0.03 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 3AC20CFF)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=111.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 986 MB) (Disk ID: 68937DB3)
Partition 1: (Not Active) - (Size=986 MB) - (Type=06)
 
==================== End Of Log ============================


#5 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:08:32 PM

Posted 18 October 2014 - 06:22 PM

Hi :)
 
Actually your logs look pretty good. However I see that you have managed to run ComboFix. What for?
 

Running ComboFix because you suspect that you may have something malicious is not the best idea. It is not made to be used without expert supervision, because it makes strong alterations to your system each time it is fired. It's like a scalpel - trained surgeon will know what to target and how to behave in certain situations during the surgery, but imagine someone another holding it over the sick man?

 
CF is not a toy. Please consider what I just pasted.
 
 
However please post me its logfile for analysis. It may be found at C:\ComboFix.txt.


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#6 satnerd

satnerd
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 19 October 2014 - 05:36 PM

Hi,  I ran CF because I came across someone that had said they ran it & it fixed their problem. It was a last ditch effort before i resorted to asking for help. Looking back now i see that i probably should have asked for help sooner. Log file from CF is posted below:

 

ComboFix 14-10-13.01 - Grammie 10/12/2014  20:26:30.1.2 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3996.2427 [GMT -4:00]
Running from: F:\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\windows\ydi.log
.
.
(((((((((((((((((((((((((   Files Created from 2014-09-13 to 2014-10-13  )))))))))))))))))))))))))))))))
.
.
2014-10-13 00:37 . 2014-10-13 00:37 -------- d-----w- c:\users\Grammie\AppData\Local\temp
2014-10-13 00:37 . 2014-10-13 00:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-13 00:17 . 2014-09-08 23:06 11578928 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4926391A-2C39-4CD3-9DA8-E0159A51166B}\mpengine.dll
2014-10-12 15:21 . 2014-10-12 15:21 -------- d-----w- c:\programdata\Lavasoft
2014-10-12 15:10 . 2014-10-12 15:10 -------- d-----w- c:\windows\ERUNT
2014-10-12 15:04 . 2014-09-08 23:06 11578928 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-12 01:59 . 2013-09-04 18:57 31264 ----a-w- c:\windows\system32\drivers\gfiutil.sys
2014-10-12 01:59 . 2013-05-23 12:39 41032 ----a-w- c:\windows\system32\drivers\gfiark.sys
2014-10-12 01:59 . 2014-10-12 04:34 -------- d-----w- C:\VIPRERESCUE
2014-10-12 01:56 . 2014-10-12 02:21 -------- d-----w- C:\EEK
2014-10-12 01:52 . 2014-10-13 00:15 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-12 01:51 . 2014-10-12 01:52 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-10-12 01:51 . 2014-10-12 01:51 -------- d-----w- c:\programdata\Malwarebytes
2014-10-12 01:51 . 2014-05-12 11:26 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-12 01:51 . 2014-05-12 11:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-12 01:51 . 2014-05-12 11:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-11 21:56 . 2014-10-11 21:56 -------- d-----w- c:\users\Grammie\AppData\Roaming\Intel
2014-10-08 15:51 . 2013-03-05 18:14 1479312 ----a-w- c:\windows\system32\rtwlanu.sys
2014-10-08 15:51 . 2013-03-05 18:14 1479312 ----a-w- c:\windows\system32\drivers\RTWlanU.sys
2014-10-08 15:50 . 2014-10-08 15:50 -------- d-----w- c:\programdata\TP-LINK
2014-10-08 02:13 . 2014-10-08 02:13 -------- d-----w- c:\users\Public\CyberLink
2014-10-08 02:13 . 2014-10-08 02:13 -------- d-----w- c:\users\Grammie\AppData\Roaming\CyberLink
2014-10-08 01:25 . 2014-10-08 01:25 1188440 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8984A37A-5CC5-43FE-837F-8472F16CC960}\gapaengine.dll
2014-10-08 01:19 . 2007-10-18 06:37 10240 ----a-w- c:\windows\system32\drivers\XAudio64.sys
2014-10-08 01:19 . 2007-11-01 09:22 1481216 ----a-w- c:\windows\system32\drivers\CAX_DPV.sys
2014-10-08 01:19 . 2007-11-01 09:19 293376 ----a-w- c:\windows\system32\drivers\CAXHWAZL.sys
2014-10-08 01:19 . 2007-11-01 09:18 740864 ----a-w- c:\windows\system32\drivers\CAX_CNXT.sys
2014-10-08 01:19 . 2014-10-08 01:23 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-10-08 01:19 . 2014-10-08 01:23 -------- d-----w- c:\program files\Microsoft Security Client
2014-10-07 07:32 . 2014-09-15 06:08 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{230CD515-755C-4D66-A07C-C585C6D00105}\mpengine.dll
2014-10-04 20:20 . 2008-04-01 19:00 341504 ----a-w- c:\windows\system\rtl8187Se.sys
2014-10-04 20:20 . 2014-10-04 20:20 -------- d-----w- c:\windows\OPTIONS
2014-10-04 20:20 . 2014-10-04 20:20 -------- d-----w- c:\program files (x86)\REALTEK RTL8187SE Wireless LAN Driver
2014-10-04 20:10 . 2014-10-04 20:10 -------- d-----w- c:\users\Grammie\AppData\Roaming\TMP
2014-10-04 20:09 . 2014-10-04 20:09 -------- d-----w- c:\users\Public\Roaming
2014-10-04 20:09 . 2014-10-04 20:09 -------- d-----w- c:\users\Grammie\Roaming
2014-10-04 20:09 . 2014-10-04 20:09 -------- d-----w- c:\users\Default\Roaming
2014-10-04 20:09 . 2014-10-04 20:09 -------- d-----w- c:\users\AppData\Roaming
2014-10-04 20:08 . 2014-10-04 20:08 -------- d-----w- c:\program files\Common Files\Intel
2014-10-04 20:08 . 2014-10-04 20:08 -------- d-----w- c:\program files (x86)\Cisco
2014-10-04 20:08 . 2014-10-04 20:08 -------- d-----w- c:\programdata\Intel
2014-10-04 20:08 . 2014-10-04 20:08 -------- d-----w- c:\program files\Intel
2014-10-04 13:49 . 2013-08-27 01:52 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-10-04 13:48 . 2011-03-12 22:52 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2014-10-04 13:48 . 2011-03-12 21:55 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-10-04 13:28 . 2014-10-04 13:28 -------- d-----w- c:\windows\SysWow64\spool
2014-10-04 13:28 . 2014-10-04 13:28 -------- d-----w- c:\program files (x86)\Windows Portable Devices
2014-10-04 13:28 . 2014-10-04 13:28 -------- d-----w- c:\program files\Windows Portable Devices
2014-10-04 00:55 . 2006-11-02 19:22 525792 ----a-w- c:\windows\system32\difxapi.dll
2014-10-04 00:07 . 2009-10-01 01:02 30208 ----a-w- c:\windows\SysWow64\WPDShextAutoplay.exe
2014-10-04 00:05 . 2009-08-04 08:12 1103872 ----a-w- c:\windows\system32\webservices.dll
2014-10-04 00:05 . 2009-08-04 08:02 754688 ----a-w- c:\windows\SysWow64\webservices.dll
2014-10-03 23:55 . 2014-08-23 01:05 304128 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-10-03 23:55 . 2014-08-23 00:42 390144 ----a-w- c:\windows\system32\gdi32.dll
2014-10-03 23:55 . 2014-08-22 23:38 2782208 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 23:43 . 2014-10-03 23:43 -------- d-----w- c:\windows\Migration
2014-10-03 23:30 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-10-03 23:30 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-10-03 23:30 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-10-03 23:30 . 2009-07-14 12:19 20480 ----a-w- c:\windows\system32\winusb.dll
2014-10-03 23:30 . 2009-07-14 12:12 16896 ----a-w- c:\windows\SysWow64\winusb.dll
2014-10-03 23:30 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-10-03 23:30 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-10-03 23:30 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-10-03 23:30 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-10-03 23:30 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-10-03 22:43 . 2014-06-26 22:17 171152 ----a-w- c:\windows\system32\infocardapi.dll
2014-10-03 22:43 . 2014-06-26 22:17 1389200 ----a-w- c:\windows\system32\icardagt.exe
2014-10-03 22:43 . 2014-06-26 22:17 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-10-03 22:43 . 2014-06-26 22:17 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-10-03 22:43 . 2014-06-26 22:17 619664 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-10-03 22:43 . 2014-06-26 22:17 8848 ----a-w- c:\windows\system32\icardres.dll
2014-10-03 22:43 . 2014-06-06 04:29 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-10-03 22:43 . 2014-06-06 04:28 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-10-03 22:35 . 2009-09-10 02:06 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2014-10-03 22:35 . 2009-09-10 02:05 103424 ----a-w- c:\windows\system32\UIAnimation.dll
2014-10-03 22:35 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2014-10-03 22:35 . 2009-09-10 02:00 92672 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-10-03 22:35 . 2009-09-10 02:07 3815424 ----a-w- c:\windows\system32\UIRibbon.dll
2014-10-03 22:35 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2014-10-03 22:34 . 2012-02-29 15:37 5632 ----a-w- c:\windows\system32\wmi.dll
2014-10-03 22:34 . 2012-02-29 15:11 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-10-03 22:34 . 2012-02-29 13:52 16384 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-10-03 22:14 . 2014-09-09 06:40 2048 ----a-w- c:\windows\system32\tzres.dll
2014-10-03 22:14 . 2014-09-09 06:24 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-10-03 21:57 . 2010-04-06 08:34 345984 ----a-w- c:\windows\system32\drivers\netio.sys
2014-10-03 21:56 . 2014-10-03 21:56 -------- d-----w- c:\users\Grammie\AppData\Local\Microsoft Help
2014-10-03 11:50 . 2012-09-25 16:31 91648 ----a-w- c:\windows\system32\synceng.dll
2014-10-03 11:49 . 2013-04-24 02:10 1078272 ----a-w- c:\windows\system32\certutil.exe
2014-10-03 11:49 . 2013-04-24 01:46 812544 ----a-w- c:\windows\SysWow64\certutil.exe
2014-10-03 11:49 . 2013-04-24 04:09 50688 ----a-w- c:\windows\system32\certenc.dll
2014-10-03 11:49 . 2013-04-24 04:00 41984 ----a-w- c:\windows\SysWow64\certenc.dll
2014-10-03 11:49 . 2012-11-20 04:22 204288 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-10-03 11:49 . 2012-11-20 04:21 253952 ----a-w- c:\windows\system32\ncrypt.dll
2014-10-03 11:49 . 2013-04-17 13:04 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-10-03 11:49 . 2013-04-17 12:30 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-10-03 11:47 . 2012-08-21 11:50 267648 ----a-w- c:\windows\system32\drivers\volsnap.sys
2014-10-03 11:47 . 2014-04-26 18:21 622592 ----a-w- c:\windows\system32\usp10.dll
2014-10-03 11:47 . 2014-04-26 16:01 502784 ----a-w- c:\windows\SysWow64\usp10.dll
2014-10-03 11:47 . 2011-10-14 17:30 559616 ----a-w- c:\windows\system32\EncDec.dll
2014-10-03 11:47 . 2011-10-14 16:02 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2014-10-03 11:47 . 2014-02-06 04:21 1212416 ----a-w- c:\windows\system32\kernel32.dll
2014-10-03 11:45 . 2012-05-11 16:34 788480 ----a-w- c:\windows\system32\localspl.dll
2014-10-03 11:44 . 2013-03-08 04:17 2425344 ----a-w- c:\windows\system32\mstscax.dll
2014-10-03 11:44 . 2013-03-08 03:52 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-10-03 11:36 . 2012-11-02 10:45 477696 ----a-w- c:\windows\system32\dpnet.dll
2014-10-03 11:36 . 2012-11-02 10:45 68096 ----a-w- c:\windows\system32\dpnathlp.dll
2014-10-03 11:36 . 2012-11-02 10:18 376320 ----a-w- c:\windows\SysWow64\dpnet.dll
2014-10-03 11:36 . 2012-11-02 08:59 26112 ----a-w- c:\windows\system32\dpnsvr.exe
2014-10-03 11:36 . 2012-11-02 08:26 23040 ----a-w- c:\windows\SysWow64\dpnsvr.exe
2014-10-03 11:21 . 2012-01-09 16:16 708096 ----a-w- c:\windows\system32\rdpencom.dll
2014-10-03 11:21 . 2012-01-09 15:54 613376 ----a-w- c:\windows\SysWow64\rdpencom.dll
2014-10-03 08:13 . 2014-10-03 08:13 -------- d-----w- c:\windows\SysWow64\ca-ES
2014-10-03 08:13 . 2014-10-03 08:13 -------- d-----w- c:\windows\SysWow64\vi-VN
2014-10-03 08:13 . 2014-10-03 08:13 -------- d-----w- c:\windows\SysWow64\eu-ES
2014-10-03 08:13 . 2014-10-03 08:13 -------- d-----w- c:\windows\system32\ca-ES
2014-10-03 08:13 . 2014-10-03 08:13 -------- d-----w- c:\windows\system32\eu-ES
2014-10-03 08:13 . 2014-10-03 08:13 -------- d-----w- c:\windows\system32\vi-VN
2014-10-03 07:06 . 2014-10-03 07:09 -------- d-----w- c:\windows\system32\MRT
2014-10-03 03:20 . 2014-09-22 06:42 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-10-02 22:33 . 2014-10-02 22:33 -------- d-----w- c:\programdata\AT&T
2014-10-02 22:23 . 2014-10-02 22:32 -------- d-----w- c:\program files\Recuva
2014-10-02 22:22 . 2014-10-02 22:29 -------- d-----w- c:\program files (x86)\Tbccint
2014-10-02 22:16 . 2014-10-02 22:16 -------- d-----w- c:\program files\CCleaner
2014-10-02 22:10 . 2014-10-02 22:10 -------- d-----w- c:\users\Grammie\AppData\Roaming\InstallShield
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-29 17:01 . 2006-11-02 12:35 101694776 ----a-w- c:\windows\system32\mrt.exe
2014-07-25 06:35 . 2014-07-25 06:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 03:47 . 2014-07-25 03:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-17 22:05 . 2014-07-17 22:05 269008 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2014-07-17 22:05 . 2013-09-27 13:53 125584 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-12 00:50 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-02 23:18]
.
2014-10-13 c:\windows\Tasks\Arcadesafari.job
- c:\users\Grammie\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe [2013-04-16 01:21]
.
2014-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-12 00:49]
.
2014-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-12 00:49]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{538EBB85-5A50-4096-B200-319AC64200C1}: NameServer = 8.8.8.8,8.8.8.4
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2014-10-12  20:40:18
ComboFix-quarantined-files.txt  2014-10-13 00:40
.
Pre-Run: 45,454,823,424 bytes free
Post-Run: 45,573,976,064 bytes free
.
- - End Of File - - DA3FAD44273EB46CF2FFCA8FDCAFA92A
4D4F8E8E579A34D5E236CC62A37DBEA7


#7 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:08:32 PM

Posted 20 October 2014 - 01:55 AM

Hi :)




RogueKiller.png Scan with RogueKiller

Please download RogueKiller and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on RogueKiller.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the pre-scan will be done. It shouldn't take more than 2-3 minutes.
  • Accept the Terms of use.
  • When the Scan button becomes available, please click it. RogueKiller will start a full scan.
  • Let this process run uninterrupted!.
  • When finished, a Report button will become available. Click it. You will be presented with a logfile.

Please include the content of this logfile in your next reply.


