Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by Kendra (administrator) on MOMSPC on 15-06-2014 22:14:21
Running from C:\Users\Kendra\Downloads
Platform: Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version:
https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CompSoft) C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Farbar) C:\Users\Kendra\Downloads\FRST64 (1).exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\Setup\instup.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-01-16] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-11] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [DoroServer] => C:\Program Files (x86)\DoroPDFWriter\DoroServer.exe [196608 2013-08-01] (CompSoft)
HKU\S-1-5-21-2205581236-1962149331-2801561248-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6564120 2014-06-11] (SUPERAntiSpyware)
HKU\S-1-5-21-2205581236-1962149331-2801561248-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1095000 2013-11-08] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gateway MyBackup Tray.lnk
ShortcutTarget: Gateway MyBackup Tray.lnk -> C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe (NTI Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {B277A523-F32E-4415-B0A5-C9795B9F5EFD} URL =
http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {B277A523-F32E-4415-B0A5-C9795B9F5EFD} URL =
http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAGWJS
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {B277A523-F32E-4415-B0A5-C9795B9F5EFD} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: No Name - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - No File
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{93861460-374F-46E0-90B7-36421D29E88F}: [NameServer]156.154.70.22,156.154.71.22
FireFox:
========
FF ProfilePath: C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\3el9feo0.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://
www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://
www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Kendra\AppData\Local\Roblox\Versions\version-f77fe2742c314291\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kendra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\3el9feo0.default\searchplugins\bing-avast.xml
FF Extension: PrivDog - C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\3el9feo0.default\Extensions\
PrivDog@AdTrustMedia.com [2014-04-21]
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-04-15]
Chrome:
=======
CHR HomePage: hxxp://
www.msn.com/?pc=AV01
CHR StartupUrls: "hxxp://
www.msn.com/?pc=AV01"
CHR DefaultSearchKeyword: bing1.com
CHR DefaultSearchProvider: Microsoft (Bing)
CHR DefaultSearchURL:
http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Extension: (Google Docs) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-24]
CHR Extension: (Google Drive) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (WOT) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-07]
CHR Extension: (YouTube) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-24]
CHR Extension: (Google Search) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-24]
CHR Extension: (Google Wallet) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Gmail) - C:\Users\Kendra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-24]
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-11] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
S3 DeviceFastLaneService; C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2012-11-20] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-22] (WildTangent)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-11-08] (Garmin Ltd or its subsidiaries)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [98160 2013-01-16] (Dritek System INC.)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-11] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-20] (Advanced Micro Devices)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6835784 2013-01-16] (Broadcom Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [748784 2014-04-16] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [37560 2014-04-16] (COMODO)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127664 2014-04-16] (COMODO)
U5 ProtectedStorage; C:\Windows\system32\lsass.exe [35840 2014-03-10] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-01-16] (Dritek System Inc.)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1119232 2012-06-29] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-15 22:14 - 2014-06-15 22:14 - 00018043 _____ () C:\Users\Kendra\Downloads\FRST.txt
2014-06-15 22:11 - 2014-06-15 22:14 - 00000000 ____D () C:\FRST
2014-06-15 22:11 - 2014-06-15 22:11 - 02081280 _____ (Farbar) C:\Users\Kendra\Downloads\FRST64 (1).exe
2014-06-15 22:06 - 2014-06-15 22:06 - 02081280 _____ (Farbar) C:\Users\Kendra\Downloads\FRST64.exe
2014-06-15 21:59 - 2014-06-15 21:59 - 00000927 _____ () C:\Users\Kendra\Desktop\JRT.txt
2014-06-15 20:24 - 2014-06-15 20:24 - 01016261 _____ (Thisisu) C:\Users\Kendra\Downloads\JRT.exe
