Solved Trojan found

[mom26gr8kids]

I already posted tonight, but that post was for my PC and this post is for my laptop. Rarely are both machines exhibiting trouble at the same time, but when I ran my Super AntiSpyware check tonight on my computer it found:
Trojan.Agent/Gen-ImageDocFake

I only purchased this laptop a little more than a week ago, and I am still in the process of adding all the programs I would like to it. My kids asked me to download a couple of games I had purchased in the past onto this computer, and in the process of doing that last night the program stopped working (I was trying to download from the internet). So, I closed the program and shut the computer down figuring I would try again in a couple days. However, today several times when I was using my computer I would get a message that said something about my computer having encountered an error that caused it to reboot. So, I ran a virus scan with Avast (which turned up nothing) and then the one with SAS. Now, here are the logs of the other scans I ran.

Thanks in advance for helping me out with 2 computers at once. A couple of my kids have a really busy week this week with a big theater production, so we have several nights of rehearsals and performances. If I do not respond right away I am not ignoring you, I may just need a few days to work on this. Thanks again.

 

[mom26gr8kids]

MBAM log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.24.01

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16540
Kendra :: MOMSPC [administrator]

4/24/2013 12:41:07 AM
mbam-log-2013-04-24 (00-41-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207982
Time elapsed: 3 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

[mom26gr8kids]

DDS log

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Kendra at 0:58:36 on 2013-04-24
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.5578.4241 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Windows\RfBtnSvc64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\dashost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\dwm.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\RadioController\RfBtnHelper.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer13.msn.com
uDefault_Page_URL = hxxp://acer13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [LManager] <no file>
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\GATEWA~1.LNK - C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{93861460-374F-46E0-90B7-36421D29E88F} : NameServer = 8.26.56.26,156.154.70.22
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\3el9feo0.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
FF - ExtSQL: 2013-04-15 12:53; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-4-15 65336]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-4-15 1025808]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-4-15 377920]
R1 ccSet_NARA;NARA Settings Manager;C:\Windows\System32\Drivers\NARAx64\0401000.00E\ccSetx64.sys [2013-1-16 168608]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\Drivers\cmderd.sys [2013-1-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\Drivers\cmdguard.sys [2013-1-16 712216]
R1 cmdhlp;COMODO Internet Security Helper Driver;C:\Windows\System32\Drivers\cmdhlp.sys [2013-1-16 37560]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-27 239616]
R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\Drivers\appexDrv.sys [2013-1-16 199008]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-4-15 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-4-15 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-4-15 45248]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-27 350544]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2012-12-27 100752]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-1-16 2466448]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-8-15 3943104]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [2012-11-2 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2013-1-16 98160]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-12-27 91648]
R3 ePowerSvc;ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2012-12-13 664288]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-12-27 331152]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2012-12-27 118936]
R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2013-1-16 26736]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2013-1-16 343696]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-1-16 58536]
S3 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-4-15 178624]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 158928]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [2012-11-16 469648]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-29 1119232]
.
=============== Created Last 30 ================
.
2013-04-24 06:38:29--------d-----w-C:\Users\Kendra\AppData\Roaming\Malwarebytes
2013-04-24 06:38:11--------d-----w-C:\ProgramData\Malwarebytes
2013-04-24 06:38:0425928----a-w-C:\Windows\System32\drivers\mbam.sys
2013-04-24 06:38:04--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-24 06:37:52--------d-----w-C:\Users\Kendra\AppData\Local\Programs
2013-04-23 06:50:46--------d-----w-C:\Program Files (x86)\Build-a-lot 2 - Town of the Year
2013-04-23 06:34:23--------d-----w-C:\ProgramData\Big Fish Games
2013-04-23 06:34:21--------d-----w-C:\Program Files (x86)\bfgclient
2013-04-23 06:28:05--------d-----w-C:\BigFishGamesCache
2013-04-22 19:37:50--------d-----w-C:\Users\Kendra\AppData\Local\CrashDumps
2013-04-19 18:21:50193200----a-w-C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10199.bin
2013-04-18 04:20:47--------d-----w-C:\ProgramData\Wild Tangent
2013-04-17 01:13:38--------d-----w-C:\Users\Kendra\AppData\Roaming\SUPERAntiSpyware.com
2013-04-17 01:12:47--------d-----w-C:\ProgramData\SUPERAntiSpyware.com
2013-04-17 01:12:47--------d-----w-C:\Program Files\SUPERAntiSpyware
2013-04-17 00:23:2916114176----a-w-C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-04-17 00:23:2815541248----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-04-17 00:12:27--------d-----w-C:\Users\Kendra\AppData\Local\Mozilla
2013-04-16 22:43:3386016----a-w-C:\Windows\System32\ncryptsslp.dll
2013-04-16 22:43:3371168----a-w-C:\Windows\SysWow64\ncryptsslp.dll
2013-04-16 22:43:27144384----a-w-C:\Windows\System32\tssdisai.dll
2013-04-16 22:43:27135680----a-w-C:\Windows\System32\appserverai.dll
2013-04-16 22:43:27126976----a-w-C:\Windows\System32\RDWebAI.dll
2013-04-16 22:43:27122880----a-w-C:\Windows\System32\VmHostAI.dll
2013-04-16 22:43:25148480----a-w-C:\Windows\System32\poqexec.exe
2013-04-16 22:43:25132608----a-w-C:\Windows\SysWow64\poqexec.exe
2013-04-16 22:43:204041728----a-w-C:\Windows\System32\win32k.sys
2013-04-16 22:40:59731648----a-w-C:\Windows\System32\win32spl.dll
2013-04-16 22:38:51622080----a-w-C:\Windows\System32\drivers\srv2.sys
2013-04-16 22:38:51370688----a-w-C:\Windows\System32\drivers\mrxsmb.sys
2013-04-16 22:38:51247808----a-w-C:\Windows\System32\drivers\srvnet.sys
2013-04-16 22:38:51215552----a-w-C:\Windows\System32\drivers\mrxsmb20.sys
2013-04-16 22:38:491690624----a-w-C:\Windows\System32\GdiPlus.dll
2013-04-16 22:38:481437184----a-w-C:\Windows\SysWow64\GdiPlus.dll
2013-04-16 22:38:2620992----a-w-C:\Windows\System32\drivers\usb8023.sys
2013-04-16 22:38:19405504----a-w-C:\Windows\System32\pcasvc.dll
2013-04-16 22:38:1931232----a-w-C:\Windows\System32\pcadm.dll
2013-04-16 22:38:1913312----a-w-C:\Windows\System32\pcalua.exe
2013-04-16 22:38:1911776----a-w-C:\Windows\System32\pcaevts.dll
2013-04-16 22:35:4755272----a-w-C:\Program Files\Windows Defender\MpUXSrv.exe
2013-04-16 22:34:591802240----a-w-C:\Windows\SysWow64\msxml6.dll
2013-04-16 22:34:591438720----a-w-C:\Windows\SysWow64\msxml3.dll
2013-04-16 22:34:582048----a-w-C:\Windows\SysWow64\msxml6r.dll
2013-04-16 22:34:582048----a-w-C:\Windows\SysWow64\msxml3r.dll
2013-04-16 22:34:582048----a-w-C:\Windows\System32\msxml6r.dll
2013-04-16 22:34:582048----a-w-C:\Windows\System32\msxml3r.dll
2013-04-16 22:25:5050784----a-w-C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-04-16 22:25:4217536----a-w-C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-04-15 19:39:34--------d-s---w-C:\ProgramData\Shared Space
2013-04-15 19:37:59--------d-----w-C:\Program Files\COMODO
2013-04-15 19:37:54--------d-----w-C:\ProgramData\Comodo
2013-04-15 19:37:52--------d-----w-C:\ProgramData\Comodo Downloader
2013-04-15 19:27:43--------d-----w-C:\Users\Kendra\AppData\Roaming\WildTangent
2013-04-15 18:54:2270992----a-w-C:\Windows\System32\drivers\aswRdr2.sys
2013-04-15 18:54:051025808----a-w-C:\Windows\System32\drivers\aswSnx.sys
2013-04-15 18:54:03178624----a-w-C:\Windows\System32\drivers\aswVmm.sys
2013-04-15 18:54:0065336----a-w-C:\Windows\System32\drivers\aswRvrt.sys
2013-04-15 18:53:5780816----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
2013-04-15 18:52:4341664----a-w-C:\Windows\avastSS.scr
2013-04-15 18:52:21--------d-----w-C:\Program Files\AVAST Software
2013-04-15 18:50:22--------d-----w-C:\ProgramData\AVAST Software
2013-04-15 17:46:26--------d-----w-C:\Users\Kendra\AppData\Local\Google
2013-04-15 17:46:07--------d-----w-C:\Users\Kendra\AppData\Local\Apps
2013-04-15 17:46:06--------d-----w-C:\Users\Kendra\AppData\Local\Deployment
2013-04-15 17:41:50--------d-----w-C:\Program Files\Accessory Store
2013-04-15 17:41:42--------d-----w-C:\ProgramData\OEM_E471269A730D
2013-04-15 17:41:36--------d-----r-C:\Users\Kendra\Searches
2013-04-15 17:41:36--------d-----r-C:\Users\Kendra\Contacts
2013-04-15 17:40:55--------d-----w-C:\Users\Kendra\AppData\Roaming\lm
2013-04-15 17:39:35--------d-----w-C:\Users\Kendra\AppData\Local\VirtualStore
2013-04-15 17:39:08--------d-----w-C:\Users\Kendra\AppData\Local\Packages
.
==================== Find3M ====================
.
2013-04-15 17:38:5637560----a-w-C:\Windows\System32\drivers\cmdhlp.sys
2013-04-15 17:38:55712216----a-w-C:\Windows\System32\drivers\cmdguard.sys
2013-04-15 17:38:5523168----a-w-C:\Windows\System32\drivers\cmderd.sys
2013-04-15 17:38:3843216----a-w-C:\Windows\System32\cmdcsr.dll
2013-04-15 17:38:37348584----a-w-C:\Windows\SysWow64\guard32.dll
2013-04-15 17:38:36437176----a-w-C:\Windows\System32\guard64.dll
2013-04-15 17:38:29343760----a-w-C:\Windows\System32\cmdvrt64.dll
2013-04-15 17:38:2845776----a-w-C:\Windows\System32\cmdkbd64.dll
2013-04-15 17:38:25276688----a-w-C:\Windows\SysWow64\cmdvrt32.dll
2013-04-15 17:38:2440656----a-w-C:\Windows\SysWow64\cmdkbd32.dll
2013-04-02 22:08:0178176----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-02 22:08:01692576----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-07 06:50:566991592----a-w-C:\Windows\System32\ntoskrnl.exe
2013-03-02 10:57:48337128----a-w-C:\Windows\System32\drivers\USBXHCI.SYS
2013-03-02 10:57:4677544----a-w-C:\Windows\System32\drivers\storahci.sys
2013-03-02 10:57:46332520----a-w-C:\Windows\System32\drivers\storport.sys
2013-03-02 10:57:46283880----a-w-C:\Windows\System32\drivers\spaceport.sys
2013-03-02 10:45:20148712----a-w-C:\Windows\System32\drivers\tpm.sys
2013-03-02 10:45:19194792----a-w-C:\Windows\System32\drivers\sdbus.sys
2013-03-02 10:45:10125160----a-w-C:\Windows\System32\drivers\dumpsd.sys
2013-03-02 10:39:39495336----a-w-C:\Windows\System32\drivers\vhdmp.sys
2013-03-02 10:39:3869864----a-w-C:\Windows\System32\drivers\pdc.sys
2013-03-02 10:39:32327912----a-w-C:\Windows\System32\drivers\Classpnp.sys
2013-03-02 09:59:372231528----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-03-02 09:59:36411880----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-03-02 08:24:0834304----a-w-C:\Windows\SysWow64\wuapp.exe
2013-03-02 08:23:4383968----a-w-C:\Windows\SysWow64\wudriver.dll
2013-03-02 08:23:43125952----a-w-C:\Windows\SysWow64\wuwebv.dll
2013-03-02 08:23:30893952----a-w-C:\Windows\SysWow64\winmde.dll
2013-03-02 08:23:301338880----a-w-C:\Windows\SysWow64\WindowsCodecs.dll
2013-03-02 08:23:28601088----a-w-C:\Windows\SysWow64\Windows.Globalization.dll
2013-03-02 08:23:28504320----a-w-C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
2013-03-02 08:23:198857088----a-w-C:\Windows\SysWow64\twinui.dll
2013-03-02 08:23:19246784----a-w-C:\Windows\SysWow64\ubpm.dll
2013-03-02 08:23:04356352----a-w-C:\Windows\SysWow64\SettingSync.dll
2013-03-02 08:23:04100864----a-w-C:\Windows\SysWow64\SettingSyncInfo.dll
2013-03-02 08:23:00375808----a-w-C:\Windows\SysWow64\ReAgent.dll
2013-03-02 08:22:36357888----a-w-C:\Windows\SysWow64\netcfgx.dll
2013-03-02 08:22:325091840----a-w-C:\Windows\SysWow64\mstscax.dll
2013-03-02 08:22:18361984----a-w-C:\Windows\SysWow64\MFMediaEngine.dll
2013-03-02 08:22:17850944----a-w-C:\Windows\SysWow64\mfasfsrcsnk.dll
2013-03-02 08:21:56550912----a-w-C:\Windows\SysWow64\drvstore.dll
2013-03-02 08:21:5236352----a-w-C:\Windows\SysWow64\DevDispItemProvider.dll
2013-03-02 08:21:40309760----a-w-C:\Windows\SysWow64\BCP47Langs.dll
2013-03-02 08:21:392033664----a-w-C:\Windows\SysWow64\authui.dll
2013-03-02 08:21:32145408----a-w-C:\Windows\SysWow64\powercfg.cpl
2013-03-02 02:44:59448512----a-w-C:\Windows\System32\SettingSync.dll
2013-03-02 02:44:59128512----a-w-C:\Windows\System32\SettingSyncInfo.dll
2013-03-02 02:44:561011200----a-w-C:\Windows\System32\reseteng.dll
2013-03-02 02:44:41455168----a-w-C:\Windows\System32\netcfgx.dll
2013-03-02 02:44:41117248----a-w-C:\Windows\System32\NdisImPlatform.dll
2013-03-02 02:44:385978624----a-w-C:\Windows\System32\mstscax.dll
2013-03-02 02:44:30468992----a-w-C:\Windows\System32\MFMediaEngine.dll
2013-03-02 02:44:291048576----a-w-C:\Windows\System32\mfasfsrcsnk.dll
2013-03-02 02:44:08703488----a-w-C:\Windows\System32\drvstore.dll
2013-03-02 02:44:07150016----a-w-C:\Windows\System32\discan.dll
2013-03-02 02:44:0549152----a-w-C:\Windows\System32\DevDispItemProvider.dll
2013-03-02 02:43:591933312----a-w-C:\Windows\System32\wbem\cimwin32.dll
2013-03-02 02:43:56389120----a-w-C:\Windows\System32\BCP47Langs.dll
2013-03-02 02:43:552302464----a-w-C:\Windows\System32\authui.dll
2013-03-02 02:43:512146304----a-w-C:\Windows\System32\actxprxy.dll
2013-03-02 02:43:50156160----a-w-C:\Windows\System32\powercfg.cpl
2013-03-02 02:15:5326112----a-w-C:\Windows\System32\drivers\mouhid.sys
2013-03-01 04:56:1830720----a-w-C:\Windows\System32\drivers\monitor.sys
2013-02-21 10:30:161766912----a-w-C:\Windows\SysWow64\wininet.dll
2013-02-21 10:29:392877440----a-w-C:\Windows\SysWow64\jscript9.dll
2013-02-21 10:29:3761440----a-w-C:\Windows\SysWow64\iesetup.dll
2013-02-21 10:29:37109056----a-w-C:\Windows\SysWow64\iesysprep.dll
2013-02-21 10:15:072240512----a-w-C:\Windows\System32\wininet.dll
2013-02-21 10:15:00915968----a-w-C:\Windows\System32\uxtheme.dll
2013-02-21 10:14:093958784----a-w-C:\Windows\System32\jscript9.dll
2013-02-21 10:14:05136704----a-w-C:\Windows\System32\iesysprep.dll
2013-02-19 09:53:00534528----a-w-C:\Windows\SysWow64\uxtheme.dll
2013-02-15 07:58:5939936----a-w-C:\Windows\apppatch\apppatch64\acspecfc.dll
2013-02-15 06:35:40444416----a-w-C:\Windows\apppatch\AcSpecfc.dll
2013-02-07 01:33:01754176----a-w-C:\Windows\SysWow64\actxprxy.dll
2013-02-02 11:19:44496872----a-w-C:\Windows\System32\drivers\usbhub.sys
2013-02-02 11:19:44446184----a-w-C:\Windows\System32\drivers\USBHUB3.SYS
2013-02-02 11:19:3361672----a-w-C:\Windows\System32\drivers\crashdmp.sys
2013-02-02 10:54:541933544----a-w-C:\Windows\System32\drivers\ntfs.sys
2013-02-02 10:28:54993512----a-w-C:\Windows\System32\drivers\ndis.sys
2013-02-02 08:40:58375808----a-w-C:\Windows\SysWow64\wbem\WmiPrvSE.exe
2013-02-02 08:40:5580896----a-w-C:\Windows\SysWow64\tasklist.exe
2013-02-02 08:40:5579360----a-w-C:\Windows\SysWow64\taskkill.exe
2013-02-02 08:40:36155136----a-w-C:\Windows\SysWow64\XpsRasterService.dll
2013-02-02 08:40:35370688----a-w-C:\Windows\SysWow64\WWanAPI.dll
2013-02-02 08:40:27131072----a-w-C:\Windows\SysWow64\wbem\WmiDcPrv.dll
2013-02-02 08:40:26410624----a-w-C:\Windows\SysWow64\wlroamextension.dll
2013-02-02 08:40:22197632----a-w-C:\Windows\SysWow64\Windows.Networking.Connectivity.dll
2013-02-02 08:40:2210792448----a-w-C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-02-02 08:39:59325632----a-w-C:\Windows\SysWow64\schannel.dll
2013-02-02 08:39:4718432----a-w-C:\Windows\SysWow64\npmproxy.dll
2013-02-02 08:39:3455296----a-w-C:\Windows\SysWow64\nlaapi.dll
2013-02-02 08:39:3415872----a-w-C:\Windows\SysWow64\nlmproxy.dll
2013-02-02 08:39:3412288----a-w-C:\Windows\SysWow64\nlmsprep.dll
2013-02-02 08:39:33115712----a-w-C:\Windows\SysWow64\netprofm.dll
2013-02-02 08:39:15157696----a-w-C:\Windows\SysWow64\mbsmsapi.dll
2013-02-02 08:38:54567808----a-w-C:\Windows\SysWow64\duser.dll
2013-02-02 08:24:19107520----a-w-C:\Windows\System32\taskkill.exe
2013-02-02 08:24:19102400----a-w-C:\Windows\System32\tasklist.exe
.
============= FINISH: 1:00:30.67 ===============

