Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-11-2014
Ran by Gary (administrator) on GARY-PC on 02-11-2014 12:38:26
Running from C:\Users\Gary\Downloads
Loaded Profile: Gary (Available profiles: Gary & Linda & Nick & Katie & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(WebEx Communications, Inc.) C:\WINDOWS\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
() C:\WINDOWS\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Corel, Inc.) C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
(Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTxfispi.exe
(Creative Technology Ltd) C:\WINDOWS\SysWOW64\Ctxfihlp.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AML Software - AMLSOFT.COM) C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Google Inc.) C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Gary\Downloads\FRST64 (4).exe
(Google Inc.) C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gary\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSM\McSmtFwk.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [532808 2008-08-08] (Corel, Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [241789 2009-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [532808 2008-08-08] (Corel, Inc.)
HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16712 2008-08-08] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1707472 2013-11-08] (APN)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [AML Registry Cleaner] => C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe [570448 2013-06-24] (AML Software - AMLSOFT.COM)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-10] (Dell)
HKLM-x32\...\runonceex: [ContentMerger] => c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-26] (Sonic Solutions)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-09] (Google Inc.)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [Google Update] => C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-17] (Google Inc.)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-06] (SUPERAntiSpyware)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [HLBackupScheduler] => C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe [19752256 2014-06-15] ()
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1776543140-210536247-3466770518-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Katie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
GroupPolicyUsers\S-1-5-21-1776543140-210536247-3466770518-1005\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1776543140-210536247-3466770518-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1776543140-210536247-3466770518-1003\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USCON/1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore =
http://www.roadrunner.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3003485
SearchScopes: HKCU - {A59C167F-298F-30E1-8F0D-B7ED3F450647} URL =
http://www.startnow.com/s/?q={searc...f11f&browser=IE&os=win&os_version=6.1-x64-SP0
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3003485
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL =
http://search2.inbox.com/search/dis...={searchTerms}&tbid=80114&iwk=289&lng=en&rt=1
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL =
http://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKCU - {F124516E-2A58-4CC7-9F95-C5FBCBF3F08D} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {46A21652-3F93-437D-AAC0-CAA1F6713DA0} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A}
https://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3}
http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E}
http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {DE625294-70E6-45ED-B895-CFFA13AEB044}
http://coyotemoon.statdvr.com/activex/AMC.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
https://linksyssupport.webex.com/client/T27L10NSP11EP13-5395-linksyssupport/support/ieatgpc1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Gary\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Gary\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Gary\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Gary\Music\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-28]
CHR Extension: (Google Wallet) - C:\Users\Gary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-12] (SUPERAntiSpyware.com)
R2 atashost; C:\Windows\SysWOW64\atashost.exe [43912 2010-06-21] (WebEx Communications, Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2010-04-23] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2010-04-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-06-12] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [386424 2010-02-24] (SupportSoft, Inc.)
S2 0130171414939150mcinstcleanup; C:\Windows\TEMP\013017~1.EXE -cleanup -nolog [X]
S2 SessionLauncher; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-02 12:33 - 2014-11-02 12:33 - 00073588 _____ () C:\Users\Gary\Downloads\FRST.1 (2).txt
2014-11-02 12:33 - 2014-11-02 12:33 - 00073588 _____ () C:\Users\Gary\Downloads\FRST.1 (1).txt