2014-06-15 20:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-15 20:12 - 2014-06-15 20:17 - 00000000 ____D () C:\AdwCleaner
2014-06-15 20:11 - 2014-06-15 20:11 - 01333465 _____ () C:\Users\Kendra\Downloads\adwcleaner_3.212.exe
2014-06-14 23:03 - 2014-06-14 23:03 - 00001291 _____ () C:\Users\Kendra\mbam1.txt
2014-06-14 23:03 - 2014-06-14 23:03 - 00001290 _____ () C:\Users\Kendra\mbam.txt
2014-06-14 22:44 - 2014-06-14 22:44 - 00023425 _____ () C:\Users\Kendra\Desktop\dds.txt
2014-06-14 22:44 - 2014-06-14 22:44 - 00012109 _____ () C:\Users\Kendra\Desktop\attach.txt
2014-06-14 22:40 - 2014-06-14 22:40 - 00688992 ____R (Swearware) C:\Users\Kendra\Downloads\dds.com
2014-06-14 20:44 - 2014-06-14 23:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-14 20:43 - 2014-06-14 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-14 20:43 - 2014-06-14 20:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-14 20:43 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-14 20:43 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-14 20:40 - 2014-06-14 20:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kendra\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-11 20:42 - 2014-05-02 23:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 20:42 - 2014-05-02 21:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-11 20:42 - 2014-04-03 05:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-11 20:42 - 2014-04-02 21:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-11 20:41 - 2014-05-23 20:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 20:41 - 2014-05-23 20:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 20:41 - 2014-05-23 20:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 20:41 - 2014-05-23 20:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-11 20:41 - 2014-05-23 20:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 20:41 - 2014-05-23 20:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 20:41 - 2014-05-23 20:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 20:41 - 2014-05-23 20:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 20:41 - 2014-05-23 20:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 20:41 - 2014-05-23 19:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 20:41 - 2014-05-23 19:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 20:41 - 2014-05-23 19:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 20:41 - 2014-05-23 19:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 20:41 - 2014-05-23 19:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 20:41 - 2014-05-23 19:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 20:41 - 2014-05-23 19:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 20:41 - 2014-05-23 19:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 20:41 - 2014-05-23 19:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 20:41 - 2014-05-23 19:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 20:41 - 2014-05-23 19:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 20:41 - 2014-05-23 16:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-11 20:41 - 2014-04-29 16:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-11 20:41 - 2014-04-29 16:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-11 20:41 - 2014-03-31 16:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-11 20:41 - 2014-03-24 17:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-11 20:41 - 2014-03-24 16:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-11 20:40 - 2014-04-03 05:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 20:40 - 2014-03-06 18:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 20:40 - 2014-03-06 18:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 18:56 - 2014-06-11 18:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-11 18:56 - 2014-06-11 18:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-06 01:06 - 2014-06-06 01:06 - 94122009 _____ () C:\Users\Kendra\Documents\ppt8E12.tmp
2014-06-06 01:06 - 2014-06-06 01:06 - 00000000 _____ () C:\Users\Kendra\Documents\pptD6B7.tmp
2014-06-04 01:31 - 2014-06-06 01:08 - 94122010 _____ () C:\Users\Kendra\Documents\Paul A.pptx
2014-06-01 20:04 - 2014-06-01 20:04 - 00018481 _____ () C:\Users\Kendra\AppData\Local\recently-used.xbel
2014-06-01 18:09 - 2014-06-02 16:14 - 00000129 ____H () C:\Users\Kendra\Downloads\.picasa.ini
2014-05-30 22:59 - 2014-05-30 22:59 - 00000000 _____ () C:\Users\Kendra\Downloads\download.htm
2014-05-29 14:01 - 2014-06-01 20:04 - 00000000 ____D () C:\Users\Kendra\AppData\Local\gtk-2.0
2014-05-29 14:01 - 2014-05-29 14:01 - 00000000 ____D () C:\Users\Kendra\.thumbnails
2014-05-28 17:42 - 2014-06-01 20:04 - 00000000 ____D () C:\Users\Kendra\.gimp-2.8
2014-05-28 17:42 - 2014-05-28 17:42 - 00000901 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-05-28 17:42 - 2014-05-28 17:42 - 00000000 ____D () C:\Users\Kendra\AppData\Local\gegl-0.2
2014-05-28 17:40 - 2014-05-28 17:41 - 00000000 ____D () C:\Program Files\GIMP 2
