I think my system has a virus?!

Posted 6/20/2013 12:10 AM
#95822
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
[color="green">I]</div>[/color][/i] <br/>[color="#008000">[/i] <br/><i> <br/>I <font color="red">would strongly recommend that it be removed entirely, and you can always download it again if you wish. <br/> <br/>I can recommend Kingsoft Antivirus Free <br/> http://kingsoft-antivirus.en.softonic.com/ <br/> <br/> <br/>NB. Do not have 2 antivirus running at <span class="hps">at the same time as they will slow down your computer and conflict with each other.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 6/25/2013 2:24 PM
#95844
User avatar

KMB1999 Advanced member

Date Joined Nov 2016
Total Posts: 95
Okay I will remove it andd try the other softeare that you have suggested. One last question and I do not even know if this is the place to ask it. I have recently learned through friends that they are receiveing emails that are from me (my name is on them) but they are sent from someone else's email address (I do not even recognize the addresses). Before I realized that it was not my email they were being sent from, I changed my email passwords. Since the emails are not coming from my addresses and only have my name attached to them, this did not help. Do you know if there is anything that I can do other than to alert friends not to open any links that appear to come from me? Thanks for your help, as always!! I so appreciate it!!
Posted 6/27/2013 11:17 AM
#95853
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
It is no great comfort, but after you have changed the email password, the mail eventually stop.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/6/2013 4:05 AM
#95861
User avatar

KMB1999 Advanced member

Date Joined Nov 2016
Total Posts: 95
Hi. This is getting quite pathetic, I know. My system was running fine for about a week. All of the people in my family that have user names/accounts can log onto their user accounts and get online. I, on the other hand have the administrator account and I cannot get online. I can sign into my user account just fine and can even get online to Google. Once there, my browser stops working-I can type sites in there but I cannot get to them. I either get a question mark or the page just stays on Google. I am not sure what to do. How can I even run a scan to see what is going on if I cannot get online when I sign in? No one else seems to be having this issue. Any help would be greatly appreciated. Thanks in advance!
Posted 7/6/2013 8:14 AM
#95862
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Let´see what´s going on</div> <br/> <br/>Download to another computer, save it on a external drive <br/> <br/>Get Farbar Recovery Scan: <br/> <br/>For 32-bit Windows, download: <br/> http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ <br/>and save it to your desktop <br/> <br/>For 64-bit Windows, download: <br/>http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ <br/>and save it to your desktop. <br/> <br/> <br/>Run a scan with Farbar Recovery Scan. <br/> <br/>When the scan is complete, you have two (2) log files on the desktop - FRST.txt and Addition.txt as you please copy here. <br/> <br/> <br/>Since they are relatively long, you should probably send them in several posts.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/6/2013 2:27 PM
#95863
User avatar

