Go Back   Cyber Tech Help Support Forums > Software > Malware Removal Forum

Notices

Reply
 
Topic Tools
  #1  
Old September 2nd, 2013, 07:30 AM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
Horrible Infestation

Lately, I lost access to my email account temporarily due to some form of malicious software or user intervention (hacking). I rectified that situation to the best of my ability and then proceeded to perform a virus scan using Avast! and it found 32 objects that were infected. Some of the objects shown as the directory string being infected by Bank Fraud (Rtk) as well as some various Trojan files. I have them quarantined in the "Chest". If anyone could help me out, I would greatly appreciate it because right now, I'm concerned with my finances and internet security. I will be making the necessary phone calls after the holiday (Labor Day) first thing. Below is the list of the infections:

JS:ScriptIP-inf(Trj) *This one was found in 15 different directories*

JS:AddLyrics-O(Adw) *This one was found in 2 directories*

JS:AddLyrics-D(Adw) *This was found 1 time*

HTML:Bankfraud-BM(Trj) *Found 2 times*

Win32:Malware-gen *Found 2 times*

MBR:Pihar-D(Rtk *Found 3 times*

Win32:Alureon-MJ@mbr(Rtk) *Found 1 time*

Win32:Alureon-AUV(Rtk) *Found 1 time*

MBR:Alureon-B(Rtk) *Found 1 time*

Win32:Rootkit-gen(Rtk) *Found 1 time*

Win64:Alureon-B@mbr(Rtk) *Found 1 time*


I'm unsure how to access the directories of the virus without activating/freeing the malware. If it is possible to view the directories they are located in without voiding the quarantine procedure and if that would help to further find a solution, please let me know.

Thank you for any and all help.
Reply With Quote


  #2  
Old September 3rd, 2013, 06:50 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,431
Hello, TBraswell
Welcome to the CyberTechHelp Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.



Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Please set your system to show all files.
    Click Start, open My Computer, select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
    Uncheck: Hide file extensions for known file types
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.




For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop.

Run it and click Scan. Please post back with the 2 Logfiles.
Reply With Quote
  #3  
Old September 3rd, 2013, 11:16 PM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
Log #1

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 03
Ran by Josie (administrator) on TERRENCE-LAPTOP on 03-09-2013 18:12:36
Running from C:\Users\Josie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent 64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
(OpenOffice.org) C:\Program Files (x86)\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\program\soffice.bin
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Integrator.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_11_8_800_94.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe [508472 2009-10-09] (Conexant Systems, Inc.)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe [244480 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162336 2009-07-21] ()
HKU\DefaultAppPool\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162336 2009-07-21] ()
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk
ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (No File)
Startup: C:\Users\Josie\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\program\quickstart.exe ()
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT32...6-55417B0EE89C
SearchScopes: HKLM-x32 - DefaultScope {E57D4021-052D-40D1-8CD8-4BD33D39EEDA} URL =
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT2438727
SearchScopes: HKCU - DefaultScope {E57D4021-052D-40D1-8CD8-4BD33D39EEDA} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT3289847&CUI=UN32435683282379311&UM=2
SearchScopes: HKCU - {5CC989A5-177D-48A3-A905-BAF79760B0EA} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {8EA86FAB-62A1-44AD-9C1D-465B14275CDE} URL = http://search.avg.com/route/?d=4bdd9d83&v=6.10.6.4&i=23&tp=chrome&q={searchTer ms}&lng={language}&iy=&ychte=us
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={C670183D-ED9A-4D0A-AADB-2E683A059EFF}&mid=da2e42a3517c15ad7a9b08033df31015-f6fe8cead12466045a7308c577e100963e444e28&lang=en&d s=AVG&pr=fr&d=2012-08-03 15:02:01&v=12.1.0.21&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {A8954170-F89A-47AE-938F-1749B6BE6B6F} URL = http://websearch.ask.com/redirect?client=ie&tb=LPY&o=100000042&src=kw&q={se archTerms}&locale=en_US&apn_ptnrs=V8&apn_dtid=YYYY YYYYUS&apn_uid=8d823805-83e3-4cc4-a168-933a2b21670d&apn_sauid=9F4B8D3E-6BB2-4E9D-8177-40FCD1E9BF05&
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=82310 &iwk=242&lng=en
SearchScopes: HKCU - {E57D4021-052D-40D1-8CD8-4BD33D39EEDA} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT3289847&CUI=UN32435683282379311&UM=2
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://summitcare.webex.com/client/...x/ieatgpc1.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

FireFox:
========
FF ProfilePath: C:\Users\Josie\AppData\Roaming\Mozilla\Firefox\Pro files\cxtks4cd.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_80 0_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_80 0_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: npDisplayEngine - C:\Program Files (x86)\LivingPlay Games\nplplaypop.dll ( )
FF Extension: LivingPlay TextLinks - C:\Users\Josie\AppData\Roaming\Mozilla\Extensions\ {ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@lplay.com
FF Extension: adblockpopups - C:\Users\Josie\AppData\Roaming\Mozilla\Firefox\Pro files\cxtks4cd.default\Extensions\adblockpopups@je ssehakanen.net.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-31] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-31] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-31] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16640 2013-08-20] (<Glarysoft Ltd>)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-18] (EldoS Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-18] (EldoS Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-03 18:12 - 2013-09-03 18:12 - 00000000 ____D C:\FRST
2013-09-03 18:11 - 2013-09-03 18:12 - 01950416 _____ (Farbar) C:\Users\Josie\Downloads\FRST64.exe
2013-09-02 17:21 - 2013-09-03 15:35 - 00000392 _____ C:\Windows\setupact.log
2013-09-02 17:21 - 2013-09-02 17:21 - 00000000 _____ C:\Windows\setuperr.log
2013-09-02 01:49 - 2013-09-02 01:49 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-09-02 01:49 - 2013-09-02 01:49 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-09-02 01:46 - 2013-09-02 01:46 - 00001852 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-09-02 01:46 - 2013-09-02 01:46 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-09-02 01:39 - 2013-09-02 01:39 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-02 01:38 - 2013-09-02 01:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-02 01:38 - 2013-09-02 01:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 01:24 - 2013-09-02 01:24 - 00000232 _____ C:\aswBoot.log
2013-09-01 02:32 - 2013-09-01 02:32 - 00000000 __SHD C:\found.000
2013-09-01 01:48 - 2013-08-20 01:49 - 00016640 _____ (<Glarysoft Ltd>) C:\Windows\system32\Drivers\BootDefragDriver.sys
2013-09-01 00:10 - 2013-09-01 00:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-09-01 00:08 - 2013-09-01 00:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-01 00:08 - 2013-09-01 00:08 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-01 00:04 - 2013-09-03 15:37 - 00000332 _____ C:\Windows\Tasks\GlaryInitialize 3.job
2013-09-01 00:04 - 2013-09-03 15:37 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3
2013-09-01 00:04 - 2013-09-01 01:52 - 00002168 _____ C:\DiskDefrag.log
2013-09-01 00:04 - 2013-09-01 00:04 - 00903080 _____ (Oracle Corporation) C:\Users\Josie\Downloads\chromeinstall-7u25 (1).exe
2013-09-01 00:04 - 2013-09-01 00:04 - 00002642 _____ C:\Windows\System32\Tasks\GlaryInitialize 3
2013-09-01 00:04 - 2013-09-01 00:04 - 00001087 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk
2013-09-01 00:04 - 2013-09-01 00:04 - 00000000 ____D C:\Users\Josie\AppData\Roaming\GlarySoft
2013-09-01 00:04 - 2013-08-20 05:21 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2013-09-01 00:01 - 2013-09-01 00:03 - 16136496 _____ C:\Users\Josie\Downloads\gu3setup.exe
2013-09-01 00:00 - 2013-09-01 00:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-01 00:00 - 2013-09-01 00:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-31 23:56 - 2013-08-31 23:57 - 00903080 _____ (Oracle Corporation) C:\Users\Josie\Downloads\chromeinstall-7u25.exe
2013-08-31 23:47 - 2013-09-02 22:12 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-31 23:47 - 2013-08-31 23:47 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00001929 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-31 23:47 - 2013-05-09 04:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-31 23:47 - 2013-05-09 04:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-31 23:47 - 2013-05-09 04:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-31 23:47 - 2013-05-09 04:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-31 23:47 - 2013-05-09 04:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-31 23:46 - 2013-05-09 04:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-31 23:40 - 2013-08-31 23:44 - 117478104 _____ C:\Users\Josie\Downloads\avast_free_antivirus_setu p.exe
2013-08-29 07:51 - 2013-08-29 07:51 - 00000113 _____ C:\Users\Josie\Desktop\Cuyahoga CSEA Contact Info.txt
2013-08-23 08:03 - 2013-08-23 08:03 - 00000000 ____D C:\Users\Josie\.tuxguitar-1.2
2013-08-23 08:02 - 2013-08-08 11:52 - 03268096 _____ C:\Users\Josie\Downloads\astudio.msi
2013-08-23 08:02 - 2013-08-08 11:52 - 00439360 _____ () C:\Users\Josie\Downloads\setup.exe
2013-08-23 08:01 - 2013-08-23 08:02 - 03028960 _____ C:\Users\Josie\Downloads\asinstall.exe
2013-08-23 08:01 - 2013-08-23 08:01 - 00000956 _____ C:\Users\Public\Desktop\TuxGuitar.lnk
2013-08-23 08:01 - 2013-08-23 08:01 - 00000000 ____D C:\Program Files (x86)\TuxGuitar
2013-08-23 07:59 - 2013-08-23 07:59 - 07715210 _____ (Herac) C:\Users\Josie\Downloads\tuxguitar-1.2-windows-x86-installer.exe
2013-08-22 08:39 - 2013-08-22 08:39 - 00000046 _____ C:\Users\Josie\Desktop\Schwab New Account Specialist.txt
2013-08-20 01:10 - 2013-08-20 01:11 - 00011359 _____ C:\Users\Josie\Downloads\Resume1.odt
2013-08-19 18:13 - 2013-08-19 18:13 - 00001634 _____ C:\Users\Josie\Desktop\Jager Pork Tenderloin.txt
2013-08-18 18:06 - 2013-08-18 18:06 - 00270896 _____ C:\Users\Josie\Downloads\lizzie 12.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00278121 _____ C:\Users\Josie\Downloads\lizzie 9.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00272615 _____ C:\Users\Josie\Downloads\lizzie 10.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00270718 _____ C:\Users\Josie\Downloads\lizzie 11.htm
2013-08-18 18:04 - 2013-08-18 18:04 - 00273080 _____ C:\Users\Josie\Downloads\lizzie 8.htm
2013-08-18 18:04 - 2013-08-18 18:04 - 00271064 _____ C:\Users\Josie\Downloads\lizzie 7.htm
2013-08-18 18:01 - 2013-08-18 18:01 - 00273357 _____ C:\Users\Josie\Downloads\lizzie 6.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00285962 _____ C:\Users\Josie\Downloads\lizzie 2.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00273191 _____ C:\Users\Josie\Downloads\lizzie 4.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00272672 _____ C:\Users\Josie\Downloads\lizzie 3.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00272206 _____ C:\Users\Josie\Downloads\lizzie 5.htm
2013-08-18 17:57 - 2013-08-18 17:57 - 00267719 _____ C:\Users\Josie\Downloads\lizzie.htm
2013-08-18 03:19 - 2013-08-18 03:20 - 30353497 _____ C:\Users\Josie\Downloads\Aethereal_Free.zip
2013-08-18 03:04 - 2013-08-18 03:04 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-08-18 03:03 - 2013-08-18 03:17 - 00000000 ____D C:\Users\Josie\AppData\Roaming\Audacity
2013-08-18 03:03 - 2013-08-18 03:03 - 00001014 _____ C:\Users\Josie\Desktop\Audacity.lnk
2013-08-18 03:03 - 2013-08-18 03:03 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-18 03:02 - 2013-08-18 03:02 - 00527423 _____ ( ) C:\Users\Josie\Downloads\Lame_v3.99.3_for_Windows. exe
2013-08-18 02:58 - 2013-08-18 02:59 - 21281052 _____ (Audacity Team ) C:\Users\Josie\Downloads\audacity-win-2.0.3.exe
2013-08-17 18:44 - 2013-08-17 18:44 - 00682096 _____ C:\Users\Josie\Downloads\GraboidVideoInstaller-4.41 (1).exe
2013-08-17 18:41 - 2013-08-17 18:41 - 00682096 _____ C:\Users\Josie\Downloads\GraboidVideoInstaller-4.41.exe
2013-08-14 23:02 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 23:02 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 23:02 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 23:02 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 23:02 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 23:02 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 23:02 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 23:02 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 23:02 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 23:02 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 23:02 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 17:04 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 17:04 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 17:04 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 17:04 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 17:04 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 17:04 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 17:04 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 17:04 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 17:04 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 17:04 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 17:04 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 17:04 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 05:32 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 05:32 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 05:32 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 05:32 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 05:32 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 05:32 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 05:32 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 05:32 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 05:32 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 05:32 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 05:31 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 05:31 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 05:31 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 05:31 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 05:31 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 05:31 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 20:34 - 2013-08-13 20:34 - 00000000 _____ C:\Users\Josie\Desktop\New Text Document.txt
2013-08-12 13:57 - 2013-08-12 13:57 - 00401267 _____ C:\Users\Josie\Downloads\Tutorial3point5.zip
2013-08-11 18:30 - 2013-08-11 18:30 - 00000000 ____D C:\Users\Josie\Documents\Songs of Narcaea.scriv
2013-08-10 21:32 - 2013-08-12 14:50 - 00000000 ____D C:\Users\Josie\Documents\RPGVXAce
2013-08-10 00:20 - 2013-08-10 00:20 - 00000000 ____D C:\Users\Josie\Downloads\Crysalis
2013-08-10 00:19 - 2013-08-10 00:20 - 20569968 _____ C:\Users\Josie\Downloads\Crysalis.zip
2013-08-09 21:31 - 2013-08-09 21:38 - 227068523 _____ C:\Users\Josie\Downloads\RPGVXAce_Setup.zip
2013-08-09 21:11 - 2013-08-09 21:22 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-08-09 21:09 - 2013-08-09 21:09 - 00000000 _____ C:\extensions.sqlite
2013-08-09 21:08 - 2013-08-17 16:33 - 00000000 ____D C:\Users\Josie\AppData\Local\SwvUpdater
2013-08-09 15:51 - 2013-08-20 01:12 - 00011356 _____ C:\Users\Josie\Downloads\Resume.odt
2013-08-08 11:52 - 2013-08-08 11:52 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-08 11:52 - 2013-08-08 11:52 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-08-05 00:33 - 2013-08-05 00:33 - 00000000 ____D C:\Users\Josie\Documents\Tutorial.scriv
2013-08-05 00:32 - 2013-08-05 00:32 - 00000000 ____D C:\Users\Josie\AppData\Local\Scrivener
2013-08-05 00:27 - 2013-08-05 00:28 - 55495000 _____ (Literature and Latte) C:\Users\Josie\Downloads\Scrivener-installer.exe
2013-08-04 23:55 - 2013-09-03 17:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-04 23:55 - 2013-08-04 23:55 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-04 14:14 - 2013-08-09 15:50 - 00011343 _____ C:\Users\Josie\Downloads\Resume (1).odt

