kuttus

Level 2
Verified
Hi and welcome to the MalwareTips.com forums!

I'm Kuttus and I am going to try to assist you with your problem. Please take note of the below:
  • I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.


Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
<hr />

STEP 1: Run a scan with OTL by OldTimer
<ol><li>Download the OTL utility using the below link :
<><a title="External link" href="http://oldtimer.geekstogo.com/OTL.exe" rel="nofollow external">OTL DOWNLOAD LINK</a> <em>(This link will automatically download OTL on your computer)</em></></li>
<li>Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
<img src="http://malwaretips.com/blogs/wp-content/uploads/2012/07/OTL-logo.png" alt="" title="OTL-logo" width="106" height="118" class="alignnone size-full wp-image-3946" /></li>
<li>When the window appears, <>underneath Output</> at the top change it to <>Minimal Output</>.</li>
<li>Check the boxes beside <>LOP Check</> and <>Purity Check</>.</li>
<li>Click the<> Run Scan</> button.
<img src="http://malwaretips.com/blogs/wp-content/uploads/2012/07/OTL.png" alt="" title="OTL" width="658" height="584" class="alignnone size-full wp-image-3945" /></li>
<li>When the scan completes, it will open two notepad windows. <>OTL.Txt</> and <>Extras.Txt</>. These are saved in the same location as OTL.
<>Please post this 2 logs in your first reply.</>.</li></ol>

Settings You need to Select in OTL
  1. Click the Scan All Users checkbox.
  2. Change Standard Registry to All.
  3. Check the boxes beside LOP Check and Purity Check.
<em>Note: If OTL.exe will not run, it may be blocked by malware. Try these alternate versions: <a title="External link" href="http://www.itxassociates.com/OT-Tools/OTL.scr" rel="nofollow external">OTL.scr</a>, or <a title="External link" href="http://oldtimer.geekstogo.com/OTL.com" rel="nofollow external">OTL.com</a>.</em>

<hr />
 
Last edited by a moderator:

matherly

New Member
Here are the OTL scan results (there was only one file):

OTL logfile created on: 8/6/2013 4:59:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matt & Trish\Desktop\Virus Fix
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 3.16 Gb Available Physical Memory | 79.68% Memory free
7.93 Gb Paging File | 6.42 Gb Available in Paging File | 80.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.07 Gb Total Space | 398.87 Gb Free Space | 68.29% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 1.87 Gb Free Space | 15.58% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 58.54 Gb Free Space | 6.28% Space Free | Partition Type: NTFS
Drive H: | 1.92 Gb Total Space | 1.87 Gb Free Space | 97.41% Space Free | Partition Type: FAT

Computer Name: HPHOME | User Name: Matt & Trish | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\FingerPrint\FingerPrintService.exe (Collobos Software)
PRC - C:\Users\Matt & Trish\Desktop\Virus Fix\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)


========== Modules (No Company Name) ==========

MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (EpsonCustomerParticipation) -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV:64bit: - (EpsonScanSvc) -- C:\Windows\SysNative\escsvc64.exe (Seiko Epson Corporation)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FingerPrint) -- C:\Program Files (x86)\FingerPrint\FingerPrintService.exe (Collobos Software)
SRV - (Ad-Aware Service) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (IntuitUpdateServiceV4) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
SRV - (SBAMSvc) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (IS360service) -- C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McShield) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe (McAfee, Inc.)
SRV - (McTaskManager) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe (McAfee, Inc.)
SRV - (McAfeeEngineService) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe (McAfee, Inc.)
SRV - (McAfeeFramework) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe (McAfee, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)


========== Driver Services (SafeList) ==========

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (GFI Software)
DRV:64bit: - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software)
DRV:64bit: - (SBRE) -- C:\Windows\SysNative\drivers\sbredrv.sys (GFI Software)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FlyUsb) -- C:\Windows\SysNative\drivers\FlyUsb.sys (LeapFrog)
DRV:64bit: - (rcmirror) -- C:\Windows\SysNative\drivers\rcmirror.sys (Windows (R) Windows 7 DDK provider)
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mfetdik) -- C:\Windows\SysNative\drivers\mfetdik.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation)
DRV:64bit: - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation)
DRV:64bit: - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (SBRE) -- C:\Windows\SysWOW64\drivers\SBREDrv.sys (GFI Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {07F24199-B9B3-4FCE-8E61-D8A52D3160B9}
IE:64bit: - HKLM\..\SearchScopes\{07F24199-B9B3-4FCE-8E61-D8A52D3160B9}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{D17F3BD8-7F8A-4327-86C7-AB997C617695}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {c1d89ae7-449d-4929-b24b-fded04adbe06}
IE - HKLM\..\SearchScopes\{07F24199-B9B3-4FCE-8E61-D8A52D3160B9}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
IE - HKLM\..\SearchScopes\{D17F3BD8-7F8A-4327-86C7-AB997C617695}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {2D3840DB-B9C0-4ABD-B8E9-F9F779D091B9}
IE - HKCU\..\SearchScopes\{07F24199-B9B3-4FCE-8E61-D8A52D3160B9}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR&pc=HPDTDF
IE - HKCU\..\SearchScopes\{2D3840DB-B9C0-4ABD-B8E9-F9F779D091B9}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{BA27A804-3862-42BF-8C56-90593CDCAC1C}: C:\Users\Matt & Trish\AppData\Local\{BA27A804-3862-42BF-8C56-90593CDCAC1C}\ [2010/12/19 12:21:12 | 000,000,000 | ---D | M]