 

[mom26gr8kids]

Attach log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 4/15/2013 11:38:53 AM
System Uptime: 4/23/2013 11:44:27 PM (2 hours ago)
.
Motherboard: Gateway | | VG50_CM
Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics | Socket FT1 | 1400/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 682 GiB total, 646.874 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2: 4/15/2013 12:52:01 PM - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
Agatha Christie - Death on the Nile
Aloha TriPeaks
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Quick Stream
AMD VISION Engine Control Center
avast! Free Antivirus
Backup Manager v4
Bejeweled 3
Big Fish Games: Game Manager
Broadcom 802.11 Network Adapter
Build-a-lot 2: Town of the Year
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
COMODO Internet Security
Cradle Of Egypt Collector's Edition
CyberLink MediaEspresso 6.5
CyberLink PowerDVD 10
Delicious: Emily's True Love Premium Edition
Dora's World Adventure
Dritek Radio Controller
ETDWare PS/2-X64 11.6.16.003_WHQL
Gateway Device Fast-lane
Gateway MyBackup
Gateway Power Management
Gateway Recovery Management
Google Chrome
Google Drive
Google Update Helper
Identity Card
Jewel Match 3
Launch Manager
Live Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Office
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Maintenance Service
Mystery P.I. - Curious Case of Counterfeit Cove
Nero 12 Essentials OEM.a01
Nero ControlCenter
Nero ControlCenter Help (CHM)
Nero Core Components
Nero Express
Nero Express Help (CHM)
Nero Launcher
Nero Update
Norton Online Backup
Norton Online Backup ARA
Peggle Nights
Penguins!
Plants vs. Zombies - Game of the Year
Polar Bowler
Polar Golfer
Prerequisite installer
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Spotify
SUPERAntiSpyware
Tales of Lagoona
Update Installer for WildTangent Games App
WildTangent Games
WildTangent Games App
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
4/23/2013 4:25:23 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa8005bfc060, 0xfffff802119f1770, 0xfffffa800b45fc60). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 042313-26816-01.
4/23/2013 11:44:31 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
4/23/2013 11:09:27 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DAD-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}. The master browser is stopping or an election is being forced.
4/23/2013 10:58:14 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.21. The computer with the IP address 192.168.1.5 did not allow the name to be claimed by this computer.
4/23/2013 10:56:49 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa8005bdb880, 0xfffff801dfbf1770, 0xfffffa8006e1c750). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 042313-24070-01.
4/21/2013 6:31:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
4/21/2013 6:31:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
4/21/2013 6:30:08 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The System Events Broker service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/21/2013 6:29:08 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The User Profile Service service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The Themes service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The Task Scheduler service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The System Events Broker service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The System Event Notification Service service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The Shell Hardware Detection service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The IP Helper service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7034] - The Application Experience service terminated unexpectedly. It has done this 3 time(s).
4/19/2013 9:31:20 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:31:20 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:25:17 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the System Events Broker service, but this action failed with the following error: An instance of the service is already running.
4/19/2013 9:25:17 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The System Events Broker service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Microsoft Account Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/19/2013 9:20:17 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/19/2013 11:21:23 AM, Error: Microsoft-Windows-WMPNSS-Service [14346] - A new media server was not initialized because RegisterRunningDevice() encountered error '0x8007045a'. Restart your computer, and then restart the WMPNetworkSvc service.
4/19/2013 11:17:59 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa8005bdc880, 0xfffff803f0ba8760, 0xfffffa80098f3840). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 041913-25038-01.
4/19/2013 1:33:18 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2013 7:28:05 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 3 time(s).
.
==== End Of File ===========================

 

[Broni]

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

Download RogueKiller on the desktop

• Close all the running programs
• Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
• Otherwise just double-click on RogueKiller.exe
• Pre-scan will start. Let it finish.
• Click on SCAN button.
• Wait until the Status box shows Scan Finished
• Click on Delete.
• Wait until the Status box shows Deleting Finished.
• Click on Report and copy/paste the content of the Notepad into your next reply.
• RKreport.txt could also be found on your desktop.
• If more than one log is produced post all logs.
• If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Download Malwarebytes Anti-Rootkit (MBAR) from HERE

• Unzip downloaded file.
• Open the folder where the contents were unzipped and run mbar.exe
• Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
• Click on the Cleanup button to remove any threats and reboot if prompted to do so.
• Wait while the system shuts down and the cleanup process is performed.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

 

[mom26gr8kids]

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Kendra [Admin rights]
Mode : Remove -- Date : 04/26/2013 12:24:41
| ARK || FAK || MBR |

¤¤¤ Bad processes : 3 ¤¤¤
[SUSP PATH] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe [7] -> KILLED [TermProc]
[RESIDUE] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe [7] -> KILLED [TermProc]
[RESIDUE] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 4 ¤¤¤
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : NameServer (8.26.56.26,156.154.70.22) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{93861460-374F-46E0-90B7-36421D29E88F} : NameServer (8.26.56.26,156.154.70.22) -> NOT REMOVED, USE DNSFIX
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD7500BPVT-22HXZT3 +++++
--- User ---
[MBR] 944be022e7c168eea5d9182c0176ef42
[BSP] f0aa01dcb886ed30829a93b986d44bdb : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_04262013_02d1224.txt >>
RKreport[1]_S_04262013_02d1222.txt ; RKreport[2]_D_04262013_02d1224.txt

 

[mom26gr8kids]

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.04.29.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16540
Kendra :: MOMSPC [administrator]

4/29/2013 11:36:53 AM
mbar-log-2013-04-29 (11-36-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 6228
Time elapsed: 21 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

[Broni]

system-log.txt?

 

[mom26gr8kids]

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.04.26.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16540
Kendra :: MOMSPC [administrator]

4/26/2013 1:17:07 PM
mbar-log-2013-04-26 (13-17-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 6190
Time elapsed: 30 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

[mom26gr8kids]

Mbar said it didn't find anything, but I posted the logs anyway. Let me know my next steps. Thanks

 

[Broni]

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.[/*]
• Press Scan button.[/*]
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.[/*]
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.[/*]

 

[mom26gr8kids]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2013
Ran by Kendra (administrator) on 02-05-2013 15:58:59
Running from C:\Users\Kendra\Downloads
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Farbar) C:\Users\Kendra\Downloads\FRST64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12503184 2012-06-10] (Realtek Semiconductor)
HKCU\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2013-04-16] (SUPERAntiSpyware.com)
HKLM-x32\...\Run: [LManager] [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run [111216 2013-01-16] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-06] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
HKCU SearchScopes: DefaultScope {B277A523-F32E-4415-B0A5-C9795B9F5EFD} URL =
SearchScopes: HKCU - {B277A523-F32E-4415-B0A5-C9795B9F5EFD} URL =
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}: [NameServer]8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{93861460-374F-46E0-90B7-36421D29E88F}: [NameServer]8.26.56.26,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\3el9feo0.default
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

Chrome:
=======
CHR HomePage: hxxp://acer13.msn.com/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
CHR Extension: (Google Docs) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! WebRep) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (Gmail) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-06] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5784472 2013-04-15] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [158928 2013-04-15] (COMODO)
S3 DeviceFastLaneService; C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [98160 2013-01-16] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-28] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-03-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-06] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-06] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-06] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-06] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-06] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-06] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-20] (Advanced Micro Devices)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6835784 2013-01-16] (Broadcom Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2013-04-15] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [712216 2013-04-15] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [37560 2013-04-15] (COMODO)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [118400 2013-04-18] (COMODO)
R3 L1C; C:\Windows\system32\DRIVERS\L1C63x64.sys [118936 2012-11-19] (Qualcomm Atheros Co., Ltd.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-01-16] (Dritek System Inc.)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1119232 2012-06-29] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ccSet_NARA; \SystemRoot\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-05-02 15:58 - 2013-05-02 15:58 - 00000000 ____D C:\FRST
2013-05-02 15:56 - 2013-05-02 15:56 - 01712312 ____A (Farbar) C:\Users\Kendra\Downloads\FRST64.exe
2013-05-02 13:28 - 2013-05-02 13:32 - 00387288 ____A C:\Windows\Minidump\050213-45427-01.dmp
2013-05-02 13:27 - 2013-05-02 13:28 - 00281088 ____A C:\Windows\System32\FNTCACHE.DAT
2013-04-29 11:00 - 2013-04-29 11:00 - 00000000 ____D C:\Users\Kendra\Downloads\mbar-1.05.0.1001 (1)
2013-04-29 10:53 - 2013-04-29 10:57 - 12917756 ____A C:\Users\Kendra\Downloads\mbar-1.05.0.1001 (1).zip
2013-04-29 10:41 - 2013-04-29 10:41 - 00000117 ____A C:\Windows\System32\netcfg-391655283.txt
2013-04-29 10:41 - 2013-04-29 10:41 - 00000117 ____A C:\Windows\System32\netcfg-391654674.txt
2013-04-29 10:06 - 2013-04-29 10:06 - 00000117 ____A C:\Windows\System32\netcfg-389572810.txt
2013-04-29 10:06 - 2013-04-29 10:06 - 00000117 ____A C:\Windows\System32\netcfg-389569612.txt
2013-04-28 21:53 - 2013-04-28 21:53 - 00000117 ____A C:\Windows\System32\netcfg-345576472.txt
2013-04-28 21:53 - 2013-04-28 21:53 - 00000117 ____A C:\Windows\System32\netcfg-345576253.txt
2013-04-28 21:17 - 2013-04-28 21:17 - 00000117 ____A C:\Windows\System32\netcfg-343400695.txt
2013-04-28 21:17 - 2013-04-28 21:17 - 00000117 ____A C:\Windows\System32\netcfg-343400305.txt
2013-04-28 21:04 - 2013-04-28 21:04 - 00000117 ____A C:\Windows\System32\netcfg-342612032.txt
2013-04-28 21:03 - 2013-04-28 21:04 - 00000117 ____A C:\Windows\System32\netcfg-342611267.txt
2013-04-28 13:01 - 2013-04-28 13:01 - 00000117 ____A C:\Windows\System32\netcfg-313664767.txt
2013-04-28 13:01 - 2013-04-28 13:01 - 00000117 ____A C:\Windows\System32\netcfg-313661912.txt
2013-04-28 00:35 - 2013-04-28 00:35 - 00000117 ____A C:\Windows\System32\netcfg-268898424.txt
2013-04-28 00:35 - 2013-04-28 00:35 - 00000117 ____A C:\Windows\System32\netcfg-268895413.txt
2013-04-27 11:25 - 2013-04-27 11:26 - 00000117 ____A C:\Windows\System32\netcfg-221539890.txt
2013-04-27 11:25 - 2013-04-27 11:25 - 00000117 ____A C:\Windows\System32\netcfg-221539453.txt
2013-04-26 23:02 - 2013-04-26 23:02 - 00000117 ____A C:\Windows\System32\netcfg-176907302.txt
2013-04-26 23:02 - 2013-04-26 23:02 - 00000117 ____A C:\Windows\System32\netcfg-176906163.txt
2013-04-26 19:57 - 2012-09-20 03:10 - 02367528 ____A (Microsoft Corporation) C:\Windows\System32\WSService.dll
2013-04-26 19:57 - 2012-09-20 01:55 - 03265256 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2013-04-26 19:57 - 2012-09-20 00:33 - 14259712 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-04-26 19:56 - 2012-09-20 02:40 - 00389360 ____A (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
2013-04-26 19:56 - 2012-09-20 02:31 - 00425192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2013-04-26 19:56 - 2012-09-20 02:28 - 01825208 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-04-26 19:56 - 2012-09-20 01:55 - 00533224 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2013-04-26 19:56 - 2012-09-20 00:47 - 00307192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 03964416 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
2013-04-26 19:56 - 2012-09-20 00:33 - 02397184 ____A (Microsoft Corporation) C:\Windows\System32\WpcMon.exe
2013-04-26 19:56 - 2012-09-20 00:33 - 01513984 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 01304064 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00866304 ____A (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00757248 ____A (Microsoft Corporation) C:\Windows\System32\uDWM.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00573440 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00545280 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2013-04-26 19:56 - 2012-09-20 00:33 - 00541184 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00420352 ____A (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2013-04-26 19:56 - 2012-09-20 00:33 - 00410624 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2013-04-26 19:56 - 2012-09-20 00:33 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\wlidcredprov.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00332800 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\wpnprv.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2013-04-26 19:56 - 2012-09-20 00:33 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\WSSync.dll
2013-04-26 19:56 - 2012-09-20 00:32 - 01739264 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
2013-04-26 19:56 - 2012-09-20 00:32 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2013-04-26 19:56 - 2012-09-20 00:32 - 01019392 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.dll
2013-04-26 19:56 - 2012-09-20 00:32 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\provcore.dll
2013-04-26 19:56 - 2012-09-20 00:32 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\rascfg.dll
2013-04-26 19:56 - 2012-09-20 00:32 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-04-26 19:56 - 2012-09-20 00:31 - 00755200 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2013-04-26 19:56 - 2012-09-20 00:31 - 00617984 ____A (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
2013-04-26 19:56 - 2012-09-20 00:31 - 00604672 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-04-26 19:56 - 2012-09-20 00:31 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mfsvr.dll
2013-04-26 19:56 - 2012-09-20 00:31 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fveapibase.dll
2013-04-26 19:56 - 2012-09-20 00:31 - 00236544 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
2013-04-26 19:56 - 2012-09-20 00:31 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-04-26 19:56 - 2012-09-20 00:31 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2013-04-26 19:56 - 2012-09-20 00:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\mmcss.dll
2013-04-26 19:56 - 2012-09-20 00:30 - 03847168 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-04-26 19:56 - 2012-09-20 00:30 - 02219008 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-04-26 19:56 - 2012-09-20 00:30 - 01743872 ____A (Microsoft Corporation) C:\Windows\System32\combase.dll
2013-04-26 19:56 - 2012-09-20 00:30 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2013-04-26 19:56 - 2012-09-20 00:30 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2013-04-26 19:56 - 2012-09-20 00:30 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
2013-04-26 19:56 - 2012-09-20 00:30 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-04-26 19:56 - 2012-09-20 00:26 - 01409376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-04-26 19:56 - 2012-09-19 23:55 - 11875328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-04-26 19:56 - 2012-09-19 23:55 - 00995328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2013-04-26 19:56 - 2012-09-19 23:55 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2013-04-26 19:56 - 2012-09-19 23:54 - 01196032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2013-04-26 19:56 - 2012-09-19 23:54 - 00709632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2013-04-26 19:56 - 2012-09-19 23:54 - 00108544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2013-04-26 19:56 - 2012-09-19 23:53 - 03296256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-04-26 19:56 - 2012-09-19 23:53 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-04-26 19:56 - 2012-09-19 23:53 - 00675840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2013-04-26 19:56 - 2012-09-19 23:53 - 00119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2013-04-26 19:55 - 2012-09-20 03:08 - 00027280 ____A (Microsoft Corporation) C:\Windows\System32\avrt.dll
2013-04-26 19:55 - 2012-09-20 02:04 - 00100072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-04-26 19:55 - 2012-09-20 01:55 - 00120040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2013-04-26 19:55 - 2012-09-20 01:03 - 00465128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-04-26 19:55 - 2012-09-20 00:48 - 00062488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2013-04-26 19:55 - 2012-09-20 00:33 - 01342464 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00699392 ____A (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
2013-04-26 19:55 - 2012-09-20 00:33 - 00588800 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00390144 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\fhmanagew.exe
2013-04-26 19:55 - 2012-09-20 00:33 - 00117760 ____A (Microsoft Corporation) C:\Windows\System32\dwm.exe
2013-04-26 19:55 - 2012-09-20 00:33 - 00110592 ____A C:\Windows\System32\OEMLicense.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00107008 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
2013-04-26 19:55 - 2012-09-20 00:33 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\drvinst.exe
2013-04-26 19:55 - 2012-09-20 00:33 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\lpremove.exe
2013-04-26 19:55 - 2012-09-20 00:33 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\TpmTasks.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\umpo.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\vsstrace.dll
2013-04-26 19:55 - 2012-09-20 00:33 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\ndptsp.tsp
2013-04-26 19:55 - 2012-09-20 00:33 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\kmddsp.tsp
2013-04-26 19:55 - 2012-09-20 00:33 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-04-26 19:55 - 2012-09-20 00:33 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\svchost.exe
2013-04-26 19:55 - 2012-09-20 00:33 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
2013-04-26 19:55 - 2012-09-20 00:32 - 00256512 ____A (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\ProximityService.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\perfos.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\PackageStateRoaming.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\RpcEpMap.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\rasdiag.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\perfctrs.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\rasmxs.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\perfproc.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\perfdisk.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\rasser.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\perfnet.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\MUILanguageCleanup.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\shimeng.dll
2013-04-26 19:55 - 2012-09-20 00:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2013-04-26 19:55 - 2012-09-20 00:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00459776 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00437760 ____A (Microsoft Corporation) C:\Windows\System32\mfh264enc.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00315392 ____A (Microsoft Corporation) C:\Windows\System32\fhcfg.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00280576 ____A (Microsoft Corporation) C:\Windows\System32\fhcat.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00137728 ____A (Microsoft Corporation) C:\Windows\System32\fhshl.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00118272 ____A (Microsoft Corporation) C:\Windows\System32\DevPropMgr.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\fhsvc.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchapi.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\fhevents.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchph.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhlisten.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhautoplay.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\fhcleanup.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\fhtask.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\LangCleanupSysprepAction.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\fhsvcctl.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\eventcls.dll
2013-04-26 19:55 - 2012-09-20 00:31 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\lpksetupproxyserv.dll
2013-04-26 19:55 - 2012-09-20 00:30 - 02066432 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-04-26 19:55 - 2012-09-20 00:30 - 02016256 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
2013-04-26 19:55 - 2012-09-20 00:30 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
2013-04-26 19:55 - 2012-09-20 00:30 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\DAFWSD.dll
2013-04-26 19:55 - 2012-09-20 00:30 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-04-26 19:55 - 2012-09-20 00:13 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-kernel-power-events.dll
2013-04-26 19:55 - 2012-09-20 00:13 - 00023656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avrt.dll
2013-04-26 19:55 - 2012-09-20 00:12 - 09374208 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-04-26 19:55 - 2012-09-20 00:09 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2013-04-26 19:55 - 2012-09-20 00:09 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2013-04-26 19:55 - 2012-09-20 00:08 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-04-26 19:55 - 2012-09-20 00:08 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-04-26 19:55 - 2012-09-20 00:07 - 00210304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-04-26 19:55 - 2012-09-20 00:05 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-04-26 19:55 - 2012-09-19 23:55 - 00465920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2013-04-26 19:55 - 2012-09-19 23:55 - 00417280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-04-26 19:55 - 2012-09-19 23:55 - 00333824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2013-04-26 19:55 - 2012-09-19 23:55 - 00267776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-04-26 19:55 - 2012-09-19 23:55 - 00265216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-04-26 19:55 - 2012-09-19 23:55 - 00263168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2013-04-26 19:55 - 2012-09-19 23:55 - 00239616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2013-04-26 19:55 - 2012-09-19 23:55 - 00166912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-04-26 19:55 - 2012-09-19 23:55 - 00154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-04-26 19:55 - 2012-09-19 23:55 - 00083968 ____A C:\Windows\SysWOW64\OEMLicense.dll
2013-04-26 19:55 - 2012-09-19 23:55 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2013-04-26 19:55 - 2012-09-19 23:55 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-04-26 19:55 - 2012-09-19 23:55 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2013-04-26 19:55 - 2012-09-19 23:55 - 00038912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2013-04-26 19:55 - 2012-09-19 23:55 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2013-04-26 19:55 - 2012-09-19 23:55 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2013-04-26 19:55 - 2012-09-19 23:54 - 01369600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 01137152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00533504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00509952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00480768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00449024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00413184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00089088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00005632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2013-04-26 19:55 - 2012-09-19 23:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2013-04-26 19:55 - 2012-09-19 23:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2013-04-26 19:55 - 2012-09-19 23:53 - 02007040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2013-04-26 19:55 - 2012-09-19 23:53 - 01701376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-04-26 19:55 - 2012-09-19 23:53 - 01247232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2013-04-26 19:55 - 2012-09-19 23:53 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2013-04-26 19:55 - 2012-09-19 23:53 - 00461824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-04-26 19:55 - 2012-09-19 23:53 - 00366080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-04-26 19:55 - 2012-09-19 23:53 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-04-26 19:55 - 2012-09-19 23:53 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2013-04-26 19:55 - 2012-09-19 23:32 - 09374208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-04-26 19:55 - 2012-09-19 22:13 - 00098816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-04-26 19:55 - 2012-09-19 22:10 - 01126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2013-04-26 19:52 - 2012-11-19 23:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-04-26 19:52 - 2012-11-19 23:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-04-26 19:52 - 2012-11-19 23:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-04-26 19:52 - 2012-11-19 22:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
2013-04-26 19:52 - 2012-11-07 22:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-04-26 19:52 - 2012-11-07 22:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-04-26 19:52 - 2012-11-07 22:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-04-26 19:52 - 2012-11-07 22:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-04-26 19:52 - 2012-11-07 22:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-04-26 19:52 - 2012-11-07 22:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-04-26 19:48 - 2012-12-03 22:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-04-26 19:48 - 2012-11-28 23:05 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-04-26 19:48 - 2012-11-28 23:05 - 00707584 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-04-26 19:48 - 2012-11-27 00:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2013-04-26 19:48 - 2012-11-26 22:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-04-26 19:48 - 2012-11-26 22:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-04-26 19:48 - 2012-11-26 22:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-04-26 19:48 - 2012-11-26 22:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-04-26 19:48 - 2012-11-26 22:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-04-26 19:48 - 2012-11-26 22:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-04-26 19:48 - 2012-11-26 22:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-04-26 19:48 - 2012-11-26 22:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-04-26 19:48 - 2012-11-26 22:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-04-26 19:48 - 2012-11-26 22:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-04-26 19:48 - 2012-11-26 22:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-04-26 19:48 - 2012-11-26 22:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
2013-04-26 19:48 - 2012-11-26 22:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2013-04-26 19:48 - 2012-11-26 22:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2013-04-26 19:48 - 2012-11-26 22:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-04-26 19:48 - 2012-11-26 22:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2013-04-26 19:48 - 2012-11-26 22:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-04-26 19:48 - 2012-11-26 22:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-04-26 19:48 - 2012-11-26 22:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-04-26 19:48 - 2012-11-26 22:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-04-26 19:48 - 2012-09-10 23:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
2013-04-26 19:48 - 2012-09-10 23:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-04-26 19:48 - 2012-09-10 23:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
2013-04-26 19:30 - 2013-04-26 19:30 - 00000117 ____A C:\Windows\System32\netcfg-164235418.txt
2013-04-26 19:30 - 2013-04-26 19:30 - 00000117 ____A C:\Windows\System32\netcfg-164234841.txt
2013-04-26 19:30 - 2012-11-05 22:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2013-04-26 13:26 - 2012-11-06 01:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-04-26 13:26 - 2012-11-06 01:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-04-26 13:26 - 2012-11-06 01:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2013-04-26 13:26 - 2012-11-06 01:33 - 00490064 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-04-26 13:26 - 2012-11-06 01:33 - 00447792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-04-26 13:26 - 2012-11-06 01:33 - 00253512 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-04-26 13:26 - 2012-11-05 23:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-04-26 13:26 - 2012-11-05 23:00 - 00427568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-04-26 13:26 - 2012-11-05 23:00 - 00324344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-04-26 13:26 - 2012-11-05 22:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-04-26 13:26 - 2012-11-05 22:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-04-26 13:26 - 2012-11-05 22:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-04-26 13:26 - 2012-11-05 22:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-04-26 13:26 - 2012-11-05 22:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-04-26 13:26 - 2012-11-05 22:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-04-26 13:26 - 2012-11-05 22:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-04-26 13:26 - 2012-11-05 22:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-04-26 13:26 - 2012-11-05 22:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
2013-04-26 13:26 - 2012-11-05 22:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-04-26 13:26 - 2012-11-05 22:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-04-26 13:26 - 2012-11-05 22:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-04-26 13:26 - 2012-11-05 22:17 - 00785920 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-04-26 13:26 - 2012-11-05 22:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-04-26 13:26 - 2012-11-05 22:17 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-04-26 13:26 - 2012-11-05 22:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
2013-04-26 13:26 - 2012-11-05 22:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-04-26 13:26 - 2012-11-05 21:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
2013-04-26 13:26 - 2012-11-05 21:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-04-26 13:26 - 2012-11-05 21:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-04-26 13:26 - 2012-11-05 21:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-04-26 13:26 - 2012-11-05 21:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-04-26 13:26 - 2012-11-05 21:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2013-04-26 13:26 - 2012-11-05 21:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-04-26 13:26 - 2012-11-05 21:54 - 00859136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-04-26 13:26 - 2012-11-05 21:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-04-26 13:26 - 2012-11-05 21:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-04-26 12:39 - 2013-04-26 12:39 - 00000000 ____D C:\Users\Kendra\Downloads\mbar-1.05.0.1001
2013-04-26 12:35 - 2013-04-26 12:36 - 12917756 ____A C:\Users\Kendra\Downloads\mbar-1.05.0.1001.zip
2013-04-26 12:24 - 2013-04-26 12:24 - 00001885 ____A C:\Users\Kendra\Desktop\RKreport[2]_D_04262013_02d1224.txt
2013-04-26 12:22 - 2013-04-26 12:22 - 00001716 ____A C:\Users\Kendra\Desktop\RKreport[1]_S_04262013_02d1222.txt
2013-04-26 12:13 - 2013-04-26 12:23 - 00000000 ____D C:\Users\Kendra\Desktop\RK_Quarantine
2013-04-26 12:11 - 2013-04-26 12:11 - 00816128 ____A C:\Users\Kendra\Downloads\RogueKiller.exe
2013-04-26 12:09 - 2013-04-26 12:09 - 00000117 ____A C:\Windows\System32\netcfg-137735263.txt
2013-04-26 12:09 - 2013-04-26 12:09 - 00000117 ____A C:\Windows\System32\netcfg-137731816.txt
2013-04-26 11:18 - 2013-04-26 11:18 - 00000117 ____A C:\Windows\System32\netcfg-134715271.txt
2013-04-26 11:18 - 2013-04-26 11:18 - 00000117 ____A C:\Windows\System32\netcfg-134714476.txt
2013-04-26 02:59 - 2013-04-26 02:59 - 00000117 ____A C:\Windows\System32\netcfg-104755841.txt
2013-04-26 02:59 - 2013-04-26 02:59 - 00000117 ____A C:\Windows\System32\netcfg-104755139.txt
2013-04-25 14:47 - 2013-04-25 14:47 - 00000117 ____A C:\Windows\System32\netcfg-60860623.txt
2013-04-25 14:47 - 2013-04-25 14:47 - 00000117 ____A C:\Windows\System32\netcfg-60860295.txt
2013-04-25 13:31 - 2013-04-25 13:31 - 00000117 ____A C:\Windows\System32\netcfg-56274256.txt
2013-04-25 13:31 - 2013-04-25 13:31 - 00000117 ____A C:\Windows\System32\netcfg-56274100.txt
2013-04-25 11:27 - 2013-04-25 11:27 - 00000117 ____A C:\Windows\System32\netcfg-48816347.txt
2013-04-25 11:27 - 2013-04-25 11:27 - 00000117 ____A C:\Windows\System32\netcfg-48813102.txt
2013-04-24 21:53 - 2013-04-24 21:54 - 00390760 ____A C:\Windows\Minidump\042413-22136-01.dmp
2013-04-24 12:30 - 2013-04-24 12:30 - 00000117 ____A C:\Windows\System32\netcfg-45948394.txt
2013-04-24 12:30 - 2013-04-24 12:30 - 00000117 ____A C:\Windows\System32\netcfg-45948144.txt
2013-04-24 10:29 - 2013-04-24 10:29 - 00000117 ____A C:\Windows\System32\netcfg-38713738.txt
2013-04-24 10:29 - 2013-04-24 10:29 - 00000117 ____A C:\Windows\System32\netcfg-38713426.txt
2013-04-24 01:00 - 2013-04-24 01:00 - 00022502 ____A C:\Users\Kendra\Desktop\dds.txt
2013-04-24 01:00 - 2013-04-24 01:00 - 00016775 ____A C:\Users\Kendra\Desktop\attach.txt
2013-04-24 00:53 - 2013-04-24 00:54 - 00688992 ____R (Swearware) C:\Users\Kendra\Downloads\dds.com
2013-04-24 00:38 - 2013-04-24 00:38 - 00001120 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