==================== One Month Modified Files and Folders =======

2013-09-03 18:12 - 2013-09-03 18:12 - 00000000 ____D C:\FRST
2013-09-03 18:12 - 2013-09-03 18:11 - 01950416 _____ (Farbar) C:\Users\Josie\Downloads\FRST64.exe
2013-09-03 18:12 - 2013-03-28 12:52 - 00000000 ____D C:\Users\DefaultAppPool
2013-09-03 18:02 - 2011-02-01 21:14 - 01376755 _____ C:\Windows\WindowsUpdate.log
2013-09-03 17:26 - 2011-11-05 15:11 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-03 17:25 - 2013-08-04 23:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-03 16:26 - 2011-11-05 15:11 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-03 15:43 - 2009-07-14 00:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-03 15:43 - 2009-07-14 00:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-03 15:37 - 2013-09-01 00:04 - 00000332 _____ C:\Windows\Tasks\GlaryInitialize 3.job
2013-09-03 15:37 - 2013-09-01 00:04 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3
2013-09-03 15:35 - 2013-09-02 17:21 - 00000392 _____ C:\Windows\setupact.log
2013-09-03 15:35 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-02 22:12 - 2013-08-31 23:47 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-02 17:21 - 2013-09-02 17:21 - 00000000 _____ C:\Windows\setuperr.log
2013-09-02 01:49 - 2013-09-02 01:49 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-09-02 01:49 - 2013-09-02 01:49 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-09-02 01:49 - 2010-05-01 18:04 - 00000000 ____D C:\Users\Josie\AppData\Roaming\Adobe
2013-09-02 01:49 - 2009-10-29 16:20 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-09-02 01:48 - 2010-10-09 13:59 - 00000000 ____D C:\Users\Josie\AppData\Local\Adobe
2013-09-02 01:48 - 2010-05-30 18:16 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-02 01:47 - 2013-09-02 01:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-02 01:46 - 2013-09-02 01:46 - 00001852 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-09-02 01:46 - 2013-09-02 01:46 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-09-02 01:46 - 2011-01-09 12:24 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-02 01:39 - 2013-09-02 01:39 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-02 01:39 - 2011-08-06 15:32 - 00000000 ____D C:\Users\Josie\AppData\Roaming\Mozilla
2013-09-02 01:38 - 2013-09-02 01:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 01:35 - 2010-05-01 18:04 - 00000000 ____D C:\Users\Josie\AppData\Local\Google
2013-09-02 01:24 - 2013-09-02 01:24 - 00000232 _____ C:\aswBoot.log
2013-09-01 22:23 - 2010-05-01 17:51 - 00000000 ____D C:\Users\Josie
2013-09-01 02:32 - 2013-09-01 02:32 - 00000000 __SHD C:\found.000
2013-09-01 01:52 - 2013-09-01 00:04 - 00002168 _____ C:\DiskDefrag.log
2013-09-01 01:47 - 2010-12-05 23:07 - 00000000 ____D C:\Windows\Minidump
2013-09-01 00:11 - 2013-05-09 13:14 - 00000000 ___RD C:\Users\Josie\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\CyberLink PowerDVD 8
2013-09-01 00:10 - 2013-09-01 00:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-09-01 00:08 - 2013-09-01 00:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-01 00:08 - 2013-09-01 00:08 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-01 00:08 - 2013-09-01 00:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-01 00:08 - 2013-09-01 00:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-01 00:07 - 2013-03-15 21:53 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-01 00:07 - 2010-12-24 13:41 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-01 00:04 - 2013-09-01 00:04 - 00903080 _____ (Oracle Corporation) C:\Users\Josie\Downloads\chromeinstall-7u25 (1).exe
2013-09-01 00:04 - 2013-09-01 00:04 - 00002642 _____ C:\Windows\System32\Tasks\GlaryInitialize 3
2013-09-01 00:04 - 2013-09-01 00:04 - 00001087 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk
2013-09-01 00:04 - 2013-09-01 00:04 - 00000000 ____D C:\Users\Josie\AppData\Roaming\GlarySoft
2013-09-01 00:03 - 2013-09-01 00:01 - 16136496 _____ C:\Users\Josie\Downloads\gu3setup.exe
2013-08-31 23:57 - 2013-08-31 23:56 - 00903080 _____ (Oracle Corporation) C:\Users\Josie\Downloads\chromeinstall-7u25.exe
2013-08-31 23:47 - 2013-08-31 23:47 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00001929 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-31 23:47 - 2011-05-03 20:32 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-31 23:46 - 2011-05-03 20:31 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-31 23:46 - 2011-05-03 20:31 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-31 23:44 - 2013-08-31 23:40 - 117478104 _____ C:\Users\Josie\Downloads\avast_free_antivirus_setu p.exe
2013-08-31 07:57 - 2013-07-08 19:06 - 00040474 _____ C:\Users\Josie\Desktop\Epic Song.gpx
2013-08-29 07:51 - 2013-08-29 07:51 - 00000113 _____ C:\Users\Josie\Desktop\Cuyahoga CSEA Contact Info.txt
2013-08-25 05:27 - 2009-07-27 16:41 - 00000000 ____D C:\Windows\Panther
2013-08-24 18:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-08-23 08:03 - 2013-08-23 08:03 - 00000000 ____D C:\Users\Josie\.tuxguitar-1.2
2013-08-23 08:02 - 2013-08-23 08:01 - 03028960 _____ C:\Users\Josie\Downloads\asinstall.exe
2013-08-23 08:01 - 2013-08-23 08:01 - 00000956 _____ C:\Users\Public\Desktop\TuxGuitar.lnk
2013-08-23 08:01 - 2013-08-23 08:01 - 00000000 ____D C:\Program Files (x86)\TuxGuitar
2013-08-23 07:59 - 2013-08-23 07:59 - 07715210 _____ (Herac) C:\Users\Josie\Downloads\tuxguitar-1.2-windows-x86-installer.exe
2013-08-22 08:39 - 2013-08-22 08:39 - 00000046 _____ C:\Users\Josie\Desktop\Schwab New Account Specialist.txt
2013-08-20 05:21 - 2013-09-01 00:04 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2013-08-20 01:49 - 2013-09-01 01:48 - 00016640 _____ (<Glarysoft Ltd>) C:\Windows\system32\Drivers\BootDefragDriver.sys
2013-08-20 01:12 - 2013-08-09 15:51 - 00011356 _____ C:\Users\Josie\Downloads\Resume.odt
2013-08-20 01:11 - 2013-08-20 01:10 - 00011359 _____ C:\Users\Josie\Downloads\Resume1.odt
2013-08-19 18:13 - 2013-08-19 18:13 - 00001634 _____ C:\Users\Josie\Desktop\Jager Pork Tenderloin.txt
2013-08-18 18:06 - 2013-08-18 18:06 - 00270896 _____ C:\Users\Josie\Downloads\lizzie 12.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00278121 _____ C:\Users\Josie\Downloads\lizzie 9.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00272615 _____ C:\Users\Josie\Downloads\lizzie 10.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00270718 _____ C:\Users\Josie\Downloads\lizzie 11.htm
2013-08-18 18:04 - 2013-08-18 18:04 - 00273080 _____ C:\Users\Josie\Downloads\lizzie 8.htm
2013-08-18 18:04 - 2013-08-18 18:04 - 00271064 _____ C:\Users\Josie\Downloads\lizzie 7.htm
2013-08-18 18:01 - 2013-08-18 18:01 - 00273357 _____ C:\Users\Josie\Downloads\lizzie 6.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00285962 _____ C:\Users\Josie\Downloads\lizzie 2.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00273191 _____ C:\Users\Josie\Downloads\lizzie 4.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00272672 _____ C:\Users\Josie\Downloads\lizzie 3.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00272206 _____ C:\Users\Josie\Downloads\lizzie 5.htm
2013-08-18 17:57 - 2013-08-18 17:57 - 00267719 _____ C:\Users\Josie\Downloads\lizzie.htm
2013-08-18 03:20 - 2013-08-18 03:19 - 30353497 _____ C:\Users\Josie\Downloads\Aethereal_Free.zip
2013-08-18 03:17 - 2013-08-18 03:03 - 00000000 ____D C:\Users\Josie\AppData\Roaming\Audacity
2013-08-18 03:04 - 2013-08-18 03:04 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-08-18 03:03 - 2013-08-18 03:03 - 00001014 _____ C:\Users\Josie\Desktop\Audacity.lnk
2013-08-18 03:03 - 2013-08-18 03:03 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-18 03:02 - 2013-08-18 03:02 - 00527423 _____ ( ) C:\Users\Josie\Downloads\Lame_v3.99.3_for_Windows. exe
2013-08-18 02:59 - 2013-08-18 02:58 - 21281052 _____ (Audacity Team ) C:\Users\Josie\Downloads\audacity-win-2.0.3.exe
2013-08-17 18:44 - 2013-08-17 18:44 - 00682096 _____ C:\Users\Josie\Downloads\GraboidVideoInstaller-4.41 (1).exe
2013-08-17 18:41 - 2013-08-17 18:41 - 00682096 _____ C:\Users\Josie\Downloads\GraboidVideoInstaller-4.41.exe
2013-08-17 16:33 - 2013-08-09 21:08 - 00000000 ____D C:\Users\Josie\AppData\Local\SwvUpdater
2013-08-15 00:08 - 2013-05-29 22:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-08-14 17:01 - 2009-07-14 01:13 - 00864682 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-14 16:57 - 2009-11-12 02:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-14 16:56 - 2013-07-14 10:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 16:53 - 2010-06-16 19:22 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-13 20:34 - 2013-08-13 20:34 - 00000000 _____ C:\Users\Josie\Desktop\New Text Document.txt
2013-08-12 14:50 - 2013-08-10 21:32 - 00000000 ____D C:\Users\Josie\Documents\RPGVXAce
2013-08-12 13:57 - 2013-08-12 13:57 - 00401267 _____ C:\Users\Josie\Downloads\Tutorial3point5.zip
2013-08-11 18:30 - 2013-08-11 18:30 - 00000000 ____D C:\Users\Josie\Documents\Songs of Narcaea.scriv
2013-08-10 00:20 - 2013-08-10 00:20 - 00000000 ____D C:\Users\Josie\Downloads\Crysalis
2013-08-10 00:20 - 2013-08-10 00:19 - 20569968 _____ C:\Users\Josie\Downloads\Crysalis.zip
2013-08-09 21:38 - 2013-08-09 21:31 - 227068523 _____ C:\Users\Josie\Downloads\RPGVXAce_Setup.zip
2013-08-09 21:22 - 2013-08-09 21:11 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-08-09 21:22 - 2010-05-01 17:51 - 00000000 ___RD C:\Users\Josie\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup
2013-08-09 21:20 - 2013-07-16 15:55 - 00000000 ____D C:\Users\Josie\AppData\Local\Conduit
2013-08-09 21:09 - 2013-08-09 21:09 - 00000000 _____ C:\extensions.sqlite
2013-08-09 21:09 - 2013-05-23 21:15 - 00000000 ____D C:\Users\Josie\AppData\Local\CRE
2013-08-09 21:09 - 2013-05-23 21:15 - 00000000 _____ C:\END
2013-08-09 21:09 - 2010-11-05 09:16 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-08-09 15:53 - 2009-11-12 02:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-08-09 15:50 - 2013-08-04 14:14 - 00011343 _____ C:\Users\Josie\Downloads\Resume (1).odt
2013-08-08 11:52 - 2013-08-23 08:02 - 03268096 _____ C:\Users\Josie\Downloads\astudio.msi
2013-08-08 11:52 - 2013-08-23 08:02 - 00439360 _____ () C:\Users\Josie\Downloads\setup.exe
2013-08-08 11:52 - 2013-08-08 11:52 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-08 11:52 - 2013-08-08 11:52 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2013-08-05 00:33 - 2013-08-05 00:33 - 00000000 ____D C:\Users\Josie\Documents\Tutorial.scriv
2013-08-05 00:32 - 2013-08-05 00:32 - 00000000 ____D C:\Users\Josie\AppData\Local\Scrivener
2013-08-05 00:28 - 2013-08-05 00:27 - 55495000 _____ (Literature and Latte) C:\Users\Josie\Downloads\Scrivener-installer.exe
2013-08-04 23:55 - 2013-08-04 23:55 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-04 23:55 - 2012-04-11 20:04 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-04 23:55 - 2011-06-10 10:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\Users\Josie\jagex_cl_runescape_LIVE.dat
C:\Users\Josie\jobq.dat
C:\Users\Josie\random.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-03 17:39

==================== End Of Log ============================
Reply With Quote
  #4  
Old September 3rd, 2013, 11:17 PM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
Log #2

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2013 03
Ran by Josie at 2013-09-03 18:15:10
Running from C:\Users\Josie\Downloads
Boot Mode: Normal
================================================== ========


==================== Installed Programs =======================


Update for Microsoft Office 2007 (KB2508958) (x32)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
ALPS Touch Pad Driver (Version: 7.105.2015.1103)
AMD USB Filter Driver (x32 Version: 1.0.11.86)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
ASIO4ALL (x32 Version: 2.11 Beta1)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Audacity 2.0.3 (x32 Version: 2.0.3)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Backup Manager Basic (x32 Version: 2.0.0.29)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 12.26.02)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full New (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Light (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center InstallProxy (x32 Version: 2009.0729.2227.38498)
Catalyst Control Center Localization All (x32 Version: 2009.0729.2227.38498)
CCC Help Chinese Standard (x32 Version: 2009.0729.2226.38498)
CCC Help Chinese Traditional (x32 Version: 2009.0729.2226.38498)
CCC Help Czech (x32 Version: 2009.0729.2226.38498)
CCC Help Danish (x32 Version: 2009.0729.2226.38498)
CCC Help Dutch (x32 Version: 2009.0729.2226.38498)
CCC Help English (x32 Version: 2009.0729.2226.38498)
CCC Help Finnish (x32 Version: 2009.0729.2226.38498)
CCC Help French (x32 Version: 2009.0729.2226.38498)
CCC Help German (x32 Version: 2009.0729.2226.38498)
CCC Help Greek (x32 Version: 2009.0729.2226.38498)
CCC Help Hungarian (x32 Version: 2009.0729.2226.38498)
CCC Help Italian (x32 Version: 2009.0729.2226.38498)
CCC Help Japanese (x32 Version: 2009.0729.2226.38498)
CCC Help Korean (x32 Version: 2009.0729.2226.38498)
CCC Help Norwegian (x32 Version: 2009.0729.2226.38498)
CCC Help Polish (x32 Version: 2009.0729.2226.38498)
CCC Help Portuguese (x32 Version: 2009.0729.2226.38498)
CCC Help Russian (x32 Version: 2009.0729.2226.38498)
CCC Help Spanish (x32 Version: 2009.0729.2226.38498)
CCC Help Swedish (x32 Version: 2009.0729.2226.38498)
CCC Help Thai (x32 Version: 2009.0729.2226.38498)
CCC Help Turkish (x32 Version: 2009.0729.2226.38498)
ccc-core-static (x32 Version: 2009.0729.2227.38498)
ccc-utility64 (Version: 2009.0729.2227.38498)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.98.9.0)
CyberLink PowerDVD 8 (x32 Version: 8.0.3402)
D3DX10 (x32 Version: 15.4.2368.0902)
Defraggler (Version: 2.14)
DMUninstaller (x32)
eaner (Version: 3.20)
ffdshow [rev 2527] [2008-12-19] (x32 Version: 1.0)
FL Studio 11 (x32)
FlowStone FL 3.0 (x32)
Gateway InfoCentre (x32 Version: 3.02.3000)
Gateway MyBackup (x32 Version: 2.0.0.29)
Gateway Power Management (x32 Version: 4.05.3004)
Gateway Recovery Management (x32 Version: 4.05.3005)
Gateway Registration (x32 Version: 1.02.3006)
Gateway ScreenSaver (x32 Version: 1.6.0730)
Gateway Updater (x32 Version: 1.01.3017)
Glary Utilities 3.9 (x32 Version: 3.9.0.137)
Google Update Helper (x32 Version: 1.3.21.153)
GoToMeeting 4.8.0.723 (HKCU Version: 4.8.0.723)
Guitar Pro 6 (x32)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.56)
Identity Card (x32 Version: 1.00.3002)
IL Download Manager (x32)
IL Shared Libraries (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
LAME v3.99.3 (for Windows) (x32)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4517.1509)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mozilla Firefox 23.0.1 (x86 en-US) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4517.1509)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1509)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4517.1509)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
QuickTime (x32 Version: 7.74.80.86)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30104)
Roxio Burn (x32 Version: 1.2)
Roxio Burn (x32 Version: 1.2.0)
Roxio Update Manager (x32 Version: 6.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Speccy (Version: 1.22)
TuxGuitar (x32 Version: 1.2)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Video Web Camera (x32 Version: 0.5.29.1)
Visual C++ 8.0 Runtime Setup Package (x64) (x32 Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
Vivitar Experience Image Manager (x32)
WebCake 3.00 (Version: 3.00)
WebEx (x32)
Welcome Center (x32 Version: 1.00.3009)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
yWriter5 (x32)

==================== Restore Points =========================

02-09-2013 05:44:38 Installed QuickTime
02-09-2013 05:47:05 Removed Java(TM) 6 Update 26
03-09-2013 19:40:49 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => start w32time task_started
Task: {1BACE4D9-182A-453C-B1C8-197633213372} - System32\Tasks\OfficeSoftwareProtectionPlatform\Sv cRestartTask => start osppsvc
Task: {1D8D7F2E-A7C0-4063-8415-6A8ABEA3FE96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2013-08-04] (Adobe Systems Incorporated)
Task: {37FE0EB4-C71F-4F9C-B7E3-4DB4361CCA12} - System32\Tasks\GlaryInitialize 3 => C:\Program Files (x86)\Glary Utilities 3\Initialize.exe [2013-08-20] (Glarysoft Ltd)
Task: {4C944297-D542-4648-8085-025F2C0D787D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {5011BE04-9C15-4AB2-B570-D70F6AB78121} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-09] (Microsoft Corporation)
Task: {5254E3CC-69FB-4E8B-ADA7-63091378DFFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05] (Google Inc.)
Task: {55B1088F-573F-4F48-B135-83C77C9D708C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-08-14] (Microsoft Corporation)
Task: {8028C947-C73B-4AB6-BE82-F30F3A5BF14E} - System32\Tasks\OrbLogonStartup => C:\Program Files (x86)\Orb Networks\Orb\bin\OrbTray.exe No File
Task: {81902477-4622-4984-995A-10AC6A3B4E7D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)
Task: {8DA320C5-3ADF-4CB4-A895-5DE9F01834D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AA30425C-B11B-4390-88C1-FBAA2F9EE2A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05] (Google Inc.)
Task: {F1CC1AC7-AB78-48BB-A922-9740B12AA985} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {FDF5F67E-9F73-4C3A-9D46-007A18495097} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\Windows\Tasks\GlaryInitialize 3.job => C:\Program Files (x86)\Glary Utilities 3\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SidebarExecute.job => C:\Program Files (x86)\Windows Sidebar\sidebar.exe

==================== Loaded Modules (whitelisted) =============

2010-02-05 06:20 - 2009-09-30 18:50 - 00271904 _____ (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\SysHook.dll
2013-05-29 23:38 - 2013-05-29 23:38 - 00261624 _____ (Microsoft Corporation) C:\Users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\amd64\SkyDriveShell64.dll
2013-05-29 23:38 - 2013-05-29 23:38 - 00661448 _____ (Microsoft Corporation) C:\Users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\amd64\MSVCP110.dll
2013-05-29 23:38 - 2013-05-29 23:38 - 00828872 _____ (Microsoft Corporation) C:\Users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\amd64\MSVCR110.dll
2013-08-14 14:06 - 2013-08-14 14:06 - 08865448 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2009-07-13 20:18 - 2009-07-13 21:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm
2009-07-13 20:18 - 2009-07-13 21:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm
2009-07-13 20:18 - 2009-07-13 21:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm
2009-07-13 20:18 - 2009-07-13 21:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2009-07-13 20:22 - 2009-07-13 21:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2011-07-08 18:53 - 2010-11-20 09:26 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2009-07-13 19:37 - 2009-07-13 21:40 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDisplayStatusManager.dll
2009-07-13 20:40 - 2009-07-13 21:40 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll
2009-07-13 19:37 - 2009-07-13 21:40 - 06281216 _____ (Microsoft Corporation) C:\Windows\system32\DDORes.dll
2009-07-13 19:57 - 2009-07-13 21:41 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2009-07-13 19:57 - 2009-07-13 21:40 - 00069120 _____ () C:\Windows\system32\BWContextHandler.dll
2009-07-13 20:21 - 2009-07-13 21:40 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\DXPPS.dll
2009-07-13 20:07 - 2009-07-13 21:40 - 00093696 _____ () C:\Windows\system32\BthpanContextHandler.dll
2009-07-13 20:06 - 2009-07-13 21:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\bthpanapi.dll
2011-07-08 18:53 - 2010-11-20 09:27 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\SPPC.DLL
2010-02-05 05:58 - 2009-07-30 03:02 - 00421376 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdl64.dll
2010-02-05 05:58 - 2009-05-14 01:14 - 00373760 _____ (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApResUS.dll
2010-02-05 05:58 - 2009-05-08 18:47 - 00098816 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL
2010-02-05 05:58 - 2009-05-27 23:33 - 00919040 _____ (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.DLL
2010-02-05 05:58 - 2008-03-22 15:53 - 00032256 _____ (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\EzAuto.dll
2010-02-05 05:58 - 2008-03-18 17:37 - 00266752 _____ (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\EzLaunch.DLL
2010-02-05 06:20 - 2009-09-30 18:48 - 00219168 _____ (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\BrightnessControl.dll
2010-02-05 06:20 - 2009-09-30 18:49 - 00217120 _____ (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\CommonControl.dll
2010-02-05 06:20 - 2009-09-30 18:49 - 00218144 _____ (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\PowerSettingControl.dll
2010-02-05 06:20 - 2009-09-30 18:49 - 00218144 _____ (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\NetAdapterControl.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 01742848 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\sal3.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00085504 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\uwinapi.dll
2012-08-13 10:51 - 2012-08-13 10:51 - 00271872 _____ (Apache Software Foundation) C:\Program Files (x86)\program\sofficeapp.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 01048064 _____ (Apache Software Foundation) C:\Program Files (x86)\program\comphelpMSC.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00439808 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\cppuhelper3MSC.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00013824 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\salhelper3MSC.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00152064 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\cppu3.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00597504 _____ (STLport Consulting, Inc.) C:\Program Files (x86)\URE\bin\stlport_vc7145.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00358400 _____ (Apache Software Foundation) C:\Program Files (x86)\program\ucbhelper4MSC.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00094720 _____ (Apache Software Foundation) C:\Program Files (x86)\program\vos3MSC.dll
2012-08-13 10:51 - 2012-08-13 10:51 - 00139776 _____ (Apache Software Foundation) C:\Program Files (x86)\program\deploymentmisc.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00589312 _____ (Apache Software Foundation) C:\Program Files (x86)\program\tl.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00705536 _____ (Apache Software Foundation) C:\Program Files (x86)\program\basegfx.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00027136 _____ (Apache Software Foundation) C:\Program Files (x86)\program\i18nisolang1MSC.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00952320 _____ (Apache Software Foundation) C:\Program Files (x86)\program\utl.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00531968 _____ (Apache Software Foundation) C:\Program Files (x86)\program\xcr.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 02995200 _____ (Apache Software Foundation) C:\Program Files (x86)\program\sfx.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00407552 _____ (Apache Software Foundation) C:\Program Files (x86)\program\fwe.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00159232 _____ (Apache Software Foundation) C:\Program Files (x86)\program\fwi.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00835072 _____ (Apache Software Foundation) C:\Program Files (x86)\program\svl.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00257536 _____ (Apache Software Foundation) C:\Program Files (x86)\program\sot.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 03118592 _____ (Apache Software Foundation) C:\Program Files (x86)\program\svt.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00067072 _____ (Apache Software Foundation) C:\Program Files (x86)\program\i18nutilMSC.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00951808 _____ (IBM Corporation and others) C:\Program Files (x86)\program\icuuc40.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 13914112 _____ (IBM Corporation and others) C:\Program Files (x86)\program\icudt40.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00093696 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\jvmfwk3.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\program\libxml2.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 02364416 _____ (Apache Software Foundation) C:\Program Files (x86)\program\tk.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 03496960 _____ (Apache Software Foundation) C:\Program Files (x86)\program\vcl.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00029696 _____ (Apache Software Foundation) C:\Program Files (x86)\program\i18npaper.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00086528 _____ (Apache Software Foundation) C:\Program Files (x86)\program\sax.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 01772032 _____ (Apache Software Foundation) C:\Program Files (x86)\program\sb.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00052224 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\msci_uno.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00499712 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\bootstrap.uno.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00093184 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\reg3.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00053760 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\store3.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00035328 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\xmlreader.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00375808 _____ (Apache Software Foundation) C:\Program Files (x86)\program\configmgr.uno.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00024064 _____ (Apache Software Foundation) C:\Program Files (x86)\program\localebe1.uno.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00092672 _____ (Apache Software Foundation) C:\Program Files (x86)\URE\bin\stocservices.uno.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00210944 _____ (Apache Software Foundation) C:\Program Files (x86)\program\ucb1.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 01777664 _____ (Apache Software Foundation) C:\Program Files (x86)\program\fwk.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00258560 _____ (Apache Software Foundation) C:\Program Files (x86)\program\ucpfile1.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 01317376 _____ (Apache Software Foundation) C:\Program Files (x86)\program\i18npool.uno.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 01071616 _____ (IBM Corporation and others) C:\Program Files (x86)\program\icuin40.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00286720 _____ (Apache Software Foundation) C:\Program Files (x86)\program\oleautobridge.uno.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00148480 _____ (Apache Software Foundation) C:\Program Files (x86)\program\emser.dll
2009-02-02 21:33 - 2009-02-02 21:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
2009-09-23 22:23 - 2009-09-23 22:23 - 00010752 _____ (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\MUI\0409\lang.dll
2013-09-02 01:38 - 2013-08-14 13:55 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2009-06-10 17:41 - 2009-07-13 21:15 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2013-05-29 23:38 - 2013-05-29 23:38 - 00222712 _____ (Microsoft Corporation) C:\Users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\SkyDriveShell.dll
2013-05-29 23:38 - 2013-05-29 23:38 - 00534480 _____ (Microsoft Corporation) C:\Users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\MSVCP110.dll
2013-05-29 23:38 - 2013-05-29 23:38 - 00862664 _____ (Microsoft Corporation) C:\Users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\MSVCR110.dll
2013-05-29 23:38 - 2013-05-29 23:38 - 00542712 _____ (Microsoft Corporation) C:\Users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\Telemetry.dll
2013-05-29 23:38 - 2013-05-29 23:38 - 00039432 _____ (Microsoft Corporation) C:\Users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\logging.dll
2011-07-08 18:54 - 2010-11-20 09:26 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\faultrep.dll
2011-07-08 18:53 - 2010-11-20 09:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\Cabinet.dll
2010-02-05 05:58 - 2009-07-20 19:12 - 00137736 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\ComFnUtl.dll
2010-02-05 05:58 - 2009-07-14 18:53 - 00128008 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\CDRomUtl.dll
2010-02-05 05:58 - 2009-07-27 16:42 - 00062472 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MixerUtl.dll
2010-02-05 05:58 - 2009-07-27 16:47 - 00068104 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\Wnd2File.dll
2010-02-05 05:58 - 2009-07-27 22:43 - 00068104 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\PowerUtl.dll
2010-02-05 05:58 - 2009-11-01 16:04 - 00395856 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\OSDUtl2.dll
2010-02-05 05:58 - 2009-07-27 16:38 - 00088584 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\SzUPFUtl.dll
2010-02-05 05:58 - 2009-07-27 16:05 - 00078856 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LgKCUtl.Dll
2010-02-05 05:58 - 2007-08-07 22:57 - 00059912 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\NTKCUtl.dll
2010-02-05 05:58 - 2009-07-03 20:29 - 00147464 _____ (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\VistaVol.DLL
2009-07-13 20:07 - 2009-07-13 21:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm
2013-08-20 05:19 - 2013-08-20 05:19 - 00037664 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Languages.dll
2013-08-20 05:18 - 2013-08-20 05:18 - 00020256 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\BootTime.dll
2013-08-20 05:19 - 2013-08-20 05:19 - 00827168 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\LockDll.dll
2013-08-20 05:18 - 2013-08-20 05:18 - 00493344 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\CheckUpdate.dll
2013-08-20 05:20 - 2013-08-20 05:20 - 00178464 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\settings.dll
2013-08-20 05:20 - 2013-08-20 05:20 - 00194848 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\RestoreCenter.dll
2013-08-20 05:18 - 2013-08-20 05:18 - 00068384 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Backup.dll
2013-08-20 05:19 - 2013-08-20 05:19 - 00097568 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Log.dll
2013-08-20 05:20 - 2013-08-20 05:20 - 00067360 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\ObjectAdmin.dll
2013-08-20 05:21 - 2013-08-20 05:21 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 3\zlib1.dll
2013-08-20 05:21 - 2013-08-20 05:21 - 00255776 _____ (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\TracksEraser.dll
2011-07-08 18:53 - 2010-11-20 09:27 - 00238080 _____ (Microsoft Corporation) C:\Windows\System32\mstask.dll
2013-03-28 11:03 - 2013-03-28 11:03 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\D3D10Warp.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWow64\jscript9.dll
2013-06-07 17:51 - 2013-06-07 17:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dxtrans.dll
2009-07-13 19:28 - 2009-07-13 21:15 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddrawex.dll
2013-06-07 17:51 - 2013-06-07 17:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dxtmsft.dll
2013-07-15 21:57 - 2013-07-15 21:57 - 16166280 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_80 0_94.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\Users\Josie\Thumbs.db:encryptable


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2013 06:15:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 460921

Error: (09/02/2013 06:15:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 460921

Error: (09/02/2013 06:15:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2013 01:38:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5117

Error: (09/02/2013 01:38:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5117

Error: (09/02/2013 01:38:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2013 01:38:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4103

Error: (09/02/2013 01:38:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4103

Error: (09/02/2013 01:38:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2013 01:38:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2293


System errors:
=============
Error: (09/03/2013 04:22:24 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d36\SystemRoot\System32\Config\SOFTWARE

Error: (09/03/2013 04:19:05 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (09/03/2013 04:19:05 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (09/03/2013 04:19:05 PM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (09/03/2013 03:35:04 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (09/03/2013 03:35:04 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/03/2013 10:08:28 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (09/03/2013 10:08:28 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/02/2013 10:11:14 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (09/02/2013 10:11:14 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-09-01 00:31:48.181
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-09-01 00:31:47.495
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 3838.36 MB
Available physical RAM: 2085.89 MB
Total Pagefile: 7674.9 MB
Available Pagefile: 5881.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:453.94 GB) (Free:401.12 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 14F114F1)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Reply With Quote
  #5  
Old September 4th, 2013, 07:21 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,431
Next, download ComboFix Save to the Desktop
  • Now, close all open windows
  • Double-click combofix.exe to run the program
  • Follow the prompts.
  • If the option is offered, it is in your best interest to allow the download and install of the Recovery Console when prompted.
  • When told that the RC is installed correctly, press YES to continue scanning for malware.
  • ComboFix will run. Please don't click on the window while the program is running, it may cause your system to stall.
  • CF may reboot the computer and resume running when it restarts.
  • When finished, a log, ComboFix.txt, is produced.
Please provide the contents of the ComboFix report in your reply.
Reply With Quote
  #6  
Old September 4th, 2013, 02:02 PM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
ComboFix did not prompt me with an option to download or install the Recovery Console. Should I download and install that? The log file is below:

ComboFix 13-09-02.02 - Josie 09/04/2013 8:39.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3838.2357 [GMT -4:00]
Running from: c:\users\Josie\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Josie\g2mdlhlpx.exe
c:\windows\SysWOW64mfc45.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-08-04 to 2013-09-04 )))))))))))))))))))))))))))))))
.
.
2013-09-04 12:51 . 2013-09-04 12:51 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2013-09-04 12:51 . 2013-09-04 12:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-03 22:12 . 2013-09-03 22:12 -------- d-----w- C:\FRST
2013-09-03 19:42 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5272D7BE-E971-4E12-8463-CFD96159B2FC}\mpengine.dll
2013-09-02 05:46 . 2013-09-02 05:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-09-02 05:46 . 2013-09-02 05:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-09-02 05:46 . 2013-09-02 05:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-09-02 05:46 . 2013-09-02 05:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-09-02 05:46 . 2013-09-02 05:46 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-09-02 05:46 . 2013-09-02 05:46 -------- d-----w- c:\program files (x86)\QuickTime
2013-09-02 05:38 . 2013-09-02 05:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-09-01 06:32 . 2013-09-01 06:32 -------- d-----w- C:\found.000
2013-09-01 05:48 . 2013-08-20 05:49 16640 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2013-09-01 04:31 . 2013-09-01 04:31 -------- d-----w- c:\users\Josie\AppData\Roaming\Absolute Uninstaller
2013-09-01 04:10 . 2013-09-01 04:10 -------- d-----w- c:\programdata\GlarySoft
2013-09-01 04:08 . 2013-09-01 04:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-01 04:04 . 2013-08-20 09:21 117024 ----a-w- c:\windows\system32\BootDefrag.exe
2013-09-01 04:04 . 2013-09-01 04:04 -------- d-----w- c:\users\Josie\AppData\Roaming\GlarySoft
2013-09-01 04:04 . 2013-09-04 12:20 -------- d-----w- c:\program files (x86)\Glary Utilities 3
2013-09-01 03:47 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-09-01 03:47 . 2013-09-01 03:47 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-09-01 03:47 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-09-01 03:47 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-09-01 03:47 . 2013-09-01 03:47 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-09-01 03:47 . 2013-09-01 03:47 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-09-01 03:47 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-09-01 03:47 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-09-01 03:46 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-08-23 12:03 . 2013-08-23 12:03 -------- d-----w- c:\users\Josie\.tuxguitar-1.2
2013-08-23 12:01 . 2013-08-23 12:01 -------- d-----w- c:\program files (x86)\TuxGuitar
2013-08-18 07:04 . 2013-08-18 07:04 -------- d-----w- c:\program files (x86)\Lame For Audacity
2013-08-18 07:03 . 2013-08-18 07:17 -------- d-----w- c:\users\Josie\AppData\Roaming\Audacity
2013-08-18 07:03 . 2013-08-18 07:03 -------- d-----w- c:\program files (x86)\Audacity
2013-08-15 03:02 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-15 03:02 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-15 03:02 . 2013-07-09 06:03 5550528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-15 03:02 . 2013-07-09 04:53 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-15 03:02 . 2013-07-09 02:49 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-15 03:02 . 2013-07-09 04:52 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-15 03:02 . 2013-07-09 02:49 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-15 03:02 . 2013-07-09 02:49 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-15 03:02 . 2013-07-09 02:49 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-15 03:02 . 2013-07-09 05:54 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-15 03:02 . 2013-07-09 05:53 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-14 09:32 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 09:32 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-08-14 09:32 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-14 09:32 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-14 09:32 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-08-14 09:32 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-08-14 09:32 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-08-14 09:32 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-08-14 09:32 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 09:32 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-08-14 09:31 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-14 09:31 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-08-14 09:31 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 09:31 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-14 09:31 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-14 09:31 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-10 01:11 . 2013-08-10 01:22 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-08-10 01:08 . 2013-08-17 20:33 -------- d-----w- c:\users\Josie\AppData\Local\SwvUpdater
2013-08-08 15:52 . 2013-08-08 15:52 773968 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-08-08 15:52 . 2013-08-08 15:52 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2013-09-01 04:07 . 2013-03-16 01:53 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-01 04:07 . 2010-12-24 17:41 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-14 20:53 . 2010-06-16 23:22 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-14 18:03 . 2013-05-30 03:07 564432 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-08-05 03:55 . 2012-04-12 00:04 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-05 03:55 . 2011-06-10 14:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-09 04:45 . 2013-08-15 03:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-07 21:52 . 2013-06-07 21:52 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-06-07 21:51 . 2013-06-07 21:51 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-06-07 21:51 . 2013-06-07 21:51 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-06-07 21:51 . 2013-06-07 21:51 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-06-07 21:51 . 2013-06-07 21:51 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-06-07 21:51 . 2013-06-07 21:51 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-06-07 21:51 . 2013-06-07 21:51 441856 ----a-w- c:\windows\system32\html.iec
2013-06-07 21:51 . 2013-06-07 21:51 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-06-07 21:51 . 2013-06-07 21:51 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-06-07 21:51 . 2013-06-07 21:51 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-06-07 21:51 . 2013-06-07 21:51 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-06-07 21:51 . 2013-06-07 21:51 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-06-07 21:51 . 2013-06-07 21:51 216064 ----a-w- c:\windows\system32\msls31.dll
2013-06-07 21:51 . 2013-06-07 21:51 197120 ----a-w- c:\windows\system32\msrating.dll
2013-06-07 21:51 . 2013-06-07 21:51 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-06-07 21:51 . 2013-06-07 21:51 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-06-07 21:51 . 2013-06-07 21:51 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-06-07 21:51 . 2013-06-07 21:51 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-06-07 21:51 . 2013-06-07 21:51 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-06-07 21:51 . 2013-06-07 21:51 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-06-07 21:51 . 2013-06-07 21:51 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-06-07 21:51 . 2013-06-07 21:51 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-06-07 21:51 . 2013-06-07 21:51 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-06-07 21:51 . 2013-06-07 21:51 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-06-07 21:51 . 2013-06-07 21:51 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-06-07 21:51 . 2013-06-07 21:51 81408 ----a-w- c:\windows\system32\icardie.dll
2013-06-07 21:51 . 2013-06-07 21:51 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-06-07 21:51 . 2013-06-07 21:51 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-06-07 21:51 . 2013-06-07 21:51 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-06-07 21:51 . 2013-06-07 21:51 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-06-07 21:51 . 2013-06-07 21:51 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-06-07 21:51 . 2013-06-07 21:51 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-06-07 21:51 . 2013-06-07 21:51 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-06-07 21:51 . 2013-06-07 21:51 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-06-07 21:51 . 2013-06-07 21:51 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-06-07 21:51 . 2013-06-07 21:51 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-06-07 21:51 . 2013-06-07 21:51 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-06-07 21:51 . 2013-06-07 21:51 235008 ----a-w- c:\windows\system32\url.dll
2013-06-07 21:51 . 2013-06-07 21:51 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-06-07 21:51 . 2013-06-07 21:51 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-06-07 21:51 . 2013-06-07 21:51 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-06-07 21:51 . 2013-06-07 21:51 149504 ----a-w- c:\windows\system32\occache.dll
2013-06-07 21:51 . 2013-06-07 21:51 144896 ----a-w- c:\windows\system32\wextract.exe
2013-06-07 21:51 . 2013-06-07 21:51 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-06-07 21:51 . 2013-06-07 21:51 13824 ----a-w- c:\windows\system32\mshta.exe
2013-06-07 21:51 . 2013-06-07 21:51 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-06-07 21:51 . 2013-06-07 21:51 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-06-07 21:51 . 2013-06-07 21:51 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-06-07 21:51 . 2013-06-07 21:51 102912 ----a-w- c:\windows\system32\inseng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-30 03:38 222712 ----a-w- c:\users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-30 03:38 222712 ----a-w- c:\users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows\currentversion\explorer\shelliconoverlayid entifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-30 03:38 222712 ----a-w- c:\users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" [2009-09-24 244480]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-11-01 1094736]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\users\Josie\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\w indows\SYSNATIVE\drivers\cfwids.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys; c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\w indows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c: \windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VS TAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VS TDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVER S\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNX T6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c :\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c: \windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\window s\SYSNATIVE\atiesrxx.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\Syste m32\drivers\BootDefragDriver.sys;c:\windows\SYSNAT IVE\drivers\BootDefragDriver.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c: \windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHl pa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\El RawDsk.sys;c:\windows\SYSNATIVE\drivers\ElRawDsk.s ys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\as wMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt .sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Gateway\Registration\GregHSRW.exe;c:\program files (x86)\Gateway\Registration\GregHSRW.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\syste m32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows \SYSNATIVE\mfevtps.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [x]
S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [x]
S2 Updater Service;Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXH WAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\wi ndows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys; c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c :\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2012-04-12 03:55]
.
2013-09-04 c:\windows\Tasks\GlaryInitialize 3.job
- c:\program files (x86)\Glary Utilities 3\Initialize.exe [2013-08-20 09:19]
.
2013-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 19:11]
.
2013-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-05 19:11]
.
2013-05-09 c:\windows\Tasks\SidebarExecute.job
- c:\program files (x86)\Windows Sidebar\sidebar.exe [2011-07-08 12:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-05-30 03:38 261624 ----a-w- c:\users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-05-30 03:38 261624 ----a-w- c:\users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-05-30 03:38 261624 ----a-w- c:\users\Josie\AppData\Local\Microsoft\SkyDrive\17 .0.2003.1112_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-08-14 18:06 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-08-14 18:06 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-08-14 18:06 2328776 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\00 avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe" [2009-10-09 508472]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936]
"Acer ePower Management"="c:\program files\Gateway\Gateway Power Management\ePowerTray.exe" [2009-09-30 823840]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3287375&octid=CT3287375&SearchSource=61&CU I=UN14172438567220138&UM=2&UP=SP229ACE74-F984-421D-8DB6-55417B0EE89C
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.254.254
FF - ProfilePath - c:\users\Josie\AppData\Roaming\Mozilla\Firefox\Pro files\cxtks4cd.default\
FF - ExtSQL: 2013-08-31 23:46; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-09-02 01:45; adblockpopups@jessehakanen.net; c:\users\Josie\AppData\Roaming\Mozilla\Firefox\Pro files\cxtks4cd.default\extensions\adblockpopups@je ssehakanen.net.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_ 6_602_180_ActiveX.exe
SafeBoot-51370391.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0 b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,c c,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,2 3,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4 b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,9 3,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,d b,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,1 6,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f 9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:e9,40,f1,f5,4d,b5,cd,01
.
[HKEY_USERS\S-1-5-21-2452227400-949470013-3800969578-1001\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macrome d\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUt il64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macrome d\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUt il32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32 _11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00 ,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00 ,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\ Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\ Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\ Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-09-04 08:55:46
ComboFix-quarantined-files.txt 2013-09-04 12:55
.
Pre-Run: 430,430,679,040 bytes free
Post-Run: 430,262,652,928 bytes free
.
- - End Of File - - 17C88265C242DFC798E72F91BEE53969
5C616939100B85E558DA92B899A0FC36
Reply With Quote
  #7  
Old September 5th, 2013, 07:43 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,431
No need to.

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check
  • Click the button.
  • Accept any security warnings from your browser.
  • Check
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push
  • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the button.
  • Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt



Also please post back with a fresh FRST logfile and tell me how the system is running.
Reply With Quote
  #8  
Old September 5th, 2013, 01:39 PM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
# AdwCleaner v3.002 - Report created 05/09/2013 at 08:33:36
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Josie - TERRENCE-LAPTOP
# Running from : C:\Users\Josie\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\SingAlong
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Josie\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Josie\AppData\Local\Conduit
Folder Deleted : C:\Users\Josie\AppData\Local\cre
Folder Deleted : C:\Users\Josie\AppData\Local\PackageAware
Folder Deleted : C:\Users\Josie\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Josie\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Josie\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Josie\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Josie\AppData\LocalLow\PriceGong
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI 32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMAN CS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandi ngtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandi ngtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASA PI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASM ANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RAS API32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RAS MANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchSco pes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Josie\AppData\Roaming\Mozilla\Firefox\Pro files\cxtks4cd.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [5341 octets] - [05/09/2013 08:32:09]
AdwCleaner[S0].txt - [4832 octets] - [05/09/2013 08:33:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4892 octets] ##########
Reply With Quote
  #9  
Old September 5th, 2013, 05:06 PM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
C:\Windows\SysWOW64\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\1MK52VFT\rl[1].htm HTML/Iframe.B.Gen virus
C:\AI_RecycleBin\{B96C712B-B661-4782-9D63-6879A625450C}\3\Strongvault\StrongVaultApp.exe MSIL/Adware.StrongVault.A application cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.06.2013_20.52.42\mbr00 00\tdlfs0000\tsk0001.dta Win64/Olmarik.BC trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.06.2013_20.52.42\mbr00 00\tdlfs0000\tsk0014.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\L ocal\Microsoft\Windows\Temporary Internet Files\Content.IE5\1MK52VFT\rl[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
Reply With Quote
  #10  
Old September 5th, 2013, 05:08 PM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2013 03
Ran by Josie (administrator) on TERRENCE-LAPTOP on 05-09-2013 12:04:54
Running from C:\Users\Josie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Acer) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent 64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(OpenOffice.org) C:\Program Files (x86)\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\program\soffice.bin
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 3\Integrator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe [508472 2009-10-09] (Conexant Systems, Inc.)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Policies\Explorer: [NoDrives] 0
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe [244480 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162336 2009-07-21] ()
HKU\DefaultAppPool\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [162336 2009-07-21] ()
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk
ShortcutTarget: Best Buy Software Installer.lnk -> C:\Program Files\Best Buy Software Installer\Best Buy Software Installer.exe (No File)
Startup: C:\Users\Josie\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\program\quickstart.exe ()
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {5CC989A5-177D-48A3-A905-BAF79760B0EA} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {8EA86FAB-62A1-44AD-9C1D-465B14275CDE} URL = http://search.avg.com/route/?d=4bdd9d83&v=6.10.6.4&i=23&tp=chrome&q={searchTer ms}&lng={language}&iy=&ychte=us
SearchScopes: HKCU - {A8954170-F89A-47AE-938F-1749B6BE6B6F} URL = http://websearch.ask.com/redirect?client=ie&tb=LPY&o=100000042&src=kw&q={se archTerms}&locale=en_US&apn_ptnrs=V8&apn_dtid=YYYY YYYYUS&apn_uid=8d823805-83e3-4cc4-a168-933a2b21670d&apn_sauid=9F4B8D3E-6BB2-4E9D-8177-40FCD1E9BF05&
SearchScopes: HKCU - {E57D4021-052D-40D1-8CD8-4BD33D39EEDA} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&cti d=CT3289847&CUI=UN32435683282379311&UM=2
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://summitcare.webex.com/client/...x/ieatgpc1.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

FireFox:
========
FF ProfilePath: C:\Users\Josie\AppData\Roaming\Mozilla\Firefox\Pro files\cxtks4cd.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_80 0_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_80 0_94.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: npDisplayEngine - C:\Program Files (x86)\LivingPlay Games\nplplaypop.dll ( )
FF Extension: LivingPlay TextLinks - C:\Users\Josie\AppData\Roaming\Mozilla\Extensions\ {ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@lplay.com
FF Extension: adblockpopups - C:\Users\Josie\AppData\Roaming\Mozilla\Firefox\Pro files\cxtks4cd.default\Extensions\adblockpopups@je ssehakanen.net.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-09] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-31] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-31] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-31] ()
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [16640 2013-08-20] (<Glarysoft Ltd>)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-18] (EldoS Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-03-18] (EldoS Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-05 08:41 - 2013-09-05 08:41 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-05 08:40 - 2013-09-05 08:40 - 02347384 _____ (ESET) C:\Users\Josie\Downloads\esetsmartinstaller_enu.ex e
2013-09-05 08:31 - 2013-09-05 08:33 - 00000000 ____D C:\AdwCleaner
2013-09-05 08:31 - 2013-09-05 08:31 - 01037222 _____ C:\Users\Josie\Downloads\adwcleaner.exe
2013-09-04 14:15 - 2013-09-04 14:15 - 00000546 _____ C:\Windows\PFRO.log
2013-09-04 08:55 - 2013-09-04 08:55 - 00031180 _____ C:\ComboFix.txt
2013-09-04 08:34 - 2011-06-26 02:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-04 08:34 - 2010-11-07 13:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-04 08:34 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-04 08:34 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-04 08:34 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-04 08:34 - 2000-08-30 20:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-04 08:34 - 2000-08-30 20:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-04 08:34 - 2000-08-30 20:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-04 08:31 - 2013-09-04 08:55 - 00000000 ____D C:\Qoobox
2013-09-04 08:30 - 2013-09-04 08:53 - 00000000 ____D C:\Windows\erdnt
2013-09-04 08:29 - 2013-09-04 08:29 - 05119472 ____R (Swearware) C:\Users\Josie\Downloads\ComboFix.exe
2013-09-03 18:15 - 2013-09-03 18:15 - 00033917 _____ C:\Users\Josie\Downloads\Addition.txt
2013-09-03 18:12 - 2013-09-03 18:12 - 00000000 ____D C:\FRST
2013-09-03 18:11 - 2013-09-03 18:12 - 01950416 _____ (Farbar) C:\Users\Josie\Downloads\FRST64.exe
2013-09-02 17:21 - 2013-09-05 08:35 - 00001400 _____ C:\Windows\setupact.log
2013-09-02 17:21 - 2013-09-02 17:21 - 00000000 _____ C:\Windows\setuperr.log
2013-09-02 01:49 - 2013-09-02 01:49 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-09-02 01:49 - 2013-09-02 01:49 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-09-02 01:46 - 2013-09-02 01:46 - 00001852 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-09-02 01:46 - 2013-09-02 01:46 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-09-02 01:39 - 2013-09-02 01:39 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-02 01:38 - 2013-09-02 01:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-02 01:38 - 2013-09-02 01:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 01:24 - 2013-09-02 01:24 - 00000232 _____ C:\aswBoot.log
2013-09-01 02:32 - 2013-09-01 02:32 - 00000000 ____D C:\found.000
2013-09-01 01:48 - 2013-08-20 01:49 - 00016640 _____ (<Glarysoft Ltd>) C:\Windows\system32\Drivers\BootDefragDriver.sys
2013-09-01 00:10 - 2013-09-01 00:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-09-01 00:08 - 2013-09-01 00:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-01 00:08 - 2013-09-01 00:08 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-01 00:04 - 2013-09-05 08:37 - 00000332 _____ C:\Windows\Tasks\GlaryInitialize 3.job
2013-09-01 00:04 - 2013-09-05 08:36 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3
2013-09-01 00:04 - 2013-09-01 01:52 - 00002168 _____ C:\DiskDefrag.log
2013-09-01 00:04 - 2013-09-01 00:04 - 00903080 _____ (Oracle Corporation) C:\Users\Josie\Downloads\chromeinstall-7u25 (1).exe
2013-09-01 00:04 - 2013-09-01 00:04 - 00002642 _____ C:\Windows\System32\Tasks\GlaryInitialize 3
2013-09-01 00:04 - 2013-09-01 00:04 - 00001087 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk
2013-09-01 00:04 - 2013-09-01 00:04 - 00000000 ____D C:\Users\Josie\AppData\Roaming\GlarySoft
2013-09-01 00:04 - 2013-08-20 05:21 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2013-09-01 00:01 - 2013-09-01 00:03 - 16136496 _____ C:\Users\Josie\Downloads\gu3setup.exe
2013-09-01 00:00 - 2013-09-01 00:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-01 00:00 - 2013-09-01 00:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-31 23:56 - 2013-08-31 23:57 - 00903080 _____ (Oracle Corporation) C:\Users\Josie\Downloads\chromeinstall-7u25.exe
2013-08-31 23:47 - 2013-09-05 08:36 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-31 23:47 - 2013-08-31 23:47 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00001929 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-31 23:47 - 2013-05-09 04:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-31 23:47 - 2013-05-09 04:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-31 23:47 - 2013-05-09 04:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-31 23:47 - 2013-05-09 04:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-31 23:47 - 2013-05-09 04:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-31 23:46 - 2013-05-09 04:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-31 23:40 - 2013-08-31 23:44 - 117478104 _____ C:\Users\Josie\Downloads\avast_free_antivirus_setu p.exe
2013-08-29 07:51 - 2013-08-29 07:51 - 00000113 _____ C:\Users\Josie\Desktop\Cuyahoga CSEA Contact Info.txt
2013-08-23 08:03 - 2013-08-23 08:03 - 00000000 ____D C:\Users\Josie\.tuxguitar-1.2
2013-08-23 08:02 - 2013-08-08 11:52 - 03268096 _____ C:\Users\Josie\Downloads\astudio.msi
2013-08-23 08:02 - 2013-08-08 11:52 - 00439360 _____ () C:\Users\Josie\Downloads\setup.exe
2013-08-23 08:01 - 2013-08-23 08:02 - 03028960 _____ C:\Users\Josie\Downloads\asinstall.exe
2013-08-23 08:01 - 2013-08-23 08:01 - 00000956 _____ C:\Users\Public\Desktop\TuxGuitar.lnk
2013-08-23 08:01 - 2013-08-23 08:01 - 00000000 ____D C:\Program Files (x86)\TuxGuitar
2013-08-23 07:59 - 2013-08-23 07:59 - 07715210 _____ (Herac) C:\Users\Josie\Downloads\tuxguitar-1.2-windows-x86-installer.exe
2013-08-22 08:39 - 2013-08-22 08:39 - 00000046 _____ C:\Users\Josie\Desktop\Schwab New Account Specialist.txt
2013-08-20 01:10 - 2013-08-20 01:11 - 00011359 _____ C:\Users\Josie\Downloads\Resume1.odt
2013-08-18 18:06 - 2013-08-18 18:06 - 00270896 _____ C:\Users\Josie\Downloads\lizzie 12.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00278121 _____ C:\Users\Josie\Downloads\lizzie 9.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00272615 _____ C:\Users\Josie\Downloads\lizzie 10.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00270718 _____ C:\Users\Josie\Downloads\lizzie 11.htm
2013-08-18 18:04 - 2013-08-18 18:04 - 00273080 _____ C:\Users\Josie\Downloads\lizzie 8.htm
2013-08-18 18:04 - 2013-08-18 18:04 - 00271064 _____ C:\Users\Josie\Downloads\lizzie 7.htm
2013-08-18 18:01 - 2013-08-18 18:01 - 00273357 _____ C:\Users\Josie\Downloads\lizzie 6.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00285962 _____ C:\Users\Josie\Downloads\lizzie 2.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00273191 _____ C:\Users\Josie\Downloads\lizzie 4.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00272672 _____ C:\Users\Josie\Downloads\lizzie 3.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00272206 _____ C:\Users\Josie\Downloads\lizzie 5.htm
2013-08-18 17:57 - 2013-08-18 17:57 - 00267719 _____ C:\Users\Josie\Downloads\lizzie.htm
2013-08-18 03:19 - 2013-08-18 03:20 - 30353497 _____ C:\Users\Josie\Downloads\Aethereal_Free.zip
2013-08-18 03:04 - 2013-08-18 03:04 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-08-18 03:03 - 2013-08-18 03:17 - 00000000 ____D C:\Users\Josie\AppData\Roaming\Audacity
2013-08-18 03:03 - 2013-08-18 03:03 - 00001014 _____ C:\Users\Josie\Desktop\Audacity.lnk
2013-08-18 03:03 - 2013-08-18 03:03 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-18 03:02 - 2013-08-18 03:02 - 00527423 _____ ( ) C:\Users\Josie\Downloads\Lame_v3.99.3_for_Windows. exe
2013-08-18 02:58 - 2013-08-18 02:59 - 21281052 _____ (Audacity Team ) C:\Users\Josie\Downloads\audacity-win-2.0.3.exe
2013-08-17 18:44 - 2013-08-17 18:44 - 00682096 _____ C:\Users\Josie\Downloads\GraboidVideoInstaller-4.41 (1).exe
2013-08-17 18:41 - 2013-08-17 18:41 - 00682096 _____ C:\Users\Josie\Downloads\GraboidVideoInstaller-4.41.exe
2013-08-14 23:02 - 2013-07-09 02:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 23:02 - 2013-07-09 01:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 23:02 - 2013-07-09 01:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 23:02 - 2013-07-09 01:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 23:02 - 2013-07-09 01:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 23:02 - 2013-07-09 00:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 23:02 - 2013-07-09 00:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 23:02 - 2013-07-08 22:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 23:02 - 2013-07-08 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 23:02 - 2013-07-08 22:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 23:02 - 2013-07-08 22:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 17:04 - 2013-07-26 01:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 17:04 - 2013-07-26 01:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 17:04 - 2013-07-26 01:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 17:04 - 2013-07-26 01:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 17:04 - 2013-07-26 01:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 17:04 - 2013-07-25 23:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 17:04 - 2013-07-25 23:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 17:04 - 2013-07-25 23:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 17:04 - 2013-07-25 23:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 17:04 - 2013-07-25 23:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 17:04 - 2013-07-25 23:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 17:04 - 2013-07-25 22:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 17:04 - 2013-07-25 22:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 17:04 - 2013-07-25 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 05:32 - 2013-07-18 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 05:32 - 2013-07-18 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 05:32 - 2013-07-09 01:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 05:32 - 2013-07-09 01:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 05:32 - 2013-07-09 01:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 05:32 - 2013-07-09 01:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 05:32 - 2013-07-09 00:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 05:32 - 2013-07-09 00:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 05:32 - 2013-07-09 00:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 05:32 - 2013-07-09 00:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 05:31 - 2013-07-25 05:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 05:31 - 2013-07-25 04:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 05:31 - 2013-07-09 01:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 05:31 - 2013-07-09 00:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 05:31 - 2013-07-06 02:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 05:31 - 2013-06-15 00:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-12 13:57 - 2013-08-12 13:57 - 00401267 _____ C:\Users\Josie\Downloads\Tutorial3point5.zip
2013-08-11 18:30 - 2013-08-11 18:30 - 00000000 ____D C:\Users\Josie\Documents\Songs of Narcaea.scriv
2013-08-10 21:32 - 2013-08-12 14:50 - 00000000 ____D C:\Users\Josie\Documents\RPGVXAce
2013-08-10 00:20 - 2013-08-10 00:20 - 00000000 ____D C:\Users\Josie\Downloads\Crysalis
2013-08-10 00:19 - 2013-08-10 00:20 - 20569968 _____ C:\Users\Josie\Downloads\Crysalis.zip
2013-08-09 21:31 - 2013-08-09 21:38 - 227068523 _____ C:\Users\Josie\Downloads\RPGVXAce_Setup.zip
2013-08-09 21:09 - 2013-08-09 21:09 - 00000000 _____ C:\extensions.sqlite
2013-08-09 15:51 - 2013-08-20 01:12 - 00011356 _____ C:\Users\Josie\Downloads\Resume.odt
2013-08-08 11:52 - 2013-08-08 11:52 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-08 11:52 - 2013-08-08 11:52 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll

==================== One Month Modified Files and Folders =======

2013-09-05 12:02 - 2013-09-05 12:02 - 00000762 _____ C:\Users\Josie\Desktop\ESET Report 1.txt
2013-09-05 11:30 - 2011-11-05 15:11 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-05 11:26 - 2013-08-04 23:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-05 10:27 - 2011-02-01 21:14 - 01452695 _____ C:\Windows\WindowsUpdate.log
2013-09-05 08:42 - 2009-07-14 00:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-05 08:42 - 2009-07-14 00:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-05 08:41 - 2013-09-05 08:41 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-05 08:40 - 2013-09-05 08:40 - 02347384 _____ (ESET) C:\Users\Josie\Downloads\esetsmartinstaller_enu.ex e
2013-09-05 08:37 - 2013-09-01 00:04 - 00000332 _____ C:\Windows\Tasks\GlaryInitialize 3.job
2013-09-05 08:36 - 2013-09-01 00:04 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 3
2013-09-05 08:36 - 2013-08-31 23:47 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-05 08:35 - 2013-09-02 17:21 - 00001400 _____ C:\Windows\setupact.log
2013-09-05 08:35 - 2011-11-05 15:11 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-05 08:35 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-05 08:33 - 2013-09-05 08:31 - 00000000 ____D C:\AdwCleaner
2013-09-05 08:31 - 2013-09-05 08:31 - 01037222 _____ C:\Users\Josie\Downloads\adwcleaner.exe
2013-09-04 15:04 - 2013-07-04 00:00 - 00000297 _____ C:\Users\Josie\Desktop\Guitar Studio Checklist.txt
2013-09-04 14:15 - 2013-09-04 14:15 - 00000546 _____ C:\Windows\PFRO.log
2013-09-04 08:55 - 2013-09-04 08:55 - 00031180 _____ C:\ComboFix.txt
2013-09-04 08:55 - 2013-09-04 08:31 - 00000000 ____D C:\Qoobox
2013-09-04 08:53 - 2013-09-04 08:30 - 00000000 ____D C:\Windows\erdnt
2013-09-04 08:51 - 2009-07-13 22:34 - 00000215 _____ C:\Windows\system.ini
2013-09-04 08:50 - 2010-05-01 17:51 - 00000000 ____D C:\Users\Josie
2013-09-04 08:29 - 2013-09-04 08:29 - 05119472 ____R (Swearware) C:\Users\Josie\Downloads\ComboFix.exe
2013-09-03 18:15 - 2013-09-03 18:15 - 00033917 _____ C:\Users\Josie\Downloads\Addition.txt
2013-09-03 18:12 - 2013-09-03 18:12 - 00000000 ____D C:\FRST
2013-09-03 18:12 - 2013-09-03 18:11 - 01950416 _____ (Farbar) C:\Users\Josie\Downloads\FRST64.exe
2013-09-03 18:12 - 2013-03-28 12:52 - 00000000 ____D C:\Users\DefaultAppPool
2013-09-02 17:21 - 2013-09-02 17:21 - 00000000 _____ C:\Windows\setuperr.log
2013-09-02 01:49 - 2013-09-02 01:49 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-09-02 01:49 - 2013-09-02 01:49 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-09-02 01:49 - 2010-05-01 18:04 - 00000000 ____D C:\Users\Josie\AppData\Roaming\Adobe
2013-09-02 01:49 - 2009-10-29 16:20 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-09-02 01:48 - 2010-10-09 13:59 - 00000000 ____D C:\Users\Josie\AppData\Local\Adobe
2013-09-02 01:48 - 2010-05-30 18:16 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-02 01:47 - 2013-09-02 01:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-02 01:46 - 2013-09-02 01:46 - 00001852 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-09-02 01:46 - 2013-09-02 01:46 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-09-02 01:46 - 2011-01-09 12:24 - 00000000 ____D C:\ProgramData\Apple Computer
2013-09-02 01:39 - 2013-09-02 01:39 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-02 01:39 - 2011-08-06 15:32 - 00000000 ____D C:\Users\Josie\AppData\Roaming\Mozilla
2013-09-02 01:38 - 2013-09-02 01:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-02 01:35 - 2010-05-01 18:04 - 00000000 ____D C:\Users\Josie\AppData\Local\Google
2013-09-02 01:24 - 2013-09-02 01:24 - 00000232 _____ C:\aswBoot.log
2013-09-01 02:32 - 2013-09-01 02:32 - 00000000 ____D C:\found.000
2013-09-01 01:52 - 2013-09-01 00:04 - 00002168 _____ C:\DiskDefrag.log
2013-09-01 01:47 - 2010-12-05 23:07 - 00000000 ____D C:\Windows\Minidump
2013-09-01 00:11 - 2013-05-09 13:14 - 00000000 ___RD C:\Users\Josie\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\CyberLink PowerDVD 8
2013-09-01 00:10 - 2013-09-01 00:10 - 00000000 ____D C:\ProgramData\GlarySoft
2013-09-01 00:08 - 2013-09-01 00:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-01 00:08 - 2013-09-01 00:08 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-01 00:08 - 2013-09-01 00:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-01 00:08 - 2013-09-01 00:00 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-01 00:07 - 2013-03-15 21:53 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-01 00:07 - 2010-12-24 13:41 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-01 00:04 - 2013-09-01 00:04 - 00903080 _____ (Oracle Corporation) C:\Users\Josie\Downloads\chromeinstall-7u25 (1).exe
2013-09-01 00:04 - 2013-09-01 00:04 - 00002642 _____ C:\Windows\System32\Tasks\GlaryInitialize 3
2013-09-01 00:04 - 2013-09-01 00:04 - 00001087 _____ C:\Users\Public\Desktop\Glary Utilities 3.lnk
2013-09-01 00:04 - 2013-09-01 00:04 - 00000000 ____D C:\Users\Josie\AppData\Roaming\GlarySoft
2013-09-01 00:03 - 2013-09-01 00:01 - 16136496 _____ C:\Users\Josie\Downloads\gu3setup.exe
2013-08-31 23:57 - 2013-08-31 23:56 - 00903080 _____ (Oracle Corporation) C:\Users\Josie\Downloads\chromeinstall-7u25.exe
2013-08-31 23:47 - 2013-08-31 23:47 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-31 23:47 - 2013-08-31 23:47 - 00001929 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-31 23:47 - 2013-08-31 23:47 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-31 23:47 - 2011-05-03 20:32 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-31 23:46 - 2011-05-03 20:31 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-31 23:46 - 2011-05-03 20:31 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-31 23:44 - 2013-08-31 23:40 - 117478104 _____ C:\Users\Josie\Downloads\avast_free_antivirus_setu p.exe
2013-08-29 07:51 - 2013-08-29 07:51 - 00000113 _____ C:\Users\Josie\Desktop\Cuyahoga CSEA Contact Info.txt
2013-08-25 05:27 - 2009-07-27 16:41 - 00000000 ____D C:\Windows\Panther
2013-08-24 18:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2013-08-23 08:03 - 2013-08-23 08:03 - 00000000 ____D C:\Users\Josie\.tuxguitar-1.2
2013-08-23 08:02 - 2013-08-23 08:01 - 03028960 _____ C:\Users\Josie\Downloads\asinstall.exe
2013-08-23 08:01 - 2013-08-23 08:01 - 00000956 _____ C:\Users\Public\Desktop\TuxGuitar.lnk
2013-08-23 08:01 - 2013-08-23 08:01 - 00000000 ____D C:\Program Files (x86)\TuxGuitar
2013-08-23 07:59 - 2013-08-23 07:59 - 07715210 _____ (Herac) C:\Users\Josie\Downloads\tuxguitar-1.2-windows-x86-installer.exe
2013-08-22 08:39 - 2013-08-22 08:39 - 00000046 _____ C:\Users\Josie\Desktop\Schwab New Account Specialist.txt
2013-08-20 05:21 - 2013-09-01 00:04 - 00117024 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2013-08-20 01:49 - 2013-09-01 01:48 - 00016640 _____ (<Glarysoft Ltd>) C:\Windows\system32\Drivers\BootDefragDriver.sys
2013-08-20 01:12 - 2013-08-09 15:51 - 00011356 _____ C:\Users\Josie\Downloads\Resume.odt
2013-08-20 01:11 - 2013-08-20 01:10 - 00011359 _____ C:\Users\Josie\Downloads\Resume1.odt
2013-08-18 18:06 - 2013-08-18 18:06 - 00270896 _____ C:\Users\Josie\Downloads\lizzie 12.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00278121 _____ C:\Users\Josie\Downloads\lizzie 9.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00272615 _____ C:\Users\Josie\Downloads\lizzie 10.htm
2013-08-18 18:05 - 2013-08-18 18:05 - 00270718 _____ C:\Users\Josie\Downloads\lizzie 11.htm
2013-08-18 18:04 - 2013-08-18 18:04 - 00273080 _____ C:\Users\Josie\Downloads\lizzie 8.htm
2013-08-18 18:04 - 2013-08-18 18:04 - 00271064 _____ C:\Users\Josie\Downloads\lizzie 7.htm
2013-08-18 18:01 - 2013-08-18 18:01 - 00273357 _____ C:\Users\Josie\Downloads\lizzie 6.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00285962 _____ C:\Users\Josie\Downloads\lizzie 2.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00273191 _____ C:\Users\Josie\Downloads\lizzie 4.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00272672 _____ C:\Users\Josie\Downloads\lizzie 3.htm
2013-08-18 18:00 - 2013-08-18 18:00 - 00272206 _____ C:\Users\Josie\Downloads\lizzie 5.htm
2013-08-18 17:57 - 2013-08-18 17:57 - 00267719 _____ C:\Users\Josie\Downloads\lizzie.htm
2013-08-18 03:20 - 2013-08-18 03:19 - 30353497 _____ C:\Users\Josie\Downloads\Aethereal_Free.zip
2013-08-18 03:17 - 2013-08-18 03:03 - 00000000 ____D C:\Users\Josie\AppData\Roaming\Audacity
2013-08-18 03:04 - 2013-08-18 03:04 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-08-18 03:03 - 2013-08-18 03:03 - 00001014 _____ C:\Users\Josie\Desktop\Audacity.lnk
2013-08-18 03:03 - 2013-08-18 03:03 - 00000000 ____D C:\Program Files (x86)\Audacity
2013-08-18 03:02 - 2013-08-18 03:02 - 00527423 _____ ( ) C:\Users\Josie\Downloads\Lame_v3.99.3_for_Windows. exe
2013-08-18 02:59 - 2013-08-18 02:58 - 21281052 _____ (Audacity Team ) C:\Users\Josie\Downloads\audacity-win-2.0.3.exe
2013-08-17 18:44 - 2013-08-17 18:44 - 00682096 _____ C:\Users\Josie\Downloads\GraboidVideoInstaller-4.41 (1).exe
2013-08-17 18:41 - 2013-08-17 18:41 - 00682096 _____ C:\Users\Josie\Downloads\GraboidVideoInstaller-4.41.exe
2013-08-15 00:08 - 2013-05-29 22:58 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-08-14 17:01 - 2009-07-14 01:13 - 00864682 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-14 16:57 - 2009-11-12 02:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-14 16:56 - 2013-07-14 10:00 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 16:53 - 2010-06-16 19:22 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 14:50 - 2013-08-10 21:32 - 00000000 ____D C:\Users\Josie\Documents\RPGVXAce
2013-08-12 13:57 - 2013-08-12 13:57 - 00401267 _____ C:\Users\Josie\Downloads\Tutorial3point5.zip
2013-08-11 18:30 - 2013-08-11 18:30 - 00000000 ____D C:\Users\Josie\Documents\Songs of Narcaea.scriv
2013-08-10 00:20 - 2013-08-10 00:20 - 00000000 ____D C:\Users\Josie\Downloads\Crysalis
2013-08-10 00:20 - 2013-08-10 00:19 - 20569968 _____ C:\Users\Josie\Downloads\Crysalis.zip
2013-08-09 21:38 - 2013-08-09 21:31 - 227068523 _____ C:\Users\Josie\Downloads\RPGVXAce_Setup.zip
2013-08-09 21:22 - 2010-05-01 17:51 - 00000000 ___RD C:\Users\Josie\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup
2013-08-09 21:09 - 2013-08-09 21:09 - 00000000 _____ C:\extensions.sqlite
2013-08-09 15:53 - 2009-11-12 02:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-08-09 15:50 - 2013-08-04 14:14 - 00011343 _____ C:\Users\Josie\Downloads\Resume (1).odt
2013-08-08 11:52 - 2013-08-23 08:02 - 03268096 _____ C:\Users\Josie\Downloads\astudio.msi
2013-08-08 11:52 - 2013-08-23 08:02 - 00439360 _____ () C:\Users\Josie\Downloads\setup.exe
2013-08-08 11:52 - 2013-08-08 11:52 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2013-08-08 11:52 - 2013-08-08 11:52 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll

Files to move or delete:
====================
C:\Users\Josie\jagex_cl_runescape_LIVE.dat
C:\Users\Josie\jobq.dat
C:\Users\Josie\random.dat
C:\Users\Josie\AppData\Local\Temp\Quarantine.exe
C:\Users\Josie\AppData\Local\Temp\swtlib-32\swt-gdip-win32-3611.dll
C:\Users\Josie\AppData\Local\Temp\swtlib-32\swt-win32-3611.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-03 17:39

==================== End Of Log ============================


I will get back to you on how the computer is running. So far, however, it seems to be a lot more efficient.
Reply With Quote
  #11  
Old September 6th, 2013, 07:33 AM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,431
ok let me know after you tested the system.
Reply With Quote
  #12  
Old September 7th, 2013, 12:24 PM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
The computer is running much faster now and everything seems to be in order.
Reply With Quote
  #13  
Old September 7th, 2013, 08:52 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,431
Delete ComboFix and Clean Up
Click Start > Run > type combofix /Uninstall > OK (Note the space between combofix and /Uninstall)
Please advise if this step is missed for any reason as it performs some important actions.


  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.



Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it Clean

Hiding Hidden Files
Please set your system to hide all hidden files.
Click Start, open My Computer, select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, uncheck Show hidden files and folders.
Check: Hide file extensions for known file types
Check the Hide protected operating system files (recommended) option.
Click Yes to confirm.

Purging System Restore Points
Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
One of the most common questions found when cleaning Spyware or other Malware is "how did my machine get infected?". There are a variety of reasons, but the most common ones are that you are going to sites that you are not practicing Safe Internet, you are not running the proper security software, and that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer so that you will not be infected again in the future.


Practice Safe Internet

One of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will. Below are a list of simple precautions to take to keep your computer clean and running securely:
  1. If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.

  2. If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.

  3. If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know infected with a malware that is trying to infect everyone in their address book.

  4. If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software.

    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. For a list of these types of programs we recommend you visit this link: Rogue/Suspect Anti-Spyware Products & Web Sites

  5. Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you. We suggest that you close these windows by clicking on the X instead of the OK button. Alternatively, you can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake.

  6. Do not go to adult sites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do.

  7. When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link, message back to the person asking if it is legit before you click on it.

  8. Stay away from Warez and Crack sites! In addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.

  9. Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download a piece of software a from a site, and are not sure if they are legitimate, you can use McAfee Siteadvisor to look up info on the site.

  10. DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
Visit Microsoft's Windows Update Site Frequently

It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Make Internet Explorer 7 more secure
  1. From within Internet Explorer click on the Tools menu and then click on Options.
  2. Click once on the Security tab
  3. Click once on the Internet icon so it becomes highlighted.
  4. Click once on the Custom Level button.
    1. Change the Download signed ActiveX controls to Prompt
    2. Change the Download unsigned ActiveX controls to Disable
    3. Change the Initialize and script ActiveX controls not marked as safe to Disable
    4. Change the Installation of desktop items to Prompt
    5. Change the Launching programs and files in an IFRAME to Prompt
    6. Change the Navigate sub-frames across different domains to Prompt
    7. When all these settings have been made, click on the OK button.
    8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
  5. Next press the Apply button and then the OK to exit the Internet Properties page.


If we have helped you, please consider supporting Cyber Tech Help with a subscription.
Reply With Quote
  #14  
Old September 8th, 2013, 07:15 AM
TBraswell TBraswell is offline
New Member
 
Join Date: Sep 2013
O/S: Windows 7 32-bit
Posts: 9
Thank you so much! You've been a great help. I will make sure to recommend you to anyone I know that has PC difficulty.
Reply With Quote
  #15  
Old September 9th, 2013, 07:39 PM
schrauber's Avatar
schrauber schrauber is offline
Cyber Tech Help Moderator
 
Join Date: Apr 2009
O/S: Windows 7 64-bit
Location: Germany
Age: 33
Posts: 4,431
You're welcome
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 09:09 AM.