2014-11-02 12:31 - 2014-11-02 12:31 - 00073588 _____ () C:\Users\Gary\Downloads\FRST.1.txt
2014-11-02 12:22 - 2014-11-02 12:22 - 02114560 _____ (Farbar) C:\Users\Gary\Downloads\FRST64 (4).exe
2014-11-02 12:17 - 2014-11-02 12:17 - 01106432 _____ (Farbar) C:\Users\Gary\Downloads\FRST.exe
2014-11-02 12:17 - 2014-11-02 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-11-02 12:16 - 2014-11-02 12:16 - 02114560 _____ (Farbar) C:\Users\Gary\Downloads\FRST64 (3).exe
2014-11-02 12:16 - 2014-11-02 12:16 - 02114560 _____ (Farbar) C:\Users\Gary\Downloads\FRST64 (2).exe
2014-11-02 12:15 - 2014-11-02 12:15 - 02114560 _____ (Farbar) C:\Users\Gary\Downloads\FRST64 (1).exe
2014-11-02 12:11 - 2014-11-02 12:11 - 00000854 _____ () C:\Windows\PFRO.log
2014-11-02 12:11 - 2014-11-02 12:11 - 00000056 _____ () C:\Windows\setupact.log
2014-11-02 12:11 - 2014-11-02 12:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-01 10:12 - 2014-11-01 10:12 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Gary\Downloads\SpyHunter-Installer.exe
2014-11-01 10:09 - 2014-11-01 10:09 - 00043109 _____ () C:\Users\Gary\Downloads\Addition Farbar.txt
2014-11-01 10:02 - 2014-11-01 10:06 - 00043109 _____ () C:\Users\Gary\Downloads\Addition.txt
2014-11-01 10:01 - 2014-11-02 12:38 - 00029947 _____ () C:\Users\Gary\Downloads\FRST.txt
2014-11-01 10:00 - 2014-11-02 12:38 - 00000000 ____D () C:\FRST
2014-11-01 09:59 - 2014-11-01 09:59 - 02114048 _____ (Farbar) C:\Users\Gary\Downloads\FRST64.exe
2014-11-01 06:54 - 2014-11-02 12:13 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-01 06:54 - 2014-11-01 06:54 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-01 06:54 - 2014-11-01 06:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-01 06:54 - 2014-11-01 06:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-01 06:54 - 2014-11-01 06:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-01 06:54 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-01 06:54 - 2014-10-01 10:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-01 06:54 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-01 06:52 - 2014-11-01 06:53 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Gary\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-11-01 06:40 - 2014-11-01 06:41 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Gary\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-01 00:39 - 2014-11-01 00:47 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\McAfee TechCheck
2014-11-01 00:39 - 2014-11-01 00:39 - 03159112 _____ () C:\Users\Gary\Downloads\McAfee_TechCheck.exe
2014-10-31 04:26 - 2014-10-31 04:26 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Dropbox
2014-10-31 04:22 - 2014-10-31 04:22 - 01059840 _____ () C:\Users\Gary\Downloads\Unconfirmed 83487.crdownload
2014-10-31 04:21 - 2014-10-31 04:21 - 00353101 _____ () C:\Users\Gary\Downloads\MicrosoftFixit20084.mini.diagcab
2014-10-30 17:14 - 2014-10-30 17:14 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\AVAST Software
2014-10-30 17:11 - 2014-11-01 00:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Avast Free Antivirus and Options
2014-10-30 17:11 - 2014-10-30 20:59 - 00000000 ____D () C:\Program Files (x86)\Avast Free Antivirus and Options
2014-10-30 17:06 - 2014-10-30 17:06 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-30 17:03 - 2014-10-30 17:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-29 20:33 - 2014-10-29 20:33 - 00000000 ____D () C:\Users\Gary\AppData\Local\{9B10D66C-2450-42E1-8BCC-EABA355869F6}
2014-10-29 20:18 - 2014-10-29 20:18 - 00000000 ____D () C:\ProgramData\Unknown
2014-10-29 20:14 - 2014-10-30 17:18 - 00000000 ____D () C:\ProgramData\TweakBit
2014-10-29 20:13 - 2014-10-31 21:18 - 00000000 ____D () C:\Windows\System32\Tasks\TweakBit
2014-10-29 20:13 - 2014-10-29 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2014-10-29 20:13 - 2014-10-29 20:19 - 00000000 ____D () C:\Program Files (x86)\TweakBit
2014-10-29 19:58 - 2014-10-31 21:18 - 00000000 ____D () C:\Users\Gary\Documents\Autoruns
2014-10-29 17:50 - 2014-10-29 17:50 - 00417064 _____ () C:\Users\Gary\Downloads\DellSystemDetect (1).exe
2014-10-29 03:58 - 2014-10-30 16:56 - 00001368 _____ () C:\ProgramData\@system.att
2014-10-28 21:28 - 2014-10-30 16:56 - 00087200 _____ () C:\ProgramData\wrnhoah.tmp
2014-10-28 20:42 - 2014-10-28 20:42 - 00008536 _____ () C:\Users\Gary\Downloads\DECRYPT_INSTRUCTION.HTML
2014-10-28 20:42 - 2014-10-28 20:42 - 00008536 _____ () C:\Users\Gary\Documents\DECRYPT_INSTRUCTION.HTML
2014-10-28 20:42 - 2014-10-28 20:42 - 00004208 _____ () C:\Users\Gary\Downloads\DECRYPT_INSTRUCTION.TXT
2014-10-28 20:42 - 2014-10-28 20:42 - 00004208 _____ () C:\Users\Gary\Documents\DECRYPT_INSTRUCTION.TXT
2014-10-28 20:42 - 2014-10-28 20:42 - 00000272 _____ () C:\Users\Gary\Downloads\INSTALL_TOR.URL
2014-10-28 20:42 - 2014-10-28 20:42 - 00000272 _____ () C:\Users\Gary\Documents\INSTALL_TOR.URL