KMB1999 Advanced member

Date Joined Nov 2016
Total Posts: 95
Hi. Thanks. Here are the logs... <br/> <br/>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013 <br/>Ran by Prism2 (administrator) on 06-07-2013 10:19:59 <br/>Running from C:\Users\Prism2\Desktop <br/>Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) <br/>Internet Explorer Version 10 <br/>Boot Mode: Normal <br/> <br/>==================== Processes (Whitelisted) ================= <br/> <br/>(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe <br/>(Microsoft Corporation) C:\Windows\system32\WLANExt.exe <br/>(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe <br/>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe <br/>(Storage Appliance Corp.) C:\ProgramData\OfficeGuardianV2\UACProxy.exe <br/>(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe <br/>(McAfee, Inc.) C:\Windows\system32\mfevtps.exe <br/>(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE <br/>(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe <br/>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE <br/>(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe <br/>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe <br/>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe <br/>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe <br/>(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe <br/>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe <br/>(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE <br/>(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe <br/>(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe <br/>(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe <br/>(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE <br/>(McAfee, Inc.) c:\PROGRA~1\mcafee.com\agent\mcagent.exe <br/>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe <br/>(Intel Corporation) C:\Windows\System32\igfxtray.exe <br/>(Intel Corporation) C:\Windows\System32\hkcmd.exe <br/>(Intel Corporation) C:\Windows\System32\igfxpers.exe <br/>() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe <br/>() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe <br/>(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe <br/>(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe <br/>(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe <br/>(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE <br/>(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe <br/>() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe <br/>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe <br/>(McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe <br/>(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Core\mchost.exe <br/> <br/>==================== Registry (Whitelisted) ================== <br/> <br/>HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6463080 2012-01-16] (Realtek Semiconductor) <br/>HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [483424 2012-02-01] () <br/>HKLM\...\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet [2022976 2011-06-27] () <br/>HKCU\...\Policies\system: [LogonHoursAction] 2 <br/>HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 <br/>HKCU\...\Policies\system: [DisableRegistryTools] 0 <br/>HKCU\...\Policies\system: [DisableTaskMgr] 0 <br/>HKLM-x32\...\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [133400 2011-12-16] (Intel Corporation) <br/>HKLM-x32\...\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-02-27] (Intel Corporation) <br/>HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [284440 2012-02-01] (Intel Corporation) <br/>HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1535112 2012-09-12] (McAfee, Inc.) <br/>HKLM-x32\...\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [66872 2012-03-10] () <br/>HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [968048 2012-02-01] () <br/>HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard) <br/>HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated) <br/>HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.) <br/>HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation) <br/>HKU\Alannah\...\Policies\system: [LogonHoursAction] 2 <br/>HKU\Alannah\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 <br/>HKU\Grayson\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation) <br/>HKU\Grayson\...\Policies\system: [LogonHoursAction] 2 <br/>HKU\Grayson\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 <br/>HKU\Kids\...\Policies\system: [LogonHoursAction] 2 <br/>HKU\Kids\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 <br/>HKU\Krista\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2012-09-30] (Google Inc.) <br/>HKU\Krista\...\Policies\system: [LogonHoursAction] 2 <br/>HKU\Krista\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 <br/> <br/>==================== Internet (Whitelisted) ==================== <br/> <br/>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com <br/>HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch <br/>SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = <br/>SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = <br/>BHO: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll No File <br/>BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120908174900.dll (McAfee, Inc.) <br/>BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) <br/>BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) <br/>BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) <br/>BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) <br/>BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120908174900.dll (McAfee, Inc.) <br/>BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) <br/>BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) <br/>BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) <br/>BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) <br/>Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) <br/>Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) <br/>DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab <br/>Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File <br/>Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.) <br/>Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) <br/>Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.) <br/>Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) <br/>Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 <br/> <br/>Chrome: <br/>======= <br/> <br/>==================== Services (Whitelisted) ================= <br/> <br/>R2 CFUACProxy_officeguardianv2; C:\ProgramData\OfficeGuardianV2\UACProxy.exe [83824 2012-06-28] (Storage Appliance Corp.) <br/>S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [224704 2011-03-08] (McAfee, Inc.) <br/>S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-03] (McAfee, Inc.) <br/>R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) <br/>R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) <br/>R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) <br/>R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) <br/>S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-09-10] (McAfee, Inc.) <br/>S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) <br/>R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) <br/>R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-07-17] (McAfee, Inc.) <br/>R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-07-17] (McAfee, Inc.) <br/>R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-07-17] (McAfee, Inc.) <br/>R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) <br/>R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [180824 2013-06-17] (Sandboxie Holdings, LLC) <br/>R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros) <br/> <br/>==================== Drivers (Whitelisted) ==================== <br/> <br/>R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-07-17] (McAfee, Inc.) <br/>S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.) <br/>R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-07-17] (McAfee, Inc.) <br/>R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-07-17] (McAfee, Inc.) <br/>R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-07-17] (McAfee, Inc.) <br/>R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-07-17] (McAfee, Inc.) <br/>S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-07-17] (McAfee, Inc.) <br/>R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-07-17] (McAfee, Inc.) <br/>R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [198360 2013-06-17] (Sandboxie Holdings, LLC) <br/>S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) <br/>S3 catchme; \??\C:\ComboFix\catchme.sys [x] <br/>S2 MCSTRM; No ImagePath <br/>U3 mfeavfk01; No ImagePath <br/> <br/>==================== NetSvcs (Whitelisted) =================== <br/> <br/> <br/>==================== One Month Created Files and Folders ======== <br/> <br/>2013-07-06 10:19 - 2013-07-06 10:19 - 00000000 ____D C:\FRST <br/>2013-07-06 10:19 - 2013-07-06 10:17 - 01934636 ____A (Farbar) C:\Users\Prism2\Desktop\FRST64.exe <br/>2013-07-04 14:31 - 2013-07-04 14:40 - 00000000 ____D C:\Users\Prism2\Desktop\New folder (4) <br/>2013-07-03 03:01 - 2013-05-16 21:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll <br/>2013-07-03 03:01 - 2013-05-16 21:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll <br/>2013-07-03 03:01 - 2013-05-16 21:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll <br/>2013-07-03 03:01 - 2013-05-16 21:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll <br/>2013-07-03 03:01 - 2013-05-16 21:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll <br/>2013-07-03 03:01 - 2013-05-16 21:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll <br/>2013-07-03 03:01 - 2013-05-16 21:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll <br/>2013-07-03 03:01 - 2013-05-16 21:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll <br/>2013-07-03 03:01 - 2013-05-16 20:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll <br/>2013-07-03 03:01 - 2013-05-16 20:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe <br/>2013-07-03 03:01 - 2013-05-16 20:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll <br/>2013-07-03 03:01 - 2013-05-16 20:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll <br/>2013-07-03 03:01 - 2013-05-16 20:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll <br/>2013-07-03 03:01 - 2013-05-16 20:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll <br/>2013-07-03 03:01 - 2013-05-16 20:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll <br/>2013-07-03 03:01 - 2013-05-16 20:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll <br/>2013-07-03 03:01 - 2013-05-16 20:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll <br/>2013-07-03 03:01 - 2013-05-14 08:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe <br/>2013-07-03 03:01 - 2013-05-14 04:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe <br/>2013-07-03 03:00 - 2013-06-08 10:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll <br/>2013-07-03 03:00 - 2013-06-08 10:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll <br/>2013-07-03 03:00 - 2013-06-08 10:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll <br/>2013-07-03 03:00 - 2013-06-08 10:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll <br/>2013-07-03 03:00 - 2013-06-08 10:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll <br/>2013-07-03 03:00 - 2013-06-08 08:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb <br/>2013-07-03 03:00 - 2013-06-08 07:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll <br/>2013-07-03 03:00 - 2013-06-08 07:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll <br/>2013-07-03 03:00 - 2013-06-08 07:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll <br/>2013-07-03 03:00 - 2013-06-08 07:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll <br/>2013-07-03 03:00 - 2013-06-08 07:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll <br/>2013-07-03 03:00 - 2013-06-08 07:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb <br/>2013-07-02 13:32 - 2013-07-02 13:32 - 00388608 ____A (Trend Micro Inc.) C:\Users\Todd\Desktop\HijackThis.exe <br/>2013-07-02 13:25 - 2013-07-02 13:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Todd\Desktop\JRT.exe <br/>2013-07-02 13:19 - 2013-07-02 13:20 - 00001159 ____A C:\AdwCleaner[S6].txt <br/>2013-07-02 13:19 - 2013-07-02 13:19 - 00648201 ____A C:\Users\Todd\Desktop\adwcleaner.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe <br/>2013-07-02 03:00 - 2013-07-02 03:23 - 00007305 ____A C:\Windows\IE10_main.log <br/>2013-07-01 10:52 - 2013-07-01 10:52 - 00000000 ____D C:\Users\Alannah\AppData\Local\Apple <br/>2013-06-29 17:03 - 2013-06-29 17:11 - 00000000 ____D C:\Users\Prism2\Desktop\camping <br/>2013-06-27 18:41 - 2013-07-04 18:52 - 00000004 ____A C:\Users\Todd\AppData\Roaming\159676 <br/>2013-06-26 12:49 - 2013-06-26 12:49 - 00001099 ____A C:\AdwCleaner[S5].txt <br/>2013-06-26 12:48 - 2013-06-26 12:48 - 00648201 ____A C:\Users\Prism2\Desktop\adwcleaner.exe <br/>2013-06-26 12:37 - 2013-06-26 12:37 - 00111124 ____A C:\Users\Prism2\Desktop\OTL.Txt <br/>2013-06-26 12:31 - 2013-06-26 12:31 - 00602112 ____A (OldTimer Tools) C:\Users\Prism2\Desktop\OTL.exe <br/>2013-06-25 10:19 - 2013-06-25 10:19 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe <br/>2013-06-25 10:19 - 2013-06-25 10:19 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe <br/>2013-06-25 10:19 - 2013-06-25 10:19 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe <br/>2013-06-25 10:19 - 2013-06-25 10:19 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll <br/>2013-06-24 17:24 - 2013-06-24 17:25 - 00000000 ____D C:\Users\Grayson\AppData\Local\{559EF506-EDC1-46DF-917D-824CDC6D633D} <br/>2013-06-24 17:24 - 2013-06-24 17:24 - 00000000 ____D C:\Users\Grayson\AppData\Local\{E51C3296-EFD5-4578-B924-2C7F5EDC10EF} <br/>2013-06-22 13:13 - 2012-12-21 12:28 - 00001230 ____A C:\Users\Grayson\Desktop\Calculator - Copy.lnk <br/>2013-06-22 12:09 - 2013-06-22 12:09 - 00000004 ____A C:\Users\Alannah\AppData\Roaming\159676 <br/>2013-06-22 08:45 - 2013-06-22 08:49 - 00000000 ____D C:\Users\Prism2\Desktop\New folder (3) <br/>2013-06-19 12:33 - 2013-06-19 12:33 - 00388608 ____A (Trend Micro Inc.) C:\Users\Prism2\Desktop\HijackThis.exe <br/>2013-06-19 12:30 - 2013-06-19 12:30 - 00000634 ____A C:\Users\Prism2\Documents\JRTa.txt <br/>2013-06-19 12:26 - 2013-06-19 12:26 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Prism2\Desktop\JRT.exe <br/>2013-06-19 12:24 - 2013-06-19 12:24 - 00001038 ____A C:\Users\Prism2\Documents\AdwCleaner[S4]a.txt <br/>2013-06-19 12:16 - 2013-06-19 12:17 - 00001038 ____A C:\AdwCleaner[S4].txt <br/>2013-06-17 12:05 - 2013-06-17 12:43 - 00000000 ____D C:\Users\Prism2\Desktop\2008-01-01 <br/>2013-06-17 12:04 - 2013-06-17 12:36 - 00000000 ____D C:\Users\Prism2\Desktop\Picture <br/>2013-06-17 12:01 - 2013-06-17 12:40 - 00000000 ____D C:\Users\Prism2\Desktop\kids <br/>2013-06-17 11:58 - 2013-06-17 12:39 - 00000000 ____D C:\Users\Prism2\Desktop\2010-04-22 <br/>2013-06-17 11:18 - 2013-06-17 11:18 - 00128000 ____A C:\Users\Prism2\Desktop\AUTISMSIGN.PSproj <br/>2013-06-17 09:10 - 2013-06-17 09:10 - 00000000 ____D C:\Users\Todd\AppData\Local\Apple <br/>2013-06-16 20:23 - 2013-06-16 20:23 - 09718726 ____A C:\Users\Prism2\Desktop\LAWLzip-older_version.zip <br/>2013-06-16 19:50 - 2013-06-16 19:52 - 00000000 ____D C:\Users\Prism2\Desktop\FATHER'S DAY <br/>2013-06-16 10:39 - 2013-06-16 10:39 - 00379387 ____A C:\Users\Kids\Documents\fsathers.xps <br/>2013-06-16 10:38 - 2013-06-16 10:38 - 00379387 ____A C:\Users\Kids\Documents\card.xps <br/>2013-06-14 22:31 - 2013-06-14 22:58 - 00000000 ____D C:\Users\Prism2\Desktop\Last Day Of School <br/>2013-06-12 22:53 - 2013-06-12 22:53 - 00000000 ____D C:\Users\Prism2\Desktop\backups <br/>2013-06-12 16:47 - 2013-06-28 11:29 - 00000004 ____A C:\Users\Kids\AppData\Roaming\159676 <br/>2013-06-12 15:22 - 2013-06-29 15:11 - 00000004 ____A C:\Users\Prism2\AppData\Roaming\159676 <br/>2013-06-12 08:20 - 2013-05-13 01:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll <br/>2013-06-12 08:20 - 2013-05-13 01:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll <br/>2013-06-12 08:20 - 2013-05-13 01:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll <br/>2013-06-12 08:20 - 2013-05-13 01:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll <br/>2013-06-12 08:20 - 2013-05-13 00:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll <br/>2013-06-12 08:20 - 2013-05-13 00:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll <br/>2013-06-12 08:20 - 2013-05-13 00:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll <br/>2013-06-12 08:20 - 2013-05-12 23:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe <br/>2013-06-12 08:20 - 2013-05-12 23:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe <br/>2013-06-12 08:20 - 2013-05-12 23:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll <br/>2013-06-12 08:20 - 2013-05-10 01:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll <br/>2013-06-12 08:20 - 2013-05-09 23:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll <br/>2013-06-12 08:20 - 2013-05-08 02:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys <br/>2013-06-12 08:20 - 2013-04-26 01:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll <br/>2013-06-12 08:20 - 2013-04-26 00:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll <br/>2013-06-12 08:20 - 2013-04-17 03:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll <br/>2013-06-12 08:20 - 2013-04-17 02:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll <br/>2013-06-12 08:19 - 2013-04-25 19:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll <br/>2013-06-12 08:19 - 2013-03-31 18:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll <br/>2013-06-12 08:10 - 2013-06-12 08:12 - 00000000 ____D C:\Users\Prism2\Desktop\june2 <br/>2013-06-11 10:56 - 2013-06-12 22:51 - 00015351 ____A C:\Users\Prism2\Desktop\hijackthis.log <br/>2013-06-10 18:31 - 2013-06-10 18:31 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk <br/>2013-06-10 18:31 - 2013-06-10 18:31 - 00000000 ____D C:\Program Files (x86)\QuickTime <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files\iTunes <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files\iPod <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files (x86)\iTunes <br/>2013-06-09 10:01 - 2013-06-09 10:01 - 00000000 ____D C:\Users\Todd\AppData\Local\SkyHawke <br/>2013-06-09 10:00 - 2013-06-09 10:00 - 00000000 ____D C:\Users\Prism2\AppData\Local\SkyHawke <br/>2013-06-09 09:59 - 2013-06-09 10:26 - 00000000 ____D C:\Program Files (x86)\SkyGolf <br/>2013-06-09 09:59 - 2013-06-09 09:59 - 00000000 ____D C:\Program Files (x86)\Silabs <br/>2013-06-08 13:18 - 2013-07-03 13:06 - 00000000 ____D C:\Users\Todd\Desktop\virus scans <br/>2013-06-08 13:10 - 2013-06-08 13:10 - 00000000 __SHD C:\Users\Prism2\Desktop\%APPDATA% <br/>2013-06-08 12:52 - 2013-06-08 12:53 - 00001083 ____A C:\AdwCleaner[S3].txt <br/>2013-06-08 12:39 - 2013-06-08 12:42 - 00007107 ____A C:\AdwCleaner[S2].txt <br/>2013-06-08 12:38 - 2013-06-08 12:38 - 00006933 ____A C:\Users\Prism2\Desktop\AdwCleaner[R1].txt <br/>2013-06-08 12:38 - 2013-06-08 12:38 - 00000319 ____A C:\AdwCleaner[S1].txt <br/>2013-06-08 12:36 - 2013-06-08 12:36 - 00006933 ____A C:\AdwCleaner[R1].txt <br/>2013-06-08 12:32 - 2013-06-08 12:35 - 00640135 ____A C:\Users\Todd\Downloads\adwcleaner.exe <br/>2013-06-07 19:04 - 2013-06-07 19:04 - 00000000 ____D C:\Users\Krista\AppData\Roaming\Apple Computer <br/>2013-06-07 18:52 - 2013-06-07 18:52 - 00023905 ____A C:\ComboFix.txt <br/>2013-06-07 18:19 - 2011-06-26 02:45 - 00256000 ____A C:\Windows\PEV.exe <br/>2013-06-07 18:19 - 2010-11-07 13:20 - 00208896 ____A C:\Windows\MBR.exe <br/>2013-06-07 18:19 - 2009-04-20 00:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe <br/>2013-06-07 18:19 - 2000-08-30 20:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe <br/>2013-06-07 18:19 - 2000-08-30 20:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe <br/>2013-06-07 18:19 - 2000-08-30 20:00 - 00098816 ____A C:\Windows\sed.exe <br/>2013-06-07 18:19 - 2000-08-30 20:00 - 00080412 ____A C:\Windows\grep.exe <br/>2013-06-07 18:19 - 2000-08-30 20:00 - 00068096 ____A C:\Windows\zip.exe <br/>2013-06-07 18:15 - 2013-06-07 18:53 - 00000000 ____D C:\Qoobox <br/>2013-06-07 18:15 - 2013-06-07 18:48 - 00000000 ____D C:\Windows\erdnt <br/>2013-06-07 18:14 - 2013-06-07 18:14 - 05078746 ____R (Swearware) C:\Users\Todd\Desktop\ComboFix.exe <br/>2013-06-06 18:49 - 2013-06-07 19:06 - 00000000 ____D C:\Program Files (x86)\MyPC Backup <br/>2013-06-06 18:49 - 2013-06-06 18:49 - 00959772 ____A ( ) C:\Users\Prism2\Downloads\pivot_setup.exe <br/>2013-06-06 18:49 - 2013-06-06 18:49 - 00000000 ____D C:\ProgramData\Real <br/>2013-06-06 18:48 - 2013-07-06 09:39 - 00000264 ____A C:\Windows\Tasks\TopArcadeHits.job <br/>2013-06-06 18:48 - 2013-06-12 22:53 - 00000000 ____D C:\Users\Kids\AppData\Local\TopArcadeHits <br/>2013-06-06 18:48 - 2013-06-06 18:48 - 00000000 ____D C:\Users\Kids\AppData\Roaming\Mozilla <br/>2013-06-06 18:47 - 2013-06-06 18:47 - 00000000 ____D C:\Windows\SysWOW64\jmdp <br/>2013-06-06 18:47 - 2013-06-06 18:47 - 00000000 ____D C:\Windows\SysWOW64\ARFC <br/>2013-06-06 18:47 - 2013-05-27 04:58 - 01447728 ____A C:\Windows\System32\dmwu.exe <br/>2013-06-06 18:47 - 2013-05-27 04:57 - 00033792 ____A (IncrediMail, Ltd.) C:\Windows\System32\ImHttpComm.dll <br/> <br/>==================== One Month Modified Files and Folders ======= <br/> <br/>2013-07-06 10:19 - 2013-07-06 10:19 - 00000000 ____D C:\FRST <br/>2013-07-06 10:19 - 2009-07-14 01:13 - 00779724 ____A C:\Windows\System32\PerfStringBackup.INI <br/>2013-07-06 10:17 - 2013-07-06 10:19 - 01934636 ____A (Farbar) C:\Users\Prism2\Desktop\FRST64.exe <br/>2013-07-06 10:15 - 2012-09-30 17:36 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job <br/>2013-07-06 10:15 - 2012-08-28 12:52 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks <br/>2013-07-06 10:15 - 2012-08-28 12:52 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks <br/>2013-07-06 10:15 - 2012-08-28 12:33 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup <br/>2013-07-06 10:12 - 2012-08-28 12:15 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job <br/>2013-07-06 09:53 - 2012-12-29 22:33 - 00001518 ____A C:\Windows\Sandboxie.ini <br/>2013-07-06 09:53 - 2012-09-22 12:39 - 00000000 ____D C:\Users\Todd\AppData\Roaming\SoftGrid Client <br/>2013-07-06 09:48 - 2012-09-30 17:36 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job <br/>2013-07-06 09:40 - 2012-08-28 12:14 - 01188574 ____A C:\Windows\WindowsUpdate.log <br/>2013-07-06 09:39 - 2013-06-06 18:48 - 00000264 ____A C:\Windows\Tasks\TopArcadeHits.job <br/>2013-07-05 19:25 - 2012-09-22 12:44 - 00000000 ____D C:\Users\Todd\Desktop\Prism Estimates <br/>2013-07-05 19:25 - 2012-09-09 11:53 - 00058808 ____A C:\Users\Todd\AppData\Local\GDIPFONTCACHEV1.DAT <br/>2013-07-05 12:32 - 2012-09-09 11:51 - 00000000 ____D C:\Users\Todd\AppData\Local\VirtualStore <br/>2013-07-04 18:52 - 2013-06-27 18:41 - 00000004 ____A C:\Users\Todd\AppData\Roaming\159676 <br/>2013-07-04 18:52 - 2012-10-07 11:42 - 00870128 ____A C:\Users\Todd\AppData\Roaming\mcs.rma <br/>2013-07-04 14:40 - 2013-07-04 14:31 - 00000000 ____D C:\Users\Prism2\Desktop\New folder (4) <br/>2013-07-04 11:08 - 2009-07-14 00:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 <br/>2013-07-04 11:08 - 2009-07-14 00:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 <br/>2013-07-04 11:00 - 2009-07-14 01:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT <br/>2013-07-04 11:00 - 2009-07-14 00:51 - 00041993 ____A C:\Windows\setupact.log <br/>2013-07-03 13:06 - 2013-06-08 13:18 - 00000000 ____D C:\Users\Todd\Desktop\virus scans <br/>2013-07-02 13:55 - 2012-09-30 16:08 - 00000000 ____D C:\Users\Prism2\AppData\Roaming\SoftGrid Client <br/>2013-07-02 13:54 - 2013-01-29 10:57 - 00000000 ____D C:\Users\Prism2\Desktop\miscppwk <br/>2013-07-02 13:32 - 2013-07-02 13:32 - 00388608 ____A (Trend Micro Inc.) C:\Users\Todd\Desktop\HijackThis.exe <br/>2013-07-02 13:25 - 2013-07-02 13:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Todd\Desktop\JRT.exe <br/>2013-07-02 13:25 - 2013-04-23 11:01 - 00000000 ____D C:\JRT <br/>2013-07-02 13:20 - 2013-07-02 13:19 - 00001159 ____A C:\AdwCleaner[S6].txt <br/>2013-07-02 13:19 - 2013-07-02 13:19 - 00648201 ____A C:\Users\Todd\Desktop\adwcleaner.exe <br/>2013-07-02 06:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache <br/>2013-07-02 03:38 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions <br/>2013-07-02 03:23 - 2013-07-02 03:00 - 00007305 ____A C:\Windows\IE10_main.log <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe <br/>2013-07-02 03:21 - 2013-07-02 03:21 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe <br/>2013-07-01 20:48 - 2012-10-20 09:48 - 00000000 ____D C:\Users\Prism2\Desktop\kidsppwk <br/>2013-07-01 19:17 - 2013-03-25 12:07 - 00000516 ____A C:\Users\Grayson\Desktop\The Wiggles PBS KIDS Sprout.website <br/>2013-07-01 13:41 - 2013-02-24 10:01 - 00000497 ____A C:\Users\Alannah\Desktop\PBS KIDS Educational Games, Videos and Activities For Kids!.website <br/>2013-07-01 10:52 - 2013-07-01 10:52 - 00000000 ____D C:\Users\Alannah\AppData\Local\Apple <br/>2013-06-30 08:49 - 2013-02-24 09:53 - 00000497 ____A C:\Users\Luke\Desktop\PBS KIDS Educational Games, Videos and Activities For Kids!.website <br/>2013-06-29 17:11 - 2013-06-29 17:03 - 00000000 ____D C:\Users\Prism2\Desktop\camping <br/>2013-06-29 15:11 - 2013-06-12 15:22 - 00000004 ____A C:\Users\Prism2\AppData\Roaming\159676 <br/>2013-06-29 15:11 - 2012-09-10 19:18 - 00870128 ____A C:\Users\Prism2\AppData\Roaming\mcs.rma <br/>2013-06-28 11:29 - 2013-06-12 16:47 - 00000004 ____A C:\Users\Kids\AppData\Roaming\159676 <br/>2013-06-28 11:29 - 2012-09-16 10:51 - 00870128 ____A C:\Users\Kids\AppData\Roaming\mcs.rma <br/>2013-06-26 12:49 - 2013-06-26 12:49 - 00001099 ____A C:\AdwCleaner[S5].txt <br/>2013-06-26 12:48 - 2013-06-26 12:48 - 00648201 ____A C:\Users\Prism2\Desktop\adwcleaner.exe <br/>2013-06-26 12:45 - 2010-11-20 23:47 - 00019676 ____A C:\Windows\PFRO.log <br/>2013-06-26 12:37 - 2013-06-26 12:37 - 00111124 ____A C:\Users\Prism2\Desktop\OTL.Txt <br/>2013-06-26 12:31 - 2013-06-26 12:31 - 00602112 ____A (OldTimer Tools) C:\Users\Prism2\Desktop\OTL.exe <br/>2013-06-25 10:19 - 2013-06-25 10:19 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe <br/>2013-06-25 10:19 - 2013-06-25 10:19 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe <br/>2013-06-25 10:19 - 2013-06-25 10:19 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe <br/>2013-06-25 10:19 - 2013-06-25 10:19 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll <br/>2013-06-25 10:19 - 2012-09-10 18:28 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll <br/>2013-06-25 10:19 - 2012-09-10 18:28 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll <br/>2013-06-24 17:25 - 2013-06-24 17:24 - 00000000 ____D C:\Users\Grayson\AppData\Local\{559EF506-EDC1-46DF-917D-824CDC6D633D} <br/>2013-06-24 17:24 - 2013-06-24 17:24 - 00000000 ____D C:\Users\Grayson\AppData\Local\{E51C3296-EFD5-4578-B924-2C7F5EDC10EF} <br/>2013-06-22 12:09 - 2013-06-22 12:09 - 00000004 ____A C:\Users\Alannah\AppData\Roaming\159676 <br/>2013-06-22 12:09 - 2012-09-15 15:02 - 00870128 ____A C:\Users\Alannah\AppData\Roaming\mcs.rma <br/>2013-06-22 08:49 - 2013-06-22 08:45 - 00000000 ____D C:\Users\Prism2\Desktop\New folder (3) <br/>2013-06-21 08:11 - 2012-12-05 18:41 - 00000496 ____A C:\Users\Luke\Desktop\Official NORAD Santa Tracker.website <br/>2013-06-19 12:47 - 2013-04-30 13:39 - 00000000 ____D C:\Program Files (x86)\Pearson <br/>2013-06-19 12:47 - 2012-08-28 12:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information <br/>2013-06-19 12:33 - 2013-06-19 12:33 - 00388608 ____A (Trend Micro Inc.) C:\Users\Prism2\Desktop\HijackThis.exe <br/>2013-06-19 12:30 - 2013-06-19 12:30 - 00000634 ____A C:\Users\Prism2\Documents\JRTa.txt <br/>2013-06-19 12:26 - 2013-06-19 12:26 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Prism2\Desktop\JRT.exe <br/>2013-06-19 12:24 - 2013-06-19 12:24 - 00001038 ____A C:\Users\Prism2\Documents\AdwCleaner[S4]a.txt <br/>2013-06-19 12:17 - 2013-06-19 12:16 - 00001038 ____A C:\AdwCleaner[S4].txt <br/>2013-06-19 11:10 - 2013-04-25 20:57 - 00000000 ____D C:\Users\Prism2\Desktop\camera <br/>2013-06-18 08:04 - 2013-02-24 09:52 - 00000495 ____A C:\Users\Luke\Desktop\Caillou Games, Coloring and Activities PBS KIDS.website <br/>2013-06-17 12:43 - 2013-06-17 12:05 - 00000000 ____D C:\Users\Prism2\Desktop\2008-01-01 <br/>2013-06-17 12:40 - 2013-06-17 12:01 - 00000000 ____D C:\Users\Prism2\Desktop\kids <br/>2013-06-17 12:39 - 2013-06-17 11:58 - 00000000 ____D C:\Users\Prism2\Desktop\2010-04-22 <br/>2013-06-17 12:36 - 2013-06-17 12:04 - 00000000 ____D C:\Users\Prism2\Desktop\Picture <br/>2013-06-17 11:19 - 2013-01-24 22:49 - 00792064 __ASH C:\Users\Prism2\Desktop\Thumbs.db <br/>2013-06-17 11:18 - 2013-06-17 11:18 - 00128000 ____A C:\Users\Prism2\Desktop\AUTISMSIGN.PSproj <br/>2013-06-17 09:10 - 2013-06-17 09:10 - 00000000 ____D C:\Users\Todd\AppData\Local\Apple <br/>2013-06-16 20:23 - 2013-06-16 20:23 - 09718726 ____A C:\Users\Prism2\Desktop\LAWLzip-older_version.zip <br/>2013-06-16 19:52 - 2013-06-16 19:50 - 00000000 ____D C:\Users\Prism2\Desktop\FATHER'S DAY <br/>2013-06-16 11:51 - 2012-11-03 13:51 - 00000506 ____A C:\Users\Luke\Desktop\Farme search - Y8.COM - Play Games for Free.website <br/>2013-06-16 10:39 - 2013-06-16 10:39 - 00379387 ____A C:\Users\Kids\Documents\fsathers.xps <br/>2013-06-16 10:38 - 2013-06-16 10:38 - 00379387 ____A C:\Users\Kids\Documents\card.xps <br/>2013-06-15 03:03 - 2011-02-10 12:10 - 00773448 ____A C:\Windows\SysWOW64\PerfStringBackup.INI <br/>2013-06-14 22:58 - 2013-06-14 22:31 - 00000000 ____D C:\Users\Prism2\Desktop\Last Day Of School <br/>2013-06-14 11:33 - 2012-09-22 10:25 - 00000000 ____D C:\Users\Kids\AppData\Roaming\SoftGrid Client <br/>2013-06-13 15:34 - 2012-09-22 12:45 - 00000000 ____D C:\Users\Todd\Desktop\Prism Invoices <br/>2013-06-13 03:02 - 2013-02-20 10:14 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe <br/>2013-06-12 22:53 - 2013-06-12 22:53 - 00000000 ____D C:\Users\Prism2\Desktop\backups <br/>2013-06-12 22:53 - 2013-06-06 18:48 - 00000000 ____D C:\Users\Kids\AppData\Local\TopArcadeHits <br/>2013-06-12 22:51 - 2013-06-11 10:56 - 00015351 ____A C:\Users\Prism2\Desktop\hijackthis.log <br/>2013-06-12 22:49 - 2012-08-28 12:15 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe <br/>2013-06-12 22:49 - 2012-08-28 12:15 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl <br/>2013-06-12 08:12 - 2013-06-12 08:10 - 00000000 ____D C:\Users\Prism2\Desktop\june2 <br/>2013-06-12 08:09 - 2013-06-03 15:19 - 00000000 ____D C:\Users\Prism2\Desktop\JUNEiphone <br/>2013-06-12 08:08 - 2013-04-30 18:31 - 00000000 ____D C:\Users\Prism2\AppData\Roaming\Apple Computer <br/>2013-06-11 19:58 - 2013-05-10 13:59 - 00000000 ____D C:\Users\Grayson\AppData\Local\Apple Computer <br/>2013-06-11 10:54 - 2012-09-08 11:29 - 00000000 ____D C:\Users\Prism2\AppData\Local\VirtualStore <br/>2013-06-10 18:31 - 2013-06-10 18:31 - 00001847 ____A C:\Users\Public\Desktop\QuickTime Player.lnk <br/>2013-06-10 18:31 - 2013-06-10 18:31 - 00000000 ____D C:\Program Files (x86)\QuickTime <br/>2013-06-10 18:30 - 2013-04-30 18:30 - 00000000 ____D C:\Program Files\Common Files\Apple <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files\iTunes <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files\iPod <br/>2013-06-10 18:29 - 2013-06-10 18:29 - 00000000 ____D C:\Program Files (x86)\iTunes <br/>2013-06-09 10:26 - 2013-06-09 09:59 - 00000000 ____D C:\Program Files (x86)\SkyGolf <br/>2013-06-09 10:01 - 2013-06-09 10:01 - 00000000 ____D C:\Users\Todd\AppData\Local\SkyHawke <br/>2013-06-09 10:00 - 2013-06-09 10:00 - 00000000 ____D C:\Users\Prism2\AppData\Local\SkyHawke <br/>2013-06-09 09:59 - 2013-06-09 09:59 - 00000000 ____D C:\Program Files (x86)\Silabs <br/>2013-06-08 13:10 - 2013-06-08 13:10 - 00000000 __SHD C:\Users\Prism2\Desktop\%APPDATA% <br/>2013-06-08 12:53 - 2013-06-08 12:52 - 00001083 ____A C:\AdwCleaner[S3].txt <br/>2013-06-08 12:42 - 2013-06-08 12:39 - 00007107 ____A C:\AdwCleaner[S2].txt <br/>2013-06-08 12:38 - 2013-06-08 12:38 - 00006933 ____A C:\Users\Prism2\Desktop\AdwCleaner[R1].txt <br/>2013-06-08 12:38 - 2013-06-08 12:38 - 00000319 ____A C:\AdwCleaner[S1].txt <br/>2013-06-08 12:36 - 2013-06-08 12:36 - 00006933 ____A C:\AdwCleaner[R1].txt <br/>2013-06-08 12:35 - 2013-06-08 12:32 - 00640135 ____A C:\Users\Todd\Downloads\adwcleaner.exe <br/>2013-06-08 10:08 - 2013-07-03 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll <br/>2013-06-08 10:07 - 2013-07-03 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll <br/>2013-06-08 10:06 - 2013-07-03 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll <br/>2013-06-08 10:06 - 2013-07-03 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll <br/>2013-06-08 10:06 - 2013-07-03 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll <br/>2013-06-08 08:28 - 2013-07-03 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb <br/>2013-06-08 07:42 - 2013-07-03 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll <br/>2013-06-08 07:40 - 2013-07-03 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll <br/>2013-06-08 07:40 - 2013-07-03 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll <br/>2013-06-08 07:40 - 2013-07-03 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll <br/>2013-06-08 07:40 - 2013-07-03 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll <br/>2013-06-08 07:13 - 2013-07-03 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb <br/>2013-06-07 19:07 - 2013-04-30 13:46 - 00000000 ____D C:\Windows\Crystal <br/>2013-06-07 19:06 - 2013-06-06 18:49 - 00000000 ____D C:\Program Files (x86)\MyPC Backup <br/>2013-06-07 19:04 - 2013-06-07 19:04 - 00000000 ____D C:\Users\Krista\AppData\Roaming\Apple Computer <br/>2013-06-07 18:53 - 2013-06-07 18:15 - 00000000 ____D C:\Qoobox <br/>2013-06-07 18:53 - 2009-07-13 23:20 - 00000000 __RHD C:\users\Default <br/>2013-06-07 18:52 - 2013-06-07 18:52 - 00023905 ____A C:\ComboFix.txt <br/>2013-06-07 18:48 - 2013-06-07 18:15 - 00000000 ____D C:\Windows\erdnt <br/>2013-06-07 18:34 - 2009-07-13 22:34 - 00000215 ____A C:\Windows\system.ini <br/>2013-06-07 18:14 - 2013-06-07 18:14 - 05078746 ____R (Swearware) C:\Users\Todd\Desktop\ComboFix.exe <br/>2013-06-06 18:49 - 2013-06-06 18:49 - 00959772 ____A ( ) C:\Users\Prism2\Downloads\pivot_setup.exe <br/>2013-06-06 18:49 - 2013-06-06 18:49 - 00000000 ____D C:\ProgramData\Real <br/>2013-06-06 18:48 - 2013-06-06 18:48 - 00000000 ____D C:\Users\Kids\AppData\Roaming\Mozilla <br/>2013-06-06 18:47 - 2013-06-06 18:47 - 00000000 ____D C:\Windows\SysWOW64\jmdp <br/>2013-06-06 18:47 - 2013-06-06 18:47 - 00000000 ____D C:\Windows\SysWOW64\ARFC <br/>2013-06-06 18:45 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\Resources <br/> <br/>==================== Bamital & volsnap Check ================= <br/> <br/>C:\Windows\System32\winlogon.exe => MD5 is legit <br/>C:\Windows\System32\wininit.exe => MD5 is legit <br/>C:\Windows\SysWOW64\wininit.exe => MD5 is legit <br/>C:\Windows\explorer.exe => MD5 is legit <br/>C:\Windows\SysWOW64\explorer.exe => MD5 is legit <br/>C:\Windows\System32\svchost.exe => MD5 is legit <br/>C:\Windows\SysWOW64\svchost.exe => MD5 is legit <br/>C:\Windows\System32\services.exe => MD5 is legit <br/>C:\Windows\System32\User32.dll => MD5 is legit <br/>C:\Windows\SysWOW64\User32.dll => MD5 is legit <br/>C:\Windows\System32\userinit.exe => MD5 is legit <br/>C:\Windows\SysWOW64\userinit.exe => MD5 is legit <br/>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit <br/> <br/> <br/>LastRegBack: 2013-07-03 00:15 <br/> <br/>==================== End Of Log ============================
Posted 7/6/2013 2:28 PM
#95864
User avatar

KMB1999 Advanced member

Date Joined Nov 2016
Total Posts: 95
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2013 <br/>Ran by Prism2 at 2013-07-06 10:20:52 <br/>Running from C:\Users\Prism2\Desktop <br/>Boot Mode: Normal <br/>========================================================== <br/> <br/> <br/>==================== Installed Programs ======================= <br/> <br/>Adobe AIR (x32 Version: 2.6.0.19120) <br/>Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224) <br/>Adobe Reader X (10.1.4) (x32 Version: 10.1.4) <br/>Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637) <br/>Apple Application Support (x32 Version: 2.3.4) <br/>Apple Mobile Device Support (Version: 6.1.0.13) <br/>Apple Software Update (x32 Version: 2.1.3.127) <br/>ASPCA Reminder by We-Care.com v4.1.22.1 (x32 Version: 4.1.22.1) <br/>Bing Bar (x32 Version: 7.1.391.0) <br/>Blio (x32 Version: 2.3.7140) <br/>Bonjour (Version: 3.0.0.10) <br/>Cisco EAP-FAST Module (x32 Version: 2.2.14) <br/>Cisco LEAP Module (x32 Version: 1.0.19) <br/>Cisco PEAP Module (x32 Version: 1.1.6) <br/>Consumer In-Home Service Agreement (x32 Version: 2.0.0) <br/>Coupon Printer for Windows (x32 Version: 5.0.0.3) <br/>Cozi (x32 Version: 1.0.6505.38692) <br/>D3DX10 (x32 Version: 15.4.2368.0902) <br/>Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.67) <br/>Dell DataSafe Local Backup (x32 Version: 9.4.67) <br/>Dell Digital Delivery (x32 Version: 2.5.1400.0) <br/>Dell Edoc Viewer (Version: 1.0.0) <br/>Dell Getting Started Guide (x32 Version: 1.00.0000) <br/>Dell MusicStage (x32 Version: 1.6.225.0) <br/>Dell PhotoStage (x32 Version: 1.5.0.130) <br/>Dell Stage (x32 Version: 1.7.209.0) <br/>Dell Stage Remote (x32 Version: 2.0.0.43) <br/>Dell Support Center (Version: 3.1.5907.16) <br/>Dell VideoStage (x32 Version: 1.3.0.2214) <br/>Dell Wireless Driver Installation (x32 Version: 9.0) <br/>eBay (x32 Version: 1.4.0) <br/>Google Toolbar for Internet Explorer (x32 Version: 1.0.0) <br/>Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358) <br/>Google Update Helper (x32 Version: 1.3.21.149) <br/>High-Definition Video Playback (x32 Version: 7.3.10000.0.0) <br/>HP Officejet 4620 series Basic Device Software (Version: 26.0.784.0) <br/>HP Officejet 4620 series Help (x32 Version: 6.0.0) <br/>HP Officejet 4620 series Product Improvement Study (Version: 26.0.784.0) <br/>HP Update (x32 Version: 5.003.000.004) <br/>I.R.I.S. OCR (x32 Version: 12.3.4.0) <br/>iCloud (Version: 2.1.2.8) <br/>Intel(R) Control Center (x32 Version: 1.2.1.1007) <br/>Intel(R) Management Engine Components (x32 Version: 8.0.0.1351) <br/>Intel(R) Processor Graphics (x32 Version: 8.15.10.2696) <br/>Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006) <br/>Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220) <br/>Intel® Trusted Connect Service Client (Version: 1.23.216.0) <br/>iTunes (Version: 11.0.4.4) <br/>Java 7 Update 25 (x32 Version: 7.0.250) <br/>Java Auto Updater (x32 Version: 2.1.9.5) <br/>Junk Mail filter update (x32 Version: 15.4.3502.0922) <br/>McAfee Security Scan Plus (x32 Version: 2.1.121.2) <br/>McAfee SecurityCenter (x32 Version: 11.6.434) <br/>Mesh Runtime (x32 Version: 15.4.5722.2) <br/>Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) <br/>Microsoft .NET Framework 4 Extended (Version: 4.0.30319) <br/>Microsoft Application Error Reporting (Version: 12.0.6015.5000) <br/>Microsoft Office 2010 (x32 Version: 14.0.4763.1000) <br/>Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) <br/>Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000) <br/>Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000) <br/>Microsoft Silverlight (Version: 5.1.20125.0) <br/>Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) <br/>Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) <br/>Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) <br/>Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) <br/>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729) <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) <br/>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) <br/>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319) <br/>MSVCRT (x32 Version: 15.4.2862.0708) <br/>MSVCRT_amd64 (x32 Version: 15.4.2862.0708) <br/>Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10200.0.0) <br/>Nero Control Center 10 (x32 Version: 10.6.12800.0.8) <br/>Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800) <br/>Nero Core Components 10 (x32 Version: 2.0.20500.9.16) <br/>Nero Update (x32 Version: 1.0.0018) <br/>Picasa 3 (x32 Version: 3.9) <br/>PlayReady PC Runtime x86 (x32 Version: 1.3.0) <br/>QuickTime (x32 Version: 7.74.80.86) <br/>Realtek High Definition Audio Driver (x32 Version: 6.0.1.6554) <br/>Rhapsody (x32) <br/>Sandboxie 4.02 (64-bit) (Version: 4.02) <br/>Shared C Run-time for x64 (Version: 10.0.0) <br/>Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (x32) <br/>Skype™ 5.10 (x32 Version: 5.10.116) <br/>Smilebox (HKCU) <br/>swMSM (x32 Version: 12.0.0.1) <br/>SyncUP (x32 Version: 1.12.11500.11.105) <br/>SyncUP (x32 Version: 10.2.16500) <br/>The Print Shop 3.0 Fonts (x32 Version: 1.0) <br/>The Print Shop 3.0 Professional (x32 Version: 3.0.6) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) <br/>Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) <br/>Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) <br/>Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) <br/>Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) <br/>Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) <br/>Updater By SweetPacks 2.0.0.586 (Version: 2.0.0.586) <br/>Windows Live Communications Platform (x32 Version: 15.4.3502.0922) <br/>Windows Live Essentials (x32 Version: 15.4.3502.0922) <br/>Windows Live Essentials (x32 Version: 15.4.3508.1109) <br/>Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) <br/>Windows Live Installer (x32 Version: 15.4.3502.0922) <br/>Windows Live Language Selector (Version: 15.4.3508.1109) <br/>Windows Live Mail (x32 Version: 15.4.3502.0922) <br/>Windows Live Mesh (x32 Version: 15.4.3502.0922) <br/>Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) <br/>Windows Live Messenger (x32 Version: 15.4.3502.0922) <br/>Windows Live MIME IFilter (Version: 15.4.3502.0922) <br/>Windows Live Movie Maker (x32 Version: 15.4.3502.0922) <br/>Windows Live Photo Common (x32 Version: 15.4.3502.0922) <br/>Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) <br/>Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) <br/>Windows Live Remote Client (Version: 15.4.5722.2) <br/>Windows Live Remote Client Resources (Version: 15.4.5722.2) <br/>Windows Live Remote Service (Version: 15.4.5722.2) <br/>Windows Live Remote Service Resources (Version: 15.4.5722.2) <br/>Windows Live SOXE (x32 Version: 15.4.3502.0922) <br/>Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) <br/>Windows Live UX Platform (x32 Version: 15.4.3502.0922) <br/>Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) <br/>Windows Live Writer (x32 Version: 15.4.3502.0922) <br/>Windows Live Writer Resources (x32 Version: 15.4.3502.0922) <br/>Zinio Reader 4 (x32 Version: 4.2.4164) <br/> <br/>==================== Restore Points ========================= <br/> <br/>19-06-2013 16:46:44 Removed PsychCorpCenter-II <br/>22-06-2013 07:00:10 Windows Update <br/>25-06-2013 14:18:28 Installed Java 7 Update 25 <br/>26-06-2013 16:39:42 OTL Restore Point - 6/26/2013 12:39:42 PM <br/>02-07-2013 07:00:23 Windows Update <br/>03-07-2013 07:00:25 Windows Update <br/> <br/>==================== Hosts content: ========================== <br/> <br/>2009-07-13 22:34 - 2013-06-26 12:39 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts <br/>127.0.0.1 localhost <br/>::1 localhost <br/> <br/>==================== Scheduled Tasks (whitelisted) ============= <br/> <br/>Task: {0C032FDA-03A9-4983-9E1D-D65F9FDB5790} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated) <br/>Task: {1D8952B5-5FC1-47C7-AA2D-E5B107E6C193} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2011-12-18] (Hewlett-Packard Co.) <br/>Task: {4B3A10B1-BCB3-487F-8E20-C0EBCC9DBE42} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task <br/>Task: {56BB57FC-FFB8-4A90-82F3-E7D737C67B58} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) <br/>Task: {73ECDBA1-3992-4F35-88C2-09837B27EA8A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <br/>Task: {796B714E-FBEB-4744-950E-301F129B3973} - System32\Tasks\TopArcadeHits => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe [2013-06-06] () <br/>Task: {880E40E0-E591-46B3-92BF-C11D7712087A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-30] (Google Inc.) <br/>Task: {DCC23AFF-8BF7-473B-B90B-FD6EF29F945A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-30] (Google Inc.) <br/>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>Task: C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe <br/> <br/>==================== Faulty Device Manager Devices ============= <br/> <br/> <br/>==================== Event log errors: ========================= <br/> <br/>Application errors: <br/>================== <br/>Error: (07/06/2013 00:57:50 AM) (Source: SideBySide) (User: ) <br/>Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. <br/>A component version required by the application conflicts with another component version already active. <br/>Conflicting components are:. <br/>Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. <br/>Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. <br/> <br/>Error: (07/04/2013 00:03:30 PM) (Source: SideBySide) (User: ) <br/>Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. <br/>A component version required by the application conflicts with another component version already active. <br/>Conflicting components are:. <br/>Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. <br/>Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. <br/> <br/>Error: (07/04/2013 11:38:58 AM) (Source: SideBySide) (User: ) <br/>Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. <br/>A component version required by the application conflicts with another component version already active. <br/>Conflicting components are:. <br/>Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. <br/>Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. <br/> <br/>Error: (07/04/2013 11:02:30 AM) (Source: WinMgmt) (User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (07/03/2013 03:19:56 AM) (Source: WinMgmt) (User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (07/03/2013 03:02:13 AM) (Source: SideBySide) (User: ) <br/>Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. <br/>A component version required by the application conflicts with another component version already active. <br/>Conflicting components are:. <br/>Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. <br/>Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. <br/> <br/>Error: (07/02/2013 01:23:33 PM) (Source: WinMgmt) (User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (07/02/2013 01:09:57 PM) (Source: WinMgmt) (User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (07/02/2013 03:41:49 AM) (Source: WinMgmt) (User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (06/27/2013 00:48:12 PM) (Source: SideBySide) (User: ) <br/>Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. <br/>A component version required by the application conflicts with another component version already active. <br/>Conflicting components are:. <br/>Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. <br/>Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. <br/> <br/> <br/>System errors: <br/>============= <br/>Error: (07/05/2013 11:43:00 PM) (Source: DCOM) (User: ) <br/>Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69} <br/> <br/>Error: (07/04/2013 11:00:49 AM) (Source: Service Control Manager) (User: ) <br/>Description: The MCSTRM service failed to start due to the following error: <br/>%%2 <br/> <br/>Error: (07/04/2013 11:00:43 AM) (Source: EventLog) (User: ) <br/>Description: The previous system shutdown at 1:44:31 PM on ?7/?3/?2013 was unexpected. <br/> <br/>Error: (07/03/2013 01:21:53 PM) (Source: DCOM) (User: ) <br/>Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} <br/> <br/>Error: (07/03/2013 00:05:59 PM) (Source: Service Control Manager) (User: ) <br/>Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service. <br/> <br/>Error: (07/03/2013 03:18:19 AM) (Source: Service Control Manager) (User: ) <br/>Description: The MCSTRM service failed to start due to the following error: <br/>%%2 <br/> <br/>Error: (07/02/2013 01:21:47 PM) (Source: Service Control Manager) (User: ) <br/>Description: The MCSTRM service failed to start due to the following error: <br/>%%2 <br/> <br/>Error: (07/02/2013 01:08:13 PM) (Source: Service Control Manager) (User: ) <br/>Description: The MCSTRM service failed to start due to the following error: <br/>%%2 <br/> <br/>Error: (07/02/2013 03:40:15 AM) (Source: Service Control Manager) (User: ) <br/>Description: The MCSTRM service failed to start due to the following error: <br/>%%2 <br/> <br/>Error: (07/01/2013 08:01:02 PM) (Source: DCOM) (User: ) <br/>Description: {209500FC-6B45-4693-8871-6296C4843751} <br/> <br/> <br/>Microsoft Office Sessions: <br/>========================= <br/>Error: (07/06/2013 00:57:50 AM) (Source: SideBySide)(User: ) <br/>Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe <br/> <br/>Error: (07/04/2013 00:03:30 PM) (Source: SideBySide)(User: ) <br/>Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe <br/> <br/>Error: (07/04/2013 11:38:58 AM) (Source: SideBySide)(User: ) <br/>Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe <br/> <br/>Error: (07/04/2013 11:02:30 AM) (Source: WinMgmt)(User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (07/03/2013 03:19:56 AM) (Source: WinMgmt)(User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (07/03/2013 03:02:13 AM) (Source: SideBySide)(User: ) <br/>Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe <br/> <br/>Error: (07/02/2013 01:23:33 PM) (Source: WinMgmt)(User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (07/02/2013 01:09:57 PM) (Source: WinMgmt)(User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (07/02/2013 03:41:49 AM) (Source: WinMgmt)(User: ) <br/>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 <br/> <br/>Error: (06/27/2013 00:48:12 PM) (Source: SideBySide)(User: ) <br/>Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe <br/> <br/> <br/>CodeIntegrity Errors: <br/>=================================== <br/> Date: 2013-06-07 18:28:12.274 <br/> Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. <br/> <br/> Date: 2013-06-07 18:28:12.242 <br/> Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. <br/> <br/> Date: 2013-06-07 16:05:18.321 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2013-06-07 16:05:18.306 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2013-06-07 16:05:18.306 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2013-05-24 16:01:50.635 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2013-05-24 16:01:50.635 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2013-05-24 16:01:50.635 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2013-03-09 10:12:46.807 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2013-03-09 10:12:46.807 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> <br/>==================== Memory info =========================== <br/> <br/>Percentage of memory in use: 25% <br/>Total physical RAM: 6022.16 MB <br/>Available physical RAM: 4514 MB <br/>Total Pagefile: 12042.51 MB <br/>Available Pagefile: 9300.58 MB <br/>Total Virtual: 8192 MB <br/>Available Virtual: 8191.81 MB <br/> <br/>==================== Drives ================================ <br/> <br/>Drive c: (OS) (Fixed) (Total:919.22 GB) (Free:675.57 GB) NTFS (Disk=0 Partition=3) <br/> <br/>==================== MBR & Partition Table ================== <br/> <br/>======================================================== <br/>Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: A3AE97B5) <br/>Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) <br/>Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS) <br/>Partition 3: (Not Active) - (Size=919 GB) - (Type=07 NTFS) <br/> <br/>==================== End Of Log ============================
Posted 7/7/2013 7:45 AM
#95866
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire txt in bold below. </div>(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). <br/> Save it on the desktop as fixlist.txt. <br/> <br/> <br/> <br/> <br/>start <br/>SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = <br/>BHO: Updater By SweetPacks - {7D4F1959-3F72-49d5-8E59-F02F8AA6815D} - C:\Program Files\Updater By SweetPacks\Extension64.dll No File <br/>Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File <br/>S3 catchme; \??\C:\ComboFix\catchme.sys [x] <br/>S2 MCSTRM; No ImagePath <br/>U3 mfeavfk01; No ImagePath <br/>2013-07-02 13:25 - 2013-07-02 13:25 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Todd\Desktop\JRT.exe <br/>2013-07-02 13:19 - 2013-07-02 13:20 - 00001159 ____A C:\AdwCleaner[S6].txt <br/>2013-07-02 13:19 - 2013-07-02 13:19 - 00648201 ____A C:\Users\Todd\Desktop\adwcleaner.exe <br/>c:\Users\Prism2\Desktop\adwcleaner.exe <br/>C:\Users\Prism2\Desktop\OTL.Txt <br/>C:\Users\Prism2\Desktop\OTL.exe <br/>(Trend Micro Inc.) C:\Users\Prism2\Desktop\HijackThis.exe <br/>C:\Users\Prism2\Documents\JRTa.txt <br/>C:\Users\Prism2\Desktop\JRT.exe <br/>C:\Users\Prism2\Documents\AdwCleaner[S4]a.txt <br/>C:\AdwCleaner[S4].txt <br/>C:\Users\Prism2\Desktop\hijackthis.log <br/>C:\AdwCleaner[S3].txt <br/>C:\AdwCleaner[S2].txt <br/>C:\Users\Prism2\Desktop\AdwCleaner[R1].txt <br/>C:\AdwCleaner[S1].txt <br/>C:\AdwCleaner[R1].txt <br/>C:\Users\Todd\Downloads\adwcleaner.exe <br/>C:\ComboFix.txt <br/>C:\JRT <br/>C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated) <br/>{1D8952B5-5FC1-47C7-AA2D-E5B107E6C193} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2011-12-18] (Hewlett-Packard Co.) <br/>{4B3A10B1-BCB3-487F-8E20-C0EBCC9DBE42} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task <br/>T{56BB57FC-FFB8-4A90-82F3-E7D737C67B58} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) <br/>{73ECDBA1-3992-4F35-88C2-09837B27EA8A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation) <br/>Task: {796B714E-FBEB-4744-950E-301F129B3973} - System32\Tasks\TopArcadeHits => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe [2013-06-06] () <br/>{880E40E0-E591-46B3-92BF-C11D7712087A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-30] (Google Inc.) <br/>{DCC23AFF-8BF7-473B-B90B-FD6EF29F945A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-30] (Google Inc.) <br/>C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <br/>C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe <br/>end <br/> <br/> <br/>Now open Farbar ensure its on your desktop and click the fix botton.<br /><br /> <br/>The tool will make a log on the desktop (Fixlog.txt) please post it to your reply. <br/> <br/><span style="color: red;">NOTICE: This script was written specifically for this user, for use on that particular machine. <br/>Running this on another machine may cause damage to your operating system <br/> <br/></div><br /><br /><ol>* Open Disk Cleanup by clicking the <span class="ui">Start button User image. In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup. <br/><li class="step">In the Drives list, click the hard disk drive that you want to clean up, and then click OK. <br/></li><li class="step">In the Disk Cleanup dialog box, on the Disk Cleanup tab, select the check boxes for the file types that you want to delete, and then click OK. <br/></li><li class="step">In the message that appears, click Delete files. <br/></li></ol><h4 class="title_procedure ecTitle"><span class="link_image_container">User imagePlease tell how things are running now ?</h4><br /><br /><span style="color: red;">

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/7/2013 7:12 PM
#95868
User avatar

KMB1999 Advanced member

Date Joined Nov 2016
Total Posts: 95
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-07-2013 <br/>Ran by Prism2 at 2013-07-07 15:10:36 Run:1 <br/>Running from C:\Users\Prism2\Desktop <br/>Boot Mode: Normal <br/>============================================== <br/> <br/>HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. <br/>HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} => Key deleted successfully. <br/>HKCR\CLSID\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D} => Key deleted successfully. <br/>HKCR\PROTOCOLS\Handler\cozi => Key deleted successfully. <br/>HKCR\CLSID\{5356518D-FE9C-4E08-9C1F-1E872ECD367F} => Key not found. <br/>catchme => Service deleted successfully. <br/>MCSTRM => Service deleted successfully. <br/>mfeavfk01 => Service deleted successfully. <br/>C:\Users\Todd\Desktop\JRT.exe => Moved successfully. <br/>C:\AdwCleaner[S6].txt => Moved successfully. <br/>C:\Users\Todd\Desktop\adwcleaner.exe => Moved successfully. <br/>c:\Users\Prism2\Desktop\adwcleaner.exe => Moved successfully. <br/>C:\Users\Prism2\Desktop\OTL.Txt => Moved successfully. <br/>C:\Users\Prism2\Desktop\OTL.exe => Moved successfully. <br/>C:\Users\Prism2\Desktop\HijackThis.exe => No running process found <br/>C:\Users\Prism2\Documents\JRTa.txt => Moved successfully. <br/>C:\Users\Prism2\Desktop\JRT.exe => Moved successfully. <br/>C:\Users\Prism2\Documents\AdwCleaner[S4]a.txt => Moved successfully. <br/>C:\AdwCleaner[S4].txt => Moved successfully. <br/>C:\Users\Prism2\Desktop\hijackthis.log => Moved successfully. <br/>C:\AdwCleaner[S3].txt => Moved successfully. <br/>C:\AdwCleaner[S2].txt => Moved successfully. <br/>C:\Users\Prism2\Desktop\AdwCleaner[R1].txt => Moved successfully. <br/>C:\AdwCleaner[S1].txt => Moved successfully. <br/>C:\AdwCleaner[R1].txt => Moved successfully. <br/>C:\Users\Todd\Downloads\adwcleaner.exe => Moved successfully. <br/>C:\ComboFix.txt => Moved successfully. <br/>C:\JRT => Moved successfully. <br/>"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)" => File/Directory not found. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{796B714E-FBEB-4744-950E-301F129B3973} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{796B714E-FBEB-4744-950E-301F129B3973} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\TopArcadeHits => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TopArcadeHits => Key deleted successfully. <br/>"C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe" => File/Directory not found. <br/>"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" => File/Directory not found. <br/>"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" => File/Directory not found. <br/>"C:\Windows\Tasks\TopArcadeHits.job => C:\Users\Kids\AppData\Local\TopArcadeHits\updater.exe" => File/Directory not found. <br/> <br/>==== End of Fixlog ====
Posted 7/7/2013 7:25 PM
#95869
User avatar

KMB1999 Advanced member

Date Joined Nov 2016
Total Posts: 95
Okay. I still cannot get online other than onto Google using the browser line on my user page. Once I get to Google I cannot go anywhere else unless I right click on the internet (e) icon on the bottom of the page and then click on one of the pages that are listed there that I believe are my frequently visited pages. If I click on one of the pages listed, then I can visit that page but still cannot go anywhere else if I then type a new page address on the browser line that I usually would use. This is really strange especially because I can browse the internet or visit any pages I want if I sign into anyone else's user page. Mine seems to be the only one affected. Any idea what might be going on? </div>
Posted 7/8/2013 4:13 PM
#95871
User avatar

KMB1999 Advanced member

Date Joined Nov 2016
Total Posts: 95
I have an update from yesterday's reply that I made. There is only 1 user who can get online and search the web. The other users either get stuck on Google as I do or a security warning pops up that says our security settings are not correct and asks if we want to update them by clicking on a button. I did not click on the button though. I just logged those users out. Everything else works for all users except for the internet issues that I have described. There is only 1 user who can utilize the internet normally from what I can tell.
Posted 7/9/2013 7:04 AM
#95872
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
" security warning pops up that says our security settings"</div> <br/> <br/> <br/> <br/>Which - Program or file - pops up with the warning ? <br/> <br/> <br/> <br/>Try to reset IE. <br/> <br/><ol><li>Close any Internet Explorer or <span class="notLocalizable">Windows Explorer windows that are currently open. <br/></li><li class="step">Open Internet Explorer by clicking the <span class="ui">Start button User image. In the search box, type Internet Explorer, and then, in the list of results, click Internet Explorer. <br/></li><li class="step">Click the Tools button, and then click Internet Options. <br/></li><li class="step">Click the Advanced tab, and then click Reset. <br/></li><li class="step">Select the Delete personal settings check box if you would like to remove browsing history, search providers, Accelerators, home pages, and InPrivate Filtering data. <br/></li><li class="step">In the Reset Internet Explorer Settings dialog box, click Reset. <br/></li><li class="step">When Internet Explorer finishes restoring the settings, click Close, and then click OK. <br/></li><li class="step">Close Internet Explorer. <br/>Your changes will take effect the next time you open Internet Explorer. <br/></li></ol><br /><br /><br /><br /><br /><br />

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/9/2013 2:47 PM
#95873
User avatar

KMB1999 Advanced member

Date Joined Nov 2016
Total Posts: 95
Hi. It seems that resetting IE for all users has remedied the issues. We can all get online and browse. The security warnings have also disappeared. It was a page that popped up that said "Your Security Level Puts Your Computer At Risk" and then gave the option to fix settings(recommended) or continue browsing(not recommended). I never did anything. The browser line read "About:SecurityRisk". But, now that we have reset IE, all users are fine and no warnings are popping up. This is good, correct? Finally, I am installing virus software today....I will either install the free one that you suggested or purchase the McAfee that is already in my system. A quick question......Once I decide, how do I get it to protect all users? Does installing it to the administrator page automatically do this or is there something else that I would need to do in order to protect each user so they do not continue to infect my system? I wish there was a specific way to block pages so that my kids cannot get on ones I do not want then on but I haven't found a way to do this in windows 7 for just one or two pages(game pages) that I know have been an issue so I want to make sure that virus software is installed. Thanks for all of your help!!
Posted 7/11/2013 11:03 PM
#95884
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
" Does installing it to the administrator page automatically do this or is there something else that I would need to do in order to protect each user so they do not continue to infect my system? I wish there was a specific way to block pages so that my kids cannot get on ones I do not want then on but I haven't found a way to do this in windows 7 for just one or two pages(game pages) that I know have been an issue so I want to make sure that virus software is installed."</div> <br/> <br/> <br/>It Looks like McAfee <br/>Protect Your Family, it probably mean all users ! <br/> <br/> <br/>Have you links for the game pages ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, December 7, 2016, 11:13 PM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 37,967 registered members. Please welcome our newest member, ConcepcionJAbbate.
There are currently no users on-line.