[2011/10/29 21:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt & Trish\AppData\Roaming\Mozilla\Extensions
[2011/10/29 21:33:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt & Trish\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2013/08/05 21:52:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files (x86)\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files (x86)\Shareaza\RazaWebHook32.dll (Shareaza Development Team)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O8 - Extra context menu item: Download with &Shareaza - C:\Program Files (x86)\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.11.2)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9970062F-2247-4B47-9D60-9208BB0F8138}: NameServer = 192.168.0.1,205.171.3.25
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/05 23:20:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/08/05 23:01:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/05 22:34:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2013/08/05 22:34:33 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/08/05 22:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/08/05 22:16:06 | 000,000,000 | ---D | C] -- C:\Users\Matt & Trish\Desktop\RK_Quarantine
[2013/08/05 21:37:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/08/05 21:37:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/08/05 21:37:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/08/05 21:31:41 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/05 21:31:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/08/05 21:27:37 | 000,000,000 | ---D | C] -- C:\Users\Matt & Trish\Desktop\Virus Fix
[2013/08/04 13:14:02 | 000,000,000 | ---D | C] -- C:\Users\Matt & Trish\Desktop\Disney Cruise
[2013/07/14 07:00:53 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/07/13 21:36:49 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/07/13 21:36:48 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/07/13 21:36:48 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/07/13 21:36:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/13 21:36:47 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/07/13 21:36:47 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/07/13 21:36:47 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/07/13 21:36:46 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/07/13 21:36:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/07/13 21:36:46 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/07/13 21:36:46 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/07/13 21:36:46 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/07/13 21:36:46 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/07/13 21:36:45 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/13 21:36:45 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/07/13 21:36:45 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/07/13 21:36:45 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/07/13 21:36:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/07/13 21:36:45 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/07/13 21:36:44 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/13 21:36:44 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/07/13 21:36:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/13 21:36:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/07/13 21:36:43 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/07/13 21:36:43 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/07/13 21:36:43 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/07/13 21:36:43 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/07/13 21:36:43 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/07/13 21:36:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/13 21:36:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/13 21:36:43 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/07/13 21:36:41 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/07/13 21:36:41 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/07/13 21:36:41 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/07/13 21:36:41 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/07/13 21:36:41 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/07/13 21:36:41 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/07/13 21:36:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/07/13 21:36:41 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/13 21:36:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/07/13 21:36:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/13 21:36:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/13 21:36:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/13 21:36:40 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/07/13 21:36:40 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/07/13 21:36:40 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/13 21:36:40 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/07/13 21:36:40 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/07/13 21:36:40 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/07/13 21:36:40 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/07/13 21:36:40 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/07/13 21:36:40 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/07/13 21:36:40 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/07/13 21:36:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/07/13 21:36:39 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/13 21:36:39 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/13 21:36:39 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/13 21:36:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/07/13 21:36:39 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/13 21:36:39 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/07/13 21:36:39 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/07/13 21:36:39 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/07/13 21:36:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/07/13 21:36:39 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/07/13 21:36:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/07/13 21:36:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/07/13 21:36:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/07/13 21:36:39 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/07/13 21:34:01 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/13 21:34:01 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/13 21:34:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/13 21:34:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/13 21:34:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/13 21:34:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/13 21:34:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/13 21:34:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/13 21:34:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/13 21:34:00 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/07/13 21:34:00 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/07/13 21:34:00 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/07/13 21:34:00 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/07/13 21:34:00 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/07/13 21:34:00 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/07/13 21:34:00 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/07/13 21:34:00 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/07/13 21:34:00 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/07/13 21:34:00 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/07/13 21:34:00 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/07/13 21:34:00 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/07/13 21:34:00 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/13 21:34:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/13 21:34:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/13 21:34:00 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/13 21:33:59 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/07/13 21:33:59 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/07/13 21:33:59 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/07/13 21:33:59 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/07/13 21:33:59 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/07/13 21:33:59 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/07/13 21:33:59 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/07/13 21:33:59 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/07/13 21:33:59 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/07/13 21:33:59 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/07/10 06:46:58 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/10 06:46:57 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/10 06:46:56 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/10 06:46:56 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/09 20:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2013/07/09 20:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 3
[2013/07/09 20:46:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 3
[2009/12/24 21:03:51 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Matt & Trish\AppData\Roaming\pcouffin.sys
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/08/06 16:54:53 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/06 16:54:53 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/06 16:54:53 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/06 16:50:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/06 06:43:24 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/06 06:43:24 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/05 23:33:41 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 3.job
[2013/08/05 23:32:44 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013/08/05 23:32:23 | 3193,839,616 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/05 22:34:33 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/08/05 21:52:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/08/05 17:07:55 | 000,001,406 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130729_111116 - Shortcut.lnk
[2013/08/05 13:24:38 | 001,174,037 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_195117.jpg
[2013/08/05 09:00:07 | 000,001,870 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/08/04 13:09:23 | 002,344,989 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130730_112631.jpg
[2013/08/03 18:25:12 | 002,463,372 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130730_101824 (Matt Matherly's conflicted copy 2013-08-03).jpg
[2013/08/03 18:24:07 | 001,600,302 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130729_175916.jpg
[2013/08/03 18:13:01 | 001,599,130 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_152049.jpg
[2013/08/03 18:05:52 | 000,001,040 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\Dropbox.lnk
[2013/08/03 09:56:15 | 001,614,035 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_120824.jpg
[2013/08/03 09:55:45 | 001,812,119 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_104848.jpg
[2013/08/03 09:55:29 | 003,309,955 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_104841.jpg
[2013/08/03 09:53:48 | 002,391,772 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_103437.jpg
[2013/08/03 09:22:16 | 002,864,386 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130729_111116.jpg
[2013/08/03 08:03:52 | 002,283,601 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_181441.jpg
[2013/08/03 08:01:55 | 003,481,582 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_151923.jpg
[2013/08/03 07:59:17 | 002,791,683 | ---- | M] () -- C:\Users\Matt & Trish\Desktop\20130731_125247.jpg
[2013/07/14 06:46:55 | 000,462,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/13 21:36:49 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/07/13 21:36:48 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/07/13 21:36:48 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/07/13 21:36:48 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/13 21:36:47 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/07/13 21:36:47 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/07/13 21:36:47 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/07/13 21:36:46 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/07/13 21:36:46 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/07/13 21:36:46 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/07/13 21:36:46 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/07/13 21:36:46 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/07/13 21:36:46 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/07/13 21:36:45 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/13 21:36:45 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/07/13 21:36:45 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/07/13 21:36:45 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/07/13 21:36:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/07/13 21:36:45 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/07/13 21:36:44 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/13 21:36:44 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/07/13 21:36:44 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/13 21:36:44 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/07/13 21:36:43 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/07/13 21:36:43 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/07/13 21:36:43 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/07/13 21:36:43 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/07/13 21:36:43 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/07/13 21:36:43 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/13 21:36:43 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/13 21:36:43 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/07/13 21:36:43 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/07/13 21:36:41 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/07/13 21:36:41 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/07/13 21:36:41 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/07/13 21:36:41 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/07/13 21:36:41 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/07/13 21:36:41 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/07/13 21:36:41 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/07/13 21:36:41 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/13 21:36:41 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/07/13 21:36:41 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/13 21:36:41 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/13 21:36:41 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/13 21:36:41 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/07/13 21:36:40 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/07/13 21:36:40 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/07/13 21:36:40 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/13 21:36:40 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/07/13 21:36:40 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/07/13 21:36:40 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/07/13 21:36:40 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/07/13 21:36:40 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/07/13 21:36:40 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/07/13 21:36:40 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/07/13 21:36:40 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/07/13 21:36:39 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/13 21:36:39 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/13 21:36:39 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/13 21:36:39 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/07/13 21:36:39 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/13 21:36:39 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/07/13 21:36:39 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/07/13 21:36:39 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/07/13 21:36:39 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/07/13 21:36:39 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/07/13 21:36:39 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/07/13 21:36:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/07/13 21:36:39 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/07/13 21:36:39 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/07/13 21:34:01 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/13 21:34:01 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/13 21:34:01 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/13 21:34:01 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/13 21:34:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/13 21:34:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/13 21:34:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/13 21:34:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/13 21:34:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/13 21:34:00 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/07/13 21:34:00 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/07/13 21:34:00 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/07/13 21:34:00 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/07/13 21:34:00 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/07/13 21:34:00 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/07/13 21:34:00 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/07/13 21:34:00 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/07/13 21:34:00 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/07/13 21:34:00 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/07/13 21:34:00 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/07/13 21:34:00 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/07/13 21:34:00 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/13 21:34:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/13 21:34:00 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/13 21:34:00 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/13 21:34:00 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/13 21:33:59 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/07/13 21:33:59 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/07/13 21:33:59 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/07/13 21:33:59 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/07/13 21:33:59 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/07/13 21:33:59 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/07/13 21:33:59 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/07/13 21:33:59 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/07/13 21:33:59 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/07/13 21:33:59 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/07/09 20:55:01 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/09 20:47:15 | 000,001,062 | ---- | M] () -- C:\Users\Matt & Trish\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 3.lnk
[2013/07/09 20:47:15 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 3.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/08/05 22:34:33 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2013/08/05 21:37:41 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/08/05 21:37:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/08/05 21:37:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/08/05 21:37:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/08/05 21:37:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/08/05 13:18:31 | 000,001,406 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130729_111116 - Shortcut.lnk
[2013/08/04 13:14:47 | 001,174,037 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_195117.jpg
[2013/08/04 13:14:46 | 002,283,601 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_181441.jpg
[2013/08/04 13:14:46 | 001,599,130 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_152049.jpg
[2013/08/04 13:14:45 | 003,481,582 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_151923.jpg
[2013/08/04 13:14:44 | 002,791,683 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_125247.jpg
[2013/08/04 13:14:41 | 001,812,119 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_104848.jpg
[2013/08/04 13:14:41 | 001,614,035 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_120824.jpg
[2013/08/04 13:14:40 | 003,309,955 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_104841.jpg
[2013/08/04 13:14:40 | 002,391,772 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130731_103437.jpg
[2013/08/04 13:14:39 | 002,344,989 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130730_112631.jpg
[2013/08/04 13:14:38 | 002,463,372 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130730_101824 (Matt Matherly's conflicted copy 2013-08-03).jpg
[2013/08/04 13:14:37 | 001,600,302 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130729_175916.jpg
[2013/08/04 13:14:35 | 002,864,386 | ---- | C] () -- C:\Users\Matt & Trish\Desktop\20130729_111116.jpg
[2013/07/13 21:36:43 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/07/13 21:36:41 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/07/09 20:47:15 | 000,001,062 | ---- | C] () -- C:\Users\Matt & Trish\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 3.lnk
[2013/07/09 20:47:15 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\Glary Utilities 3.lnk
[2013/07/09 20:47:12 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 3.job
[2013/07/09 20:47:09 | 000,001,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 3.lnk
[2013/03/10 13:29:31 | 000,000,045 | ---- | C] () -- C:\Windows\WF-2530.ini
[2012/09/02 08:42:35 | 000,015,364 | -H-- | C] () -- C:\Users\Matt & Trish\AppData\Local\.DS_Store
[2012/08/21 21:08:48 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/08/21 21:08:48 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/03/03 16:36:35 | 000,000,629 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/11 21:03:10 | 000,225,775 | ---- | C] () -- C:\Windows\hpwins20.dat.temp
[2012/01/11 21:03:10 | 000,001,360 | ---- | C] () -- C:\Windows\hpwmdl20.dat.temp
[2011/08/03 19:10:08 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALD2D4.ALR
[2011/08/03 19:07:40 | 000,000,708 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8FF9.ALR
[2011/08/03 17:30:00 | 000,000,545 | -H-- | C] () -- C:\Users\Matt & Trish\CAL25B4.ALR
[2011/08/03 16:22:04 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALF3D6.ALR
[2011/08/03 16:17:45 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL63.ALR
[2011/08/03 16:16:34 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALEA71.ALR
[2011/08/03 16:13:08 | 000,000,827 | -H-- | C] () -- C:\Users\Matt & Trish\CALC583.ALR
[2011/08/03 16:13:06 | 000,000,827 | -H-- | C] () -- C:\Users\Matt & Trish\CALBC9B.ALR
[2011/08/03 16:13:03 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALB23E.ALR
[2011/08/03 14:47:39 | 000,000,709 | -H-- | C] () -- C:\Users\Matt & Trish\CAL81D9.ALR
[2011/08/03 13:59:35 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL81B8.ALR
[2011/08/03 13:53:47 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL3106.ALR
[2011/08/03 13:50:05 | 000,000,707 | -H-- | C] () -- C:\Users\Matt & Trish\CALCC48.ALR
[2011/08/03 13:39:20 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALF681.ALR
[2011/08/03 13:34:55 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALECDF.ALR
[2011/08/03 10:27:38 | 000,000,709 | -H-- | C] () -- C:\Users\Matt & Trish\CAL73F4.ALR
[2011/08/03 07:16:54 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALD5AD.ALR
[2011/08/03 07:16:01 | 000,000,950 | -H-- | C] () -- C:\Users\Matt & Trish\CAL582.ALR
[2011/08/03 07:07:44 | 000,000,950 | -H-- | C] () -- C:\Users\Matt & Trish\CAL7016.ALR
[2011/08/03 06:38:38 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALCC76.ALR
[2011/08/03 06:33:29 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL1650.ALR
