Reply to thread

Message: <blockquote data-quote="efree777" data-source="post: 120673" data-attributes="member: 8230">Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-05-2013Ran by SYSTEM on 14-05-2013 20:28:37Running from E:\Windows 7 Home Premium (X64) OS Language: English(US)Internet Explorer Version 9Boot Mode: RecoveryThe current controlset is ControlSet001ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.==================== Registry (Whitelisted) ==================HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1813288 2009-08-17] (Synaptics Incorporated)HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe" [494064 2009-06-22] ()HKLM-x32\...\Run: [CPMonitor] "C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe" [84464 2009-07-21] ()HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6937216 2009-10-09] (ASUS)HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)HKLM-x32\...\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.)HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)HKLM-x32\...\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot [295512 2013-04-17] (RealNetworks, Inc.)HKLM-x32\...\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)HKU\Marie\...\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [206112 2008-10-24] (Macrovision Corporation)HKU\Marie\...\Run: [SansaDispatch] C:\Users\Marie\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [79872 2011-04-09] (SanDisk Corporation)HKU\Marie\...\Run: [Google Update] "C:\Users\Marie\AppData\Local\Google\Update\GoogleUpdate.exe" /c [135664 2010-01-13] (Google Inc.)HKU\Marie\...\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN [4695336 2009-03-05] (Nero AG)HKU\Marie\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2013-04-17] (Google Inc.)HKU\Marie\...\Run: [SearchProtect] C:\Users\Marie\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)==================== Services (Whitelisted) =================S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [457200 2009-06-02] ()S2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [93984 2013-04-11] (Conduit)S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2013-01-10] (Freemake)S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-01-10] (Ellora Assets Corp.)S2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()S2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [255272 2009-03-05] (Nero AG)S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-05] ()S2 spmgr; C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()==================== Drivers (Whitelisted) ====================S2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-01-13] ()S2 ghaio; C:\Program Files (x86)\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32000 2013-05-13] ()S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-01-13] ()S3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-08] ()S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-12-23] ()S0 gfibto; system32\drivers\gfibto.sys [x]S3 ipswuio; System32\DRIVERS\ipswuio.sys [x]S0 Lbd; system32\DRIVERS\Lbd.sys [x]S2 npf; system32\drivers\npf.sys [x]S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2013-05-14 20:28 - 2013-05-14 20:28 - 00000000 ____D C:\FRST2013-05-14 15:05 - 2013-05-14 15:05 - 00872232 ____A (SetupManager) C:\Users\Marie\Downloads\Setup.exe2013-05-14 09:10 - 2013-05-14 09:10 - 00000278 ____A C:\Windows\Tasks\Spybot - Search & Destroy Updater -  Scheduled Task.job2013-05-14 09:10 - 2013-05-14 09:10 - 00000254 ____A C:\Windows\Tasks\Spybot - Search & Destroy -  Scheduled Task.job2013-05-14 06:54 - 2013-05-14 06:56 - 04745728 ____A (AVAST Software) C:\Users\Marie\Downloads\aswMBR.exe2013-05-14 06:48 - 2013-05-14 06:48 - 00081016 ____A C:\Users\Marie\Downloads\Extras.Txt2013-05-14 06:41 - 2013-05-14 06:41 - 00107336 ____A C:\Users\Marie\Downloads\OTL.Txt2013-05-14 06:17 - 2013-05-14 06:17 - 00602112 ____A (OldTimer Tools) C:\Users\Marie\Downloads\OTL.exe2013-05-13 19:02 - 2013-05-13 19:02 - 00032000 ____A C:\Windows\System32\Drivers\hitmanpro37.sys2013-05-13 19:00 - 2013-05-13 19:00 - 00005158 ____A C:\Windows\System32\.crusader2013-05-13 18:50 - 2013-05-13 19:00 - 00000000 ____D C:\ProgramData\HitmanPro2013-05-13 18:02 - 2013-05-13 18:02 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Malwarebytes2013-05-13 18:02 - 2013-05-13 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes2013-05-13 18:02 - 2013-05-13 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-05-13 18:02 - 2013-04-04 11:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys2013-05-13 13:40 - 2013-05-13 13:40 - 00000000 ____D C:\SearchProtect2013-05-10 06:51 - 2013-05-10 07:14 - 4188979200 ____A C:\Users\Marie\Desktop\BURN_Movie1_Full.mpg2013-05-09 07:38 - 2013-05-14 15:06 - 00000000 ____D C:\Users\Marie\Desktop\security2013-05-09 07:36 - 2013-05-09 07:36 - 00000000 ____D C:\Program Files (x86)\Trend Micro2013-05-09 07:32 - 2013-05-09 07:33 - 01402880 ____A C:\Users\Marie\Downloads\HiJackThis.msi2013-05-09 03:09 - 2013-05-14 09:19 - 00000000 ____D C:\Users\Marie\AppData\Roaming\SearchProtect2013-05-08 12:56 - 2013-05-14 14:56 - 00435388 ____A C:\Windows\PFRO.log2013-05-08 11:29 - 2013-05-10 07:14 - 00046080 __ASH C:\Users\Marie\Desktop\Thumbs.db2013-05-08 11:28 - 2013-05-14 15:24 - 00000728 ____A C:\Windows\setupact.log2013-05-08 11:28 - 2013-05-08 11:28 - 00000000 ____A C:\Windows\setuperr.log2013-05-07 17:07 - 2013-05-08 04:21 - 00000000 ____D C:\Users\Marie\AppData\Roaming\LavasoftStatistics2013-05-07 17:06 - 2013-05-07 17:06 - 00000000 ____D C:\ProgramData\Downloaded Installations2013-05-07 17:00 - 2013-05-07 17:21 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys2013-05-07 12:00 - 2013-05-07 17:19 - 00000408 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job2013-05-03 19:59 - 2013-05-03 20:15 - 75504074 ____A C:\Users\Marie\Desktop\Diamonds Are a Girl's Best Friend Dance at 20th Century- The Musical.mp42013-05-03 19:52 - 2013-05-03 19:52 - 00587728 ____A C:\Users\Marie\Downloads\youtubedownloadplayer-setup.exe2013-05-03 19:51 - 2013-05-03 19:51 - 00903072 ____A (Oracle Corporation) C:\Users\Marie\Downloads\jxpiinstall.exe2013-05-03 19:47 - 2013-05-03 19:47 - 01270272 ____A (Bandoo Media Inc) C:\Users\Marie\Downloads\iLividSetup(2).exe2013-05-03 19:47 - 2013-05-03 19:47 - 01270272 ____A (Bandoo Media Inc) C:\Users\Marie\Downloads\iLividSetup(1).exe2013-05-03 19:47 - 2013-05-03 19:47 - 01270048 ____A (Bandoo Media Inc) C:\Users\Marie\Downloads\iLividSetup(3).exe2013-05-03 19:16 - 2013-05-03 20:15 - 00000000 ____D C:\Users\Marie\Desktop\BRITTANY2013-05-01 15:09 - 2013-05-01 15:10 - 00000000 ____D C:\Users\Marie\Desktop\amazon2013-05-01 14:23 - 2013-02-05 22:36 - 195454074 ____A C:\Users\Marie\Desktop\SAM_0422.MP42013-04-28 13:43 - 2013-04-28 13:43 - 02400200 ____A C:\Users\Marie\Downloads\AmazonMP3DownloaderInstall._V371120661_.exe2013-04-28 13:39 - 2013-04-28 13:39 - 00000000 ____D C:\Users\Marie\Documents\Amazon Music Importer2013-04-24 06:28 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys2013-04-18 11:12 - 2013-04-18 11:14 - 13459032 ____A C:\Users\Marie\Desktop\Gentlemen Prefer Blondes (1953) -- (Movie Clip) Diamonds Are A Girl's Best Friend (1).mp42013-04-18 05:23 - 2013-02-21 22:27 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll2013-04-18 05:23 - 2013-02-21 22:21 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll2013-04-18 05:23 - 2013-02-21 22:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl2013-04-18 05:23 - 2013-02-21 22:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll2013-04-18 05:23 - 2013-02-21 22:15 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe2013-04-18 05:23 - 2013-02-21 22:14 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2013-04-18 05:23 - 2013-02-21 22:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll2013-04-18 05:23 - 2013-02-21 22:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2013-04-18 05:23 - 2013-02-21 22:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll2013-04-18 05:23 - 2013-02-21 19:38 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-04-18 05:23 - 2013-02-21 19:38 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-04-18 05:23 - 2013-02-21 19:37 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2013-04-18 05:23 - 2013-02-21 19:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll2013-04-18 05:23 - 2013-02-21 19:34 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2013-04-18 05:23 - 2013-02-21 19:34 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2013-04-18 05:23 - 2013-02-21 19:33 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-04-18 05:23 - 2013-02-21 19:31 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-04-18 05:23 - 2013-02-21 19:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2013-04-18 05:23 - 2013-02-21 19:28 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-04-18 05:22 - 2013-02-21 22:57 - 17817088 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll2013-04-18 05:22 - 2013-02-21 22:29 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll2013-04-18 05:22 - 2013-02-21 22:20 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll2013-04-18 05:22 - 2013-02-21 22:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2013-04-18 05:22 - 2013-02-21 22:15 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll2013-04-18 05:22 - 2013-02-21 22:15 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll2013-04-18 05:22 - 2013-02-21 22:13 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll2013-04-18 05:22 - 2013-02-21 20:05 - 12324352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-04-18 05:22 - 2013-02-21 19:47 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-04-18 05:22 - 2013-02-21 19:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-04-18 05:22 - 2013-02-21 19:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-04-18 05:22 - 2013-02-21 19:34 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-04-18 05:22 - 2013-02-21 19:32 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-04-17 12:38 - 2013-04-17 12:39 - 15678748 ____A C:\Users\Marie\Desktop\Carol Channing sings on 1953 TV (Two songs from _Gentlemen Prefer Blondes_).mp42013-04-17 12:23 - 2013-04-17 12:25 - 00000000 ____D C:\Users\Marie\AppData\Local\Conduit2013-04-17 12:23 - 2013-04-17 12:25 - 00000000 ____D C:\Program Files (x86)\Vgrabber_v12013-04-17 12:23 - 2013-04-17 12:23 - 00000000 ____D C:\Program Files (x86)\SearchProtect2013-04-17 12:23 - 2013-04-17 12:23 - 00000000 ____D C:\Program Files (x86)\Conduit2013-04-17 12:20 - 2013-04-17 12:20 - 01469968 ____A (                                                            ) C:\Users\Marie\Downloads\video_downloader.exe2013-04-17 09:31 - 2013-04-17 09:31 - 00000000 ____D C:\Users\Marie\AppData\Roaming\RealNetworks2013-04-17 09:30 - 2013-04-17 09:30 - 00000000 ____D C:\ProgramData\RealNetworks2013-04-17 09:30 - 2013-04-17 09:30 - 00000000 ____D C:\Program Files (x86)\RealNetworks2013-04-17 09:29 - 2013-04-17 09:29 - 00201872 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll2013-04-17 03:41 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys2013-04-17 03:41 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll2013-04-17 03:41 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll2013-04-17 03:41 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll2013-04-17 03:41 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll2013-04-17 03:41 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll2013-04-17 03:41 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll2013-04-17 03:39 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe2013-04-17 03:39 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll2013-04-17 03:39 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2013-04-17 03:39 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2013-04-17 03:39 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll2013-04-17 03:39 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe2013-04-17 03:39 - 2013-02-11 20:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys2013-04-17 03:39 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys==================== One Month Modified Files and Folders =======2013-05-14 20:28 - 2013-05-14 20:28 - 00000000 ____D C:\FRST2013-05-14 16:39 - 2009-12-23 20:40 - 01068590 ____A C:\Windows\WindowsUpdate.log2013-05-14 16:26 - 2010-10-19 19:50 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-05-14 16:13 - 2012-04-25 15:22 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2013-05-14 16:13 - 2012-04-25 15:22 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job2013-05-14 16:13 - 2011-11-16 19:26 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2013-05-14 15:52 - 2010-01-13 17:18 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-767052454-1278637375-1300389408-1001UA.job2013-05-14 15:32 - 2009-07-13 20:45 - 00013760 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-05-14 15:32 - 2009-07-13 20:45 - 00013760 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-05-14 15:25 - 2010-10-19 19:50 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-05-14 15:24 - 2013-05-08 11:28 - 00000728 ____A C:\Windows\setupact.log2013-05-14 15:24 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT2013-05-14 15:06 - 2013-05-09 07:38 - 00000000 ____D C:\Users\Marie\Desktop\security2013-05-14 15:05 - 2013-05-14 15:05 - 00872232 ____A (SetupManager) C:\Users\Marie\Downloads\Setup.exe2013-05-14 14:56 - 2013-05-08 12:56 - 00435388 ____A C:\Windows\PFRO.log2013-05-14 14:56 - 2009-12-23 22:50 - 00000000 ____D C:\ProgramData\Norton2013-05-14 14:53 - 2010-02-22 17:47 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy2013-05-14 14:53 - 2010-02-22 17:47 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy2013-05-14 09:19 - 2013-05-09 03:09 - 00000000 ____D C:\Users\Marie\AppData\Roaming\SearchProtect2013-05-14 09:10 - 2013-05-14 09:10 - 00000278 ____A C:\Windows\Tasks\Spybot - Search & Destroy Updater -  Scheduled Task.job2013-05-14 09:10 - 2013-05-14 09:10 - 00000254 ____A C:\Windows\Tasks\Spybot - Search & Destroy -  Scheduled Task.job2013-05-14 07:06 - 2009-07-13 21:13 - 00732638 ____A C:\Windows\System32\PerfStringBackup.INI2013-05-14 06:56 - 2013-05-14 06:54 - 04745728 ____A (AVAST Software) C:\Users\Marie\Downloads\aswMBR.exe2013-05-14 06:48 - 2013-05-14 06:48 - 00081016 ____A C:\Users\Marie\Downloads\Extras.Txt2013-05-14 06:41 - 2013-05-14 06:41 - 00107336 ____A C:\Users\Marie\Downloads\OTL.Txt2013-05-14 06:17 - 2013-05-14 06:17 - 00602112 ____A (OldTimer Tools) C:\Users\Marie\Downloads\OTL.exe2013-05-13 19:03 - 2010-01-05 10:53 - 00045056 ____A C:\Windows\System32\acovcnt.exe2013-05-13 19:02 - 2013-05-13 19:02 - 00032000 ____A C:\Windows\System32\Drivers\hitmanpro37.sys2013-05-13 19:00 - 2013-05-13 19:00 - 00005158 ____A C:\Windows\System32\.crusader2013-05-13 19:00 - 2013-05-13 18:50 - 00000000 ____D C:\ProgramData\HitmanPro2013-05-13 18:02 - 2013-05-13 18:02 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Malwarebytes2013-05-13 18:02 - 2013-05-13 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes2013-05-13 18:02 - 2013-05-13 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-05-13 13:52 - 2010-01-13 17:18 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-767052454-1278637375-1300389408-1001Core.job2013-05-13 13:40 - 2013-05-13 13:40 - 00000000 ____D C:\SearchProtect2013-05-10 08:34 - 2009-12-23 23:35 - 00000000 ____D C:\ProgramData\Roxio2013-05-10 08:25 - 2009-12-23 23:35 - 00000000 ____D C:\ProgramData\Sonic2013-05-10 07:14 - 2013-05-10 06:51 - 4188979200 ____A C:\Users\Marie\Desktop\BURN_Movie1_Full.mpg2013-05-10 07:14 - 2013-05-08 11:29 - 00046080 __ASH C:\Users\Marie\Desktop\Thumbs.db2013-05-10 06:50 - 2010-05-31 08:25 - 81776816 ____A C:\Users\Marie\AppData\Local\rx_image32.Cache2013-05-09 07:36 - 2013-05-09 07:36 - 00000000 ____D C:\Program Files (x86)\Trend Micro2013-05-09 07:33 - 2013-05-09 07:32 - 01402880 ____A C:\Users\Marie\Downloads\HiJackThis.msi2013-05-08 19:49 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache2013-05-08 12:52 - 2010-02-08 17:34 - 00004277 ____A C:\Windows\WININIT.INI2013-05-08 11:28 - 2013-05-08 11:28 - 00000000 ____A C:\Windows\setuperr.log2013-05-08 08:50 - 2011-06-12 05:55 - 00000000 ____D C:\Windows\Minidump2013-05-08 08:50 - 2010-07-04 11:35 - 00000000 ____D C:\Program Files (x86)\Steam2013-05-08 08:50 - 2010-03-22 10:31 - 00000000 ____D C:\Users\Marie\AppData\Local\CrashDumps2013-05-08 08:42 - 2010-09-27 10:07 - 00000000 ____D C:\Program Files (x86)\CCleaner2013-05-08 04:21 - 2013-05-07 17:07 - 00000000 ____D C:\Users\Marie\AppData\Roaming\LavasoftStatistics2013-05-07 17:52 - 2009-12-26 07:31 - 00000000 ____D C:\Users\Marie\AppData\Local\Google2013-05-07 17:21 - 2013-05-07 17:00 - 00014456 ____A (GFI Software) C:\Windows\System32\Drivers\gfibto.sys2013-05-07 17:19 - 2013-05-07 12:00 - 00000408 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job2013-05-07 17:08 - 2010-01-05 08:13 - 00219771 ____A C:\aaw7boot.log2013-05-07 17:06 - 2013-05-07 17:06 - 00000000 ____D C:\ProgramData\Downloaded Installations2013-05-03 21:10 - 2009-12-23 18:48 - 00000000 ____D C:\users\Marie2013-05-03 20:26 - 2013-03-17 20:03 - 00000000 ____D C:\Users\Marie\Desktop\EDITED2013-05-03 20:15 - 2013-05-03 19:59 - 75504074 ____A C:\Users\Marie\Desktop\Diamonds Are a Girl's Best Friend Dance at 20th Century- The Musical.mp42013-05-03 20:15 - 2013-05-03 19:16 - 00000000 ____D C:\Users\Marie\Desktop\BRITTANY2013-05-03 19:52 - 2013-05-03 19:52 - 00587728 ____A C:\Users\Marie\Downloads\youtubedownloadplayer-setup.exe2013-05-03 19:51 - 2013-05-03 19:51 - 00903072 ____A (Oracle Corporation) C:\Users\Marie\Downloads\jxpiinstall.exe2013-05-03 19:47 - 2013-05-03 19:47 - 01270272 ____A (Bandoo Media Inc) C:\Users\Marie\Downloads\iLividSetup(2).exe2013-05-03 19:47 - 2013-05-03 19:47 - 01270272 ____A (Bandoo Media Inc) C:\Users\Marie\Downloads\iLividSetup(1).exe2013-05-03 19:47 - 2013-05-03 19:47 - 01270048 ____A (Bandoo Media Inc) C:\Users\Marie\Downloads\iLividSetup(3).exe2013-05-03 19:30 - 2009-12-24 11:37 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Roxio2013-05-01 17:40 - 2010-05-31 08:26 - 04216000 ____A C:\Users\Marie\AppData\Local\rx_audio.Cache2013-05-01 15:10 - 2013-05-01 15:09 - 00000000 ____D C:\Users\Marie\Desktop\amazon2013-05-01 15:01 - 2010-05-31 08:26 - 00000000 ____D C:\Users\Marie\Documents\Roxio2013-05-01 05:05 - 2010-01-05 09:18 - 00000000 ____D C:\Users\Marie\Desktop\emfreeman2013-04-28 13:43 - 2013-04-28 13:43 - 02400200 ____A C:\Users\Marie\Downloads\AmazonMP3DownloaderInstall._V371120661_.exe2013-04-28 13:39 - 2013-04-28 13:39 - 00000000 ____D C:\Users\Marie\Documents\Amazon Music Importer2013-04-27 06:45 - 2011-04-24 05:40 - 00000064 ____A C:\Windows\SysWOW64\rp_stats.dat2013-04-27 06:45 - 2011-04-24 05:40 - 00000044 ____A C:\Windows\SysWOW64\rp_rules.dat2013-04-18 14:24 - 2009-07-13 20:45 - 00457280 ____A C:\Windows\System32\FNTCACHE.DAT2013-04-18 11:14 - 2013-04-18 11:12 - 13459032 ____A C:\Users\Marie\Desktop\Gentlemen Prefer Blondes (1953) -- (Movie Clip) Diamonds Are A Girl's Best Friend (1).mp42013-04-18 09:52 - 2012-01-13 08:26 - 00000000 ____D C:\ProgramData\Real2013-04-18 09:51 - 2012-01-13 08:26 - 00000000 ____D C:\Users\Marie\AppData\Roaming\Real2013-04-18 05:33 - 2009-12-23 21:10 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe2013-04-18 05:28 - 2009-12-23 23:06 - 00000000 ____D C:\ProgramData\Microsoft Help2013-04-17 12:39 - 2013-04-17 12:38 - 15678748 ____A C:\Users\Marie\Desktop\Carol Channing sings on 1953 TV (Two songs from _Gentlemen Prefer Blondes_).mp42013-04-17 12:25 - 2013-04-17 12:23 - 00000000 ____D C:\Users\Marie\AppData\Local\Conduit2013-04-17 12:25 - 2013-04-17 12:23 - 00000000 ____D C:\Program Files (x86)\Vgrabber_v12013-04-17 12:23 - 2013-04-17 12:23 - 00000000 ____D C:\Program Files (x86)\SearchProtect2013-04-17 12:23 - 2013-04-17 12:23 - 00000000 ____D C:\Program Files (x86)\Conduit2013-04-17 12:20 - 2013-04-17 12:20 - 01469968 ____A (                                                            ) C:\Users\Marie\Downloads\video_downloader.exe2013-04-17 09:31 - 2013-04-17 09:31 - 00000000 ____D C:\Users\Marie\AppData\Roaming\RealNetworks2013-04-17 09:30 - 2013-04-17 09:30 - 00000000 ____D C:\ProgramData\RealNetworks2013-04-17 09:30 - 2013-04-17 09:30 - 00000000 ____D C:\Program Files (x86)\RealNetworks2013-04-17 09:29 - 2013-04-17 09:29 - 00201872 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll2013-04-17 09:29 - 2012-01-13 08:26 - 00000000 ____D C:\Program Files (x86)\Real2013-04-17 09:28 - 2013-04-17 09:28 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll2013-04-17 09:28 - 2013-04-17 09:28 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll2013-04-17 09:27 - 2009-12-26 07:15 - 00000000 ____D C:\ProgramData\Google2013-04-17 09:26 - 2009-12-26 07:15 - 00000000 ____D C:\Program Files\Google2013-04-17 09:26 - 2009-12-26 07:15 - 00000000 ____D C:\Program Files (x86)\Google==================== Known DLLs (Whitelisted) ==================================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit==================== EXE ASSOCIATION =====================HKLM\...\.exe: exefile => OKHKLM\...\exefile\DefaultIcon: %1 => OKHKLM\...\exefile\open\command: "%1" %* => OK==================== Restore Points  =========================Restore point made on: 2013-05-09 07:36:32==================== Memory info =========================== Percentage of memory in use: 14%Total physical RAM: 4095.11 MBAvailable physical RAM: 3484.75 MBTotal Pagefile: 4093.26 MBAvailable Pagefile: 3478.43 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.88 MB==================== Drives ================================Drive c: (VistaOS) (Fixed) (Total:286.37 GB) (Free:48.01 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]Drive e: (TravelDrive) (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT (Disk=1 Partition=1)Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 97646C29)Partition 1: (Not Active) - (Size=12 GB) - (Type=1C)Partition 2: (Active) - (Size=286 GB) - (Type=07 NTFS)========================================================Disk: 1 (Size: 984 MB) (Disk ID: BDF74F89)Partition 1: (Active) - (Size=984 MB) - (Type=0E)Last Boot: 2013-05-08 19:40==================== End Of Log ======================</blockquote>

Verification

Top