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#8 satnerd

satnerd
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 20 October 2014 - 04:16 PM

RogueKiller V10.0.2.0 (x64) [Oct 16 2014] by Adlice Software
 
Operating System : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Started in : Normal mode
User : Grammie [Administrator]
Mode : Scan -- Date : 10/20/2014  17:11:23
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 17 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD (\SystemRoot\system32\drivers\afd.sys) -> Found
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u  -> Found
[PUM.HomePage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u  -> Found
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> Found
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> Found
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1406597573-3072972600-3789216215-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1406597573-3072972600-3789216215-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
 
¤¤¤ Tasks : 3 ¤¤¤
[Suspicious.Path] Arcadesafari.job -- C:\Users\Grammie\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe -> Found
[Suspicious.Path] \\Arcadesafari -- C:\Users\Grammie\AppData\Local\Arcadesafari\ArcadesafariUpdater.exe -> Found
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> Found
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS542525K9SA00 +++++
--- User ---
[MBR] 7bcba4432263d82931ff4146dc1a6eea
[BSP] f6a2e2990c69c8be8348c2666a61f7b8 : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 20973568 | Size: 114116 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 254683136 | Size: 114117 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: Generic Flash Disk USB Device +++++
--- User ---
[MBR] 18b6e940131e42d4307982c536f46d9e
[BSP] 3ee38fde46d0e7b4e7bd92861454c0e3 : Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 464 | Size: 985 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )


#9 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:08:32 PM

Posted 21 October 2014 - 01:38 AM

Hi :)
 
I can't see anythihng that may be related to your problem. Let's dig some more.



FarbarServiceScanner.png Scan with Farbar Service Scanner

Download Farbar Service Scanner by Farbar and save it to your desktop.

  • Right-click on FarbarServiceScanner.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Make sure all of the options are checked!
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.

Please include that log in your next reply.



51e15692b05a4-MiniToolbox.PNG Scan with MiniToolBox

Please download MiniToolBox by Farbar and save it to your desktop.

  • Right-click on 51e15692b05a4-MiniToolbox.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • In the main window please checkmark the following checkboxes:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Report FF Proxy Settings;
    • List content of Hosts;
    • List IP configuration;
    • List Winsock Entries;
    • List last 10 Event Viewer log;
    • List Installed Programs;
    • List Devices (Only problems);
    • List Users, Partitions and Memory size;
    • List Minidump Files.
  • Click Go and wait paiently.
  • Upon completion (a reboot may be needed) a file called Result.txt will be saved on your desktop.

Please include the content of that file in your next reply.


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#10 satnerd

satnerd
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 22 October 2014 - 04:29 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Grammie (administrator) on 22-10-2014 at 11:59:01
Running from "F:\"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® Wireless WiFi Link 5100 = Wireless Network Connection (Connected)
Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Lauren-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : attlocal.net
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : attlocal.net
   Description . . . . . . . . . . . : Intel® Wireless WiFi Link 5100 #2
   Physical Address. . . . . . . . . : 00-16-EA-7E-EE-7C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.96(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, October 22, 2014 11:57:01 AM
   Lease Expires . . . . . . . . . . : Thursday, October 23, 2014 11:57:02 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
   Physical Address. . . . . . . . . : 00-E0-B8-FC-89-A3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  homeportal
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2607:f8b0:4002:c07::71
 74.125.196.139
 74.125.196.100
 74.125.196.102
 74.125.196.101
 74.125.196.138
 74.125.196.113
 
 
 
Pinging google.com [74.125.196.113] with 32 bytes of data:
 
Reply from 74.125.196.113: bytes=32 time=36ms TTL=44
 
Reply from 74.125.196.113: bytes=32 time=33ms TTL=44
 
 
 
Ping statistics for 74.125.196.113:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 33ms, Maximum = 36ms, Average = 34ms
 
Server:  homeportal
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=105ms TTL=44
 
Reply from 206.190.36.45: bytes=32 time=102ms TTL=44
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 102ms, Maximum = 105ms, Average = 103ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 29 ...00 16 ea 7e ee 7c ...... Intel® Wireless WiFi Link 5100 #2
 28 ...00 e0 b8 fc 89 a3 ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
  1 ........................... Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.96     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.96    281
     192.168.1.96  255.255.255.255         On-link      192.168.1.96    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.96    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.96    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.96    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/22/2014 11:58:54 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:52 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:51 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:51 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:42 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:42 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:41 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:39 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:38 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
Error: (10/22/2014 11:58:38 AM) (Source: Bonjour Service) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong
 
 
System errors:
=============
Error: (10/19/2014 03:30:09 AM) (Source: Service Control Manager) (User: )
Description: Beep
 
Error: (10/19/2014 03:06:12 AM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053
 
Error: (10/19/2014 03:06:12 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search
 
Error: (10/19/2014 03:06:12 AM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053
 
Error: (10/19/2014 03:06:12 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search
 
Error: (10/19/2014 03:06:12 AM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (10/12/2014 08:54:49 PM) (Source: Service Control Manager) (User: )
Description: Beep
 
Error: (10/12/2014 08:43:21 PM) (Source: Service Control Manager) (User: )
Description: Beep
 
Error: (10/12/2014 08:37:34 PM) (Source: Service Control Manager) (User: )
Description: PEVSystemStart
 
Error: (10/12/2014 08:37:01 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-22 11:57:32.126
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-22 11:57:31.910
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-22 11:57:31.661
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-22 11:57:31.421
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-19 18:30:25.241
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-19 18:30:25.060
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-19 18:30:24.878
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-19 18:30:24.692
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-19 18:26:40.650
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-19 18:26:40.463
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
Apple Mobile Device Support (HKLM\...\{404BB1FF-A84F-432F-B77B-301E88E8D1C7}) (Version: 3.0.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM-x32\...\{404BB1FF-A84F-432F-B77B-301E88E8D1C7}) (Version: 3.0.1.3 - Apple Inc.)
Arcadesafari (HKCU\...\Arcadesafari) (Version:  - Arcadesafari)
Arcadesafari (HKCU-x32\...\Arcadesafari) (Version:  - Arcadesafari)
Bonjour (HKLM\...\{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}) (Version: 2.0.1.2 - Apple Inc.)
Bonjour (HKLM-x32\...\{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}) (Version: 2.0.1.2 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CCleaner (HKLM-x32\...\CCleaner) (Version: 4.18 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.75.0.0 - Conexant)
Conexant HD Audio (HKLM-x32\...\CNXT_AUDIO_HDA) (Version: 4.75.0.0 - Conexant)
Driver Installer (HKLM\...\{08BE46F7-166A-4716-8603-75518EA54B3F}) (Version: 2.3.0.797 - Option NV)
Driver Installer (HKLM-x32\...\{08BE46F7-166A-4716-8603-75518EA54B3F}) (Version: 2.3.0.797 - Option NV)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.2.0 - Conexant Systems)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM-x32\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.2.0 - Conexant Systems)
Intel PROSet Wireless (Version:  - ) Hidden
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\HDMI) (Version:  - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel® Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM-x32\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel® Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM-x32\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{96D5EB02-DE18-4DCD-A713-929B4461CA8D}) (Version: 9.1.1.12 - Apple Inc.)
iTunes (HKLM-x32\...\{96D5EB02-DE18-4DCD-A713-929B4461CA8D}) (Version: 9.1.1.12 - Apple Inc.)
Marvell Miniport Driver (HKLM\...\{5254156F-AA77-499A-B7C1-D5581D44E788}) (Version: 10.55.3.3 - Marvell)
Marvell Miniport Driver (HKLM-x32\...\{5254156F-AA77-499A-B7C1-D5581D44E788}) (Version: 10.55.3.3 - Marvell)
Marvell® Wireless Card Software Package (HKLM\...\{090A4D4C-24B2-4248-BFF2-AC30D2E0676B}) (Version: 2.0.32.3 - Marvell)
Marvell® Wireless Card Software Package (HKLM-x32\...\{090A4D4C-24B2-4248-BFF2-AC30D2E0676B}) (Version: 2.0.32.3 - Marvell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM-x32\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (x32 Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM-x32\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM-x32\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM-x32\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
O2Micro Flash Memory Card Reader Driver (x64) (HKLM\...\{B059BBA1-D29C-4EFC-83CE-1FBAFA0021F2}) (Version: 3.24 - O2Micro)
O2Micro Flash Memory Card Reader Driver (x64) (HKLM-x32\...\{B059BBA1-D29C-4EFC-83CE-1FBAFA0021F2}) (Version: 3.24 - O2Micro)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Recuva (HKLM-x32\...\Recuva) (Version: 1.51 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.2.3.0 - Synaptics)
Synaptics Pointing Device Driver (HKLM-x32\...\SynTPDeinstKey) (Version: 9.2.3.0 - Synaptics)
WIDCOMM Bluetooth Software 6.1.0.2200 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.2200 -  )
WIDCOMM Bluetooth Software 6.1.0.2200 (HKLM-x32\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.2200 -  )
 