2014-10-28 20:39 - 2014-10-28 20:39 - 00008536 _____ () C:\Users\Gary\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-10-28 20:39 - 2014-10-28 20:39 - 00008536 _____ () C:\Users\Gary\AppData\DECRYPT_INSTRUCTION.HTML
2014-10-28 20:39 - 2014-10-28 20:39 - 00004208 _____ () C:\Users\Gary\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-10-28 20:39 - 2014-10-28 20:39 - 00004208 _____ () C:\Users\Gary\AppData\DECRYPT_INSTRUCTION.TXT
2014-10-28 20:39 - 2014-10-28 20:39 - 00000272 _____ () C:\Users\Gary\AppData\Roaming\INSTALL_TOR.URL
2014-10-28 20:39 - 2014-10-28 20:39 - 00000272 _____ () C:\Users\Gary\AppData\INSTALL_TOR.URL
2014-10-28 20:38 - 2014-10-28 20:38 - 00008536 _____ () C:\Users\Gary\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-10-28 20:38 - 2014-10-28 20:38 - 00004208 _____ () C:\Users\Gary\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-10-28 20:38 - 2014-10-28 20:38 - 00000272 _____ () C:\Users\Gary\AppData\Local\INSTALL_TOR.URL
2014-10-28 20:01 - 2014-10-28 20:01 - 00008536 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.HTML
2014-10-28 20:01 - 2014-10-28 20:01 - 00004208 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-10-28 20:01 - 2014-10-28 20:01 - 00000272 _____ () C:\ProgramData\INSTALL_TOR.URL
2014-10-28 19:58 - 2014-10-30 16:56 - 00001104 ____H () C:\ProgramData\@system2.att
2014-10-28 19:58 - 2014-10-29 15:13 - 00000000 ___HD () C:\4457414
2014-10-28 19:58 - 2014-10-28 19:58 - 00000448 ____H () C:\Users\Gary\AppData\Roaming\麽鎒駓覜
2014-10-28 18:20 - 2014-10-28 18:20 - 00000676 _____ () C:\Users\Gary\Desktop\Welcome to Facebook - Log In, Sign Up or Learn More.url
2014-10-28 18:10 - 2014-10-28 18:10 - 00000246 _____ () C:\Users\Gary\Desktop\Latest News, Entertainment, Sports & TV Headlines.url
2014-10-28 05:08 - 2014-10-28 05:08 - 00000000 ____D () C:\Users\Katie\AppData\Local\{A5CC5715-F6D3-4D48-A2A0-B9D140D6ABA3}
2014-10-28 03:56 - 2014-10-28 03:56 - 00007597 _____ () C:\Users\Gary\AppData\Local\Resmon.ResmonCfg
2014-10-27 19:19 - 2014-10-28 16:07 - 00100864 ___SH () C:\Users\Gary\Desktop\Thumbs.db
2014-10-27 18:49 - 2014-10-27 18:49 - 02885600 _____ (AML SOFTWARE ) C:\Users\Gary\Downloads\regcleaner.exe
2014-10-27 15:11 - 2014-10-27 15:11 - 00000000 ____D () C:\Users\Katie\AppData\Local\{1C0A8398-9D86-49E7-B03E-891FC2D66709}
2014-10-26 19:36 - 2014-10-26 19:36 - 04974864 _____ (Piriform Ltd) C:\Users\Gary\Downloads\ccsetup419.exe
2014-10-25 12:09 - 2014-10-25 12:09 - 00000000 ____D () C:\Users\Katie\AppData\Local\{067F7640-1B62-4520-A34E-F90F4BD8D409}
2014-10-25 07:58 - 2014-10-25 07:58 - 00001520 _____ () C:\Users\Gary\Documents\Brunswick Stew.txt
2014-10-21 13:40 - 2014-10-31 21:31 - 00000000 ____D () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-10-15 18:55 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 18:55 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 04:05 - 2014-10-15 04:06 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-15 04:05 - 2014-10-15 04:05 - 00638888 _____ (Oracle Corporation) C:\Users\Gary\Downloads\chromeinstall-8u25.exe
2014-10-15 04:05 - 2014-10-15 04:05 - 00638888 _____ (Oracle Corporation) C:\Users\Gary\Downloads\chromeinstall-8u25 (1).exe
2014-10-15 04:05 - 2014-10-15 04:04 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-15 04:05 - 2014-10-15 04:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-15 04:05 - 2014-10-15 04:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-15 04:01 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-10-15 04:01 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-15 04:01 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-15 04:01 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-10-15 04:01 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-10-15 04:01 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-15 04:01 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-15 04:01 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-10-15 04:01 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-10-15 04:01 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-10-15 04:01 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-10-15 04:01 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-10-15 04:01 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-15 04:01 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 04:01 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-15 04:01 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 03:57 - 2014-10-15 03:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-15 03:57 - 2014-10-15 03:57 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-14 23:07 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-14 23:07 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-14 23:07 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-14 23:07 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-14 23:07 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-14 23:07 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-14 23:07 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-14 23:06 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-14 