2014-05-28 17:38 - 2014-05-28 17:38 - 90390368 _____ (The GIMP Team ) C:\Users\Kendra\Downloads\gimp-2.8.10-setup.exe
2014-05-17 16:24 - 2014-05-30 23:16 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 16:24 - 2014-05-30 23:16 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== One Month Modified Files and Folders =======
2014-06-15 22:14 - 2014-06-15 22:14 - 00018043 _____ () C:\Users\Kendra\Downloads\FRST.txt
2014-06-15 22:14 - 2014-06-15 22:11 - 00000000 ____D () C:\FRST
2014-06-15 22:14 - 2013-04-15 11:38 - 00000000 ____D () C:\Users\Kendra\AppData\Local\Temp
2014-06-15 22:11 - 2014-06-15 22:11 - 02081280 _____ (Farbar) C:\Users\Kendra\Downloads\FRST64 (1).exe
2014-06-15 22:06 - 2014-06-15 22:06 - 02081280 _____ (Farbar) C:\Users\Kendra\Downloads\FRST64.exe
2014-06-15 22:02 - 2013-05-13 22:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-15 22:02 - 2012-07-26 02:12 - 00000000 ____D () C:\Windows\system32\sru
2014-06-15 21:59 - 2014-06-15 21:59 - 00000927 _____ () C:\Users\Kendra\Desktop\JRT.txt
2014-06-15 21:33 - 2013-04-15 11:46 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-15 20:33 - 2013-04-15 11:38 - 01619179 _____ () C:\Windows\WindowsUpdate.log
2014-06-15 20:24 - 2014-06-15 20:24 - 01016261 _____ (Thisisu) C:\Users\Kendra\Downloads\JRT.exe
2014-06-15 20:21 - 2013-04-15 11:46 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-15 20:20 - 2012-07-26 01:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 20:19 - 2012-12-27 03:02 - 00915154 _____ () C:\Windows\PFRO.log
2014-06-15 20:19 - 2012-07-25 23:26 - 00786432 ___SH () C:\Windows\system32\config\BBI
2014-06-15 20:17 - 2014-06-15 20:12 - 00000000 ____D () C:\AdwCleaner
2014-06-15 20:11 - 2014-06-15 20:11 - 01333465 _____ () C:\Users\Kendra\Downloads\adwcleaner_3.212.exe
2014-06-15 17:58 - 2013-04-15 12:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-14 23:14 - 2013-04-15 11:49 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2205581236-1962149331-2801561248-1001
2014-06-14 23:05 - 2013-04-15 11:38 - 00000000 ____D () C:\Users\Kendra
2014-06-14 23:03 - 2014-06-14 23:03 - 00001291 _____ () C:\Users\Kendra\mbam1.txt
2014-06-14 23:03 - 2014-06-14 23:03 - 00001290 _____ () C:\Users\Kendra\mbam.txt
2014-06-14 23:02 - 2014-06-14 20:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-14 22:52 - 2013-12-16 01:10 - 00004608 ___SH () C:\Users\Kendra\Desktop\Thumbs.db
2014-06-14 22:44 - 2014-06-14 22:44 - 00023425 _____ () C:\Users\Kendra\Desktop\dds.txt
2014-06-14 22:44 - 2014-06-14 22:44 - 00012109 _____ () C:\Users\Kendra\Desktop\attach.txt
2014-06-14 22:40 - 2014-06-14 22:40 - 00688992 ____R (Swearware) C:\Users\Kendra\Downloads\dds.com
2014-06-14 22:33 - 2013-04-15 11:55 - 00001146 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-14 22:33 - 2013-04-15 11:55 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-14 22:33 - 2013-04-15 11:52 - 00002178 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-14 20:43 - 2014-06-14 20:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-14 20:43 - 2014-06-14 20:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-14 20:43 - 2013-04-24 00:38 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-14 20:43 - 2013-04-24 00:38 - 00000000 ____D () C:\Users\Kendra\AppData\Roaming\Malwarebytes
2014-06-14 20:43 - 2013-04-24 00:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-14 20:40 - 2014-06-14 20:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kendra\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-14 12:02 - 2012-07-26 02:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-13 17:13 - 2012-07-26 02:12 - 00000000 ____D () C:\Windows\rescache
2014-06-13 14:19 - 2013-04-19 11:17 - 520664936 _____ () C:\Windows\MEMORY.DMP
2014-06-12 13:48 - 2012-07-26 01:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-12 13:46 - 2013-05-14 22:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 13:45 - 2013-07-14 23:42 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 13:42 - 2013-04-16 18:06 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 19:48 - 2013-04-17 21:14 - 00784896 ___SH () C:\Users\Kendra\Downloads\Thumbs.db
2014-06-11 18:57 - 2013-12-26 16:28 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-11 18:57 - 2013-04-15 12:54 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-11 18:57 - 2013-04-15 12:54 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-11 18:57 - 2013-04-15 12:54 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-11 18:56 - 2014-06-11 18:56 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-11 18:56 - 2014-06-11 18:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-11 18:56 - 2013-04-15 12:54 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-11 18:56 - 2013-04-15 12:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-11 18:56 - 2013-04-15 12:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-11 18:56 - 2013-04-15 12:53 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-11 18:56 - 2013-04-15 12:53 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-11 18:54 - 2013-04-16 19:12 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-11 17:31 - 2013-04-15 11:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-10 12:30 - 2013-04-22 13:37 - 00000000 ____D () C:\Users\Kendra\AppData\Local\CrashDumps