========================= Devices: ================================
 
Name: Flash Disk      
Description: Flash Disk      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic 
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 72%
Total physical RAM: 3996 MB
Available physical RAM: 1107.6 MB
Total Pagefile: 8179.28 MB
Available Pagefile: 5698.75 MB
Total Virtual: 4095.88 MB
Available Virtual: 4004.06 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:111.44 GB) (Free:44.07 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:111.44 GB) (Free:111.35 GB) NTFS
4 Drive f: (USB) (Removable) (Total:0.96 GB) (Free:0.02 GB) FAT
 
========================= Users: ========================================
 
User accounts for \\LAUREN-PC
 
Administrator            Grammie                  Guest                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-10-2014 01
Ran by Grammie (administrator) on LAUREN-PC on 22-10-2014 12:01:56
Running from F:\
Loaded Profiles: Grammie &  (Available profiles: Grammie)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(O2Micro International) C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1406597573-3072972600-3789216215-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-1406597573-3072972600-3789216215-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0908&m=m-7818u
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {DCF46DE4-C3CD-443F-ACFE-6F1FCD7CDF07} URL = 
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{538EBB85-5A50-4096-B200-319AC64200C1}: [NameServer] 8.8.8.8,8.8.8.4
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKCU\...\Firefox\Extensions: [module@com.arcadesafari.firefox] - C:\Users\Grammie\AppData\Local\Arcadesafari\module@com.arcadesafari.firefox
FF Extension: Arcadesafari - C:\Users\Grammie\AppData\Local\Arcadesafari\module@com.arcadesafari.firefox [2012-10-01]
 
Chrome: 
=======
CHR Profile: C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-11]
CHR Extension: (Google Drive) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-11]
CHR Extension: (YouTube) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-11]
CHR Extension: (Google Search) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-11]
CHR Extension: (Skype Click to Call) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-11]
CHR Extension: (Gmail) - C:\Users\Grammie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-11]
CHR HKCU\...\Chrome\Extension: [mokddliohlpldjpgnnoohcmejajpblfn] - C:\Users\Grammie\AppData\Local\CRE\mokddliohlpldjpgnnoohcmejajpblfn.crx []
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-01-31]
CHR HKLM-x32\...\Chrome\Extension: [mokddliohlpldjpgnnoohcmejajpblfn] - C:\Users\Grammie\AppData\Local\CRE\mokddliohlpldjpgnnoohcmejajpblfn.crx [2013-01-31]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [1371136 2008-04-30] (Intel® Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 o2flash; C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe [65536 2007-02-12] (O2Micro International) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [826368 2008-04-30] (Intel® Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S1 Beep; No ImagePath
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-10-12] (Emsisoft GmbH)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124928 2008-02-18] (Option N.V.)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2008-02-08] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.)
S3 int15.sys; C:\ACER\Preload\Autorun\DRV\Foxconn Bluetooth BCM2045NMD\int15.sys [69632 2003-10-01] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [62424 2008-05-13] (O2Micro )
S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [341504 2008-04-01] (Realtek Semiconductor Corporation                           )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1479312 2013-03-05] (Realtek Semiconductor Corporation                           )
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [30088 2008-08-22] ()
R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [16432 2009-02-19] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172080 2008-08-19] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [145456 2009-02-19] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [47664 2009-02-19] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [28720 2009-02-19] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [266800 2009-02-19] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [X]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-20 17:07 - 2014-10-20 17:07 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-20 17:07 - 2014-10-20 17:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-19 03:09 - 2014-09-17 02:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-19 03:09 - 2014-09-16 12:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-19 03:08 - 2014-09-27 19:41 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-19 03:04 - 2014-06-15 18:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-19 03:04 - 2014-06-15 18:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-19 03:04 - 2014-06-13 14:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-19 03:04 - 2014-06-13 14:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-19 03:04 - 2014-06-13 13:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-19 03:04 - 2014-06-13 13:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-19 03:03 - 2014-09-04 19:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-10-18 18:30 - 2014-09-19 20:09 - 17867776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-18 18:30 - 2014-09-19 19:55 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-18 18:30 - 2014-09-19 19:54 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-18 18:30 - 2014-09-19 19:50 - 01385472 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-18 18:30 - 2014-09-19 19:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-18 18:30 - 2014-09-19 19:48 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-18 18:30 - 2014-09-19 19:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-18 18:30 - 2014-09-19 19:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-18 18:30 - 2014-09-19 19:47 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-18 18:30 - 2014-09-19 19:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-18 18:30 - 2014-09-19 19:47 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-18 18:30 - 2014-09-19 19:47 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-18 18:30 - 2014-09-19 19:47 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-18 18:30 - 2014-09-19 19:46 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-18 18:30 - 2014-09-19 19:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-18 18:30 - 2014-09-19 19:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-18 18:30 - 2014-09-19 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-18 18:30 - 2014-09-19 19:46 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-18 18:30 - 2014-09-19 19:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-18 18:30 - 2014-09-19 19:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-18 18:30 - 2014-09-19 19:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-18 18:30 - 2014-09-19 18:53 - 12364288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-18 18:30 - 2014-09-19 18:44 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-18 18:30 - 2014-09-19 18:41 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-18 18:30 - 2014-09-19 18:39 - 01138688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-18 18:30 - 2014-09-19 18:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-18 18:30 - 2014-09-19 18:37 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-18 18:30 - 2014-09-19 18:36 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-18 18:30 - 2014-09-19 18:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-18 18:30 - 2014-09-19 18:36 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-18 18:30 - 2014-09-19 18:35 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-18 18:30 - 2014-09-19 18:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-18 18:30 - 2014-09-19 18:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-18 18:30 - 2014-09-19 18:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-18 18:30 - 2014-09-19 18:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-18 18:30 - 2014-09-19 18:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-18 18:30 - 2014-09-19 18:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-18 18:30 - 2014-09-19 18:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-18 18:30 - 2014-09-19 18:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-18 18:30 - 2014-09-19 18:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-18 18:30 - 2014-09-19 18:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-18 18:30 - 2014-09-19 18:33 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-18 18:13 - 2014-10-22 12:02 - 00000000 ____D () C:\FRST
2014-10-12 21:24 - 2014-10-12 21:24 - 00006661 _____ () C:\Users\Grammie\Desktop\attach.txt
2014-10-12 21:24 - 2014-10-12 21:23 - 00013090 _____ () C:\Users\Grammie\Desktop\dds.txt
2014-10-12 20:40 - 2014-10-12 20:40 - 00020729 _____ () C:\ComboFix.txt
2014-10-12 20:24 - 2014-10-12 20:40 - 00000000 ____D () C:\Qoobox
2014-10-12 20:24 - 2011-06-26 02:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-12 20:24 - 2010-11-07 13:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-12 20:24 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-12 20:24 - 2000-08-30 20:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-12 20:23 - 2014-10-12 20:38 - 00000000 ____D () C:\Windows\erdnt
2014-10-12 16:01 - 2014-10-12 16:01 - 00099839 _____ () C:\Users\Grammie\Desktop\CheckResults.txt
2014-10-12 15:55 - 2014-10-12 15:55 - 00023674 _____ () C:\malwarebytes.txt
2014-10-12 11:21 - 2014-10-12 11:21 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-12 11:18 - 2014-10-12 11:21 - 00002496 _____ () C:\Users\Grammie\Desktop\Rkill.txt
2014-10-12 11:15 - 2014-10-12 11:15 - 00003874 _____ () C:\Users\Grammie\Desktop\JRT.txt
2014-10-12 11:10 - 2014-10-12 11:10 - 00000000 ____D () C:\Windows\ERUNT
2014-10-11 21:59 - 2014-10-12 00:34 - 00000000 ____D () C:\VIPRERESCUE
2014-10-11 21:59 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2014-10-11 21:59 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2014-10-11 21:57 - 2014-10-11 21:57 - 00000693 _____ () C:\Users\Grammie\Desktop\Start Emsisoft Emergency Kit.lnk
2014-10-11 21:56 - 2014-10-11 22:21 - 00000000 ____D () C:\EEK
2014-10-11 21:52 - 2014-10-19 03:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 21:52 - 2014-10-11 21:52 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-11 21:52 - 2014-10-11 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-11 21:51 - 2014-10-11 21:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-11 21:51 - 2014-10-11 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-11 21:51 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-11 21:51 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-11 21:51 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-11 20:50 - 2014-10-11 20:50 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-11 20:50 - 2014-10-11 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-11 20:49 - 2014-10-22 11:58 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-11 20:49 - 2014-10-22 11:56 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 20:49 - 2014-10-11 20:49 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-11 20:49 - 2014-10-11 20:49 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-11 18:10 - 2014-10-11 18:14 - 00000732 _____ () C:\Users\Grammie\AppData\Local\d3d9caps64.dat
2014-10-11 17:57 - 2014-10-12 01:00 - 00006941 _____ () C:\WirelessDiagLog.csv
2014-10-11 17:56 - 2014-10-11 17:56 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\Intel
2014-10-08 11:53 - 2014-10-08 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2014-10-08 11:51 - 2013-03-05 14:14 - 01479312 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\rtwlanu.sys
2014-10-08 11:51 - 2013-03-05 14:14 - 01479312 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\RTWlanU.sys
2014-10-08 11:51 - 2013-02-25 07:56 - 00007873 _____ () C:\Windows\system32\netrtwlanu.cat
2014-10-08 11:50 - 2014-10-08 11:50 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-10-07 22:13 - 2014-10-07 22:13 - 00000000 ____D () C:\Users\Public\CyberLink
2014-10-07 22:13 - 2014-10-07 22:13 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\CyberLink
2014-10-07 21:19 - 2007-12-24 02:29 - 00145890 _____ () C:\Windows\system32\Drivers\HSFProf.cty
2014-10-07 21:19 - 2007-11-01 05:22 - 01481216 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAX_DPV.sys
2014-10-07 21:19 - 2007-11-01 05:19 - 00293376 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAXHWAZL.sys
2014-10-07 21:19 - 2007-11-01 05:18 - 00740864 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\CAX_CNXT.sys
2014-10-07 21:19 - 2007-10-18 02:37 - 00010240 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio64.sys
2014-10-04 16:24 - 2014-10-04 16:24 - 00000680 _____ () C:\Users\Grammie\AppData\Local\d3d9caps.dat
2014-10-04 16:20 - 2014-10-04 16:20 - 00000000 ____D () C:\Windows\OPTIONS
2014-10-04 16:20 - 2014-10-04 16:20 - 00000000 ____D () C:\Program Files (x86)\REALTEK RTL8187SE Wireless LAN Driver
2014-10-04 16:20 - 2008-04-01 15:00 - 00341504 _____ (Realtek Semiconductor Corporation ) C:\Windows\system\rtl8187Se.sys
2014-10-04 16:10 - 2014-10-04 16:10 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\TMP