23:06 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-14 23:06 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-14 23:06 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-14 23:06 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-14 23:06 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-14 23:06 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-14 23:06 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-14 23:06 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-14 23:06 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-14 23:06 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-14 23:06 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-14 23:06 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-14 23:06 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-14 23:06 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-14 23:06 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-14 23:06 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-14 23:06 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-14 23:06 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-14 23:06 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-14 23:06 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-14 23:06 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-14 23:06 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-14 23:06 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-14 23:06 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-14 23:06 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-14 23:06 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-14 23:06 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-14 23:06 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-14 23:06 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-14 23:06 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-14 23:06 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-14 23:06 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-14 23:06 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-14 23:06 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-14 23:06 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-14 23:06 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-14 23:06 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-14 23:06 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-14 23:06 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-14 23:06 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-14 23:06 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-14 23:06 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-14 23:06 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-14 23:06 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-14 23:06 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-14 23:06 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-14 23:06 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-14 23:06 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-14 23:06 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-14 23:06 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-14 23:06 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-14 23:06 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-14 23:06 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-14 23:06 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-14 23:06 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-14 23:06 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-14 23:06 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-14 23:06 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-14 23:06 - 2014-08-18 22:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-14 23:06 - 2014-08-18 22:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-14 23:06 - 2014-08-18 22:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-14 23:06 - 2014-08-18 22:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-14 23:06 - 2014-08-18 22:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-14 23:06 - 2014-08-18 22:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-14 23:06 - 2014-08-18 22:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-14 23:06 - 2014-08-18 22:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-14 23:06 - 2014-08-18 22:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-14 23:06 - 2014-08-18 22:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-14 23:06 - 2014-08-18 21:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-14 23:06 - 2014-08-18 21:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-14 23:06 - 2014-08-18 21:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-14 23:06 - 2014-07-06 21:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-14 23:06 - 2014-07-06 21:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-14 23:06 - 2014-07-06 21:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-14 23:06 - 2014-07-06 21:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-14 23:06 