2014-06-10 08:49 - 2014-04-11 17:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-09 21:16 - 2012-07-26 01:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 01:08 - 2014-06-04 01:31 - 94122010 _____ () C:\Users\Kendra\Documents\Paul A.pptx
2014-06-06 01:06 - 2014-06-06 01:06 - 94122009 _____ () C:\Users\Kendra\Documents\ppt8E12.tmp
2014-06-06 01:06 - 2014-06-06 01:06 - 00000000 _____ () C:\Users\Kendra\Documents\pptD6B7.tmp
2014-06-05 09:02 - 2012-07-26 02:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-02 16:14 - 2014-06-01 18:09 - 00000129 ____H () C:\Users\Kendra\Downloads\.picasa.ini
2014-06-01 20:04 - 2014-06-01 20:04 - 00018481 _____ () C:\Users\Kendra\AppData\Local\recently-used.xbel
2014-06-01 20:04 - 2014-05-29 14:01 - 00000000 ____D () C:\Users\Kendra\AppData\Local\gtk-2.0
2014-06-01 20:04 - 2014-05-28 17:42 - 00000000 ____D () C:\Users\Kendra\.gimp-2.8
2014-05-30 23:16 - 2014-05-17 16:24 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-30 23:16 - 2014-05-17 16:24 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 22:59 - 2014-05-30 22:59 - 00000000 _____ () C:\Users\Kendra\Downloads\download.htm
2014-05-30 11:34 - 2014-05-10 23:38 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-29 14:01 - 2014-05-29 14:01 - 00000000 ____D () C:\Users\Kendra\.thumbnails
2014-05-28 17:42 - 2014-05-28 17:42 - 00000901 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-05-28 17:42 - 2014-05-28 17:42 - 00000000 ____D () C:\Users\Kendra\AppData\Local\gegl-0.2
2014-05-28 17:41 - 2014-05-28 17:40 - 00000000 ____D () C:\Program Files\GIMP 2
2014-05-28 17:38 - 2014-05-28 17:38 - 90390368 _____ (The GIMP Team ) C:\Users\Kendra\Downloads\gimp-2.8.10-setup.exe
2014-05-23 20:48 - 2014-06-11 20:41 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-23 20:47 - 2014-06-11 20:41 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-23 20:47 - 2014-06-11 20:41 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-23 20:47 - 2014-06-11 20:41 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-05-23 20:47 - 2014-06-11 20:41 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-23 20:46 - 2014-06-11 20:41 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-23 20:45 - 2014-06-11 20:41 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-23 20:45 - 2014-06-11 20:41 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-23 20:45 - 2014-06-11 20:41 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-23 19:26 - 2014-06-11 20:41 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-23 19:26 - 2014-06-11 20:41 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-23 19:26 - 2014-06-11 20:41 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-23 19:26 - 2014-06-11 20:41 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-23 19:26 - 2014-06-11 20:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-23 19:26 - 2014-06-11 20:41 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-23 19:26 - 2014-06-11 20:41 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-23 19:25 - 2014-06-11 20:41 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-23 19:25 - 2014-06-11 20:41 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-23 19:09 - 2014-06-11 20:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-23 19:03 - 2014-06-11 20:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-23 16:37 - 2014-06-11 20:41 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-05-22 11:59 - 2014-01-13 11:35 - 00000000 ____D () C:\Users\Kendra\Desktop\Full Quiver Contracting
2014-05-20 23:00 - 2012-07-26 02:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-20 23:00 - 2012-07-26 02:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-20 23:00 - 2012-07-26 02:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-20 23:00 - 2012-07-26 02:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-17 20:55 - 2013-04-15 11:41 - 00000000 ___RD () C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 20:55 - 2013-04-15 11:41 - 00000000 ___RD () C:\Users\Kendra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 16:20 - 2012-07-26 02:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-17 16:20 - 2012-07-26 02:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-17 15:19 - 2012-07-25 23:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
Some content of TEMP:
====================
C:\Users\Kendra\AppData\Local\Temp\APNSetup.exe
C:\Users\Kendra\AppData\Local\Temp\bfguni.exe
C:\Users\Kendra\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Kendra\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-07 10:05
==================== End Of Log ============================