2014-10-04 16:08 - 2014-10-04 16:09 - 00006094 _____ () C:\Windows\DPINST.LOG
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\ProgramData\Intel
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\Program Files\Intel
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-10-04 16:08 - 2014-10-04 16:08 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-10-04 10:26 - 2014-10-22 11:57 - 00003698 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8F6A8C0E-F539-4AC4-B805-96D261C96B6B}
2014-10-04 09:57 - 2014-10-04 09:57 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-10-04 09:57 - 2014-10-04 09:57 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-10-04 09:57 - 2014-10-04 09:57 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-10-04 09:57 - 2014-10-04 09:57 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-04 09:57 - 2014-10-04 09:57 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-10-04 09:57 - 2014-10-04 09:57 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-10-04 09:57 - 2014-10-04 09:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-10-04 09:57 - 2014-10-04 09:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-10-04 09:56 - 2014-10-04 09:56 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-10-04 09:56 - 2014-10-04 09:56 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-04 09:56 - 2014-10-04 09:56 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-10-04 09:56 - 2014-10-04 09:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-10-04 09:56 - 2014-10-04 09:56 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-10-04 09:49 - 2013-08-26 23:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-10-04 09:49 - 2013-08-26 23:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-10-04 09:49 - 2013-08-26 23:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-10-04 09:49 - 2013-08-26 23:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-10-04 09:49 - 2013-08-26 22:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-10-04 09:49 - 2013-08-26 22:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-10-04 09:49 - 2013-08-26 22:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-10-04 09:49 - 2013-08-26 22:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-10-04 09:49 - 2013-08-26 22:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-04 09:49 - 2013-08-26 22:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-10-04 09:49 - 2013-08-26 22:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-10-04 09:49 - 2013-08-26 22:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-10-04 09:49 - 2013-08-26 22:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-10-04 09:49 - 2013-08-26 21:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-10-04 09:49 - 2013-08-26 21:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-10-04 09:49 - 2013-08-26 21:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-10-04 09:49 - 2013-08-26 21:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-10-04 09:48 - 2011-03-12 18:52 - 01653760 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-10-04 09:48 - 2011-03-12 17:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-10-04 09:32 - 2014-10-04 09:32 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-04 09:30 - 2014-10-12 20:42 - 00071686 _____ () C:\Windows\PFRO.log
2014-10-04 09:28 - 2014-10-04 09:28 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-10-04 09:28 - 2014-10-04 09:28 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-10-04 09:28 - 2014-10-04 09:28 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-10-04 09:27 - 2014-10-04 09:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-10-04 09:26 - 2014-10-04 09:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-10-03 20:55 - 2006-11-02 15:22 - 00525792 _____ (Microsoft Corporation) C:\Windows\system32\difxapi.dll
2014-10-03 20:08 - 2009-09-24 22:27 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-10-03 20:08 - 2009-09-24 22:10 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-10-03 20:08 - 2009-09-24 22:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-10-03 20:08 - 2009-09-24 22:09 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-10-03 20:08 - 2009-09-24 22:07 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-10-03 20:08 - 2009-09-24 22:04 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2014-10-03 20:08 - 2009-09-24 21:36 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-10-03 20:08 - 2009-09-24 21:35 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-10-03 20:08 - 2009-09-24 21:35 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-10-03 20:08 - 2009-09-24 21:33 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-10-03 20:08 - 2009-09-24 21:33 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-10-03 20:08 - 2009-09-24 21:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2014-10-03 20:08 - 2009-09-24 21:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2014-10-03 20:08 - 2009-09-24 21:31 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-10-03 20:07 - 2009-09-30 21:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2014-10-03 20:07 - 2009-09-30 21:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2014-10-03 20:07 - 2009-09-30 21:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2014-10-03 20:07 - 2009-09-30 21:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2014-10-03 20:07 - 2009-09-30 21:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2014-10-03 20:07 - 2009-09-30 21:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2014-10-03 20:07 - 2009-09-30 21:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll
2014-10-03 20:07 - 2009-09-30 21:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2014-10-03 20:07 - 2009-09-30 21:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2014-10-03 20:07 - 2009-09-30 20:52 - 02727936 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-10-03 20:07 - 2009-09-30 20:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-10-03 20:07 - 2009-09-30 20:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2014-10-03 20:07 - 2009-09-30 20:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2014-10-03 20:07 - 2009-09-30 20:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2014-10-03 20:07 - 2009-09-30 20:51 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2014-10-03 20:05 - 2009-08-04 04:12 - 01103872 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-10-03 20:05 - 2009-08-04 04:02 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2014-10-03 19:55 - 2014-08-22 21:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-10-03 19:55 - 2014-08-22 20:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-03 19:30 - 2012-07-25 23:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-10-03 19:30 - 2012-07-25 23:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-10-03 19:30 - 2012-07-25 23:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-10-03 19:30 - 2012-07-25 23:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-10-03 19:30 - 2012-07-25 23:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-10-03 19:30 - 2012-07-25 22:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-10-03 19:30 - 2012-07-25 22:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-10-03 19:30 - 2012-06-02 10:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-10-03 19:30 - 2009-07-14 08:19 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2014-10-03 19:30 - 2009-07-14 08:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winusb.dll
2014-10-03 19:12 - 2014-10-04 09:57 - 00005078 _____ () C:\Windows\IE9_main.log
2014-10-03 18:43 - 2014-06-26 18:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-10-03 18:43 - 2014-06-26 18:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-10-03 18:43 - 2014-06-26 18:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-10-03 18:43 - 2014-06-26 18:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-10-03 18:43 - 2014-06-26 18:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-10-03 18:43 - 2014-06-26 18:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-10-03 18:43 - 2014-06-06 00:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-10-03 18:43 - 2014-06-06 00:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-03 18:35 - 2009-09-09 22:07 - 03815424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-10-03 18:35 - 2009-09-09 22:06 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-10-03 18:35 - 2009-09-09 22:05 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-10-03 18:35 - 2009-09-09 22:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2014-10-03 18:35 - 2009-09-09 22:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2014-10-03 18:35 - 2009-09-09 22:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-10-03 18:34 - 2012-02-29 11:37 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-10-03 18:34 - 2012-02-29 11:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-10-03 18:34 - 2012-02-29 09:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-10-03 18:14 - 2014-09-09 02:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-03 18:14 - 2014-09-09 02:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-10-03 18:03 - 2014-10-12 20:50 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-10-03 17:57 - 2010-04-06 04:34 - 00345984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-10-03 17:56 - 2014-10-03 17:56 - 00000000 ____D () C:\Users\Grammie\AppData\Local\Microsoft Help
2014-10-03 07:51 - 2014-06-13 20:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-10-03 07:51 - 2014-06-13 20:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-10-03 07:51 - 2014-03-25 12:30 - 12900864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-03 07:51 - 2014-03-25 09:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-03 07:51 - 2013-10-11 00:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-10-03 07:51 - 2013-10-11 00:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-10-03 07:51 - 2013-10-10 22:29 - 00217074 _____ () C:\Windows\system32\WFP.TMF
2014-10-03 07:51 - 2013-10-10 22:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-10-03 07:51 - 2013-08-02 10:06 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-10-03 07:51 - 2013-08-02 00:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-10-03 07:51 - 2013-07-09 08:04 - 01585256 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-10-03 07:51 - 2013-07-09 08:04 - 01168088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-10-03 07:51 - 2013-07-08 00:51 - 04691904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-03 07:51 - 2013-07-08 00:20 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-10-03 07:51 - 2013-07-08 00:18 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-10-03 07:51 - 2013-07-08 00:15 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-10-03 07:51 - 2013-07-08 00:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-10-03 07:51 - 2013-07-07 21:39 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-10-03 07:51 - 2013-07-07 21:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-10-03 07:51 - 2013-07-07 21:39 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-10-03 07:51 - 2013-03-09 00:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-10-03 07:51 - 2013-03-08 21:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-10-03 07:51 - 2012-05-01 10:29 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-03 07:51 - 2012-02-01 11:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2014-10-03 07:51 - 2011-02-22 10:47 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-10-03 07:51 - 2011-02-22 10:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-10-03 07:50 - 2014-01-30 06:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-10-03 07:50 - 2014-01-30 03:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-10-03 07:50 - 2013-06-15 09:27 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2014-10-03 07:50 - 2013-06-15 07:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-03 07:50 - 2013-03-03 15:13 - 01513320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-10-03 07:50 - 2012-09-25 12:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-10-03 07:50 - 2012-09-25 12:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-10-03 07:50 - 2011-12-14 12:38 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-10-03 07:50 - 2011-12-14 12:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-10-03 07:50 - 2010-05-04 15:40 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-10-03 07:50 - 2010-05-04 15:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshsq.dll
2014-10-03 07:49 - 2013-04-24 00:09 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-10-03 07:49 - 2013-04-24 00:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-10-03 07:49 - 2013-04-23 22:10 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-10-03 07:49 - 2013-04-23 21:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-10-03 07:49 - 2013-04-17 09:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-10-03 07:49 - 2013-04-17 08:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-10-03 07:49 - 2012-11-20 00:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-03 07:49 - 2012-11-20 00:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-03 07:48 - 2014-04-05 00:26 - 01417664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-10-03 07:48 - 2014-04-04 22:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-10-03 07:48 - 2013-10-03 11:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-03 07:48 - 2013-10-03 08:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-03 07:48 - 2013-07-12 05:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-10-03 07:48 - 2013-07-10 05:47 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-10-03 07:48 - 2013-07-10 05:42 - 01303552 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-10-03 07:48 - 2013-06-04 00:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-10-03 07:48 - 2013-06-04 00:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-10-03 07:48 - 2013-06-03 22:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-10-03 07:48 - 2013-06-03 21:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-10-03 07:48 - 2011-11-16 12:43 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-10-03 07:48 - 2011-11-16 12:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-10-03 07:48 - 2011-10-25 12:13 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-03 07:48 - 2011-10-25 11:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-03 07:48 - 2011-10-14 13:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-10-03 07:48 - 2011-10-14 13:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mcicda.dll
2014-10-03 07:48 - 2011-10-14 13:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mciwave.dll
2014-10-03 07:48 - 2011-10-14 13:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2014-10-03 07:48 - 2011-10-14 12:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-10-03 07:48 - 2011-10-14 12:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciseq.dll
2014-10-03 07:48 - 2011-08-25 12:20 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-10-03 07:48 - 2011-08-25 12:19 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-10-03 07:48 - 2011-08-25 12:19 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-10-03 07:48 - 2011-08-25 12:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-10-03 07:48 - 2011-08-25 12:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-10-03 07:48 - 2011-08-25 12:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-10-03 07:48 - 2011-08-25 09:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2014-10-03 07:48 - 2011-08-25 09:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaccrc.dll
2014-10-03 07:48 - 2011-06-15 12:16 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-10-03 07:48 - 2011-06-15 12:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-10-03 07:48 - 2011-01-20 12:17 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-10-03 07:48 - 2011-01-20 12:17 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-10-03 07:48 - 2011-01-20 12:16 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-03 07:48 - 2011-01-20 12:16 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-10-03 07:48 - 2011-01-20 12:16 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-10-03 07:48 - 2011-01-20 12:16 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-10-03 07:48 - 2011-01-20 12:14 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-03 07:48 - 2011-01-20 12:14 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-03 07:48 - 2011-01-20 12:08 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-10-03 07:48 - 2011-01-20 12:07 - 01075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-10-03 07:48 - 2011-01-20 12:07 - 00586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-10-03 07:48 - 2011-01-20 12:07 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-10-03 07:48 - 2011-01-20 12:06 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-03 07:48 - 2011-01-20 12:04 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-03 07:48 - 2011-01-20 12:04 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-03 07:48 - 2011-01-20 11:01 - 03068416 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-10-03 07:48 - 2011-01-20 10:59 - 01032192 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-10-03 07:48 - 2011-01-20 10:58 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-10-03 07:48 - 2011-01-20 10:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-10-03 07:48 - 2011-01-20 10:42 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-10-03 07:48 - 2011-01-20 10:41 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-10-03 07:48 - 2011-01-20 10:40 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-10-03 07:48 - 2011-01-20 10:40 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-10-03 07:48 - 2011-01-20 10:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-03 07:48 - 2011-01-20 10:28 - 01554432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-10-03 07:48 - 2011-01-20 10:25 - 00847360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2014-10-03 07:48 - 2011-01-20 10:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-10-03 07:48 - 2011-01-20 10:15 - 00979456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFH264Dec.dll
2014-10-03 07:48 - 2011-01-20 10:14 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFHEAACdec.dll
2014-10-03 07:48 - 2011-01-20 10:14 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4src.dll
2014-10-03 07:48 - 2011-01-20 10:14 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-10-03 07:47 - 2014-04-26 14:21 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-10-03 07:47 - 2014-04-26 12:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-10-03 07:47 - 2014-02-06 00:21 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-10-03 07:47 - 2014-02-05 21:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-10-03 07:47 - 2012-08-21 07:50 - 00267648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-10-03 07:47 - 2011-10-14 13:30 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-10-03 07:47 - 2011-10-14 12:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-10-03 07:46 - 2013-10-22 05:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-10-03 07:46 - 2013-10-22 03:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-10-03 07:46 - 2013-10-11 00:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-10-03 07:46 - 2013-10-11 00:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-10-03 07:46 - 2013-10-10 22:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-10-03 07:46 - 2013-10-10 22:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-10-03 07:46 - 2013-10-10 22:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-10-03 07:46 - 2013-10-10 22:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-10-03 07:46 - 2013-10-10 22:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2014-10-03 07:46 - 2013-10-10 20:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-10-03 07:46 - 2013-10-10 20:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-10-03 07:46 - 2013-07-20 06:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-03 07:46 - 2013-07-20 06:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-03 07:46 - 2013-07-16 05:25 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-10-03 07:46 - 2013-07-16 00:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-10-03 07:46 - 2013-07-08 00:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-03 07:46 - 2013-07-08 00:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-03 07:46 - 2013-07-08 00:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-10-03 07:46 - 2013-07-08 00:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-03 07:46 - 2013-07-08 00:12 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-03 07:46 - 2013-07-08 00:12 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-10-03 07:46 - 2013-07-04 00:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-10-03 07:46 - 2013-07-04 00:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-10-03 07:46 - 2013-02-11 22:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-10-03 07:46 - 2012-11-22 00:22 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-10-03 07:46 - 2012-11-21 23:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2014-10-03 07:46 - 2012-06-04 11:29 - 00516480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-10-03 07:46 - 2012-06-01 20:22 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-03 07:46 - 2012-06-01 20:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-03 07:46 - 2012-06-01 20:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-03 07:46 - 2011-11-16 12:42 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-10-03 07:46 - 2011-11-16 12:41 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-03 07:46 - 2011-11-16 10:34 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-10-03 07:45 - 2014-06-06 04:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-10-03 07:45 - 2014-06-06 03:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-10-03 07:45 - 2014-03-10 02:26 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-10-03 07:45 - 2014-03-10 02:26 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-10-03 07:45 - 2014-03-09 21:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-10-03 07:45 - 2014-03-09 21:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-10-03 07:45 - 2013-10-30 00:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-10-03 07:45 - 2013-10-29 23:55 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-10-03 07:45 - 2013-10-29 22:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-10-03 07:45 - 2013-06-28 22:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-10-03 07:45 - 2013-06-28 22:25 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-10-03 07:45 - 2013-06-28 22:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-10-03 07:45 - 2013-06-28 22:25 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-10-03 07:45 - 2013-06-26 19:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-10-03 07:45 - 2013-06-26 19:00 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-10-03 07:45 - 2013-06-26 19:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-10-03 07:45 - 2013-03-08 00:18 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-10-03 07:45 - 2012-11-08 00:26 - 01570816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-03 07:45 - 2012-11-07 23:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-03 07:45 - 2012-06-29 12:20 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-10-03 07:45 - 2012-06-29 12:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-10-03 07:45 - 2012-05-11 12:34 - 00788480 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-10-03 07:45 - 2012-05-11 11:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2014-10-03 07:45 - 2012-03-20 19:34 - 00072576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-10-03 07:45 - 2011-05-05 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-10-03 07:45 - 2011-05-05 10:17 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-10-03 07:44 - 2013-03-08 00:17 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-03 07:44 - 2013-03-07 23:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-03 07:43 - 2014-06-02 17:30 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-03 07:43 - 2014-06-02 17:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-10-03 07:43 - 2014-06-02 17:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-10-03 07:43 - 2014-06-02 17:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-10-03 07:43 - 2014-06-02 16:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-10-03 07:43 - 2014-06-02 06:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-03 07:43 - 2014-06-02 06:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-10-03 07:43 - 2014-06-02 06:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-10-03 07:43 - 2014-05-30 03:10 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-10-03 07:43 - 2013-05-02 00:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-10-03 07:43 - 2013-05-02 00:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-10-03 07:43 - 2013-05-02 00:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2014-10-03 07:43 - 2011-07-29 12:08 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-10-03 07:43 - 2011-07-29 12:08 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-10-03 07:43 - 2011-07-29 12:06 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-10-03 07:43 - 2011-07-29 12:06 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-10-03 07:43 - 2011-07-29 12:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-10-03 07:43 - 2011-07-29 12:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-10-03 07:43 - 2011-07-29 12:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-10-03 07:43 - 2011-07-29 12:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-10-03 07:36 - 2012-11-02 06:45 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-10-03 07:36 - 2012-11-02 06:45 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2014-10-03 07:36 - 2012-11-02 06:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-10-03 07:36 - 2012-11-02 04:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-10-03 07:36 - 2012-11-02 04:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2014-10-03 07:21 - 2012-01-09 12:16 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-10-03 07:21 - 2012-01-09 11:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-03 07:06 - 2012-06-02 18:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-03 07:06 - 2012-06-02 18:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-10-03 07:06 - 2012-06-02 18:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-03 07:06 - 2012-06-02 18:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-03 07:06 - 2012-06-02 18:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-03 07:06 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-03 07:06 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-03 07:06 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-03 07:06 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-03 06:50 - 2014-10-03 06:51 - 00456980 _____ () C:\Users\Grammie\AppData\Local\dd_vcredistMSI5BD5.txt
2014-10-03 06:50 - 2014-10-03 06:51 - 00017798 _____ () C:\Users\Grammie\AppData\Local\dd_vcredistUI5BD5.txt
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-10-03 04:13 - 2014-10-03 04:13 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-10-03 03:46 - 2014-10-03 03:55 - 00595450 _____ () C:\Windows\dd_vcredistMSI4F49.txt
2014-10-03 03:46 - 2014-10-03 03:55 - 00215676 _____ () C:\Windows\dd_vcredistUI4F49.txt
2014-10-03 03:06 - 2014-10-19 03:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-02 23:20 - 2014-09-15 09:06 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-02 22:03 - 2014-10-02 22:03 - 00004320 _____ () C:\Users\Grammie\Documents\cc_20141002_220257.reg
2014-10-02 22:01 - 2014-10-04 09:27 - 00019866 _____ () C:\Windows\setupact.log
2014-10-02 22:01 - 2014-10-02 22:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-02 18:33 - 2014-10-02 18:33 - 00000000 ____D () C:\ProgramData\AT&T
2014-10-02 18:23 - 2014-10-02 18:32 - 00000000 ____D () C:\Program Files\Recuva
2014-10-02 18:23 - 2014-10-02 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-10-02 18:22 - 2014-10-02 18:29 - 00000000 ____D () C:\Program Files (x86)\Tbccint
2014-10-02 18:19 - 2014-10-02 18:19 - 04210920 _____ (Piriform Ltd) C:\Users\Grammie\Downloads\rcsetup151.exe
2014-10-02 18:16 - 2014-10-02 18:16 - 04965896 _____ (Piriform Ltd) C:\Users\Grammie\Downloads\ccsetup418.exe
2014-10-02 18:16 - 2014-10-02 18:16 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-10-02 18:16 - 2014-10-02 18:16 - 00000772 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-02 18:16 - 2014-10-02 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-02 18:16 - 2014-10-02 18:16 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-02 18:12 - 2014-10-11 19:19 - 00000000 ____D () C:\Windows\pss
2014-10-02 18:10 - 2014-10-02 18:10 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\InstallShield
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-22 12:04 - 2013-07-02 19:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-22 11:57 - 2013-04-15 21:21 - 00000476 _____ () C:\Windows\Tasks\Arcadesafari.job
2014-10-22 11:57 - 2008-09-01 09:44 - 01152890 _____ () C:\Windows\WindowsUpdate.log
2014-10-20 17:08 - 2006-11-02 08:46 - 00802804 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-19 03:30 - 2006-11-02 11:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-19 03:30 - 2006-11-02 11:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-19 03:29 - 2008-09-01 09:55 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml
2014-10-19 03:29 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-19 03:29 - 2006-11-02 11:21 - 00305976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 03:27 - 2008-08-19 16:17 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-10-19 03:27 - 2006-11-02 11:42 - 00032650 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-19 03:06 - 2008-08-19 17:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-19 03:01 - 2006-11-02 08:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-12 20:37 - 2006-11-02 08:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-11 20:50 - 2008-12-26 11:18 - 00000000 ____D () C:\Users\Grammie\AppData\Local\Google
2014-10-11 20:49 - 2008-12-25 22:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-11 18:38 - 2008-08-19 17:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-11 17:00 - 2008-12-25 22:43 - 00000000 ____D () C:\Users\Grammie
2014-10-07 21:21 - 2008-09-01 09:47 - 00000000 ____D () C:\Program Files\CONEXANT
2014-10-06 07:16 - 2011-09-18 01:08 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\Skype
2014-10-04 16:20 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\system
2014-10-04 16:16 - 2008-09-01 09:46 - 00000000 ____D () C:\Program Files (x86)\Marvell
2014-10-04 16:09 - 2006-11-02 09:33 - 00000000 __RHD () C:\Users\Default
2014-10-04 10:22 - 2008-12-25 22:45 - 00000981 _____ () C:\Users\Grammie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-04 10:22 - 2008-12-25 22:45 - 00000951 _____ () C:\Users\Grammie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-10-04 10:21 - 2007-07-11 21:49 - 00000000 ____D () C:\Windows\Panther
2014-10-04 10:19 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\rescache
2014-10-04 10:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-04 10:14 - 2006-11-02 09:33 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-10-04 10:14 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-04 09:57 - 2013-05-22 18:25 - 00796544 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-04 09:57 - 2006-11-02 08:16 - 00008798 _____ () C:\Windows\SysWOW64\icrav03.rat
2014-10-04 09:57 - 2006-11-02 08:16 - 00001988 _____ () C:\Windows\SysWOW64\ticrf.rat
2014-10-04 09:57 - 2006-11-02 02:36 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2014-10-04 09:57 - 2006-11-02 02:36 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2014-10-04 09:28 - 2006-11-02 11:07 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\th-TH
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\he-IL
2014-10-04 09:28 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\et-EE
2014-10-04 09:28 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-10-04 09:28 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-10-04 09:27 - 2006-11-02 09:33 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-03 06:50 - 2008-08-19 17:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-03 06:50 - 2006-11-02 09:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-03 04:21 - 2008-12-25 22:45 - 00000917 _____ () C:\Users\Grammie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-10-03 04:17 - 2010-07-31 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Collaboration
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Movie Maker
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-10-03 04:14 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files (x86)\Windows Calendar
2014-10-03 04:13 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Gallery
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\SLUI
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\SLUI
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\setup
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\oobe
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\migwiz
2014-10-03 04:13 - 2006-11-02 09:34 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-10-03 04:13 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-10-03 04:13 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\servicing
2014-10-03 04:13 - 2006-11-02 09:33 - 00000000 ____D () C:\Windows\IME
2014-10-03 03:21 - 2011-09-18 01:08 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-03 03:21 - 2011-09-18 01:08 - 00000000 ____D () C:\ProgramData\Skype
2014-10-03 03:19 - 2008-08-19 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2014-10-03 03:19 - 2008-08-19 17:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-10-03 03:10 - 2010-08-04 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-02 22:09 - 2008-08-19 17:36 - 00000000 ____D () C:\ProgramData\Napster
2014-10-02 22:01 - 2009-02-15 12:41 - 00000000 ____D () C:\Windows\Minidump
2014-10-02 18:38 - 2009-09-09 23:40 - 00000000 ____D () C:\Program Files\Google
2014-10-02 18:38 - 2008-12-25 22:45 - 00000000 ____D () C:\Users\Grammie\AppData\Roaming\Symantec
2014-10-02 18:30 - 2008-12-25 22:44 - 00000000 ____D () C:\ProgramData\Google
2014-10-02 18:27 - 2008-08-19 17:19 - 00000000 ____D () C:\ProgramData\Symantec
2014-10-02 18:26 - 2008-08-19 17:20 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-10-02 18:18 - 2013-04-16 17:32 - 00000866 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
 
Some content of TEMP:
====================
C:\Users\Grammie\AppData\Local\temp\dllnt_dump.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-19 03:34
 
==================== End Of Log ============================


#11 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:08:32 PM

Posted 22 October 2014 - 05:09 PM

You have provided FRST logfile, while I'd like to see FSS one. Please be more thorough when following my instructions :)

Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#12 satnerd

satnerd
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 22 October 2014 - 05:52 PM

my apologies,

 

Farbar Service Scanner Version: 21-07-2014
Ran by Grammie (administrator) on 22-10-2014 at 18:28:18
Running from "F:\"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcsvc.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#13 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:08:32 PM

Posted 22 October 2014 - 06:00 PM

No need to :)
 
 
Tell me do you experience any other issues?



51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.


ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.

To perform the scan:

  • Make sure that Enable detecion of potentially unwanted applications is checked.
  • In the Advanced Settings dropdown menu:
    • Make sure that Remove found threats is unchecked.
    • Scan archives is checked.
    • Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
    • Use custom proxy settings is unchecked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.

Please include this logfile in your next reply.
Don't forget to re-enable previously switched-off protection software!


51c9d14017fa0-SecurityCheck.PNG Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

  • Right-click on 51c9d14017fa0-SecurityCheck.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan won't take long.
  • Soon a notepad document called checkup.txt will open automaticaly.

Please include the content of that document.


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png


#14 satnerd

satnerd
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 22 October 2014 - 06:06 PM

unfortunately the PC still will not connect to the internet via browser so i am unable to update Malware Bytes or run ESET online scanner. I can run Security check via USB 



#15 Naathim

Naathim

    Bleepin' Minion


  • Members
  • 435 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:08:32 PM

Posted 22 October 2014 - 06:10 PM

No, let's try this one prior...


Windows-System-Restore-Point.png Create a System Restore Point

Creating and maintaining System Restore Points is a backup plan if something would go wrong. Better to be safe than sorry.

  • Press the StartOrb.jpg, right-click on Computer and select Properties.
  • Select System Protection.
  • Confirm if prompted and/or enter the Administrator password if necessary.
  • At the bottom click Create.
  • Enter the name, like Fresh Restore Point and click Create.
  • .
  • You will be prompted when finished.

You may now close the System Properties window.



CompleteInternetRepair.png Fix with Complete Internet Repair

Please download Complete Internet Repair by Rizonesoft and save the file to your desktop.

  • Right click on the ComIntRepair.png icon and select RunAsAdmin.jpg Run as Administrator to extract the tool.
  • Extract it to your desktop.
  • Most likely you have downloaded it on an operational machine. Using USB drive transfer it to the corrupted one right now.
  • Enter the ComIntRepair directory. You will see two versions there.

You need to run version compatible with your architecture, so if unsure please follow these instructions to check it:

  • Click the Start button.
  • Right-click on Computer and select Properties.
  • A window should appear - in the middle part of it there should be a note if your system has 32- or 64-bit architecture.

Back to Complete Internet Repair:

  • > For 32-bit System run CIntRep.
    > For 64-bit System run CIntRep_x64.
  • Right click on the CompleteInternetRepair.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • In the main window please check the following checkboxes:
    • Reset Internet Protocol (TCP/IP)
    • Repair Winsock (Reset Catalog)
    • Renew Internet Connections
    • Flush DNS Resolver Cache
    • Repair Internet Explorer
    • Clear Windows Update History
    • Repair Windows / Automatic Updates
    • Repair SSL / HTTPS / Cryptography
    • Reset Windows Firewall Configuration
    • Restore the default hosts file
    • Repair Workgroup Computers view
  • Click Go!
  • Ignore any error messages.
  • Click OK to reboot your machine (necessary).

Any report won't be generated. Please update me if the connection is restored.


Radek Naathim Pawelczyk

Malware Removal Specialist

 

staff.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users