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-14 23:06 - 2014-07-06 21:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-14 23:06 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-14 23:06 - 2014-07-06 21:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-14 23:06 - 2014-07-06 21:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-14 23:06 - 2014-07-06 21:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-14 23:06 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-14 23:06 - 2014-07-06 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-14 23:06 - 2014-07-06 20:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-14 23:06 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-14 23:06 - 2014-07-06 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-14 23:06 - 2014-07-06 20:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-14 23:06 - 2014-07-06 20:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-14 23:06 - 2014-07-06 20:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-14 23:06 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-14 23:06 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-14 23:06 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-14 23:06 - 2014-06-27 19:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-14 23:06 - 2014-06-27 19:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-14 23:06 - 2014-06-27 19:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-14 23:05 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-14 23:05 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-14 23:05 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 23:05 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-14 23:05 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-14 23:05 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-14 23:05 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-14 23:05 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-14 23:05 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-14 23:05 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-14 23:05 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-14 23:05 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-14 23:05 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-14 23:05 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-14 23:05 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-14 23:05 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-14 23:05 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-13 05:24 - 2014-10-13 05:24 - 00001893 _____ () C:\Users\Gary\Desktop\Crust Check-Up The Feed.url
2014-10-12 19:16 - 2014-10-12 19:16 - 00001270 _____ () C:\Users\Public\Desktop\NCH Suite.lnk
2014-10-12 19:16 - 2014-10-12 19:16 - 00001132 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2014-10-12 19:16 - 2014-10-12 19:16 - 00001120 _____ () C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2014-10-12 14:15 - 2014-10-12 14:15 - 00000999 _____ () C:\Users\Gary\Desktop\Wednesday's Lottery Numbers & Results for New York.url
2014-10-11 14:14 - 2014-10-11 14:14 - 00000000 ____D () C:\Users\Katie\AppData\Local\{455C41C2-6A22-499B-B9B5-B4EDD9311660}
2014-10-09 20:32 - 2014-10-09 20:32 - 00000935 _____ () C:\Users\Gary\Desktop\Amazon.com Repair Kit, LG 37LC7D, LCD Monitor, Capacitors, Not the Entire Board Electronics.url
2014-10-06 15:01 - 2014-10-06 15:01 - 00003057 _____ () C:\Users\Gary\Desktop\HowTo Parts for Sea Doo 4-TEC Winterizing, Oil Change, and Annual Service Steve Jenkins' Blog.url
2014-10-05 13:23 - 2014-10-05 13:23 - 00000000 ____D () C:\Users\Katie\AppData\Local\{A76FBABB-1296-428D-B864-2B3F6A1EEBB0}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-02 12:35 - 2014-02-06 21:07 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA1cf23a95ab00a5d.job
2014-11-02 12:21 - 2009-07-13 23:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-02 12:21 - 2009-07-13 23:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-02 12:19 - 2009-07-14 00:10 - 01972208 _____ () C:\Windows\WindowsUpdate.log
2014-11-02 12:17 - 2012-12-11 16:37 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005UA.job
2014-11-02 12:17 - 2009-07-14 00:13 - 00786662 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 12:13 - 2014-03-19 15:03 - 00000000 ____D () C:\Users\Gary\AppData\Local\Backup Assistant Plus
2014-11-02 12:13 - 2014-01-15 05:10 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-11-02 12:13 - 2012-02-02 05:49 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-02 12:13 - 2010-06-09 20:55 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-02 12:13 - 2010-06-09 20:15 - 00000000 ____D () C:\Users\Gary\AppData\Local\SoftThinks
2014-11-02 12:13 - 2010-04-24 00:07 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-11-02 12:13 - 2010-04-24 00:07 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-11-02 12:13 - 2010-04-23 23:47 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-11-02 12:11 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-02 11:49 - 2011-01-12 21:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-02 11:09 - 2011-08-31 09:59 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA.job