[2011/08/03 06:30:57 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALC459.ALR
[2011/08/03 06:29:15 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL3736.ALR
[2011/08/03 06:17:47 | 000,000,825 | -H-- | C] () -- C:\Users\Matt & Trish\CALB47F.ALR
[2011/08/03 06:09:55 | 000,000,950 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8209.ALR
[2011/08/03 06:09:43 | 000,000,950 | -H-- | C] () -- C:\Users\Matt & Trish\CAL52ED.ALR
[2011/08/03 06:07:47 | 000,000,707 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8E26.ALR
[2011/08/02 23:21:56 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALFE7C.ALR
[2011/08/02 23:19:36 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALD9BC.ALR
[2011/08/02 23:07:34 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALD660.ALR
[2011/08/02 23:01:08 | 000,000,707 | -H-- | C] () -- C:\Users\Matt & Trish\CALF19C.ALR
[2011/08/02 22:47:54 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALD46A.ALR
[2011/08/02 21:30:36 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL1011.ALR
[2011/08/02 20:56:15 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL9D30.ALR
[2011/08/02 19:33:36 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALEFB0.ALR
[2011/08/02 18:41:07 | 000,000,708 | -H-- | C] () -- C:\Users\Matt & Trish\CALE458.ALR
[2011/08/02 17:39:40 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALA17D.ALR
[2011/08/02 17:11:47 | 000,000,602 | -H-- | C] () -- C:\Users\Matt & Trish\CAL191C.ALR
[2011/08/02 17:11:31 | 000,000,542 | -H-- | C] () -- C:\Users\Matt & Trish\CALDD4F.ALR
[2011/08/02 17:09:01 | 000,000,544 | -H-- | C] () -- C:\Users\Matt & Trish\CAL90F9.ALR
[2011/08/02 16:54:01 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALD7D2.ALR
[2011/08/02 16:52:52 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALCA98.ALR
[2011/08/02 16:01:23 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALA8F3.ALR
[2011/08/02 15:59:06 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8EAE.ALR
[2011/08/02 14:43:59 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALCB5D.ALR
[2011/08/02 14:40:41 | 000,000,706 | -H-- | C] () -- C:\Users\Matt & Trish\CALC591.ALR
[2011/08/02 14:40:38 | 000,000,819 | -H-- | C] () -- C:\Users\Matt & Trish\CALBAC7.ALR
[2011/08/02 14:21:06 | 000,000,708 | -H-- | C] () -- C:\Users\Matt & Trish\CALD68F.ALR
[2011/08/02 14:20:30 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL491E.ALR
[2011/08/02 14:17:12 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL4630.ALR
[2011/08/02 12:58:21 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL1465.ALR
[2011/08/02 12:56:06 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL612.ALR
[2011/08/02 12:55:02 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALC96.ALR
[2011/08/02 12:49:48 | 000,000,985 | -H-- | C] () -- C:\Users\Matt & Trish\CAL4061.ALR
[2011/08/02 12:49:44 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL32E8.ALR
[2011/08/02 10:01:05 | 000,000,707 | -H-- | C] () -- C:\Users\Matt & Trish\CALC8DC.ALR
[2011/08/02 08:25:06 | 000,000,950 | -H-- | C] () -- C:\Users\Matt & Trish\CALEB38.ALR
[2011/08/02 08:10:30 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8A71.ALR
[2011/08/02 08:10:02 | 000,000,950 | -H-- | C] () -- C:\Users\Matt & Trish\CAL200B.ALR
[2011/08/02 07:45:55 | 000,000,844 | -H-- | C] () -- C:\Users\Matt & Trish\CALAD4.ALR
[2011/08/02 07:35:23 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL6551.ALR
[2011/08/02 07:09:45 | 000,000,853 | -H-- | C] () -- C:\Users\Matt & Trish\CALEDA1.ALR
[2011/08/02 06:18:51 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL5595.ALR
[2011/08/02 05:52:17 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALBE.ALR
[2011/08/02 05:51:15 | 000,000,825 | -H-- | C] () -- C:\Users\Matt & Trish\CAL1057.ALR
[2011/08/02 05:43:10 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALAA15.ALR
[2011/08/02 05:41:25 | 000,000,708 | -H-- | C] () -- C:\Users\Matt & Trish\CAL1093.ALR
[2011/08/02 05:41:23 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL58A.ALR
[2011/08/01 22:00:55 | 000,000,862 | -H-- | C] () -- C:\Users\Matt & Trish\CAL769B.ALR
[2011/08/01 22:00:25 | 000,000,862 | -H-- | C] () -- C:\Users\Matt & Trish\CAL11D.ALR
[2011/08/01 21:58:22 | 000,000,863 | -H-- | C] () -- C:\Users\Matt & Trish\CAL20EB.ALR
[2011/08/01 21:56:06 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CALB37.ALR
[2011/08/01 21:50:07 | 000,000,951 | -H-- | C] () -- C:\Users\Matt & Trish\CAL931A.ALR
[2011/08/01 21:49:17 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALD047.ALR
[2011/08/01 21:46:28 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL3992.ALR
[2011/08/01 21:45:28 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL506B.ALR
[2011/08/01 21:44:51 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALBDDC.ALR
[2011/08/01 21:44:44 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALA230.ALR
[2011/08/01 21:06:22 | 000,000,708 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8388.ALR
[2011/08/01 20:29:30 | 000,000,863 | -H-- | C] () -- C:\Users\Matt & Trish\CALC21B.ALR
[2011/08/01 20:04:27 | 000,159,748 | -H-- | C] () -- C:\Users\Matt & Trish\.DS_Store
[2011/08/01 19:54:41 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CALE2A3.ALR
[2011/08/01 19:51:32 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CALFF46.ALR
[2011/08/01 19:50:21 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CALEBA6.ALR
[2011/08/01 19:48:40 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CAL6076.ALR
[2011/08/01 19:44:20 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CAL696A.ALR
[2011/08/01 19:43:24 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8F9F.ALR
[2011/08/01 19:42:39 | 000,000,875 | -H-- | C] () -- C:\Users\Matt & Trish\CALDCE1.ALR
[2011/08/01 19:42:39 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CALDD7E.ALR
[2011/08/01 19:42:38 | 000,000,875 | -H-- | C] () -- C:\Users\Matt & Trish\CALDB59.ALR
[2011/08/01 19:42:38 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CALDC83.ALR
[2011/08/01 19:42:38 | 000,000,826 | -H-- | C] () -- C:\Users\Matt & Trish\CALD9C3.ALR
[2011/08/01 19:40:57 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL51CE.ALR
[2011/08/01 19:40:05 | 000,000,862 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8616.ALR
[2011/08/01 19:39:35 | 000,000,863 | -H-- | C] () -- C:\Users\Matt & Trish\CAL10C7.ALR
[2011/08/01 19:39:34 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALD5C.ALR
[2011/08/01 19:38:22 | 000,000,826 | -H-- | C] () -- C:\Users\Matt & Trish\CALF365.ALR
[2011/08/01 19:38:20 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CALEA02.ALR
[2011/08/01 18:11:58 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CALD8DF.ALR
[2011/08/01 17:26:20 | 000,000,602 | -H-- | C] () -- C:\Users\Matt & Trish\CAL1193.ALR
[2011/08/01 17:25:56 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALB22B.ALR
[2011/08/01 17:25:00 | 000,000,545 | -H-- | C] () -- C:\Users\Matt & Trish\CALD9A1.ALR
[2011/08/01 16:46:21 | 000,000,709 | -H-- | C] () -- C:\Users\Matt & Trish\CAL7529.ALR
[2011/08/01 15:32:42 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL91C.ALR
[2011/08/01 15:30:27 | 000,000,863 | -H-- | C] () -- C:\Users\Matt & Trish\CALF9DF.ALR
[2011/08/01 15:29:57 | 000,000,863 | -H-- | C] () -- C:\Users\Matt & Trish\CAL84BF.ALR
[2011/08/01 14:29:21 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALAAE.ALR
[2011/08/01 13:30:30 | 000,000,863 | -H-- | C] () -- C:\Users\Matt & Trish\CAL2701.ALR
[2011/08/01 13:30:00 | 000,000,862 | -H-- | C] () -- C:\Users\Matt & Trish\CALB22E.ALR
[2011/08/01 13:24:22 | 000,000,879 | -H-- | C] () -- C:\Users\Matt & Trish\CAL887F.ALR
[2011/08/01 13:24:21 | 000,000,887 | -H-- | C] () -- C:\Users\Matt & Trish\CAL883F.ALR
[2011/08/01 13:24:21 | 000,000,887 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8752.ALR
[2011/08/01 13:24:21 | 000,000,887 | -H-- | C] () -- C:\Users\Matt & Trish\CAL86A5.ALR
[2011/08/01 13:24:21 | 000,000,879 | -H-- | C] () -- C:\Users\Matt & Trish\CAL8792.ALR
[2011/08/01 13:24:21 | 000,000,879 | -H-- | C] () -- C:\Users\Matt & Trish\CAL86F4.ALR
[2011/08/01 13:24:21 | 000,000,855 | -H-- | C] () -- C:\Users\Matt & Trish\CAL87D1.ALR
[2011/08/01 13:24:18 | 000,000,887 | -H-- | C] () -- C:\Users\Matt & Trish\CAL7969.ALR
[2011/08/01 13:24:18 | 000,000,879 | -H-- | C] () -- C:\Users\Matt & Trish\CAL79B8.ALR
[2011/08/01 13:24:18 | 000,000,855 | -H-- | C] () -- C:\Users\Matt & Trish\CAL78CC.ALR
[2011/08/01 12:55:14 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALDDC4.ALR
[2011/08/01 12:54:23 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL1805.ALR
[2011/08/01 12:43:43 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL51E8.ALR
[2011/08/01 12:42:20 | 000,000,709 | -H-- | C] () -- C:\Users\Matt & Trish\CALD78.ALR
[2011/08/01 12:31:20 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALFC57.ALR
[2011/08/01 12:29:58 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALBE0F.ALR
[2011/08/01 12:29:56 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALB641.ALR
[2011/08/01 12:29:55 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALAFAB.ALR
[2011/08/01 12:29:13 | 000,000,826 | -H-- | C] () -- C:\Users\Matt & Trish\CALC4A.ALR
[2011/08/01 12:28:57 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CALCCBA.ALR
[2011/08/01 12:28:27 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CAL59DB.ALR
[2011/08/01 12:28:26 | 000,000,826 | -H-- | C] () -- C:\Users\Matt & Trish\CAL53A3.ALR
[2011/08/01 12:28:25 | 000,000,846 | -H-- | C] () -- C:\Users\Matt & Trish\CAL519F.ALR
[2011/08/01 12:28:07 | 000,000,956 | -H-- | C] () -- C:\Users\Matt & Trish\CAL9A4.ALR
[2011/08/01 12:27:08 | 000,000,862 | -H-- | C] () -- C:\Users\Matt & Trish\CAL25F9.ALR
[2011/08/01 12:26:41 | 000,000,709 | -H-- | C] () -- C:\Users\Matt & Trish\CALBC00.ALR
[2011/08/01 12:26:39 | 000,000,863 | -H-- | C] () -- C:\Users\Matt & Trish\CALB183.ALR
[2011/08/01 12:26:39 | 000,000,828 | -H-- | C] () -- C:\Users\Matt & Trish\CALB1F1.ALR
[2011/08/01 11:33:59 | 000,000,542 | -H-- | C] () -- C:\Users\Matt & Trish\CAL3621.ALR
[2011/08/01 11:33:31 | 000,000,649 | -H-- | C] () -- C:\Users\Matt & Trish\CALC7B0.ALR
[2011/08/01 11:33:31 | 000,000,636 | -H-- | C] () -- C:\Users\Matt & Trish\CALC771.ALR
[2011/08/01 11:33:31 | 000,000,585 | -H-- | C] () -- C:\Users\Matt & Trish\CALC751.ALR
[2011/08/01 11:32:13 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CAL98B9.ALR
[2011/08/01 11:31:39 | 000,000,845 | -H-- | C] () -- C:\Users\Matt & Trish\CAL13C0.ALR
[2011/08/01 11:19:31 | 000,000,952 | -H-- | C] () -- C:\Users\Matt & Trish\CALF97B.ALR
[2011/08/01 11:19:15 | 000,000,706 | -H-- | C] () -- C:\Users\Matt & Trish\CALB846.ALR
[2011/08/01 10:23:24 | 000,000,828 | -H-- | C] () -- C:\Users\Matt & Trish\CAL97F8.ALR
[2011/08/01 10:22:51 | 000,000,709 | -H-- | C] () -- C:\Users\Matt & Trish\CAL1669.ALR
[2011/08/01 09:02:18 | 000,000,861 | -H-- | C] () -- C:\Users\Matt & Trish\CAL5847.ALR
[2011/08/01 09:01:48 | 000,000,861 | -H-- | C] () -- C:\Users\Matt & Trish\CALE307.ALR
[2011/08/01 08:31:07 | 000,000,950 | -H-- | C] () -- C:\Users\Matt & Trish\CALCCB8.ALR
[2011/08/01 08:04:07 | 000,000,949 | -H-- | C] () -- C:\Users\Matt & Trish\CAL121F.ALR
[2011/08/01 07:41:46 | 000,000,844 | -H-- | C] () -- C:\Users\Matt & Trish\CAL9E82.ALR
[2011/08/01 07:39:18 | 000,000,844 | -H-- | C] () -- C:\Users\Matt & Trish\CAL58C8.ALR
[2011/08/01 07:10:14 | 000,000,886 | -H-- | C] () -- C:\Users\Matt & Trish\CALBD41.ALR
[2011/08/01 07:10:14 | 000,000,886 | -H-- | C] () -- C:\Users\Matt & Trish\CALBC82.ALR
[2011/08/01 07:10:14 | 000,000,886 | -H-- | C] () -- C:\Users\Matt & Trish\CALBC13.ALR
[2011/08/01 07:10:14 | 000,000,878 | -H-- | C] () -- C:\Users\Matt & Trish\CALBD70.ALR
[2011/08/01 07:10:14 | 000,000,878 | -H-- | C] () -- C:\Users\Matt & Trish\CALBC53.ALR
[2011/08/01 07:10:14 | 000,000,854 | -H-- | C] () -- C:\Users\Matt & Trish\CALBD01.ALR
[2011/08/01 07:10:12 | 000,000,886 | -H-- | C] () -- C:\Users\Matt & Trish\CALB7AE.ALR
[2011/08/01 07:10:12 | 000,000,878 | -H-- | C] () -- C:\Users\Matt & Trish\CALB7ED.ALR
[2011/08/01 07:10:12 | 000,000,854
 

kuttus

Level 2
Verified
When you try to access the Internet what exactly you are getting ?

STEP 1: Run the Complete Internet Repair utility.
<ol><li>Download <a title="External link" href="http://www.datum-forensics.com/down/comintrep.exe" rel="nofollow external" rel="nofollow">Complete Internet Repair utility</a>to your desktop</li>
<li>Unzip all the files to their own folder on the desktop</li>
<li>Within the folder double click <>CIntRep</></li>
<li>Select the following items,then press the GO button.
<ul><li>Reset Interent Protocol (TCP/IP)</li>
<li>Repair Winsock (Reset Catalog)</li>
<li>Renew Internet Connection</li>
<li>Flush DNS Resolver Cache</li>
<li>Reset Windows Firewall Configuration</li>
<li>Reset the default hosts fie</li></ul>
</li>
</ol>
<hr />
 
Last edited by a moderator:

matherly

New Member
kuttus said:
When you try to access the Internet what exactly you are getting ?

STEP 1: Run the Complete Internet Repair utility.
<ol><li>Download <a title="External link" href="http://www.datum-forensics.com/down/comintrep.exe" rel="nofollow external" rel="nofollow">Complete Internet Repair utility</a>to your desktop</li>
<li>Unzip all the files to their own folder on the desktop</li>
<li>Within the folder double click <>CIntRep</></li>
<li>Select the following items,then press the GO button.
<ul><li>Reset Interent Protocol (TCP/IP)</li>
<li>Repair Winsock (Reset Catalog)</li>
<li>Renew Internet Connection</li>
<li>Flush DNS Resolver Cache</li>
<li>Reset Windows Firewall Configuration</li>
<li>Reset the default hosts fie</li></ul>
</li>
</ol>
<hr />


There is just an exclamation point over the network connection icon in the lower left corner of the screen. When I hover the cursor over the icon, it says "no internet access".
I'll try your suggestion above...
 
Last edited by a moderator:

matherly

New Member
I ran the program you suggested, but still have the exclamation point and it now says "no network access" instead of "no internet access" like it did before.
 

matherly

New Member
kuttus said:
Are you able to connect to the Internet in Normal mode now?
No, still cannot. Was i supposed to do something in Safe Mode? I've always had it in Normal Mode.
 

matherly

New Member
I'm not sure if this helps, but I have McAfee Enterprise running on my computer and disabled all scanners when I ran Combofix, but I think the On-Access scanner enabled itself when the computer was rebooted while Combofix was still running.
 

kuttus

Level 2
Verified
Is there any way you can access to the Internet in this infected computer?

Like Safe mode with Command Prompt or something?

Try another browser also,
 

matherly

New Member
No, nothing was working. You can close out this thread now, because I just got back with a new computer. Too many issues.
Thanks for your efforts.
 

kuttus

Level 2
Verified
Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.

For XP
How to create a Restore Point in XP
Delete all restore points except the most recent one

For Vista
Create a restore point
Delete all but the most recent restore point

For Windows 7
Create a restore point
Delete all but the most recent restore point - Click the Delete all but the most recent restore point link

[hr]

Keep your system updated
  • Keeping your programs (especially Adobe and Java products) updated is essential. Update Checker will notify you if any of your programs require an update.
  • Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities.
  • Please ensure you update your system regularly and have automatic updates on. You can learn how to turn Automatic Updates on here
[hr]
I also recommend you to switch your antivirus program to a better one. Here are some suggestions:

In addition to your antivirus, you need additional protection such as a firewall and behavioural blocker.


Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.
[hr]
Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.

Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.
  • KeyScramber - Encrypts your keystrokes to protect you against keyloggers that steals personal & banking information
  • AdBlock - Disable/blocks advertisements on websites so you won't accidentally click on a malicious ad.
  • NoScript - Disables Flash & Java contents to avoid exploits or drive-by attacks
  • Web of Trust - Shows the website rating by other users and blocks dangerous and poor-rated sites

Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.
[hr]
Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.

Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask :)

<hr />
What's next?
  1. Bulild up your malware defenses by starting a new thread in Security Configuration Wizard forum.
  2. Learn how to avoid malware by reading this article <a href="http://malwaretips.com/blogs/how-to-easily-avoid-pc-infections/">How to easily avoid malware</a>
  3. Be an active member in the MalwareTips community! :)



My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.