 

[mom26gr8kids]

2013-04-24 00:38 - 2013-04-24 00:38 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\Malwarebytes
2013-04-24 00:38 - 2013-04-24 00:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-24 00:38 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-04-24 00:33 - 2013-04-24 00:34 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Kendra\Downloads\mbam-setup-1.75.0.1300.exe
2013-04-24 00:29 - 2013-04-24 00:29 - 00000117 ____A C:\Windows\System32\netcfg-2683934.txt
2013-04-24 00:29 - 2013-04-24 00:29 - 00000117 ____A C:\Windows\System32\netcfg-2682936.txt
2013-04-23 23:45 - 2013-04-23 23:45 - 00000117 ____A C:\Windows\System32\netcfg-57408.txt
2013-04-23 23:44 - 2013-04-23 23:44 - 00000117 ____A C:\Windows\System32\netcfg-2880028.txt
2013-04-23 22:56 - 2013-04-23 22:56 - 00384696 ____A C:\Windows\Minidump\042313-24070-01.dmp
2013-04-23 22:13 - 2013-04-23 22:13 - 00000117 ____A C:\Windows\System32\netcfg-20895429.txt
2013-04-23 22:13 - 2013-04-23 22:13 - 00000117 ____A C:\Windows\System32\netcfg-20895007.txt
2013-04-23 17:21 - 2013-04-23 17:21 - 00000117 ____A C:\Windows\System32\netcfg-3429947.txt
2013-04-23 17:21 - 2013-04-23 17:21 - 00000117 ____A C:\Windows\System32\netcfg-3429104.txt
2013-04-23 16:25 - 2013-04-23 16:25 - 00385920 ____A C:\Windows\Minidump\042313-26816-01.dmp
2013-04-23 15:19 - 2013-04-23 15:19 - 00000117 ____A C:\Windows\System32\netcfg-6526270.txt
2013-04-23 15:19 - 2013-04-23 15:19 - 00000117 ____A C:\Windows\System32\netcfg-6522698.txt
2013-04-23 12:44 - 2013-04-23 12:44 - 00000117 ____A C:\Windows\System32\netcfg-4267313.txt
2013-04-23 12:44 - 2013-04-23 12:44 - 00000117 ____A C:\Windows\System32\netcfg-4264006.txt
2013-04-23 00:50 - 2013-04-23 00:50 - 00000000 ____D C:\Program Files (x86)\Build-a-lot 2 - Town of the Year
2013-04-23 00:35 - 2013-04-23 00:35 - 00000970 ____A C:\Users\Public\Desktop\Game Manager.lnk
2013-04-23 00:35 - 2013-04-23 00:35 - 00000231 ____A C:\Users\Public\Desktop\More Great Games.url
2013-04-23 00:34 - 2013-04-23 00:34 - 00000000 ____D C:\Program Files (x86)\bfgclient
2013-04-23 00:28 - 2013-04-23 00:50 - 00000000 ____D C:\BigFishGamesCache
2013-04-23 00:27 - 2013-04-23 00:27 - 00235080 ____A (Big Fish Games) C:\Users\Kendra\Downloads\bigfishgames_p124488422_s1_l1.exe
2013-04-22 16:56 - 2013-04-22 16:56 - 00000117 ____A C:\Windows\System32\netcfg-166701357.txt
2013-04-22 16:56 - 2013-04-22 16:56 - 00000117 ____A C:\Windows\System32\netcfg-166698081.txt
2013-04-22 13:37 - 2013-04-30 09:34 - 00000000 ____D C:\Users\Kendra\AppData\Local\CrashDumps
2013-04-22 13:37 - 2013-04-22 13:37 - 00000117 ____A C:\Windows\System32\netcfg-154772944.txt
2013-04-22 13:37 - 2013-04-22 13:37 - 00000117 ____A C:\Windows\System32\netcfg-154772679.txt
2013-04-22 13:35 - 2013-04-22 13:35 - 00000117 ____A C:\Windows\System32\netcfg-154654352.txt
2013-04-22 13:35 - 2013-04-22 13:35 - 00000117 ____A C:\Windows\System32\netcfg-154651185.txt
2013-04-22 12:40 - 2013-04-22 12:40 - 00000117 ____A C:\Windows\System32\netcfg-151344806.txt
2013-04-22 12:40 - 2013-04-22 12:40 - 00000117 ____A C:\Windows\System32\netcfg-151344198.txt
2013-04-22 12:25 - 2013-04-22 12:25 - 00000117 ____A C:\Windows\System32\netcfg-150441311.txt
2013-04-22 12:25 - 2013-04-22 12:25 - 00000117 ____A C:\Windows\System32\netcfg-150438284.txt
2013-04-22 12:24 - 2013-04-22 12:24 - 00000117 ____A C:\Windows\System32\netcfg-150400095.txt
2013-04-22 12:24 - 2013-04-22 12:24 - 00000117 ____A C:\Windows\System32\netcfg-150399674.txt
2013-04-22 11:56 - 2013-04-22 11:56 - 00000117 ____A C:\Windows\System32\netcfg-148702118.txt
2013-04-22 11:56 - 2013-04-22 11:56 - 00000117 ____A C:\Windows\System32\netcfg-148701463.txt
2013-04-22 08:46 - 2013-04-22 08:46 - 00000117 ____A C:\Windows\System32\netcfg-137281347.txt
2013-04-22 08:46 - 2013-04-22 08:46 - 00000117 ____A C:\Windows\System32\netcfg-137281129.txt
2013-04-22 08:37 - 2013-04-22 08:37 - 00000117 ____A C:\Windows\System32\netcfg-136737777.txt
2013-04-22 08:37 - 2013-04-22 08:37 - 00000117 ____A C:\Windows\System32\netcfg-136737465.txt
2013-04-21 22:08 - 2013-04-21 22:08 - 00000117 ____A C:\Windows\System32\netcfg-99016673.txt
2013-04-21 22:08 - 2013-04-21 22:08 - 00000117 ____A C:\Windows\System32\netcfg-99013460.txt
2013-04-21 21:14 - 2013-04-21 21:14 - 00358912 ____A C:\Users\Kendra\Downloads\75off.ppt
2013-04-21 20:02 - 2013-04-21 20:02 - 00000117 ____A C:\Windows\System32\netcfg-91484508.txt
2013-04-21 20:02 - 2013-04-21 20:02 - 00000117 ____A C:\Windows\System32\netcfg-91484181.txt
2013-04-21 16:48 - 2013-04-21 16:48 - 00000117 ____A C:\Windows\System32\netcfg-79815181.txt
2013-04-21 16:48 - 2013-04-21 16:48 - 00000117 ____A C:\Windows\System32\netcfg-79815025.txt
2013-04-21 16:38 - 2013-04-21 16:38 - 00000117 ____A C:\Windows\System32\netcfg-79213282.txt
2013-04-21 16:38 - 2013-04-21 16:38 - 00000117 ____A C:\Windows\System32\netcfg-79212892.txt
2013-04-20 21:04 - 2013-04-20 21:04 - 00000117 ____A C:\Windows\System32\netcfg-8775430.txt
2013-04-20 21:04 - 2013-04-20 21:04 - 00000117 ____A C:\Windows\System32\netcfg-8774619.txt
2013-04-20 18:37 - 2013-04-20 18:37 - 00000326 ____A C:\Windows\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}.job
2013-04-19 21:15 - 2013-04-19 21:15 - 00000117 ____A C:\Windows\System32\netcfg-35480742.txt
2013-04-19 21:15 - 2013-04-19 21:15 - 00000117 ____A C:\Windows\System32\netcfg-35478230.txt
2013-04-19 21:08 - 2013-04-19 21:08 - 00000117 ____A C:\Windows\System32\netcfg-35084718.txt
2013-04-19 21:08 - 2013-04-19 21:08 - 00000117 ____A C:\Windows\System32\netcfg-35083798.txt
2013-04-19 17:02 - 2013-04-19 17:02 - 00000117 ____A C:\Windows\System32\netcfg-20313280.txt
2013-04-19 17:02 - 2013-04-19 17:02 - 00000117 ____A C:\Windows\System32\netcfg-20310128.txt
2013-04-19 16:55 - 2013-04-19 16:55 - 00000117 ____A C:\Windows\System32\netcfg-19892155.txt
2013-04-19 16:55 - 2013-04-19 16:55 - 00000117 ____A C:\Windows\System32\netcfg-19891593.txt
2013-04-19 16:38 - 2013-04-19 16:38 - 00000117 ____A C:\Windows\System32\netcfg-18863250.txt
2013-04-19 16:38 - 2013-04-19 16:38 - 00000117 ____A C:\Windows\System32\netcfg-18859943.txt
2013-04-19 15:06 - 2013-04-19 15:06 - 00000117 ____A C:\Windows\System32\netcfg-13329068.txt
2013-04-19 15:06 - 2013-04-19 15:06 - 00000117 ____A C:\Windows\System32\netcfg-13328772.txt
2013-04-19 14:29 - 2013-04-19 14:29 - 00000117 ____A C:\Windows\System32\netcfg-11156193.txt
2013-04-19 14:29 - 2013-04-19 14:29 - 00000117 ____A C:\Windows\System32\netcfg-11152948.txt
2013-04-19 14:19 - 2013-04-19 14:19 - 00000117 ____A C:\Windows\System32\netcfg-10539162.txt
2013-04-19 14:19 - 2013-04-19 14:19 - 00000117 ____A C:\Windows\System32\netcfg-10538897.txt
2013-04-19 11:25 - 2013-04-19 11:26 - 00000128 ____A C:\Windows\System32\netcfg-124379.txt
2013-04-19 11:25 - 2013-04-19 11:25 - 00000117 ____A C:\Windows\System32\netcfg-96783.txt
2013-04-19 11:23 - 2013-04-19 11:23 - 00000117 ____A C:\Windows\System32\netcfg-372389.txt
2013-04-19 11:17 - 2013-05-02 13:28 - 00000000 ____D C:\Windows\Minidump
2013-04-19 11:17 - 2013-05-02 13:27 - 425527236 ____A C:\Windows\MEMORY.DMP
2013-04-19 11:17 - 2013-04-19 11:17 - 00385920 ____A C:\Windows\Minidump\041913-25038-01.dmp
2013-04-17 21:14 - 2013-04-17 21:14 - 00017920 __ASH C:\Users\Kendra\Downloads\Thumbs.db
2013-04-17 21:04 - 2013-04-17 21:04 - 00000000 ____A C:\Users\Kendra\Downloads\ouam2.htm
2013-04-17 21:03 - 2013-04-17 21:03 - 00000000 ____A C:\Users\Kendra\Downloads\ouam.htm
2013-04-16 21:39 - 2013-04-16 21:39 - 00113152 ____A C:\Users\Kendra\Downloads\Mentor Appreciation 2.pub
2013-04-16 19:13 - 2013-04-16 19:13 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\SUPERAntiSpyware.com
2013-04-16 19:12 - 2013-04-16 19:26 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-04-16 19:12 - 2013-04-16 19:12 - 00001815 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-04-16 18:57 - 2013-04-16 19:04 - 21235504 ____A (SUPERAntiSpyware.com) C:\Users\Kendra\Downloads\SUPERAntiSpyware.exe
2013-04-16 18:12 - 2013-04-16 18:12 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\Mozilla
2013-04-16 18:12 - 2013-04-16 18:12 - 00000000 ____D C:\Users\Kendra\AppData\Local\Mozilla
2013-04-16 18:06 - 2013-04-01 19:58 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-04-16 18:05 - 2013-04-16 18:05 - 00000117 ____A C:\Windows\System32\netcfg-101624214.txt
2013-04-16 18:05 - 2013-04-16 18:05 - 00000117 ____A C:\Windows\System32\netcfg-101621484.txt
2013-04-16 16:59 - 2013-01-09 19:53 - 00028904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-04-16 16:59 - 2013-01-09 19:40 - 01448168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-04-16 16:59 - 2013-01-09 19:40 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-04-16 16:59 - 2013-01-09 19:29 - 00785504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-04-16 16:59 - 2013-01-09 19:29 - 00091880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-04-16 16:59 - 2013-01-09 17:26 - 01752064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-04-16 16:59 - 2013-01-09 17:26 - 01611776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-04-16 16:59 - 2013-01-09 17:26 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-04-16 16:59 - 2013-01-09 17:26 - 00436736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-04-16 16:59 - 2013-01-09 17:26 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-04-16 16:59 - 2013-01-09 17:26 - 00261120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-04-16 16:59 - 2013-01-09 17:26 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-04-16 16:59 - 2013-01-09 17:26 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-04-16 16:59 - 2013-01-09 17:23 - 02094592 ____A (Microsoft Corporation) C:\Windows\System32\mmc.exe
2013-04-16 16:59 - 2013-01-09 17:23 - 01964544 ____A (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2013-04-16 16:59 - 2013-01-09 17:23 - 01886208 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2013-04-16 16:59 - 2013-01-09 17:23 - 00728064 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-04-16 16:59 - 2013-01-09 17:23 - 00594944 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-04-16 16:59 - 2013-01-09 17:23 - 00406016 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2013-04-16 16:59 - 2013-01-09 17:23 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
2013-04-16 16:59 - 2013-01-09 17:23 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\wiaacmgr.exe
2013-04-16 16:59 - 2013-01-09 17:22 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-04-16 16:59 - 2013-01-09 17:22 - 00894464 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-04-16 16:59 - 2013-01-09 17:22 - 00666112 ____A (Microsoft Corporation) C:\Windows\System32\MP4SDECD.DLL
2013-04-16 16:59 - 2013-01-09 17:22 - 00438272 ____A (Microsoft Corporation) C:\Windows\System32\lsm.dll
2013-04-16 16:59 - 2013-01-09 17:22 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2013-04-16 16:59 - 2013-01-08 21:59 - 00341504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-04-16 16:59 - 2012-11-01 23:19 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\ncbservice.dll
2013-04-16 16:59 - 2012-11-01 23:18 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\httpprxm.dll
2013-04-16 16:59 - 2012-11-01 23:18 - 00062464 ____A (Microsoft Corporation) C:\Windows\System32\adhsvc.dll
2013-04-16 16:59 - 2012-11-01 23:18 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\adhapi.dll
2013-04-16 16:59 - 2012-11-01 23:18 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\httpprxp.dll
2013-04-16 16:59 - 2012-11-01 23:18 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\keepaliveprovider.dll
2013-04-16 16:58 - 2013-03-02 05:02 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-04-16 16:58 - 2013-03-02 04:57 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-04-16 16:58 - 2013-03-02 04:57 - 00332520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-04-16 16:58 - 2013-03-02 04:57 - 00283880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-04-16 16:58 - 2013-03-02 04:57 - 00077544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2013-04-16 16:58 - 2013-03-02 04:45 - 00194792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-04-16 16:58 - 2013-03-02 04:45 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-04-16 16:58 - 2013-03-02 04:45 - 00125160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-04-16 16:58 - 2013-03-02 04:39 - 00495336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-04-16 16:58 - 2013-03-02 04:39 - 00327912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-04-16 16:58 - 2013-03-02 04:39 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2013-04-16 16:58 - 2013-03-02 03:59 - 02231528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-04-16 16:58 - 2013-03-02 03:59 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-04-16 16:58 - 2013-03-02 02:24 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-04-16 16:58 - 2013-03-02 02:23 - 17560576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 01338880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00893952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00601088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00504320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00356352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00100864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-04-16 16:58 - 2013-03-02 02:23 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-04-16 16:58 - 2013-03-02 02:22 - 05091840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-04-16 16:58 - 2013-03-02 02:22 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-04-16 16:58 - 2013-03-02 02:22 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-04-16 16:58 - 2013-03-02 02:21 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-04-16 16:58 - 2013-03-02 02:21 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-04-16 16:58 - 2013-03-02 02:21 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-04-16 16:58 - 2013-03-02 02:21 - 00145408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-04-16 16:58 - 2013-03-02 02:21 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 19748864 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 10116608 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 03240448 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 01627648 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 01161728 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 01149952 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 01101824 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00951808 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00645120 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-04-16 16:58 - 2013-03-01 20:45 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
2013-04-16 16:58 - 2013-03-01 20:45 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\WSDPrintProxy.DLL
2013-04-16 16:58 - 2013-03-01 20:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-04-16 16:58 - 2013-03-01 20:45 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-04-16 16:58 - 2013-03-01 20:44 - 05978624 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-04-16 16:58 - 2013-03-01 20:44 - 01048576 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-04-16 16:58 - 2013-03-01 20:44 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-04-16 16:58 - 2013-03-01 20:44 - 00455168 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2013-04-16 16:58 - 2013-03-01 20:44 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2013-04-16 16:58 - 2013-03-01 20:44 - 00150016 ____A (Microsoft Corporation) C:\Windows\System32\discan.dll
2013-04-16 16:58 - 2013-03-01 20:44 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncInfo.dll
2013-04-16 16:58 - 2013-03-01 20:44 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\NdisImPlatform.dll
2013-04-16 16:58 - 2013-03-01 20:44 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2013-04-16 16:58 - 2013-03-01 20:43 - 02302464 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-04-16 16:58 - 2013-03-01 20:43 - 02146304 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2013-04-16 16:58 - 2013-03-01 20:43 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-04-16 16:58 - 2013-03-01 20:43 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2013-04-16 16:58 - 2013-03-01 20:15 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2013-04-16 16:58 - 2013-02-28 22:56 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2013-04-16 16:58 - 2013-02-20 17:08 - 00387867 ____A C:\Windows\System32\ApnDatabase.xml
2013-04-16 16:58 - 2013-02-06 19:33 - 00754176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-04-16 16:58 - 2012-11-05 22:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-04-16 16:58 - 2012-11-05 22:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
2013-04-16 16:58 - 2012-11-05 22:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
2013-04-16 16:58 - 2012-09-20 01:55 - 00212200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-04-16 16:46 - 2013-02-21 04:30 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-04-16 16:46 - 2013-02-21 04:30 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-04-16 16:46 - 2013-02-21 04:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-04-16 16:46 - 2013-02-21 04:15 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-04-16 16:46 - 2013-02-21 04:15 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-04-16 16:46 - 2013-02-21 04:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-04-16 16:46 - 2013-02-21 04:14 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-04-16 16:46 - 2013-02-21 04:14 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-04-16 16:46 - 2013-02-21 04:14 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-04-16 16:46 - 2013-02-21 04:14 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-04-16 16:46 - 2013-02-21 04:14 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-04-16 16:46 - 2013-02-21 04:14 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-04-16 16:46 - 2013-02-21 04:14 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-04-16 16:46 - 2013-02-21 04:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-04-16 16:46 - 2013-02-21 04:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-04-16 16:46 - 2013-02-19 03:53 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-04-16 16:46 - 2013-01-15 18:35 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-04-16 16:46 - 2013-01-15 18:31 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-04-16 16:46 - 2013-01-03 23:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-04-16 16:46 - 2013-01-03 22:19 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-04-16 16:46 - 2012-11-07 22:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-04-16 16:46 - 2012-11-07 22:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-04-16 16:43 - 2013-03-19 16:19 - 04041728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-04-16 16:43 - 2012-11-25 22:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-04-16 16:43 - 2012-11-25 22:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2013-04-16 16:43 - 2012-11-09 22:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-04-16 16:43 - 2012-11-09 22:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-04-16 16:43 - 2012-11-09 22:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-04-16 16:43 - 2012-11-09 22:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
2013-04-16 16:43 - 2012-11-09 22:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
2013-04-16 16:43 - 2012-11-09 22:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
2013-04-16 16:41 - 2013-03-07 00:50 - 06991592 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-04-16 16:41 - 2013-03-02 02:23 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-04-16 16:41 - 2013-03-02 02:22 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-04-16 16:41 - 2013-03-01 20:44 - 01011200 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2013-04-16 16:41 - 2013-03-01 20:44 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-04-16 16:41 - 2013-02-02 05:19 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-04-16 16:41 - 2013-02-02 05:19 - 00446184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-04-16 16:41 - 2013-02-02 04:54 - 01933544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-16 16:41 - 2013-02-02 04:28 - 00993512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-04-16 16:41 - 2013-02-02 02:40 - 10792448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-04-16 16:41 - 2013-02-02 02:40 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-04-16 16:41 - 2013-02-02 02:39 - 00325632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-04-16 16:41 - 2013-02-02 02:38 - 00567808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-04-16 16:41 - 2013-02-02 02:23 - 13643264 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-04-16 16:41 - 2013-02-02 02:23 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
2013-04-16 16:41 - 2013-02-02 02:23 - 00475136 ____A (Microsoft Corporation) C:\Windows\System32\WWanAPI.dll
2013-04-16 16:41 - 2013-02-02 02:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2013-04-16 16:41 - 2013-02-02 02:22 - 00416256 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-04-16 16:41 - 2013-02-02 02:21 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-04-16 16:41 - 2013-02-02 02:21 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-04-16 16:41 - 2013-02-02 02:20 - 00729600 ____A (Microsoft Corporation) C:\Windows\System32\duser.dll
2013-04-16 16:41 - 2013-02-02 02:20 - 00260096 ____A (Microsoft Corporation) C:\Windows\System32\hotspotauth.dll
2013-04-16 16:41 - 2012-12-14 22:55 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2013-04-16 16:41 - 2012-11-08 22:49 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-04-16 16:41 - 2012-11-08 22:03 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-04-16 16:41 - 2012-11-02 23:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
2013-04-16 16:41 - 2012-11-02 23:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
2013-04-16 16:41 - 2012-10-23 21:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2013-04-16 16:41 - 2012-10-23 20:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-04-16 16:41 - 2012-09-20 01:55 - 00488168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-04-16 16:40 - 2013-02-02 05:19 - 00061672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2013-04-16 16:40 - 2013-02-02 02:40 - 00370688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-04-16 16:40 - 2013-02-02 02:40 - 00197632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-04-16 16:40 - 2013-02-02 02:40 - 00155136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-04-16 16:40 - 2013-02-02 02:40 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-04-16 16:40 - 2013-02-02 02:40 - 00079360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-04-16 16:40 - 2013-02-02 02:39 - 00157696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-04-16 16:40 - 2013-02-02 02:39 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-04-16 16:40 - 2013-02-02 02:39 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-04-16 16:40 - 2013-02-02 02:39 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-04-16 16:40 - 2013-02-02 02:39 - 00015872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-04-16 16:40 - 2013-02-02 02:39 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-04-16 16:40 - 2013-02-02 02:24 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\taskkill.exe
2013-04-16 16:40 - 2013-02-02 02:24 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\tasklist.exe
2013-04-16 16:40 - 2013-02-02 02:23 - 00731648 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-04-16 16:40 - 2013-02-02 02:23 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2013-04-16 16:40 - 2013-02-02 02:23 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-04-16 16:40 - 2013-02-02 02:23 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2013-04-16 16:40 - 2013-02-02 02:21 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\mbsmsapi.dll
2013-04-16 16:40 - 2013-02-02 01:25 - 00297984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2013-04-16 16:40 - 2013-02-02 01:25 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-04-16 16:40 - 2013-02-02 01:25 - 00037632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-04-16 16:40 - 2012-11-26 21:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-04-16 16:40 - 2012-11-26 21:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2013-04-16 16:40 - 2012-11-19 22:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-04-16 16:40 - 2012-11-19 22:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-04-16 16:40 - 2012-09-20 01:55 - 00079080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-04-16 16:40 - 2012-09-20 01:55 - 00021736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-04-16 16:40 - 2012-09-20 00:32 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2013-04-16 16:40 - 2012-09-20 00:32 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2013-04-16 16:40 - 2012-09-20 00:09 - 00032256 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-04-16 16:38 - 2013-02-11 18:17 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-04-16 16:38 - 2013-02-05 16:31 - 00622080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-04-16 16:38 - 2013-02-05 16:29 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-04-16 16:38 - 2013-02-05 16:28 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-04-16 16:38 - 2013-02-05 16:28 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-04-16 16:38 - 2013-02-01 23:41 - 01437184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-04-16 16:38 - 2013-02-01 23:31 - 01690624 ____A (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2013-04-16 16:38 - 2012-10-23 21:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2013-04-16 16:38 - 2012-10-23 21:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2013-04-16 16:38 - 2012-10-23 21:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2013-04-16 16:38 - 2012-10-23 21:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2013-04-16 16:37 - 2012-12-16 02:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-04-16 16:37 - 2012-12-16 02:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-04-16 16:37 - 2012-12-16 02:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-04-16 16:37 - 2012-12-16 01:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-04-16 16:37 - 2012-11-07 22:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-04-16 16:37 - 2012-11-07 22:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-04-16 16:37 - 2012-11-07 22:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-04-16 16:37 - 2012-11-07 22:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2013-04-16 16:37 - 2012-11-07 22:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
2013-04-16 16:37 - 2012-11-07 22:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-04-16 16:37 - 2012-11-02 23:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2013-04-16 16:37 - 2012-11-02 23:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-04-16 16:37 - 2012-11-02 23:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-04-16 16:37 - 2012-11-02 23:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-04-16 16:37 - 2012-11-02 23:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2013-04-16 16:37 - 2012-11-02 23:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-04-16 16:37 - 2012-11-02 23:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
2013-04-16 16:37 - 2012-11-02 23:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
2013-04-16 16:37 - 2012-11-02 23:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-04-16 16:37 - 2012-11-02 23:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-04-16 16:37 - 2012-11-02 23:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
2013-04-16 16:37 - 2012-11-02 23:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2013-04-16 16:37 - 2012-11-02 23:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-04-16 16:37 - 2012-11-02 23:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-04-16 16:35 - 2013-01-28 19:57 - 00035232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2013-04-16 16:35 - 2013-01-28 17:08 - 00230904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2013-04-16 16:35 - 2012-10-31 22:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-04-16 16:35 - 2012-10-31 22:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-04-16 16:34 - 2012-10-31 22:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-04-16 16:34 - 2012-10-31 22:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-04-16 16:34 - 2012-10-31 22:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-04-16 16:34 - 2012-10-31 22:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-04-16 16:34 - 2012-10-31 22:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-04-16 16:34 - 2012-10-31 22:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-04-16 03:35 - 2013-04-16 03:35 - 00000117 ____A C:\Windows\System32\netcfg-502229.txt
2013-04-16 03:32 - 2013-04-16 03:32 - 00000117 ____A C:\Windows\System32\netcfg-335760.txt
2013-04-15 20:32 - 2013-04-15 20:32 - 00000000 ____D C:\Users\Kendra\Documents\Fax
2013-04-15 20:30 - 2013-04-15 20:30 - 01007304 ____A C:\Users\Kendra\Documents\Modern Photo Letter.oxps
2013-04-15 19:51 - 2013-04-15 19:51 - 00000117 ____A C:\Windows\System32\netcfg-21557887.txt
2013-04-15 19:50 - 2013-04-15 19:51 - 00000117 ____A C:\Windows\System32\netcfg-21557731.txt
2013-04-15 19:19 - 2013-04-15 19:19 - 00000117 ____A C:\Windows\System32\netcfg-19671242.txt
2013-04-15 19:19 - 2013-04-15 19:19 - 00000117 ____A C:\Windows\System32\netcfg-19668075.txt
2013-04-15 18:46 - 2013-04-15 18:46 - 00000117 ____A C:\Windows\System32\netcfg-17679796.txt
2013-04-15 18:46 - 2013-04-15 18:46 - 00000117 ____A C:\Windows\System32\netcfg-17678688.txt
2013-04-15 18:41 - 2013-04-15 18:41 - 00000117 ____A C:\Windows\System32\netcfg-17416466.txt
2013-04-15 18:41 - 2013-04-15 18:41 - 00000117 ____A C:\Windows\System32\netcfg-17416279.txt
2013-04-15 16:14 - 2013-04-15 16:14 - 00000117 ____A C:\Windows\System32\netcfg-8570554.txt
2013-04-15 16:14 - 2013-04-15 16:14 - 00000117 ____A C:\Windows\System32\netcfg-8569899.txt
2013-04-15 13:52 - 2013-04-15 13:52 - 00000117 ____A C:\Windows\System32\netcfg-50045.txt
2013-04-15 13:51 - 2013-04-15 13:51 - 00000117 ____A C:\Windows\System32\netcfg-2679535.txt
2013-04-15 13:39 - 2013-04-20 18:37 - 00001838 ____A C:\Users\Public\Desktop\COMODO Firewall.lnk
2013-04-15 13:39 - 2013-04-15 13:39 - 00000600 ____A C:\Users\Public\Desktop\Shared Space.lnk
2013-04-15 13:39 - 2013-04-15 13:39 - 00000167 ____A C:\Windows\System32\netcfg-1974099.txt
2013-04-15 13:39 - 2013-04-15 13:39 - 00000117 ____A C:\Windows\System32\netcfg-1978794.txt
2013-04-15 13:39 - 2013-04-15 13:39 - 00000117 ____A C:\Windows\System32\netcfg-1975690.txt
2013-04-15 13:37 - 2013-04-15 13:37 - 00000000 ____D C:\Program Files\COMODO
2013-04-15 13:27 - 2013-04-17 22:17 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\WildTangent
2013-04-15 13:25 - 2013-04-15 13:32 - 51053584 ____A (COMODO) C:\Users\Kendra\Downloads\cfw_installer_x64.exe
2013-04-15 13:08 - 2013-04-15 13:08 - 00000117 ____A C:\Windows\System32\netcfg-102009.txt
2013-04-15 13:06 - 2013-04-15 13:06 - 00000117 ____A C:\Windows\System32\netcfg-6076909.txt
2013-04-15 12:58 - 2013-04-15 12:58 - 00000000 ____D C:\Users\Kendra\AppData\LocalGoogle
2013-04-15 12:54 - 2013-04-15 12:54 - 00001929 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-04-15 12:54 - 2013-03-06 16:33 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-04-15 12:54 - 2013-03-06 16:33 - 00377920 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-04-15 12:54 - 2013-03-06 16:33 - 00178624 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-04-15 12:54 - 2013-03-06 16:33 - 00070992 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-04-15 12:54 - 2013-03-06 16:33 - 00068920 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-04-15 12:54 - 2013-03-06 16:33 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-04-15 12:54 - 2013-03-06 16:33 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-04-15 12:53 - 2013-04-15 12:53 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-04-15 12:53 - 2013-03-06 16:33 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-04-15 12:53 - 2013-03-06 16:32 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-04-15 12:52 - 2013-04-15 12:52 - 00000000 ____D C:\Program Files\AVAST Software
2013-04-15 12:52 - 2013-03-06 16:32 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-04-15 12:19 - 2013-04-15 12:32 - 115054456 ____A C:\Users\Kendra\Downloads\avast_free_antivirus_setup.exe
2013-04-15 11:55 - 2013-04-15 11:55 - 00001158 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-04-15 11:55 - 2013-04-15 11:55 - 00000117 ____A C:\Windows\System32\netcfg-1847176.txt
2013-04-15 11:55 - 2013-04-15 11:55 - 00000117 ____A C:\Windows\System32\netcfg-1846661.txt
2013-04-15 11:54 - 2013-04-15 11:55 - 08623428 ____A C:\Users\Kendra\Downloads\Unconfirmed 608854.crdownload
2013-04-15 11:54 - 2013-04-15 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-15 11:54 - 2013-04-15 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-04-15 11:52 - 2013-04-15 11:52 - 00002266 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-04-15 11:46 - 2013-05-02 13:28 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-04-15 11:46 - 2013-05-02 12:51 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-04-15 11:46 - 2013-04-15 12:58 - 00000000 ____D C:\Users\Kendra\AppData\Local\Google
2013-04-15 11:46 - 2013-04-15 12:58 - 00000000 ____D C:\Program Files (x86)\Google
2013-04-15 11:46 - 2013-04-15 11:46 - 00000000 ____D C:\Users\Kendra\AppData\Local\Deployment
2013-04-15 11:46 - 2013-04-15 11:46 - 00000000 ____D C:\Users\Kendra\AppData\Local\Apps\2.0
2013-04-15 11:45 - 2013-04-15 11:45 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\Macromedia
2013-04-15 11:41 - 2013-04-15 11:41 - 00001967 ____A C:\Users\Public\Desktop\Netflix.lnk
2013-04-15 11:41 - 2013-04-15 11:41 - 00001742 ____A C:\Users\Public\Desktop\Buy Online.lnk
2013-04-15 11:41 - 2013-04-15 11:41 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\Adobe
2013-04-15 11:41 - 2013-04-15 11:41 - 00000000 ____D C:\Program Files\Accessory Store
2013-04-15 11:40 - 2013-04-15 11:40 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\lm
2013-04-15 11:39 - 2013-04-26 19:34 - 00000000 ____D C:\Users\Kendra\AppData\Local\Packages
2013-04-15 11:39 - 2013-04-15 11:39 - 00000000 ____D C:\Users\Kendra\AppData\Local\VirtualStore
2013-04-15 11:38 - 2013-05-02 12:48 - 01480225 ____A C:\Windows\WindowsUpdate.log
2013-04-15 11:38 - 2013-04-15 11:41 - 00000000 ____D C:\users\Kendra
2013-04-15 11:38 - 2013-04-15 11:38 - 00000020 ___SH C:\Users\Kendra\ntuser.ini
2013-04-15 11:33 - 2013-04-15 11:33 - 00000117 ____A C:\Windows\System32\netcfg-505193.txt

==================== One Month Modified Files and Folders =======

2013-05-02 15:58 - 2013-05-02 15:58 - 00000000 ____D C:\FRST
2013-05-02 15:56 - 2013-05-02 15:56 - 01712312 ____A (Farbar) C:\Users\Kendra\Downloads\FRST64.exe
2013-05-02 15:53 - 2013-04-15 11:38 - 01480225 ____A C:\Windows\WindowsUpdate.log
2013-05-02 15:53 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\System32\sru
2013-05-02 13:37 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\System32\NDF
2013-05-02 13:32 - 2013-05-02 13:28 - 00387288 ____A C:\Windows\Minidump\050213-45427-01.dmp
2013-05-02 13:28 - 2013-05-02 13:27 - 00281088 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-02 13:28 - 2013-04-19 11:17 - 00000000 ____D C:\Windows\Minidump
2013-05-02 13:28 - 2013-04-15 11:46 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-02 13:28 - 2012-07-26 01:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-02 13:27 - 2013-04-19 11:17 - 425527236 ____A C:\Windows\MEMORY.DMP
2013-05-02 13:27 - 2012-12-27 03:02 - 00720174 ____A C:\Windows\PFRO.log
2013-05-02 12:51 - 2013-04-15 11:46 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-02 11:29 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-04-30 09:34 - 2013-04-22 13:37 - 00000000 ____D C:\Users\Kendra\AppData\Local\CrashDumps
2013-04-29 12:27 - 2012-07-26 01:28 - 00848230 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-29 12:16 - 2012-07-25 23:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-04-29 12:15 - 2012-07-26 02:12 - 00000000 ___RD C:\Windows\ToastData
2013-04-29 12:15 - 2012-07-26 02:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-04-29 12:15 - 2012-07-25 23:38 - 00000000 ____D C:\Windows\System32\oobe
2013-04-29 12:14 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\WinStore
2013-04-29 11:00 - 2013-04-29 11:00 - 00000000 ____D C:\Users\Kendra\Downloads\mbar-1.05.0.1001 (1)
2013-04-29 10:57 - 2013-04-29 10:53 - 12917756 ____A C:\Users\Kendra\Downloads\mbar-1.05.0.1001 (1).zip
2013-04-29 10:41 - 2013-04-29 10:41 - 00000117 ____A C:\Windows\System32\netcfg-391655283.txt
2013-04-29 10:41 - 2013-04-29 10:41 - 00000117 ____A C:\Windows\System32\netcfg-391654674.txt
2013-04-29 10:06 - 2013-04-29 10:06 - 00000117 ____A C:\Windows\System32\netcfg-389572810.txt
2013-04-29 10:06 - 2013-04-29 10:06 - 00000117 ____A C:\Windows\System32\netcfg-389569612.txt
2013-04-28 21:53 - 2013-04-28 21:53 - 00000117 ____A C:\Windows\System32\netcfg-345576472.txt
2013-04-28 21:53 - 2013-04-28 21:53 - 00000117 ____A C:\Windows\System32\netcfg-345576253.txt
2013-04-28 21:17 - 2013-04-28 21:17 - 00000117 ____A C:\Windows\System32\netcfg-343400695.txt
2013-04-28 21:17 - 2013-04-28 21:17 - 00000117 ____A C:\Windows\System32\netcfg-343400305.txt
2013-04-28 21:04 - 2013-04-28 21:04 - 00000117 ____A C:\Windows\System32\netcfg-342612032.txt
2013-04-28 21:04 - 2013-04-28 21:03 - 00000117 ____A C:\Windows\System32\netcfg-342611267.txt
2013-04-28 13:01 - 2013-04-28 13:01 - 00000117 ____A C:\Windows\System32\netcfg-313664767.txt
2013-04-28 13:01 - 2013-04-28 13:01 - 00000117 ____A C:\Windows\System32\netcfg-313661912.txt
2013-04-28 00:35 - 2013-04-28 00:35 - 00000117 ____A C:\Windows\System32\netcfg-268898424.txt
2013-04-28 00:35 - 2013-04-28 00:35 - 00000117 ____A C:\Windows\System32\netcfg-268895413.txt
2013-04-27 11:26 - 2013-04-27 11:25 - 00000117 ____A C:\Windows\System32\netcfg-221539890.txt
2013-04-27 11:25 - 2013-04-27 11:25 - 00000117 ____A C:\Windows\System32\netcfg-221539453.txt
2013-04-26 23:02 - 2013-04-26 23:02 - 00000117 ____A C:\Windows\System32\netcfg-176907302.txt
2013-04-26 23:02 - 2013-04-26 23:02 - 00000117 ____A C:\Windows\System32\netcfg-176906163.txt
2013-04-26 19:34 - 2013-04-15 11:39 - 00000000 ____D C:\Users\Kendra\AppData\Local\Packages
2013-04-26 19:30 - 2013-04-26 19:30 - 00000117 ____A C:\Windows\System32\netcfg-164235418.txt
2013-04-26 19:30 - 2013-04-26 19:30 - 00000117 ____A C:\Windows\System32\netcfg-164234841.txt
2013-04-26 13:17 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\rescache
2013-04-26 12:39 - 2013-04-26 12:39 - 00000000 ____D C:\Users\Kendra\Downloads\mbar-1.05.0.1001
2013-04-26 12:36 - 2013-04-26 12:35 - 12917756 ____A C:\Users\Kendra\Downloads\mbar-1.05.0.1001.zip

 

[mom26gr8kids]

2013-04-26 12:24 - 2013-04-26 12:24 - 00001885 ____A C:\Users\Kendra\Desktop\RKreport[2]_D_04262013_02d1224.txt
2013-04-26 12:23 - 2013-04-26 12:13 - 00000000 ____D C:\Users\Kendra\Desktop\RK_Quarantine
2013-04-26 12:22 - 2013-04-26 12:22 - 00001716 ____A C:\Users\Kendra\Desktop\RKreport[1]_S_04262013_02d1222.txt
2013-04-26 12:11 - 2013-04-26 12:11 - 00816128 ____A C:\Users\Kendra\Downloads\RogueKiller.exe
2013-04-26 12:09 - 2013-04-26 12:09 - 00000117 ____A C:\Windows\System32\netcfg-137735263.txt
2013-04-26 12:09 - 2013-04-26 12:09 - 00000117 ____A C:\Windows\System32\netcfg-137731816.txt
2013-04-26 11:18 - 2013-04-26 11:18 - 00000117 ____A C:\Windows\System32\netcfg-134715271.txt
2013-04-26 11:18 - 2013-04-26 11:18 - 00000117 ____A C:\Windows\System32\netcfg-134714476.txt
2013-04-26 02:59 - 2013-04-26 02:59 - 00000117 ____A C:\Windows\System32\netcfg-104755841.txt
2013-04-26 02:59 - 2013-04-26 02:59 - 00000117 ____A C:\Windows\System32\netcfg-104755139.txt
2013-04-25 14:47 - 2013-04-25 14:47 - 00000117 ____A C:\Windows\System32\netcfg-60860623.txt
2013-04-25 14:47 - 2013-04-25 14:47 - 00000117 ____A C:\Windows\System32\netcfg-60860295.txt
2013-04-25 13:31 - 2013-04-25 13:31 - 00000117 ____A C:\Windows\System32\netcfg-56274256.txt
2013-04-25 13:31 - 2013-04-25 13:31 - 00000117 ____A C:\Windows\System32\netcfg-56274100.txt
2013-04-25 11:27 - 2013-04-25 11:27 - 00000117 ____A C:\Windows\System32\netcfg-48816347.txt
2013-04-25 11:27 - 2013-04-25 11:27 - 00000117 ____A C:\Windows\System32\netcfg-48813102.txt
2013-04-24 21:54 - 2013-04-24 21:53 - 00390760 ____A C:\Windows\Minidump\042413-22136-01.dmp
2013-04-24 12:30 - 2013-04-24 12:30 - 00000117 ____A C:\Windows\System32\netcfg-45948394.txt
2013-04-24 12:30 - 2013-04-24 12:30 - 00000117 ____A C:\Windows\System32\netcfg-45948144.txt
2013-04-24 10:29 - 2013-04-24 10:29 - 00000117 ____A C:\Windows\System32\netcfg-38713738.txt
2013-04-24 10:29 - 2013-04-24 10:29 - 00000117 ____A C:\Windows\System32\netcfg-38713426.txt
2013-04-24 01:00 - 2013-04-24 01:00 - 00022502 ____A C:\Users\Kendra\Desktop\dds.txt
2013-04-24 01:00 - 2013-04-24 01:00 - 00016775 ____A C:\Users\Kendra\Desktop\attach.txt
2013-04-24 00:54 - 2013-04-24 00:53 - 00688992 ____R (Swearware) C:\Users\Kendra\Downloads\dds.com
2013-04-24 00:38 - 2013-04-24 00:38 - 00001120 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-04-24 00:38 - 2013-04-24 00:38 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\Malwarebytes
2013-04-24 00:38 - 2013-04-24 00:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-24 00:34 - 2013-04-24 00:33 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\Kendra\Downloads\mbam-setup-1.75.0.1300.exe
2013-04-24 00:29 - 2013-04-24 00:29 - 00000117 ____A C:\Windows\System32\netcfg-2683934.txt
2013-04-24 00:29 - 2013-04-24 00:29 - 00000117 ____A C:\Windows\System32\netcfg-2682936.txt
2013-04-23 23:45 - 2013-04-23 23:45 - 00000117 ____A C:\Windows\System32\netcfg-57408.txt
2013-04-23 23:44 - 2013-04-23 23:44 - 00000117 ____A C:\Windows\System32\netcfg-2880028.txt
2013-04-23 22:56 - 2013-04-23 22:56 - 00384696 ____A C:\Windows\Minidump\042313-24070-01.dmp
2013-04-23 22:13 - 2013-04-23 22:13 - 00000117 ____A C:\Windows\System32\netcfg-20895429.txt
2013-04-23 22:13 - 2013-04-23 22:13 - 00000117 ____A C:\Windows\System32\netcfg-20895007.txt
2013-04-23 17:21 - 2013-04-23 17:21 - 00000117 ____A C:\Windows\System32\netcfg-3429947.txt
2013-04-23 17:21 - 2013-04-23 17:21 - 00000117 ____A C:\Windows\System32\netcfg-3429104.txt
2013-04-23 16:25 - 2013-04-23 16:25 - 00385920 ____A C:\Windows\Minidump\042313-26816-01.dmp
2013-04-23 15:19 - 2013-04-23 15:19 - 00000117 ____A C:\Windows\System32\netcfg-6526270.txt
2013-04-23 15:19 - 2013-04-23 15:19 - 00000117 ____A C:\Windows\System32\netcfg-6522698.txt
2013-04-23 12:44 - 2013-04-23 12:44 - 00000117 ____A C:\Windows\System32\netcfg-4267313.txt
2013-04-23 12:44 - 2013-04-23 12:44 - 00000117 ____A C:\Windows\System32\netcfg-4264006.txt
2013-04-23 00:50 - 2013-04-23 00:50 - 00000000 ____D C:\Program Files (x86)\Build-a-lot 2 - Town of the Year
2013-04-23 00:50 - 2013-04-23 00:28 - 00000000 ____D C:\BigFishGamesCache
2013-04-23 00:35 - 2013-04-23 00:35 - 00000970 ____A C:\Users\Public\Desktop\Game Manager.lnk
2013-04-23 00:35 - 2013-04-23 00:35 - 00000231 ____A C:\Users\Public\Desktop\More Great Games.url
2013-04-23 00:34 - 2013-04-23 00:34 - 00000000 ____D C:\Program Files (x86)\bfgclient
2013-04-23 00:27 - 2013-04-23 00:27 - 00235080 ____A (Big Fish Games) C:\Users\Kendra\Downloads\bigfishgames_p124488422_s1_l1.exe
2013-04-22 16:56 - 2013-04-22 16:56 - 00000117 ____A C:\Windows\System32\netcfg-166701357.txt
2013-04-22 16:56 - 2013-04-22 16:56 - 00000117 ____A C:\Windows\System32\netcfg-166698081.txt
2013-04-22 13:37 - 2013-04-22 13:37 - 00000117 ____A C:\Windows\System32\netcfg-154772944.txt
2013-04-22 13:37 - 2013-04-22 13:37 - 00000117 ____A C:\Windows\System32\netcfg-154772679.txt
2013-04-22 13:35 - 2013-04-22 13:35 - 00000117 ____A C:\Windows\System32\netcfg-154654352.txt
2013-04-22 13:35 - 2013-04-22 13:35 - 00000117 ____A C:\Windows\System32\netcfg-154651185.txt
2013-04-22 12:40 - 2013-04-22 12:40 - 00000117 ____A C:\Windows\System32\netcfg-151344806.txt
2013-04-22 12:40 - 2013-04-22 12:40 - 00000117 ____A C:\Windows\System32\netcfg-151344198.txt
2013-04-22 12:25 - 2013-04-22 12:25 - 00000117 ____A C:\Windows\System32\netcfg-150441311.txt
2013-04-22 12:25 - 2013-04-22 12:25 - 00000117 ____A C:\Windows\System32\netcfg-150438284.txt
2013-04-22 12:24 - 2013-04-22 12:24 - 00000117 ____A C:\Windows\System32\netcfg-150400095.txt
2013-04-22 12:24 - 2013-04-22 12:24 - 00000117 ____A C:\Windows\System32\netcfg-150399674.txt
2013-04-22 11:56 - 2013-04-22 11:56 - 00000117 ____A C:\Windows\System32\netcfg-148702118.txt
2013-04-22 11:56 - 2013-04-22 11:56 - 00000117 ____A C:\Windows\System32\netcfg-148701463.txt
2013-04-22 08:46 - 2013-04-22 08:46 - 00000117 ____A C:\Windows\System32\netcfg-137281347.txt
2013-04-22 08:46 - 2013-04-22 08:46 - 00000117 ____A C:\Windows\System32\netcfg-137281129.txt
2013-04-22 08:37 - 2013-04-22 08:37 - 00000117 ____A C:\Windows\System32\netcfg-136737777.txt
2013-04-22 08:37 - 2013-04-22 08:37 - 00000117 ____A C:\Windows\System32\netcfg-136737465.txt
2013-04-21 22:08 - 2013-04-21 22:08 - 00000117 ____A C:\Windows\System32\netcfg-99016673.txt
2013-04-21 22:08 - 2013-04-21 22:08 - 00000117 ____A C:\Windows\System32\netcfg-99013460.txt
2013-04-21 21:14 - 2013-04-21 21:14 - 00358912 ____A C:\Users\Kendra\Downloads\75off.ppt
2013-04-21 20:02 - 2013-04-21 20:02 - 00000117 ____A C:\Windows\System32\netcfg-91484508.txt
2013-04-21 20:02 - 2013-04-21 20:02 - 00000117 ____A C:\Windows\System32\netcfg-91484181.txt
2013-04-21 16:48 - 2013-04-21 16:48 - 00000117 ____A C:\Windows\System32\netcfg-79815181.txt
2013-04-21 16:48 - 2013-04-21 16:48 - 00000117 ____A C:\Windows\System32\netcfg-79815025.txt
2013-04-21 16:38 - 2013-04-21 16:38 - 00000117 ____A C:\Windows\System32\netcfg-79213282.txt
2013-04-21 16:38 - 2013-04-21 16:38 - 00000117 ____A C:\Windows\System32\netcfg-79212892.txt
2013-04-20 21:04 - 2013-04-20 21:04 - 00000117 ____A C:\Windows\System32\netcfg-8775430.txt
2013-04-20 21:04 - 2013-04-20 21:04 - 00000117 ____A C:\Windows\System32\netcfg-8774619.txt
2013-04-20 18:37 - 2013-04-20 18:37 - 00000326 ____A C:\Windows\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}.job
2013-04-20 18:37 - 2013-04-15 13:39 - 00001838 ____A C:\Users\Public\Desktop\COMODO Firewall.lnk
2013-04-19 21:15 - 2013-04-19 21:15 - 00000117 ____A C:\Windows\System32\netcfg-35480742.txt
2013-04-19 21:15 - 2013-04-19 21:15 - 00000117 ____A C:\Windows\System32\netcfg-35478230.txt
2013-04-19 21:08 - 2013-04-19 21:08 - 00000117 ____A C:\Windows\System32\netcfg-35084718.txt
2013-04-19 21:08 - 2013-04-19 21:08 - 00000117 ____A C:\Windows\System32\netcfg-35083798.txt
2013-04-19 17:02 - 2013-04-19 17:02 - 00000117 ____A C:\Windows\System32\netcfg-20313280.txt
2013-04-19 17:02 - 2013-04-19 17:02 - 00000117 ____A C:\Windows\System32\netcfg-20310128.txt
2013-04-19 16:55 - 2013-04-19 16:55 - 00000117 ____A C:\Windows\System32\netcfg-19892155.txt
2013-04-19 16:55 - 2013-04-19 16:55 - 00000117 ____A C:\Windows\System32\netcfg-19891593.txt
2013-04-19 16:38 - 2013-04-19 16:38 - 00000117 ____A C:\Windows\System32\netcfg-18863250.txt
2013-04-19 16:38 - 2013-04-19 16:38 - 00000117 ____A C:\Windows\System32\netcfg-18859943.txt
2013-04-19 15:06 - 2013-04-19 15:06 - 00000117 ____A C:\Windows\System32\netcfg-13329068.txt
2013-04-19 15:06 - 2013-04-19 15:06 - 00000117 ____A C:\Windows\System32\netcfg-13328772.txt
2013-04-19 14:29 - 2013-04-19 14:29 - 00000117 ____A C:\Windows\System32\netcfg-11156193.txt
2013-04-19 14:29 - 2013-04-19 14:29 - 00000117 ____A C:\Windows\System32\netcfg-11152948.txt
2013-04-19 14:19 - 2013-04-19 14:19 - 00000117 ____A C:\Windows\System32\netcfg-10539162.txt
2013-04-19 14:19 - 2013-04-19 14:19 - 00000117 ____A C:\Windows\System32\netcfg-10538897.txt
2013-04-19 11:26 - 2013-04-19 11:25 - 00000128 ____A C:\Windows\System32\netcfg-124379.txt
2013-04-19 11:25 - 2013-04-19 11:25 - 00000117 ____A C:\Windows\System32\netcfg-96783.txt
2013-04-19 11:23 - 2013-04-19 11:23 - 00000117 ____A C:\Windows\System32\netcfg-372389.txt
2013-04-19 11:22 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-04-19 11:19 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-04-19 11:19 - 2012-07-26 02:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-04-19 11:17 - 2013-04-19 11:17 - 00385920 ____A C:\Windows\Minidump\041913-25038-01.dmp
2013-04-18 11:02 - 2013-01-16 20:51 - 00118400 ____A (COMODO) C:\Windows\System32\Drivers\inspect.sys
2013-04-17 22:17 - 2013-04-15 13:27 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\WildTangent
2013-04-17 22:17 - 2012-12-27 03:47 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-04-17 21:14 - 2013-04-17 21:14 - 00017920 __ASH C:\Users\Kendra\Downloads\Thumbs.db
2013-04-17 21:04 - 2013-04-17 21:04 - 00000000 ____A C:\Users\Kendra\Downloads\ouam2.htm
2013-04-17 21:03 - 2013-04-17 21:03 - 00000000 ____A C:\Users\Kendra\Downloads\ouam.htm
2013-04-16 21:39 - 2013-04-16 21:39 - 00113152 ____A C:\Users\Kendra\Downloads\Mentor Appreciation 2.pub
2013-04-16 19:26 - 2013-04-16 19:12 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-04-16 19:13 - 2013-04-16 19:13 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\SUPERAntiSpyware.com
2013-04-16 19:12 - 2013-04-16 19:12 - 00001815 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-04-16 19:04 - 2013-04-16 18:57 - 21235504 ____A (SUPERAntiSpyware.com) C:\Users\Kendra\Downloads\SUPERAntiSpyware.exe
2013-04-16 18:12 - 2013-04-16 18:12 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\Mozilla
2013-04-16 18:12 - 2013-04-16 18:12 - 00000000 ____D C:\Users\Kendra\AppData\Local\Mozilla
2013-04-16 18:05 - 2013-04-16 18:05 - 00000117 ____A C:\Windows\System32\netcfg-101624214.txt
2013-04-16 18:05 - 2013-04-16 18:05 - 00000117 ____A C:\Windows\System32\netcfg-101621484.txt
2013-04-16 03:35 - 2013-04-16 03:35 - 00000117 ____A C:\Windows\System32\netcfg-502229.txt
2013-04-16 03:32 - 2013-04-16 03:32 - 00000117 ____A C:\Windows\System32\netcfg-335760.txt
2013-04-15 20:32 - 2013-04-15 20:32 - 00000000 ____D C:\Users\Kendra\Documents\Fax
2013-04-15 20:30 - 2013-04-15 20:30 - 01007304 ____A C:\Users\Kendra\Documents\Modern Photo Letter.oxps
2013-04-15 19:51 - 2013-04-15 19:51 - 00000117 ____A C:\Windows\System32\netcfg-21557887.txt
2013-04-15 19:51 - 2013-04-15 19:50 - 00000117 ____A C:\Windows\System32\netcfg-21557731.txt
2013-04-15 19:19 - 2013-04-15 19:19 - 00000117 ____A C:\Windows\System32\netcfg-19671242.txt
2013-04-15 19:19 - 2013-04-15 19:19 - 00000117 ____A C:\Windows\System32\netcfg-19668075.txt
2013-04-15 18:46 - 2013-04-15 18:46 - 00000117 ____A C:\Windows\System32\netcfg-17679796.txt
2013-04-15 18:46 - 2013-04-15 18:46 - 00000117 ____A C:\Windows\System32\netcfg-17678688.txt
2013-04-15 18:41 - 2013-04-15 18:41 - 00000117 ____A C:\Windows\System32\netcfg-17416466.txt
2013-04-15 18:41 - 2013-04-15 18:41 - 00000117 ____A C:\Windows\System32\netcfg-17416279.txt
2013-04-15 16:14 - 2013-04-15 16:14 - 00000117 ____A C:\Windows\System32\netcfg-8570554.txt
2013-04-15 16:14 - 2013-04-15 16:14 - 00000117 ____A C:\Windows\System32\netcfg-8569899.txt
2013-04-15 13:52 - 2013-04-15 13:52 - 00000117 ____A C:\Windows\System32\netcfg-50045.txt
2013-04-15 13:51 - 2013-04-15 13:51 - 00000117 ____A C:\Windows\System32\netcfg-2679535.txt
2013-04-15 13:39 - 2013-04-15 13:39 - 00000600 ____A C:\Users\Public\Desktop\Shared Space.lnk
2013-04-15 13:39 - 2013-04-15 13:39 - 00000167 ____A C:\Windows\System32\netcfg-1974099.txt
2013-04-15 13:39 - 2013-04-15 13:39 - 00000117 ____A C:\Windows\System32\netcfg-1978794.txt
2013-04-15 13:39 - 2013-04-15 13:39 - 00000117 ____A C:\Windows\System32\netcfg-1975690.txt
2013-04-15 13:37 - 2013-04-15 13:37 - 00000000 ____D C:\Program Files\COMODO
2013-04-15 13:32 - 2013-04-15 13:25 - 51053584 ____A (COMODO) C:\Users\Kendra\Downloads\cfw_installer_x64.exe
2013-04-15 13:27 - 2012-12-27 03:47 - 00002654 ____N C:\Users\Public\Desktop\WildTangent Games App - gateway.lnk
2013-04-15 13:08 - 2013-04-15 13:08 - 00000117 ____A C:\Windows\System32\netcfg-102009.txt
2013-04-15 13:06 - 2013-04-15 13:06 - 00000117 ____A C:\Windows\System32\netcfg-6076909.txt
2013-04-15 13:03 - 2012-07-26 02:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-04-15 13:03 - 2012-07-25 23:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-04-15 12:58 - 2013-04-15 12:58 - 00000000 ____D C:\Users\Kendra\AppData\LocalGoogle
2013-04-15 12:58 - 2013-04-15 11:46 - 00000000 ____D C:\Users\Kendra\AppData\Local\Google
2013-04-15 12:58 - 2013-04-15 11:46 - 00000000 ____D C:\Program Files (x86)\Google
2013-04-15 12:54 - 2013-04-15 12:54 - 00001929 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-04-15 12:53 - 2013-04-15 12:53 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-04-15 12:52 - 2013-04-15 12:52 - 00000000 ____D C:\Program Files\AVAST Software
2013-04-15 12:52 - 2012-07-26 02:12 - 00000000 ____D C:\Windows\System32\restore
2013-04-15 12:32 - 2013-04-15 12:19 - 115054456 ____A C:\Users\Kendra\Downloads\avast_free_antivirus_setup.exe
2013-04-15 11:55 - 2013-04-15 11:55 - 00001158 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-04-15 11:55 - 2013-04-15 11:55 - 00000117 ____A C:\Windows\System32\netcfg-1847176.txt
2013-04-15 11:55 - 2013-04-15 11:55 - 00000117 ____A C:\Windows\System32\netcfg-1846661.txt
2013-04-15 11:55 - 2013-04-15 11:54 - 08623428 ____A C:\Users\Kendra\Downloads\Unconfirmed 608854.crdownload
2013-04-15 11:54 - 2013-04-15 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-04-15 11:54 - 2013-04-15 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-04-15 11:52 - 2013-04-15 11:52 - 00002266 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-04-15 11:46 - 2013-04-15 11:46 - 00000000 ____D C:\Users\Kendra\AppData\Local\Deployment
2013-04-15 11:46 - 2013-04-15 11:46 - 00000000 ____D C:\Users\Kendra\AppData\Local\Apps\2.0
2013-04-15 11:45 - 2013-04-15 11:45 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\Macromedia
2013-04-15 11:42 - 2012-12-27 02:53 - 00000000 ___HD C:\OEM
2013-04-15 11:41 - 2013-04-15 11:41 - 00001967 ____A C:\Users\Public\Desktop\Netflix.lnk
2013-04-15 11:41 - 2013-04-15 11:41 - 00001742 ____A C:\Users\Public\Desktop\Buy Online.lnk
2013-04-15 11:41 - 2013-04-15 11:41 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\Adobe
2013-04-15 11:41 - 2013-04-15 11:41 - 00000000 ____D C:\Program Files\Accessory Store
2013-04-15 11:41 - 2013-04-15 11:38 - 00000000 ____D C:\users\Kendra
2013-04-15 11:40 - 2013-04-15 11:40 - 00000000 ____D C:\Users\Kendra\AppData\Roaming\lm
2013-04-15 11:39 - 2013-04-15 11:39 - 00000000 ____D C:\Users\Kendra\AppData\Local\VirtualStore
2013-04-15 11:38 - 2013-04-15 11:38 - 00000020 ___SH C:\Users\Kendra\ntuser.ini
2013-04-15 11:38 - 2013-01-24 23:43 - 00437176 ____A (COMODO) C:\Windows\System32\guard64.dll
2013-04-15 11:38 - 2013-01-24 23:43 - 00348584 ____A (COMODO) C:\Windows\SysWOW64\guard32.dll
2013-04-15 11:38 - 2013-01-24 23:43 - 00043216 ____A (COMODO) C:\Windows\System32\cmdcsr.dll
2013-04-15 11:38 - 2013-01-24 23:42 - 00343760 ____A (COMODO) C:\Windows\System32\cmdvrt64.dll
2013-04-15 11:38 - 2013-01-24 23:42 - 00276688 ____A (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2013-04-15 11:38 - 2013-01-24 23:42 - 00045776 ____A (COMODO) C:\Windows\System32\cmdkbd64.dll
2013-04-15 11:38 - 2013-01-24 23:42 - 00040656 ____A (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2013-04-15 11:38 - 2013-01-16 20:51 - 00712216 ____A (COMODO) C:\Windows\System32\Drivers\cmdguard.sys
2013-04-15 11:38 - 2013-01-16 20:51 - 00037560 ____A (COMODO) C:\Windows\System32\Drivers\cmdhlp.sys
2013-04-15 11:38 - 2013-01-16 20:51 - 00023168 ____A (COMODO) C:\Windows\System32\Drivers\cmderd.sys
2013-04-15 11:33 - 2013-04-15 11:33 - 00000117 ____A C:\Windows\System32\netcfg-505193.txt
2013-04-04 14:50 - 2013-04-24 00:38 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-04-02 16:08 - 2012-07-26 02:14 - 00692576 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-04-02 16:08 - 2012-07-26 02:14 - 00078176 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


Last Boot: 2012-12-27 03:02

==================== End Of Log ============================

 

[mom26gr8kids]

Here is the attachment of addition.txt. The instructions said to attach it, but if you would rather I copy and paste let me know

 

[mom26gr8kids]

Is it all right to run my regular weekly virus scans (Avast and Super AntiSpyware) as well as install Comodo updates or would you like me to still wait on that?

 

[Broni]

It's fine. Make sure your security programs are always up to date.

FRST log looks good.

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the contents of that logfile with your next reply.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[mom26gr8kids]

# AdwCleaner v2.300 - Logfile created 05/05/2013 at 22:15:47
# Updated 28/04/2013 by Xplode
# Operating system : Windows 8 (64 bits)
# User : Kendra - MOMSPC
# Boot Mode : Normal
# Running from : C:\Users\Kendra\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\boost_interprocess

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\3el9feo0.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [965 octets] - [05/05/2013 22:07:10]
AdwCleaner[S1].txt - [902 octets] - [05/05/2013 22:15:47]

########## EOF - C:\AdwCleaner[S1].txt - [961 octets] ##########

 

[mom26gr8kids]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.3 (04.29.2013:2)
OS: Windows 8 x64
Ran by Kendra on Sun 05/05/2013 at 22:33:45.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\big fish games"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 05/05/2013 at 22:59:00.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[mom26gr8kids]

OTL logfile created on: 5/5/2013 11:07:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kendra\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.45 Gb Total Physical Memory | 4.32 Gb Available Physical Memory | 79.39% Memory free
10.95 Gb Paging File | 9.53 Gb Available in Paging File | 87.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.19 Gb Total Space | 642.72 Gb Free Space | 94.21% Space Free | Partition Type: NTFS

Computer Name: MOMSPC | User Name: Kendra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/05 23:03:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kendra\Downloads\OTL.exe
PRC - [2013/04/15 11:46:30 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013/03/06 16:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 16:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/01/16 12:23:36 | 000,111,216 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\RadioController\RfBtnHelper.exe
PRC - [2012/12/10 02:39:14 | 000,475,984 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/12/10 02:39:10 | 001,192,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/12/10 02:39:10 | 000,350,544 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/11/02 18:36:52 | 000,259,136 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
PRC - [2012/11/02 18:36:40 | 000,624,192 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
PRC - [2012/09/19 18:07:44 | 000,995,856 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2011/11/25 18:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/02 18:38:02 | 000,465,384 | ---- | M] () -- C:\Program Files (x86)\NTI\Gateway MyBackup\sqlite3.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/04/24 18:30:16 | 005,784,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013/04/15 11:38:20 | 000,158,928 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013/03/06 16:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/03/01 20:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 20:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/02 02:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/28 19:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/09 17:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 17:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/12/13 15:45:06 | 000,664,288 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/11/20 04:48:38 | 000,100,752 | ---- | M] (ELAN Microelectronics Corp.) [Auto | Running] -- C:\Program Files\Elantech\ETDService.exe -- (ETDService)
SRV:64bit: - [2012/11/16 16:07:20 | 000,469,648 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2012/11/05 22:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/09/20 03:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 00:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/20 00:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/09/17 12:38:00 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/25 21:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/25 21:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/25 21:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/25 21:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/25 21:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/25 21:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/25 21:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/25 21:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/25 21:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/25 21:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/25 21:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/25 21:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/25 21:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/25 18:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/11 12:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2013/04/10 00:58:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/16 12:23:36 | 000,098,160 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012/12/10 02:39:10 | 000,350,544 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/11/02 18:36:52 | 000,259,136 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2012/09/12 21:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/08/15 13:44:50 | 003,943,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/07/25 21:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/25 21:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2011/11/25 18:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/15 11:38:55 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013/03/06 16:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/03/06 16:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/03/06 16:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/03/06 16:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/03/06 16:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/03/06 16:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/03/06 16:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/03/06 16:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/03/02 04:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/03/02 04:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/03/02 04:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 04:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/03/02 04:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/03/02 04:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/02 05:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/02/02 01:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/01/28 19:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/01/28 17:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/01/16 12:28:05 | 006,835,784 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BCMWL63a.SYS -- (BCM43XX)
DRV:64bit: - [2013/01/16 12:23:36 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2013/01/09 19:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/11/26 21:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 04:48:40 | 000,331,152 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/11/19 22:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/19 03:34:56 | 000,118,936 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012/11/05 21:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 02:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 01:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 01:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 01:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 01:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 01:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/18 20:40:38 | 000,343,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/09/17 14:15:48 | 010,316,800 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/09/17 12:12:42 | 000,370,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/08/28 06:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012/08/20 22:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/07/25 23:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/25 23:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/25 23:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/25 23:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/25 23:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/25 23:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/25 23:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/25 23:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/25 23:00:54 | 000,056,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/07/25 23:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/25 23:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/25 23:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/25 23:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/25 23:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/25 23:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/25 23:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/25 23:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/25 23:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/25 22:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/25 22:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/07/25 22:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/25 21:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/25 20:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/25 20:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/25 20:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/25 20:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/25 20:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/25 20:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/25 20:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/25 20:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/25 20:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/25 20:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/25 20:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/25 20:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/25 20:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/25 20:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/25 20:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/25 20:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/25 20:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/25 20:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/25 20:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/25 20:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/25 20:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/06/29 20:00:53 | 001,119,232 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rtwlane.sys -- (RTL8192Ce)
DRV:64bit: - [2012/06/23 08:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012/05/25 18:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00E\ccSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2011/07/22 10:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 15:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/05/05 18:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 18:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UBHelper.sys -- (UBHelper)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{B277A523-F32E-4415-B0A5-C9795B9F5EFD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{B277A523-F32E-4415-B0A5-C9795B9F5EFD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2205581236-1962149331-2801561248-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKU\S-1-5-21-2205581236-1962149331-2801561248-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
IE - HKU\S-1-5-21-2205581236-1962149331-2801561248-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2205581236-1962149331-2801561248-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/04/15 12:53:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/15 11:54:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/04/16 18:12:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kendra\AppData\Roaming\mozilla\Extensions
[2013/04/15 11:54:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/04/10 00:58:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/04/10 00:57:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/10 00:57:54 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://acer13.msn.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - Extension: Google Docs = C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! WebRep = C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Gmail = C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/25 23:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LManager] File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [RadioController] C:\Program Files (x86)\RadioController\RfBtnHelper.exe (Dritek System Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2205581236-1962149331-2801561248-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93861460-374F-46E0-90B7-36421D29E88F}: NameServer = 8.26.56.26,156.154.70.22
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/05 22:33:43 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/05/05 22:33:10 | 000,000,000 | ---D | C] -- C:\JRT
[2013/05/05 21:59:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/05/02 15:58:52 | 000,000,000 | ---D | C] -- C:\FRST
[2013/05/02 13:38:16 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Diagnostics
[2013/04/26 12:13:10 | 000,000,000 | ---D | C] -- C:\Users\Kendra\Desktop\RK_Quarantine
[2013/04/24 00:38:29 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\Malwarebytes
[2013/04/24 00:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/24 00:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/24 00:38:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/24 00:38:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/24 00:37:52 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Programs
[2013/04/23 00:50:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Build-a-lot 2 - Town of the Year
[2013/04/23 00:50:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Build-a-lot 2 - Town of the Year
[2013/04/23 00:34:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games
[2013/04/23 00:34:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgclient
[2013/04/23 00:28:05 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2013/04/22 13:37:50 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\CrashDumps
[2013/04/19 11:17:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/04/17 22:20:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Wild Tangent
[2013/04/16 19:13:38 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\SUPERAntiSpyware.com
[2013/04/16 19:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/04/16 19:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/04/16 19:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/04/16 18:12:27 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\Mozilla
[2013/04/16 18:12:27 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Mozilla
[2013/04/15 20:32:30 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Documents\Scanned Documents
[2013/04/15 20:32:29 | 000,000,000 | ---D | C] -- C:\Users\Kendra\Documents\Fax
[2013/04/15 13:39:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2013/04/15 13:39:34 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013/04/15 13:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013/04/15 13:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2013/04/15 13:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013/04/15 13:27:43 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\WildTangent
[2013/04/15 12:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/04/15 12:54:25 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/04/15 12:54:25 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/04/15 12:54:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/04/15 12:54:22 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/04/15 12:54:21 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/04/15 12:54:05 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/04/15 12:53:57 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/04/15 12:53:56 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/04/15 12:52:43 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/04/15 12:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/04/15 12:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/04/15 11:54:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/04/15 11:54:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/04/15 11:54:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/04/15 11:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/04/15 11:46:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/04/15 11:46:26 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Google
[2013/04/15 11:46:07 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Apps
[2013/04/15 11:46:06 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Deployment
[2013/04/15 11:45:28 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\Macromedia
[2013/04/15 11:42:20 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gateway
[2013/04/15 11:41:50 | 000,000,000 | ---D | C] -- C:\Program Files\Accessory Store
[2013/04/15 11:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM_E471269A730D
[2013/04/15 11:41:36 | 000,000,000 | R--D | C] -- C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/04/15 11:41:36 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Searches
[2013/04/15 11:41:36 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Contacts
[2013/04/15 11:41:36 | 000,000,000 | R--D | C] -- C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/04/15 11:41:36 | 000,000,000 | -H-D | C] -- C:\Users\Kendra\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/04/15 11:41:29 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\Adobe
[2013/04/15 11:40:55 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\lm
[2013/04/15 11:39:35 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\VirtualStore
[2013/04/15 11:39:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2013/04/15 11:39:08 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Packages
[2013/04/15 11:38:49 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/04/15 11:38:39 | 000,000,000 | --SD | C] -- C:\Users\Kendra\AppData\Roaming\Microsoft
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Videos
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Saved Games
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Pictures
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Music
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Links
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Favorites
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Downloads
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Documents
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\Desktop
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/04/15 11:38:39 | 000,000,000 | R--D | C] -- C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\AppData\Local\Temporary Internet Files
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Templates
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Start Menu
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\SendTo
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Recent
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\PrintHood
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\NetHood
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Documents\My Videos
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Documents\My Pictures
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Documents\My Music
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\My Documents
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Local Settings
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\AppData\Local\History
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Cookies
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\Application Data
[2013/04/15 11:38:39 | 000,000,000 | -HSD | C] -- C:\Users\Kendra\AppData\Local\Application Data
[2013/04/15 11:38:39 | 000,000,000 | -H-D | C] -- C:\Users\Kendra\AppData
[2013/04/15 11:38:39 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Temp
[2013/04/15 11:38:39 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Local\Microsoft
[2013/04/15 11:38:39 | 000,000,000 | ---D | C] -- C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

========== Files - Modified Within 30 Days ==========

[2013/05/05 22:51:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/05 22:26:49 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/05 22:19:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/05 22:16:56 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/05/05 22:16:49 | 384,409,599 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/05 22:16:07 | 000,000,101 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/02 19:55:27 | 396,935,344 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/05/02 13:28:04 | 000,281,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/29 12:27:00 | 000,848,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/29 12:27:00 | 000,719,418 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/29 12:27:00 | 000,132,748 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/24 00:38:13 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/23 08:04:10 | 000,437,176 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2013/04/23 08:04:10 | 000,348,048 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2013/04/23 00:35:29 | 000,000,970 | ---- | M] () -- C:\Users\Public\Desktop\Game Manager.lnk
[2013/04/23 00:35:29 | 000,000,231 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.url
[2013/04/20 18:37:29 | 000,001,838 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2013/04/20 18:37:29 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}.job
[2013/04/16 19:12:50 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/04/15 20:30:49 | 001,007,304 | ---- | M] () -- C:\Users\Kendra\Documents\Modern Photo Letter.oxps
[2013/04/15 13:39:53 | 000,000,600 | ---- | M] () -- C:\Users\Public\Desktop\Shared Space.lnk
[2013/04/15 13:27:59 | 000,002,654 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - gateway.lnk
[2013/04/15 13:08:26 | 000,002,290 | ---- | M] () -- C:\Users\Kendra\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/04/15 12:54:26 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/04/15 12:53:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/04/15 11:55:02 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/04/15 11:52:06 | 000,002,266 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/15 11:45:18 | 000,001,435 | ---- | M] () -- C:\Users\Kendra\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/04/15 11:41:50 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\Buy Online.lnk
[2013/04/15 11:41:43 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\Netflix.lnk
[2013/04/15 11:38:55 | 000,023,168 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2013/04/15 11:38:38 | 000,043,216 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2013/04/15 11:38:29 | 000,343,760 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll
[2013/04/15 11:38:28 | 000,045,776 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll
[2013/04/15 11:38:25 | 000,276,688 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll
[2013/04/15 11:38:24 | 000,040,656 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll

 

[mom26gr8kids]

OTL logfile created on: 5/5/2013 11:07:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kendra\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.45 Gb Total Physical Memory | 4.32 Gb Available Physical Memory | 79.39% Memory free
10.95 Gb Paging File | 9.53 Gb Available in Paging File | 87.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.19 Gb Total Space | 642.72 Gb Free Space | 94.21% Space Free | Partition Type: NTFS

Computer Name: MOMSPC | User Name: Kendra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/05 23:03:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kendra\Downloads\OTL.exe
PRC - [2013/04/15 11:46:30 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013/03/06 16:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/06 16:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/01/16 12:23:36 | 000,111,216 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\RadioController\RfBtnHelper.exe
PRC - [2012/12/10 02:39:14 | 000,475,984 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012/12/10 02:39:10 | 001,192,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012/12/10 02:39:10 | 000,350,544 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012/11/02 18:36:52 | 000,259,136 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
PRC - [2012/11/02 18:36:40 | 000,624,192 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
PRC - [2012/09/19 18:07:44 | 000,995,856 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2011/11/25 18:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/02 18:38:02 | 000,465,384 | ---- | M] () -- C:\Program Files (x86)\NTI\Gateway MyBackup\sqlite3.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/04/24 18:30:16 | 005,784,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013/04/15 11:38:20 | 000,158,928 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013/03/06 16:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/03/01 20:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/01 20:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/02/02 02:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/01/28 19:57:14 | 000,014,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/01/09 17:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/09 17:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/12/13 15:45:06 | 000,664,288 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc)


========== Files Created - No Company Name ==========

[2013/05/05 22:15:53 | 000,000,101 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/02 13:27:55 | 000,281,088 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/26 19:55:31 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2013/04/26 19:55:31 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/04/24 00:38:12 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/23 00:35:29 | 000,000,970 | ---- | C] () -- C:\Users\Public\Desktop\Game Manager.lnk
[2013/04/23 00:35:29 | 000,000,231 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.url
[2013/04/23 00:34:27 | 000,001,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
[2013/04/23 00:34:27 | 000,001,248 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
[2013/04/20 18:37:29 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}.job
[2013/04/19 11:17:39 | 396,935,344 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/04/16 19:12:50 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/04/16 16:58:27 | 000,387,867 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/04/15 20:30:49 | 001,007,304 | ---- | C] () -- C:\Users\Kendra\Documents\Modern Photo Letter.oxps
[2013/04/15 13:39:55 | 000,001,838 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2013/04/15 13:39:53 | 000,000,600 | ---- | C] () -- C:\Users\Public\Desktop\Shared Space.lnk
[2013/04/15 12:54:26 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/04/15 12:54:03 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/04/15 12:54:00 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/04/15 12:53:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013/04/15 11:55:01 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/04/15 11:55:00 | 000,001,170 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/04/15 11:52:06 | 000,002,290 | ---- | C] () -- C:\Users\Kendra\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/04/15 11:52:05 | 000,002,266 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/15 11:46:33 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/15 11:46:32 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/15 11:45:18 | 000,001,435 | ---- | C] () -- C:\Users\Kendra\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/04/15 11:41:50 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\Buy Online.lnk
[2013/04/15 11:41:43 | 000,001,967 | ---- | C] () -- C:\Users\Public\Desktop\Netflix.lnk
[2013/04/15 11:41:29 | 000,001,441 | ---- | C] () -- C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/04/15 11:38:39 | 000,000,352 | ---- | C] () -- C:\Users\Kendra\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/04/15 11:38:39 | 000,000,334 | ---- | C] () -- C:\Users\Kendra\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/01/16 12:21:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/12/27 02:55:03 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/12/27 02:55:03 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/12/27 02:55:02 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/07/26 02:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 02:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 01:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/25 19:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 14:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 14:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 08:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012/05/10 18:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/01 20:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/02 02:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/25 21:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/25 21:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/25 21:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/04/15 11:40:56 | 000,000,000 | ---D | M] -- C:\Users\Kendra\AppData\Roaming\lm
[2013/04/17 22:17:08 | 000,000,000 | ---D | M] -- C:\Users\Kendra\AppData\Roaming\WildTangent

========== Purity Check ==========



< End of report >

 

[mom26gr8kids]

Sorry, started posting the OTL file twice

 

[mom26gr8kids]

OTL Extras logfile created on: 5/5/2013 11:07:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kendra\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.45 Gb Total Physical Memory | 4.32 Gb Available Physical Memory | 79.39% Memory free
10.95 Gb Paging File | 9.53 Gb Available in Paging File | 87.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682.19 Gb Total Space | 642.72 Gb Free Space | 94.21% Space Free | Partition Type: NTFS

Computer Name: MOMSPC | User Name: Kendra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2205581236-1962149331-2801561248-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{261EE935-8E78-4E97-9BB5-ADF0D625DA52}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2AADDED0-8283-4BF0-B290-08EAE80F70BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{33D1690F-E7F1-47FA-8D24-22818A8A2180}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3B91111F-B7DE-42AA-B3B7-CFE9BE283BD2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{535CC225-F66C-4AE0-AA55-30026365AB75}" = lport=445 | protocol=6 | dir=in | app=system |
"{5417CD53-EDAE-4A98-BDDC-F0E2DFADB046}" = lport=137 | protocol=17 | dir=in | app=system |
"{67BBA478-9D2E-4F00-A452-35C37F1DECEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{71B11B4A-9F8C-44D2-A84F-5ED650F306CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8251A93F-6AFD-469D-BF71-E6F1524A5F5B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B5A6E1B-6D73-4A75-90B5-8FA3361FBA87}" = lport=138 | protocol=17 | dir=in | app=system |
"{945B3111-D5BA-48C7-83B8-B45CC36968A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{97B8760E-8E9D-4C47-A63C-F07E7C784B12}" = rport=139 | protocol=6 | dir=out | app=system |
"{9E51A0B3-28AE-4F1F-9068-9F8CDBA0AF0A}" = lport=139 | protocol=6 | dir=in | app=system |
"{B9FC1F4D-E281-41EC-AEB8-A77216F5A48E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2208179-2876-4084-9E25-716AB0EF789F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C5B6F296-4164-44CD-B7CA-A89E96F11987}" = rport=445 | protocol=6 | dir=out | app=system |
"{CD14E4FC-8643-4E1E-AFEA-35FAC9597B61}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E6CB3C6D-AF5D-49A9-BADE-A003E36F434C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2698CB8-5734-49DA-AA8E-B9E9CE0EDCCA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F2A99D58-4416-411B-B063-B46C794511F2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FB71D433-B71C-4C65-BE28-9D3F4C8440BE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{018A5477-4AB1-46B9-8E1B-B3442B2B89DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{01B9A786-F156-4813-90D0-8B68ED287D69}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{01E7BC76-873E-41DF-8E0E-C2B349BDE190}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{02F6213F-6EE6-43C5-AD58-19144AC29251}" = dir=out | name=@{microsoft.skypeapp_1.1.0.25_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{0F0D358E-3EF2-49CB-ADA1-3F9C9DFF90C6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{111FE535-CAE8-49AD-9184-4741BA66198B}" = dir=out | name=kindle |
"{1271C074-0F01-434C-A72E-8DF995150FF6}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{13563AA8-2A22-485E-8F80-B3E7FABB4C25}" = dir=in | name=amazon |
"{18365ABE-18F3-4FFE-9AFF-C44B676DBD2A}" = dir=out | name=chacha |
"{1AC50C7C-3BB1-4BBD-B032-9A5821E3394F}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{1C716353-26CB-421D-B8A5-BE801A802AD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D6E9CA0-B82C-4544-8212-957ADA43EA95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2047AA9C-E507-4EF1-AFD4-B1D8117EEF97}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{222C5BF7-7FCF-4EAD-A881-9E35C912752A}" = dir=in | name=ebay |
"{23550645-31D8-416B-A69F-ED499E1D1C3B}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{24ACE8BB-4C3F-4C2F-8158-67D5C631BF6B}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{2B3E7DFB-114B-414D-8C4F-D6E4B2C317C3}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2D055B19-94B5-4771-99C1-CA024D93833C}" = protocol=6 | dir=out | app=system |
"{3D211474-4F5C-4996-B60E-62E95D262966}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{434F3A33-6191-4F62-AA63-CEC3752B4DD3}" = dir=in | app=c:\program files (x86)\nti\gateway mybackup\fileexplorer.exe |
"{472661FF-ED87-4530-B03B-2E116496EE72}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{477E70FF-FDE9-49D7-AD64-6F8D6F84F7A1}" = dir=out | name=merriam-webster dictionary |
"{4C1EFB16-520A-47DD-ADF5-AF8C92F93090}" = dir=out | name=gateway explorer |
"{4DB2DFF7-94E1-4CAA-84C2-995B75DC090A}" = dir=out | name=shark dash |
"{50A8523F-13E6-4BAA-BF24-9B5C5891B658}" = dir=out | name=hulu plus |
"{53591CB2-D765-4A0F-934F-2EC4B53315EA}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{5431BA0C-8B7C-4937-8EBF-4F85B76BD2A2}" = dir=out | name=7digital music store |
"{5E410BA7-5685-4E41-9436-83C79B03F268}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5F62D60E-4E3D-46EA-BC97-7D7A3E9334F9}" = dir=out | name=encyclopaedia britannica |
"{6E044BBE-353E-4BBF-8ACC-6699466F5154}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{72FADAA0-B781-4B1E-95E8-41B88899D46D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{774CA6FE-8F8C-40A7-8377-FB44C39A2877}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{7A129757-E04A-466D-884B-0464EFB9AF68}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7D0DCECD-EB76-4C4F-BC0B-CE12521F4F1D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7FB60FBB-2A52-4E2C-852C-2D2E3E54A16A}" = dir=in | name=evernote |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8A4C49C6-7781-4441-8818-FC10219A8A10}" = dir=out | name=icookbook se |
"{8B8A8369-1AF3-4FB8-8831-5E9FB9DAE2B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8BB00B9B-14CF-46AC-9334-FEBAE53C6D66}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{91FA92E6-5516-4B82-8130-80123D231D8A}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{9214B946-2D99-4768-A7B2-F4F3A648F7B9}" = dir=out | name=netflix |
"{9DB13A2C-8C7E-4B09-B87F-275778DC140E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9DB4C700-262E-48B6-9F1F-D126AC69839B}" = dir=out | name=zinio |
"{A80033EC-0D49-4B1D-825D-08F8A90D2BBB}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{AB863499-24AC-482A-ACEB-82CF6F14E9C8}" = dir=in | name=gateway explorer |
"{B246EC2F-3CC3-49DE-AF16-6758B0EA9CC9}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B6CD034C-AA2E-42DA-9A79-096FEE16F843}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{B81DDB46-6289-4FD7-B154-78BBF0D501E1}" = dir=out | name=amazon |
"{BABFD725-19D7-4435-8AE9-0CDF005FE0A2}" = dir=out | name=newsxpresso |
"{BACFAEB5-0630-407A-92DF-8FE24C4774EB}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{BC49484D-0A1F-4E1A-98E4-4FE630090BC4}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{BCDB160F-B709-406E-8A72-1F0B7D6EF2E6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE39E341-DE96-4183-8A60-E475B49B342B}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C1D506FC-EE76-4514-9345-4668308CF756}" = dir=out | name=tunein radio |
"{C1FFFC8A-16F9-4441-BD7D-E3592DB468DB}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C3DF09E2-0575-4809-8649-9D41C217ACAE}" = dir=out | name=- games app - |
"{C4B5A796-C9F9-4E66-8D77-C05C90BE5EFE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CABB5078-7AEE-49F8-B541-7898A148B837}" = dir=in | app=c:\program files (x86)\nti\gateway mybackup\ischedulesvc.exe |
"{CE625821-12DF-4CD5-8F55-1B1F77A2762A}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D044D2FE-2A0F-47D7-BFF5-73B2879CF355}" = dir=in | app=c:\program files (x86)\nti\gateway mybackup\backupmanager.exe |
"{D1426375-3D7F-41BA-8336-D104B709B895}" = dir=out | name=windows_ie_ac_001 |
"{D288FE11-41CB-47F3-820C-79793C39230F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D8DE39DB-74B4-4FD4-ABDF-3B5887E3710C}" = dir=out | name=ebay |
"{DAF1D744-E6C0-4190-8DEB-83852D7E9B93}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E73217B2-A12A-4913-8BD3-1B26DC0FBCEF}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E84087E3-AB4E-49E2-9250-6B521B113DD9}" = dir=out | name=video web camera |
"{E91FFF1C-42B8-415D-A5C8-142A9F72EC25}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{EC84196F-635F-4B9E-9AC9-F1518CBD4A63}" = dir=out | name=social networks |
"{ECBBC95D-BAC4-47A3-AFE3-C3705D677687}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{EDCA8EC6-A92B-4AE3-9824-EF2E11DFD6F4}" = dir=out | name=evernote |
"{FA5F2FEF-6B1F-40DA-96DB-E17F00E5F3F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FD930813-C0EC-488E-A419-1ECE5344DA76}" = dir=in | name=@{microsoft.skypeapp_1.1.0.25_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Gateway Recovery Management
"{1109461B-E8C8-EE08-0219-5711383B03DF}" = AMD Catalyst Install Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Gateway Device Fast-lane
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{54FCB760-9F8C-A969-2BB7-88D129B9201F}" = ccc-utility64
"{BCC0552D-76C0-4130-BFBD-49BE49ACC594}" = COMODO Internet Security
"{C92C06FE-AB02-32E9-04CB-AE726C681727}" = AMD Accelerated Video Transcoding
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E438A632-CADC-49E4-9492-C9F50F9AE37F}" = Gateway Power Management
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Elantech" = ETDWare PS/2-X64 11.6.16.003_WHQL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{1417495E-B9EE-417A-ADF0-769FFA5E4B84}" = Catalyst Control Center - Branding
"{18F0F265-C8B3-A0BF-C250-5771F1768295}" = CCC Help Swedish
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{317DB319-6F27-311F-1AB1-05E8CBF9F364}" = CCC Help Dutch
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{43BFC6AA-F45F-9AAA-CD5E-9F06FC24AEFF}" = CCC Help Czech
"{4BEDF860-0CCB-B7CC-5CBC-1553463F79C0}" = CCC Help German
"{50F67EAC-1961-D405-474F-972809B55DE5}" = CCC Help Chinese Standard
"{5AE71944-7EE4-43C0-5DB3-BE8922147EC9}" = CCC Help Chinese Traditional
"{5DAF4A34-5F23-E9C4-E20A-27E4491579CC}" = CCC Help Thai
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6EE59459-CEC6-F96F-02FD-3C788553800B}" = CCC Help Greek
"{6F4B96CC-06CA-5812-04B3-209ACBE386FE}" = AMD VISION Engine Control Center
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-gateway" = WildTangent Games App
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{866111FE-425E-5835-F7CE-5DC83F11658A}" = CCC Help Norwegian
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{959208B6-B610-72D1-FDC7-0664CA3048F8}" = Catalyst Control Center Graphics Previews Common
"{9A27C636-5FA8-706B-3B92-766DF63E2A1B}" = CCC Help Danish
"{9AD653C3-535B-8A6A-612B-E1B59E323562}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}" = Nero 12 Essentials OEM.a01
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{A2C5B578-68B0-655F-FEAB-8C29DA2EE78F}" = CCC Help Turkish
"{A2DEA438-24F3-3951-5BD3-964752AD9F8E}" = CCC Help Finnish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{B10B6305-BD15-5586-F944-D8276F87403E}" = CCC Help Polish
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C045142A-7475-B5D3-55D7-16B5A6CD43E8}" = CCC Help French
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C4EFC586-6547-6807-4EB2-90399D37470D}" = CCC Help Italian
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{D36738CB-7661-4641-BECB-D2FB49F70FF3}" = CCC Help English
"{DC07C80B-6E57-F510-DAC6-0E52B87F0208}" = CCC Help Russian
"{DDE7C223-313A-25B0-42B2-88622741C396}" = Catalyst Control Center Localization All
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E0BB1FAE-03BF-34DF-65BC-A2F1510FD3EB}" = CCC Help Hungarian
"{E2FDC3E7-66AD-EEC5-A3B1-3E5C582F9DA9}" = CCC Help Korean
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E5942F4B-C8EE-ADA7-16F7-7D674D2C1EA3}" = CCC Help Portuguese
"{E5D11268-4543-B6C0-545A-8BCDD7B841D2}" = Catalyst Control Center InstallProxy
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F19F47A7-DBE2-7146-A7AC-E40C45AA32DD}" = CCC Help Japanese
"avast" = avast! Free Antivirus
"BFG-Build-a-lot 2 - Town of the Year" = Build-a-lot 2: Town of the Year
"BFGC" = Big Fish Games: Game Manager
"Google Chrome" = Google Chrome
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Gateway MyBackup
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NARA" = Norton Online Backup ARA
"RadioController" = Dritek Radio Controller
"Spotify" = Spotify
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-1afa0902-c082-466f-ad9b-d089d8704508" = Polar Golfer
"WTA-1f103f65-2bb3-4cfc-a4d9-c1cb18b18de8" = Mystery P.I. - Curious Case of Counterfeit Cove
"WTA-38078cdc-4c31-48de-85c7-bce45403b0fb" = Cradle Of Egypt Collector's Edition
"WTA-41cbf37d-ddf8-4ffb-804e-e177f3a1b0b0" = Dora's World Adventure
"WTA-4d1abc35-b8f3-4332-be92-393b08dcc88d" = Agatha Christie - Death on the Nile
"WTA-5d3914b3-a345-4601-aa8b-727a08f0feac" = Penguins!
"WTA-65c0e001-cc0d-4521-9b78-b6e6f87427ff" = Jewel Match 3
"WTA-6eaec060-e299-4a5a-b226-6ef41a3bbba6" = Peggle Nights
"WTA-8390bfab-ae0a-41e4-af34-963d6b327a56" = Aloha TriPeaks
"WTA-a6d339dd-6cd2-477e-81b9-2fee1e5be574" = Bejeweled 3
"WTA-ad4dec1b-def7-49a8-ad5a-1152f077f414" = Delicious: Emily's True Love Premium Edition
"WTA-b105710d-b02e-4645-8fed-8387f6b2bf5b" = Polar Bowler
"WTA-f123f944-7ed2-4d11-a47c-f5fd30959726" = Plants vs. Zombies - Game of the Year
"WTA-f7b6798f-0f59-4d7b-8c27-2b22ab45803a" = Zuma's Revenge
"WTA-fdd01d14-d2a8-4402-a080-837d5755666d" = Tales of Lagoona

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/19/2013 12:24:34 PM | Computer Name = MomsPC | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2113-03-26T16:24:34Z.
Error Code: 0x80040154.

Error - 4/19/2013 12:25:04 PM | Computer Name = MomsPC | Source = Software Protection Platform Service | ID = 16385
Description = Failed to schedule Software Protection service for re-start at 2113-03-26T16:25:04Z.
Error Code: 0x80040154.

Error - 4/19/2013 3:33:16 PM | Computer Name = MomsPC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_AeLookupSvc, version: 6.2.9200.16384,
time stamp: 0x50108897 Faulting module name: ntdll.dll, version: 6.2.9200.16384,
time stamp: 0x5010acd2 Exception code: 0xc0000409 Fault offset: 0x000000000001f60f
Faulting
process id: 0x188 Faulting application start time: 0x01ce3d22c56c7b0b Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: faebd664-a927-11e2-be72-208984566be4 Faulting package full name: Faulting package-relative
application ID:

Error - 4/19/2013 11:20:13 PM | Computer Name = MomsPC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_AeLookupSvc, version: 6.2.9200.16384,
time stamp: 0x50108897 Faulting module name: ntdll.dll, version: 6.2.9200.16384,
time stamp: 0x5010acd2 Exception code: 0xc0000374 Fault offset: 0x00000000000ea2b9
Faulting
process id: 0xc9c Faulting application start time: 0x01ce3d34bed33cf2 Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 36677fdd-a969-11e2-be72-208984566be4 Faulting package full name: Faulting package-relative
application ID:

Error - 4/19/2013 11:31:18 PM | Computer Name = MomsPC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_AeLookupSvc, version: 6.2.9200.16384,
time stamp: 0x50108897 Faulting module name: ntdll.dll, version: 6.2.9200.16384,
time stamp: 0x5010acd2 Exception code: 0xc0000374 Fault offset: 0x00000000000ea2b9
Faulting
process id: 0x91c Faulting application start time: 0x01ce3d75fb4b903e Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: c2b3c38c-a96a-11e2-be72-208984566be4 Faulting package full name: Faulting package-relative
application ID:

Error - 4/20/2013 11:12:21 AM | Computer Name = MomsPC | Source = Customer Experience Improvement Program | ID = 1006
Description =

Error - 4/21/2013 8:29:05 PM | Computer Name = MomsPC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_AeLookupSvc, version: 6.2.9200.16384,
time stamp: 0x50108897 Faulting module name: ntdll.dll, version: 6.2.9200.16384,
time stamp: 0x5010acd2 Exception code: 0xc0000008 Fault offset: 0x0000000000004c19
Faulting
process id: 0x1b0 Faulting application start time: 0x01ce3e2891e6f7e0 Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: a3233b9a-aae3-11e2-be73-208984566be4 Faulting package full name: Faulting package-relative
application ID:

Error - 4/21/2013 10:29:17 PM | Computer Name = MomsPC | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 4/22/2013 3:37:17 PM | Computer Name = MomsPC | Source = Application Error | ID = 1000
Description = Faulting application name: taskhost.exe, version: 6.2.9200.16547,
time stamp: 0x51301b14 Faulting module name: KERNELBASE.dll, version: 6.2.9200.16384,
time stamp: 0x5010ab2d Exception code: 0xe06d7363 Fault offset: 0x00000000000189cc
Faulting
process id: 0xd0 Faulting application start time: 0x01ce3f90cabf02c4 Faulting application
path: C:\Windows\system32\taskhost.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report
Id: 09d7c107-ab84-11e2-be73-208984566be4 Faulting package full name: Faulting package-relative
application ID:

Error - 4/23/2013 2:11:47 PM | Computer Name = MomsPC | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ System Events ]
Error - 5/1/2013 10:08:18 PM | Computer Name = MomsPC | Source = bowser | ID = 8003
Description =

Error - 5/1/2013 10:23:05 PM | Computer Name = MomsPC | Source = bowser | ID = 8003
Description =

Error - 5/1/2013 11:43:42 PM | Computer Name = MomsPC | Source = Service Control Manager | ID = 7031
Description = The avast! Antivirus service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.

Error - 5/1/2013 11:47:10 PM | Computer Name = MomsPC | Source = bowser | ID = 8003
Description =

Error - 5/2/2013 12:17:05 AM | Computer Name = MomsPC | Source = Service Control Manager | ID = 7031
Description = The Application Experience service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 5/2/2013 12:17:05 AM | Computer Name = MomsPC | Source = Service Control Manager | ID = 7034
Description = The Application Information service terminated unexpectedly. It has
done this 1 time(s).

Error - 5/2/2013 12:17:05 AM | Computer Name = MomsPC | Source = Service Control Manager | ID = 7031
Description = The Background Intelligent Transfer Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
60000 milliseconds: Restart the service.

Error - 5/2/2013 12:17:05 AM | Computer Name = MomsPC | Source = Service Control Manager | ID = 7031
Description = The Computer Browser service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.

Error - 5/2/2013 12:17:05 AM | Computer Name = MomsPC | Source = Service Control Manager | ID = 7031
Description = The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
120000 milliseconds: Restart the service.

Error - 5/2/2013 12:17:05 AM | Computer Name = MomsPC | Source = Service Control Manager | ID = 7031
Description = The IP Helper service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.


< End of report >

 

[Broni]

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
FF - user.js - File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [LManager] File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.
Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
• Tick the box next to YES, I accept the Terms of Use
• Click Start
• Accept any security warnings from your browser.
• Check Scan archives
• Click Start
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
• When the scan completes, click on List of found threats
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
• NOTE. If Eset won't find any threats, it won't produce any log.

 

[mom26gr8kids]

All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LManager deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Kendra
->Temp folder emptied: 45813360 bytes
->Temporary Internet Files folder emptied: 143651505 bytes
->FireFox cache emptied: 25095885 bytes
->Google Chrome cache emptied: 97167007 bytes
->Flash cache emptied: 768 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4672969 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 96176 bytes
RecycleBin emptied: 6029 bytes

Total Files Cleaned = 302.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Kendra

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Kendra
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 05082013_213234

Files\Folders moved on Reboot...
C:\Users\Kendra\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Kendra\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\lm\Kendra\aipflib.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\lm\Kendra\LMutilps32.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\lm\dsiwmis.log scheduled to be moved on reboot.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...