2014-11-02 11:06 - 2012-04-02 18:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-02 10:55 - 2010-06-09 20:55 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-02 09:39 - 2012-06-27 16:30 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-11-02 09:39 - 2010-04-24 00:01 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-11-02 09:28 - 2011-04-04 04:15 - 00000000 ____D () C:\Windows\Sun
2014-11-01 08:01 - 2011-10-27 14:36 - 00000000 ____D () C:\Program Files (x86)\searchresultstb
2014-11-01 03:00 - 2012-04-09 20:31 - 00000412 _____ () C:\Windows\Tasks\vtscheduletask.job
2014-11-01 00:36 - 2012-06-27 16:30 - 00000000 ____D () C:\Program Files\McAfee
2014-11-01 00:18 - 2010-06-09 20:15 - 00000000 ____D () C:\Users\Gary
2014-10-31 22:40 - 2014-03-21 18:00 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-10-31 22:39 - 2011-10-09 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2014-10-31 22:33 - 2012-11-30 21:34 - 00000000 ____D () C:\Users\Linda
2014-10-31 22:33 - 2011-10-27 14:37 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 Rocket
2014-10-31 22:33 - 2011-02-26 21:32 - 00000000 ____D () C:\Users\Guest
2014-10-31 22:33 - 2010-08-24 08:58 - 00000000 ____D () C:\Users\Katie
2014-10-31 22:33 - 2010-06-10 18:25 - 00000000 ____D () C:\Users\Nick
2014-10-31 22:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-10-31 22:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\servicing
2014-10-31 22:32 - 2010-06-10 04:40 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-31 21:32 - 2014-01-30 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-10-31 21:32 - 2013-10-29 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-31 21:32 - 2012-07-14 12:41 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-10-31 21:32 - 2010-06-21 19:46 - 00000000 ____D () C:\ProgramData\WebEx
2014-10-31 21:31 - 2014-03-19 15:03 - 00000000 ____D () C:\Program Files\Verizon Cloud
2014-10-31 21:31 - 2011-10-09 20:01 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2014-10-31 21:31 - 2011-02-08 19:47 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-10-31 21:31 - 2011-01-25 21:35 - 00000000 ____D () C:\Program Files (x86)\MP3 Rocket
2014-10-31 21:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-10-31 21:17 - 2012-10-26 16:44 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Nitro PDF
2014-10-31 21:17 - 2011-01-25 21:35 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\MP3Rocket
2014-10-31 21:17 - 2010-11-22 22:35 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Corel
2014-10-31 21:17 - 2010-06-09 20:52 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Adobe
2014-10-31 19:49 - 2014-08-11 14:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-31 19:49 - 2013-10-29 20:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-31 19:49 - 2012-02-02 05:49 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-10-31 19:49 - 2011-02-08 19:42 - 00000000 ____D () C:\ProgramData\HP
2014-10-31 19:49 - 2011-01-20 05:23 - 00000000 ____D () C:\ProgramData\Intuit
2014-10-31 19:49 - 2010-11-22 22:33 - 00000000 ____D () C:\ProgramData\Corel
2014-10-31 19:49 - 2010-07-19 16:32 - 00000000 __RHD () C:\MSOCache
2014-10-31 19:49 - 2010-06-14 20:24 - 00000000 ____D () C:\Users\Gary\AppData\Local\Microsoft Games
2014-10-31 19:49 - 2010-06-09 20:53 - 00000000 ____D () C:\Users\Gary\AppData\Local\Google
2014-10-31 19:49 - 2010-04-23 23:49 - 00000000 ____D () C:\ProgramData\Dell
2014-10-31 19:49 - 2010-04-23 23:48 - 00000000 ____D () C:\ProgramData\PCDr
2014-10-29 19:34 - 2010-06-09 20:53 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Google
2014-10-29 17:46 - 2010-06-14 19:19 - 00000000 ____D () C:\Users\Gary\AppData\Local\Deployment
2014-10-28 20:41 - 2014-05-08 17:38 - 00000000 ____D () C:\Users\Gary\Documents\Cart plans
2014-10-28 20:41 - 2013-06-20 16:39 - 00000000 ____D () C:\Users\Gary\Documents\Receipes
2014-10-28 20:41 - 2011-03-02 15:58 - 00000000 ____D () C:\Users\Gary\Documents\My Scans
2014-10-28 20:41 - 2010-12-28 20:05 - 00000000 ____D () C:\Users\Gary\Documents\Outlook Files
2014-10-28 20:41 - 2010-11-12 18:56 - 00000000 ____D () C:\Users\Gary\Documents\New folder
2014-10-28 20:40 - 2012-11-12 08:57 - 00000000 ____D () C:\Users\Gary\Desktop\the Cottage
2014-10-28 20:39 - 2012-12-16 16:31 - 00000000 ____D () C:\Users\Gary\Desktop\Christmas Party
2014-10-28 20:39 - 2012-02-02 05:49 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\SUPERAntiSpyware.com
2014-10-28 20:39 - 2011-10-09 21:06 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Roxio
2014-10-28 20:39 - 2011-06-04 08:48 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\PCDr
2014-10-28 20:39 - 2010-12-13 20:26 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Registry Mechanic
2014-10-28 20:38 - 2013-05-12 12:18 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\JimbobSoft
2014-10-28 20:38 - 2011-04-26 19:54 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\GARMIN
2014-10-28 20:38 - 2011-02-08 19:59 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\HP
2014-10-28 20:38 - 2011-01-29 07:24 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Amazon
2014-10-28 20:38 - 2011-01-16 12:21 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Apple Computer
2014-10-28 20:38 - 2010-06-09 20:20 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Dell
2014-10-28 20:37 - 2010-11-22 22:45 - 00000000 ____D () C:\Users\Gary\AppData\Local\Corel
2014-10-28 20:01 - 2011-01-16 12:21 - 00000000 ____D () C:\Users\Gary\AppData\Local\Apple Computer
2014-10-28 20:01 - 2010-09-29 19:18 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-10-28 20:00 - 2014-05-30 20:28 - 00000000 ____D () C:\ProgramData\FitbitConnect
2014-10-28 19:59 - 2010-12-28 20:33 - 00000000 ____D () C:\ProgramData\Avery
2014-10-28 14:34 - 2011-02-26 21:30 - 00000632 __RSH () C:\Users\Gary\ntuser.pol
2014-10-28 05:08 - 2010-08-24 09:57 - 00000000 ____D () C:\Users\Katie\Tracing
2014-10-27 19:16 - 2012-02-13 20:50 - 00000000 ____D () C:\Users\Gary\New folder (2)
2014-10-27 19:16 - 2012-02-13 20:50 - 00000000 ____D () C:\Users\Gary\New folder
2014-10-27 19:16 - 2011-01-20 05:29 - 00000000 ____D () C:\Users\Gary\Documents\TurboTax
2014-10-27 18:50 - 2011-03-07 20:25 - 00001224 _____ () C:\Users\Gary\Desktop\AML Free Registry Cleaner.lnk
2014-10-27 18:50 - 2011-03-07 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AML Free Registry Cleaner
2014-10-27 18:35 - 2014-03-28 22:13 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core1cf4afcedbeedb2.job
2014-10-27 16:09 - 2011-08-31 09:59 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core.job
2014-10-27 16:02 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-27 15:23 - 2012-12-11 16:38 - 00002367 _____ () C:\Users\Katie\Desktop\Google Chrome.lnk
2014-10-27 15:17 - 2012-12-11 16:37 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005Core.job
2014-10-27 15:12 - 2012-12-11 16:37 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005UA
2014-10-27 15:12 - 2012-12-11 16:37 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1005Core
2014-10-27 15:11 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-27 10:02 - 2013-05-22 08:06 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-10-26 19:36 - 2010-11-05 21:29 - 00001019 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-26 19:36 - 2010-11-05 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-26 19:36 - 2010-06-09 22:15 - 00000000 ____D () C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-26 19:36 - 2010-06-09 22:15 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-10-26 19:03 - 2011-10-09 20:02 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-10-26 18:51 - 2010-06-09 20:20 - 00000000 ____D () C:\Users\Gary\AppData\Local\Stardock_Corporation
2014-10-26 18:51 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-26 18:51 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-26 18:47 - 2010-04-23 23:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-25 20:00 - 2010-04-23 23:40 - 00000000 ____D () C:\Program Files\Java
2014-10-18 00:50 - 2010-06-09 20:55 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-18 00:50 - 2010-06-09 20:55 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 18:30 - 2014-03-28 22:13 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000Core1cf4afcedbeedb2
2014-10-17 18:30 - 2014-02-06 21:07 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1776543140-210536247-3466770518-1000UA1cf23a95ab00a5d
2014-10-15 03:57 - 2011-06-15 04:18 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-15 03:57 - 2010-04-23 23:45 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-15 03:52 - 2013-12-11 05:04 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-15 02:44 - 2009-07-13 23:45 - 00596192 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-15 02:42 - 2014-05-06 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 02:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-15 02:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 02:26 - 2010-07-19 16:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 02:22 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 02:00 - 2010-06-11 15:35 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-12 19:16 - 2011-10-09 20:02 - 00000000 ____D () C:\ProgramData\NCH Software
2014-10-08 04:21 - 2014-02-11 22:22 - 00000336 _____ () C:\Users\Gary\Documents\401-k.txt
Some content of TEMP:
====================
C:\Users\Katie\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Katie\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Katie\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Katie\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Katie\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Katie\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Katie\AppData\Local\Temp\wbydoebd.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed