|
-
May 21st, 2013, 12:17 AM
#11
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-05-2013 01
Ran by Ian James (administrator) on 21-05-2013 08:14:05
Running from C:\Users\Ian James\Desktop
Windows 7 Professional Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Firebird Project) C:\Program Files\firebird\firebird_2_1\bin\fbguard.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(Mindteck India Limited) C:\Windows\system32\klpnm.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Argonne National Lab) C:\Program Files\MPICH2\bin\smpd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
(Nalpeiron Ltd.) C:\Windows\system32\NLSSRV32.EXE
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Braunstein + Berndt GmbH) C:\Program Files\SoundPLAN 7.2\SPUpdateService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Firebird Project) C:\Program Files\firebird\firebird_2_1\bin\fbserver.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(LG Electronics Inc.) C:\Program Files\LG Software\LG OSD\HotKey.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(LG Electronics Inc.) C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe
(BIT LEADER) C:\Program Files\lg_swupdate\GiljabiStart.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Microsoft Corporation) C:\Users\Ian James\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(LG Electronics Inc.) C:\Program Files\LG Software\LG Magnifier\Maglev.exe
(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Farbar) C:\Users\Ian James\Desktop\FRST.exe
(Google Inc.) C:\Users\Ian James\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ian James\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ian James\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [zOSD] C:\Program Files\LG Software\LG OSD\HotKey.exe [3655168 2009-12-04] (LG Electronics Inc.)
HKLM\...\Run: [KeybdUtility] C:\Program Files\LG Software\LG OSD\HotKey.exe [3655168 2009-12-04] (LG Electronics Inc.)
HKLM\...\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM\...\Run: [LG Magnifier] %ProgramFiles%\LG Software\LG Magnifier\MagnifyingGlass.exe [144688 2008-05-20] (LG Electronics Inc.)
HKLM\...\Run: [LGSR_Menu] "C:\Program Files\LG Software\LG Smart Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\LG Software\LG Smart Recovery" UpdateWithCreateOnce Software\CyberLink\PowerRecover [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\giljabistart.exe" Gilautouc [312688 2010-07-29] (BIT LEADER)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [8092192 2009-11-17] (Realtek Semiconductor)
HKLM\...\Run: [FreePDF Assistant] C:\Program Files\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [218408 2009-02-17] (CyberLink Corp.)
HKLM\...\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\" [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Winlogon: [System]
HKCU\...\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [719672 2012-01-20] (Microsoft Corporation)
HKCU\...\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler [222128 2007-03-29] (Macrovision Corporation)
HKCU\...\Run: [SkyDrive] "C:\Users\Ian James\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background [256600 2013-04-03] (Microsoft Corporation)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/se...pvid=20.3.1.22
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/se...pvid=20.3.1.22
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.1.22\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation)
Handler: osf-roaming - {C57E9882-B128-4E07-BA2D-FF83B8989C76} - C:\Users\Ian James\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6215427E-E3AB-4AA3-A1C3-79FC4AE4FAF8}: [NameServer]127.0.0.1
FireFox:
========
FF ProfilePath: C:\Users\Ian James\AppData\Roaming\Mozilla\Firefox\Profiles\axt9qb5g.default
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @esn.me/esnsonar,version=0.70.4 - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin: @esn/esnlaunch,version=1.122.0 - C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin: @esn/esnlaunch,version=2.1.2 - C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Ian James\AppData\Roaming\Mozilla\Firefox\Profiles\axt9qb5g.default\Extensions\{c151d79e-e61b-4a90-a887-5a46d38fba99}.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.co.uk/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Ian James\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Ian James\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ian James\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
CHR Plugin: (ESN Sonar API) - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Entanglement) - C:\Users\Ian James\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0
CHR Extension: (Skype Click to Call) - C:\Users\Ian James\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0
CHR Extension: (Poppit) - C:\Users\Ian James\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0
CHR Extension: (Norton Identity Protection) - C:\Users\Ian James\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0
========================== Services (Whitelisted) =================
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-28] (LSI Corporation)
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\firebird\firebird_2_1\bin\fbguard.exe [81920 2009-07-22] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files\firebird\firebird_2_1\bin\fbserver.exe [2736128 2009-07-22] (Firebird Project)
R2 hasplms; C:\Windows\system32\hasplms.exe [4466120 2013-03-15] (SafeNet Inc.)
S2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [4593728 2013-05-07] (Hola Networks Ltd.)
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [4279408 2013-02-18] (Hola Networks Ltd.)
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP)
R2 instdt; C:\Windows\system32\klpnm.exe [20480 2012-04-24] (Mindteck India Limited)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 mpich2_smpd; C:\Program Files\MPICH2\bin\smpd.exe [458752 2009-11-18] (Argonne National Lab)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
S4 MSSQLServerADHelper100; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [47128 2009-07-23] (Microsoft Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.5\my.ini [9098 2012-08-24] ()
R2 N360; C:\Program Files\Norton 360\Engine\20.3.1.22\diMaster.dll [554288 2013-03-29] (Symantec Corporation)
R2 NitroDriverReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [196928 2011-03-21] (Nitro PDF Software)
R2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120 2011-10-15] (NVIDIA Corporation)
R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [369952 2009-09-17] (SafeNet, Inc.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-04-15] (Skype Technologies S.A.)
R2 SPUpdService; C:\Program Files\SoundPLAN 7.2\SPUpdateService.exe [530432 2012-12-14] (Braunstein + Berndt GmbH)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aksfridge; C:\Windows\System32\DRIVERS\aksfridge.sys [376200 2013-03-15] (SafeNet Inc.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [244040 2013-03-15] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [53192 2013-03-15] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [295944 2013-03-15] (SafeNet Inc.)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [165376 2012-08-27] ()
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130515.001\BHDrvx86.sys [1000024 2013-04-13] (Symantec Corporation)
R3 btwampfl; C:\Windows\System32\drivers\btwampfl.sys [279592 2010-01-20] (Broadcom Corporation.)
S3 camdrv41; C:\Windows\System32\DRIVERS\camdrv41.sys [1347584 2007-05-04] ()
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1403010.016\ccSetx86.sys [134304 2012-11-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-11-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-11-04] (Symantec Corporation)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [62216 2012-04-13] (FTDI Ltd.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2010-02-03] (LogMeIn, Inc.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [608136 2013-03-15] (SafeNet Inc.)
R1 hola-drv; C:\Windows\System32\DRIVERS\hola_drv.sys [465216 2013-05-07] (Hola Networks Ltd.)
R1 hola-mon-drv; C:\Windows\System32\DRIVERS\hola_mon_drv.sys [71360 2013-05-07] (Hola Networks Ltd.)
R1 hola_net; C:\Windows\System32\DRIVERS\hola_net.sys [72688 2013-02-19] (Hola Networks Ltd.)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130518.001\IDSvix86.sys [386720 2012-11-03] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2012-08-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130520.017\NAVENG.SYS [93296 2013-05-20] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130520.017\NAVEX15.SYS [1603824 2013-05-20] (Symantec Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] ()
R1 RapportCerberus_51755; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_51755.sys [317112 2013-03-30] ()
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [103120 2013-04-30] (Trusteer Ltd.)
R1 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [174320 2013-04-30] (Trusteer Ltd.)
S4 RsFx0103; C:\Windows\System32\DRIVERS\RsFx0103.sys [239336 2009-03-30] (Microsoft Corporation)
S3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2011-09-06] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360\1403010.016\SRTSP.SYS [602712 2013-01-29] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1403010.016\SRTSPX.SYS [32344 2013-01-29] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1403010.016\SYMDS.SYS [367704 2013-01-22] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1403010.016\SYMEFA.SYS [934488 2013-01-31] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2012-11-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1403010.016\Ironx86.SYS [175264 2012-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360\1403010.016\SYMNETS.SYS [338592 2013-01-31] (Symantec Corporation)
U3 TrueSight; C:\Windows\system32\drivers\TrueSight.sys [15616 2013-05-18] ()
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [81704 2009-06-05] (CyberLink)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-05-21 08:13 - 2013-05-21 08:13 - 00000000 ____D C:\FRST
2013-05-21 08:12 - 2013-05-21 08:11 - 01318315 ____A (Farbar) C:\Users\Ian James\Desktop\FRST.exe
2013-05-20 09:33 - 2013-05-20 09:33 - 00000000 ____D C:\Program Files\ESET
2013-05-20 09:15 - 2013-05-20 09:15 - 00000000 ____D C:\_OTL
2013-05-20 08:35 - 2013-05-20 08:35 - 00000000 ____D C:\Windows\ERUNT
2013-05-20 08:35 - 2013-05-20 08:35 - 00000000 ____D C:\JRT
2013-05-20 08:24 - 2013-05-20 08:24 - 00003473 ____A C:\AdwCleaner[R2].txt
2013-05-20 08:24 - 2013-05-20 08:24 - 00002969 ____A C:\AdwCleaner[S1].txt
2013-05-20 08:22 - 2013-05-20 08:23 - 00003413 ____A C:\AdwCleaner[R1].txt
2013-05-19 13:53 - 2013-05-20 16:06 - 00037106 ____A C:\Users\Ian James\Desktop\Timesheet Dev (Recovered).xlsm
2013-05-19 12:47 - 2013-03-06 12:38 - 00055257 ____N C:\Users\Ian James\Desktop\PartLocDBComboRibbonDepend.xlsm
2013-05-19 09:56 - 2013-05-19 09:56 - 00032129 ____A C:\ComboFix.txt
2013-05-19 09:36 - 2011-06-26 10:45 - 00256000 ____A C:\Windows\PEV.exe
2013-05-19 09:36 - 2010-11-07 21:20 - 00208896 ____A C:\Windows\MBR.exe
2013-05-19 09:36 - 2009-04-20 08:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-05-19 09:36 - 2000-08-31 04:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-05-19 09:36 - 2000-08-31 04:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-05-19 09:36 - 2000-08-31 04:00 - 00098816 ____A C:\Windows\sed.exe
2013-05-19 09:36 - 2000-08-31 04:00 - 00080412 ____A C:\Windows\grep.exe
2013-05-19 09:36 - 2000-08-31 04:00 - 00068096 ____A C:\Windows\zip.exe
2013-05-19 09:35 - 2013-05-19 09:56 - 00000000 ___AD C:\Qoobox
2013-05-19 09:34 - 2013-05-19 09:54 - 00000000 ____D C:\Windows\erdnt
2013-05-19 09:07 - 2013-05-19 09:08 - 00000000 ____D C:\Users\Ian James\Desktop\J3048
2013-05-19 08:05 - 2013-05-20 12:47 - 00000000 ____D C:\Users\Ian James\Desktop\AV Reports
2013-05-18 20:24 - 2013-05-18 20:26 - 00187904 ____A C:\Windows\System32\Drivers\netbt.sys.dump
2013-05-18 20:24 - 2013-05-18 20:24 - 00000000 ____D C:\Windows\snack
2013-05-18 20:23 - 2013-05-18 20:26 - 00000000 ____D C:\Users\Ian James\Desktop\RK_Quarantine
2013-05-18 20:23 - 2013-05-18 20:23 - 00015616 ____A C:\Windows\System32\Drivers\TrueSight.sys
2013-05-18 16:24 - 2013-05-18 16:24 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Malwarebytes
2013-05-18 16:24 - 2013-05-18 16:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-18 16:24 - 2013-05-18 16:24 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-18 16:24 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-18 10:10 - 2013-05-18 10:10 - 00000988 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-05-17 23:43 - 2013-05-18 00:05 - 00000000 ____D C:\Users\Ian James\Downloads\All About Anna
2013-05-17 23:37 - 2013-05-19 13:34 - 00000000 ____D C:\Users\Ian James\Downloads\New_And_Some_Old_Nude_Celebrity_Clips_-_High_Quality-2007-DJNilo
2013-05-15 16:05 - 2013-05-15 16:06 - 00000000 ____D C:\Users\Ian James\AppData\Local\Temporary Projects
2013-05-15 15:46 - 2013-05-15 15:46 - 00000921 ____A C:\Users\Public\Desktop\Ora Time and Expense.lnk
2013-05-15 15:46 - 2013-05-15 15:46 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\com.johnwu.ora.7C6CA62034ECEF7F45C524416D6FEE987A4E8AAB.1
2013-05-15 15:46 - 2013-05-15 15:46 - 00000000 ____D C:\Program Files\Ora Time and Expense
2013-05-15 15:31 - 2009-07-23 07:08 - 00050200 ____A (Microsoft Corporation) C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2013-05-15 15:30 - 2013-05-15 15:30 - 00000000 ____D C:\Windows\System32\RsFx
2013-05-15 15:30 - 2009-07-23 07:08 - 00079896 ____A (Microsoft Corporation) C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2013-05-15 15:28 - 2013-05-15 15:28 - 00000000 ____D C:\Windows\System32\1033
2013-05-15 15:28 - 2013-05-15 15:28 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-05-15 15:25 - 2013-05-15 15:30 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-05-15 15:24 - 2013-05-15 15:24 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-05-15 15:23 - 2013-05-15 16:05 - 00000000 ____D C:\Users\Ian James\Documents\Visual Studio 2010
2013-05-15 15:21 - 2013-05-15 15:33 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-05-15 15:21 - 2013-05-15 15:21 - 00000000 ____D C:\Program Files\Microsoft SDKs
2013-05-15 15:21 - 2013-05-15 15:21 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-05-14 23:37 - 2013-05-15 06:52 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-05-14 22:35 - 2013-05-15 09:15 - 00000000 ____D C:\Users\Ian James\Downloads\celeb
2013-05-14 15:26 - 2013-05-14 15:26 - 00000000 ____D C:\Program Files\Time & Expense Sheet Manager V4.1
2013-05-12 08:57 - 2013-05-12 08:57 - 00000000 ____D C:\Users\Ian James\Downloads\Shortbus [2006] dir John Cameron Mitchell
2013-05-12 08:33 - 2013-05-12 08:48 - 735516148 ____A C:\Users\Ian James\Downloads\SHORTBUS.avi
2013-05-09 12:51 - 2013-05-09 13:58 - 00000000 ____D C:\Users\Ian James\Downloads\How I Met Your Mother Season 1, 2, 3, 4, 5, & 6 + Extras DVDRip TSV
2013-05-06 17:20 - 2008-10-15 06:22 - 04379984 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2013-05-06 17:20 - 2008-10-15 06:22 - 02036576 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2013-05-06 17:20 - 2008-10-15 06:22 - 00452440 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2013-05-06 14:21 - 2013-05-06 14:21 - 00000000 ____D C:\Program Files\dumps
2013-05-06 14:20 - 2013-05-08 13:27 - 00000000 ____D C:\Program Files\Steam
2013-05-06 14:20 - 2013-05-06 14:20 - 00000835 ____A C:\Users\Public\Desktop\Steam.lnk
2013-05-06 14:20 - 2013-05-06 14:20 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-05-06 08:49 - 2013-05-06 08:49 - 00000218 ____A C:\Users\Ian James\AppData\Local\recently-used.xbel
2013-05-06 08:41 - 2013-05-06 08:41 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\inkscape
2013-05-06 08:37 - 2013-05-06 08:37 - 00000929 ____A C:\Users\Public\Desktop\Inkscape.lnk
2013-05-06 08:31 - 2013-05-06 08:39 - 00000000 ____D C:\Program Files\Inkscape
2013-05-05 10:25 - 2013-05-05 16:08 - 00000000 ____D C:\Users\Ian James\AppData\Local\PDF Annotator
2013-05-05 10:25 - 2013-05-05 10:25 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Softland
2013-05-05 10:25 - 2010-02-05 14:00 - 01700352 ____A (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2013-05-01 09:55 - 2013-05-01 09:55 - 00002091 ____A C:\Users\Public\Desktop\CAESAR II 2011 Demo.lnk
2013-05-01 09:55 - 2013-05-01 09:55 - 00000000 ____D C:\ProgramData\Intergraph CAS
2013-05-01 09:55 - 2013-05-01 09:55 - 00000000 ____D C:\Program Files\Intergraph CAS
2013-05-01 09:55 - 2013-05-01 09:55 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-05-01 09:55 - 2013-05-01 09:55 - 00000000 ____D C:\Program Files\Common Files\Alias
2013-04-30 11:44 - 2013-05-16 13:28 - 00000000 ____D C:\Users\Ian James\Desktop\Scan
2013-04-30 11:12 - 2013-04-30 11:12 - 00000027 ____A C:\Windows\EZSET_SP.INI
2013-04-30 11:10 - 2013-04-30 11:10 - 00000033 ____A C:\setup.log
2013-04-30 11:07 - 2013-04-30 11:07 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Kyocera
2013-04-30 01:28 - 2013-04-30 01:28 - 00102448 ____A (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKELL.sys
2013-04-28 08:28 - 2013-04-28 11:19 - 00000000 ____D C:\Users\Ian James\Desktop\Personal Docs
2013-04-25 12:05 - 2013-05-08 12:26 - 00000000 ____D C:\J3035 SEP
2013-04-25 10:05 - 2013-04-25 10:05 - 00000950 ____A C:\Users\UpdatusUser.IanJames-PC\Desktop\Any PDF to DWG Converter.lnk
2013-04-25 10:05 - 2013-04-25 10:05 - 00000950 ____A C:\Users\Ian James\Desktop\Any PDF to DWG Converter.lnk
2013-04-25 10:05 - 2013-04-25 10:05 - 00000000 ____D C:\Program Files\Any PDF to DWG Converter
2013-04-25 09:11 - 2013-04-25 09:11 - 00000000 ____D C:\Program Files\Common Files\Java
2013-04-25 09:11 - 2013-04-04 05:35 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-04-25 09:11 - 2013-04-04 05:30 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-04-25 09:11 - 2013-04-04 05:29 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-04-25 09:10 - 2013-04-25 09:11 - 00003903 ____A C:\Windows\System32\jupdate-1.7.0_21-b11.log
2013-04-24 16:18 - 2010-06-02 04:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2013-04-24 16:18 - 2010-06-02 04:55 - 00239960 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_7.dll
2013-04-24 16:18 - 2010-06-02 04:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2013-04-24 16:18 - 2010-05-26 11:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2013-04-24 16:18 - 2010-05-26 11:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_43.dll
2013-04-24 16:18 - 2010-05-26 11:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_43.dll
2013-04-24 16:18 - 2010-05-26 11:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_43.dll
2013-04-24 16:18 - 2010-05-26 11:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2013-04-24 16:18 - 2010-02-04 10:01 - 00528216 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_6.dll
2013-04-24 16:18 - 2010-02-04 10:01 - 00238936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_6.dll
2013-04-24 16:18 - 2010-02-04 10:01 - 00074072 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_4.dll
2013-04-24 16:18 - 2010-02-04 10:01 - 00022360 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_7.dll
2013-04-24 16:18 - 2009-09-04 17:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2013-04-24 16:18 - 2009-09-04 17:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2013-04-24 16:18 - 2009-09-04 17:29 - 01974616 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2013-04-24 16:18 - 2009-09-04 17:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2013-04-24 16:18 - 2009-03-16 14:18 - 00517448 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2013-04-24 16:18 - 2009-03-16 14:18 - 00235352 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2013-04-24 16:18 - 2009-03-16 14:18 - 00022360 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2013-04-24 16:18 - 2009-03-09 15:27 - 04178264 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2013-04-24 16:18 - 2008-07-31 10:41 - 00238088 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2013-04-24 16:18 - 2008-07-31 10:41 - 00068616 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2013-04-24 16:18 - 2008-07-31 10:40 - 00509448 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2013-04-24 16:17 - 2013-04-24 16:17 - 00001008 ____A C:\Users\Ian James\Desktop\MSI Afterburner.lnk
2013-04-24 13:27 - 2013-04-28 08:50 - 00000000 ____D C:\Program Files\Citrix
2013-04-24 13:26 - 2013-04-24 13:26 - 00000000 ____D C:\Users\Ian James\AppData\Local\Citrix
2013-04-24 09:12 - 2013-05-19 14:15 - 00000000 ____D C:\Users\Ian James\Desktop\N3 Upgrade
2013-04-22 08:02 - 2013-05-01 21:36 - 00000000 ____D C:\Users\Ian James\Downloads\Newbie
==================== One Month Modified Files and Folders ========
2013-05-21 08:14 - 2010-07-29 14:33 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Skype
2013-05-21 08:13 - 2013-05-21 08:13 - 00000000 ____D C:\FRST
2013-05-21 08:11 - 2013-05-21 08:12 - 01318315 ____A (Farbar) C:\Users\Ian James\Desktop\FRST.exe
2013-05-21 08:10 - 2010-05-06 12:16 - 01349914 ____A C:\Windows\WindowsUpdate.log
2013-05-21 08:08 - 2012-09-20 15:34 - 00000000 ___RD C:\Users\Ian James\SkyDrive
2013-05-21 08:08 - 2010-08-17 17:07 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-21 08:07 - 2010-05-06 12:20 - 00000000 ____D C:\ProgramData\NVIDIA
2013-05-21 08:07 - 2009-07-14 08:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-21 08:07 - 2009-07-14 08:39 - 00176732 ____A C:\Windows\setupact.log
2013-05-21 07:22 - 2010-11-24 15:57 - 00000924 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1966870287-2785114930-2950882033-1000UA.job
2013-05-21 07:06 - 2010-08-17 17:07 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-20 22:45 - 2011-02-25 14:45 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\vlc
2013-05-20 22:21 - 2012-02-01 10:26 - 00000000 ____D C:\Users\Ian James\Desktop\New folder
2013-05-20 18:02 - 2009-07-14 08:34 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-20 18:02 - 2009-07-14 08:34 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-20 16:06 - 2013-05-19 13:53 - 00037106 ____A C:\Users\Ian James\Desktop\Timesheet Dev (Recovered).xlsm
2013-05-20 14:22 - 2010-11-24 15:57 - 00000872 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1966870287-2785114930-2950882033-1000Core.job
2013-05-20 12:47 - 2013-05-19 08:05 - 00000000 ____D C:\Users\Ian James\Desktop\AV Reports
2013-05-20 12:03 - 2012-02-07 14:34 - 00000000 ____D C:\Users\Ian James\Desktop\001 Resources - shaun
2013-05-20 09:33 - 2013-05-20 09:33 - 00000000 ____D C:\Program Files\ESET
2013-05-20 09:15 - 2013-05-20 09:15 - 00000000 ____D C:\_OTL
2013-05-20 08:35 - 2013-05-20 08:35 - 00000000 ____D C:\Windows\ERUNT
2013-05-20 08:35 - 2013-05-20 08:35 - 00000000 ____D C:\JRT
2013-05-20 08:24 - 2013-05-20 08:24 - 00003473 ____A C:\AdwCleaner[R2].txt
2013-05-20 08:24 - 2013-05-20 08:24 - 00002969 ____A C:\AdwCleaner[S1].txt
2013-05-20 08:23 - 2013-05-20 08:22 - 00003413 ____A C:\AdwCleaner[R1].txt
2013-05-20 08:16 - 2010-01-21 21:39 - 00872704 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-19 14:45 - 2013-02-02 12:43 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\BitTorrent
2013-05-19 14:15 - 2013-04-24 09:12 - 00000000 ____D C:\Users\Ian James\Desktop\N3 Upgrade
2013-05-19 13:34 - 2013-05-17 23:37 - 00000000 ____D C:\Users\Ian James\Downloads\New_And_Some_Old_Nude_Celebrity_Clips_-_High_Quality-2007-DJNilo
2013-05-19 10:17 - 2012-02-22 01:40 - 00000000 ____D C:\Users\Ian James\Desktop\Working
2013-05-19 09:56 - 2013-05-19 09:56 - 00032129 ____A C:\ComboFix.txt
2013-05-19 09:56 - 2013-05-19 09:35 - 00000000 ___AD C:\Qoobox
2013-05-19 09:56 - 2009-07-14 06:37 - 00000000 __RHD C:\users\Default
2013-05-19 09:56 - 2009-07-14 06:37 - 00000000 ___RD C:\users\Public
2013-05-19 09:54 - 2013-05-19 09:34 - 00000000 ____D C:\Windows\erdnt
2013-05-19 09:50 - 2009-07-14 06:04 - 00000215 ____A C:\Windows\system.ini
2013-05-19 09:49 - 2010-05-06 12:11 - 00353034 ____A C:\Windows\PFRO.log
2013-05-19 09:28 - 2010-08-02 21:01 - 00000000 ____D C:\Users\Ian James\AppData\Local\CrashDumps
2013-05-19 09:08 - 2013-05-19 09:07 - 00000000 ____D C:\Users\Ian James\Desktop\J3048
2013-05-19 09:08 - 2013-02-25 09:07 - 00000000 ____D C:\Users\Ian James\Desktop\FIV Calculator
2013-05-18 21:40 - 2009-07-14 06:37 - 00000000 ___DC C:\Windows\$NtUninstallKB5584$
2013-05-18 20:26 - 2013-05-18 20:24 - 00187904 ____A C:\Windows\System32\Drivers\netbt.sys.dump
2013-05-18 20:26 - 2013-05-18 20:23 - 00000000 ____D C:\Users\Ian James\Desktop\RK_Quarantine
2013-05-18 20:24 - 2013-05-18 20:24 - 00000000 ____D C:\Windows\snack
2013-05-18 20:23 - 2013-05-18 20:23 - 00015616 ____A C:\Windows\System32\Drivers\TrueSight.sys
2013-05-18 16:53 - 2012-04-03 17:04 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Dropbox
2013-05-18 16:44 - 2009-07-14 08:52 - 00000000 ____D C:\Windows\twain_32
2013-05-18 16:24 - 2013-05-18 16:24 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Malwarebytes
2013-05-18 16:24 - 2013-05-18 16:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-05-18 16:24 - 2013-05-18 16:24 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-05-18 10:25 - 2012-08-03 13:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-05-18 10:10 - 2013-05-18 10:10 - 00000988 ____A C:\Users\Public\Desktop\VLC media player.lnk
2013-05-18 08:11 - 2010-07-29 14:52 - 00010115 ____A C:\Windows\lg_up.ini
2013-05-18 08:11 - 2010-01-21 22:45 - 00000000 ____D C:\Program Files\lg_swupdate
2013-05-18 08:11 - 2009-07-14 06:04 - 00000461 ____A C:\Windows\win.ini
2013-05-18 00:05 - 2013-05-17 23:43 - 00000000 ____D C:\Users\Ian James\Downloads\All About Anna
2013-05-17 21:59 - 2012-05-01 20:55 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\TS3Client
2013-05-17 21:37 - 2012-05-01 20:54 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-05-16 13:28 - 2013-04-30 11:44 - 00000000 ____D C:\Users\Ian James\Desktop\Scan
2013-05-15 19:31 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-05-15 16:06 - 2013-05-15 16:05 - 00000000 ____D C:\Users\Ian James\AppData\Local\Temporary Projects
2013-05-15 16:05 - 2013-05-15 15:23 - 00000000 ____D C:\Users\Ian James\Documents\Visual Studio 2010
2013-05-15 15:46 - 2013-05-15 15:46 - 00000921 ____A C:\Users\Public\Desktop\Ora Time and Expense.lnk
2013-05-15 15:46 - 2013-05-15 15:46 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\com.johnwu.ora.7C6CA62034ECEF7F45C524416D6FEE987A4E8AAB.1
2013-05-15 15:46 - 2013-05-15 15:46 - 00000000 ____D C:\Program Files\Ora Time and Expense
2013-05-15 15:40 - 2011-04-27 14:40 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-05-15 15:33 - 2013-05-15 15:21 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2013-05-15 15:30 - 2013-05-15 15:30 - 00000000 ____D C:\Windows\System32\RsFx
2013-05-15 15:30 - 2013-05-15 15:25 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-05-15 15:28 - 2013-05-15 15:28 - 00000000 ____D C:\Windows\System32\1033
2013-05-15 15:28 - 2013-05-15 15:28 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 9.0
2013-05-15 15:28 - 2010-07-29 14:43 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-05-15 15:28 - 2009-07-14 06:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-05-15 15:24 - 2013-05-15 15:24 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2013-05-15 15:24 - 2010-07-29 13:52 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2013-05-15 15:21 - 2013-05-15 15:21 - 00000000 ____D C:\Program Files\Microsoft SDKs
2013-05-15 15:21 - 2013-05-15 15:21 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2013-05-15 09:15 - 2013-05-14 22:35 - 00000000 ____D C:\Users\Ian James\Downloads\celeb
2013-05-15 06:52 - 2013-05-14 23:37 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-05-15 06:51 - 2013-03-24 12:11 - 00001380 ____A C:\fpRedmon.log
2013-05-15 06:51 - 2010-07-30 23:20 - 00000000 ____D C:\Users\Ian James\AppData\Local\FreePDF_XP
2013-05-15 06:46 - 2010-01-21 22:37 - 00001147 ____A C:\Windows\lgcenter.ini
2013-05-15 00:14 - 2009-07-14 08:53 - 00032638 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-14 15:26 - 2013-05-14 15:26 - 00000000 ____D C:\Program Files\Time & Expense Sheet Manager V4.1
2013-05-12 08:57 - 2013-05-12 08:57 - 00000000 ____D C:\Users\Ian James\Downloads\Shortbus [2006] dir John Cameron Mitchell
2013-05-12 08:48 - 2013-05-12 08:33 - 735516148 ____A C:\Users\Ian James\Downloads\SHORTBUS.avi
2013-05-09 16:52 - 2011-01-12 07:33 - 00000000 ____D C:\Users\Ian James\AppData\Local\Windows Live
2013-05-09 13:58 - 2013-05-09 12:51 - 00000000 ____D C:\Users\Ian James\Downloads\How I Met Your Mother Season 1, 2, 3, 4, 5, & 6 + Extras DVDRip TSV
2013-05-08 13:27 - 2013-05-06 14:20 - 00000000 ____D C:\Program Files\Steam
2013-05-08 12:26 - 2013-04-25 12:05 - 00000000 ____D C:\J3035 SEP
2013-05-08 09:43 - 2013-04-18 11:12 - 00000000 ____D C:\Users\Ian James\Documents\SoundPLAN Globdata 7.2
2013-05-07 13:50 - 2013-02-18 08:06 - 00465216 ____A (Hola Networks Ltd.) C:\Windows\System32\Drivers\hola_drv.sys
2013-05-07 13:50 - 2013-02-18 08:06 - 00071360 ____A (Hola Networks Ltd.) C:\Windows\System32\Drivers\hola_mon_drv.sys
2013-05-06 17:21 - 2012-05-12 00:43 - 00000000 ____D C:\Users\Ian James\Documents\My Games
2013-05-06 17:20 - 2010-08-02 14:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-05-06 14:21 - 2013-05-06 14:21 - 00000000 ____D C:\Program Files\dumps
2013-05-06 14:20 - 2013-05-06 14:20 - 00000835 ____A C:\Users\Public\Desktop\Steam.lnk
2013-05-06 14:20 - 2013-05-06 14:20 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-05-06 11:08 - 2012-08-03 13:09 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-05-06 11:08 - 2011-09-06 16:02 - 00000000 ___RD C:\Program Files\Skype
2013-05-06 11:08 - 2010-07-29 14:32 - 00000000 ____D C:\ProgramData\Skype
2013-05-06 11:07 - 2009-07-14 08:33 - 00413440 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-06 08:49 - 2013-05-06 08:49 - 00000218 ____A C:\Users\Ian James\AppData\Local\recently-used.xbel
2013-05-06 08:41 - 2013-05-06 08:41 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\inkscape
2013-05-06 08:39 - 2013-05-06 08:31 - 00000000 ____D C:\Program Files\Inkscape
2013-05-06 08:37 - 2013-05-06 08:37 - 00000929 ____A C:\Users\Public\Desktop\Inkscape.lnk
2013-05-05 22:14 - 2010-07-29 13:49 - 00109600 ____A C:\Users\Ian James\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-05 16:08 - 2013-05-05 10:25 - 00000000 ____D C:\Users\Ian James\AppData\Local\PDF Annotator
2013-05-05 10:53 - 2013-04-16 15:22 - 00000000 ____D C:\Program Files\WindRose
2013-05-05 10:25 - 2013-05-05 10:25 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Softland
2013-05-05 08:14 - 2011-08-17 21:21 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Nitro PDF
2013-05-01 21:36 - 2013-04-22 08:02 - 00000000 ____D C:\Users\Ian James\Downloads\Newbie
2013-05-01 09:55 - 2013-05-01 09:55 - 00002091 ____A C:\Users\Public\Desktop\CAESAR II 2011 Demo.lnk
2013-05-01 09:55 - 2013-05-01 09:55 - 00000000 ____D C:\ProgramData\Intergraph CAS
2013-05-01 09:55 - 2013-05-01 09:55 - 00000000 ____D C:\Program Files\Intergraph CAS
2013-05-01 09:55 - 2013-05-01 09:55 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-05-01 09:55 - 2013-05-01 09:55 - 00000000 ____D C:\Program Files\Common Files\Alias
2013-05-01 09:55 - 2009-07-14 06:37 - 00000000 ____D C:\Windows\system
2013-04-30 11:12 - 2013-04-30 11:12 - 00000027 ____A C:\Windows\EZSET_SP.INI
2013-04-30 11:12 - 2013-01-27 08:40 - 00000000 ____D C:\Program Files\Kyocera
2013-04-30 11:10 - 2013-04-30 11:10 - 00000033 ____A C:\setup.log
2013-04-30 11:07 - 2013-04-30 11:07 - 00000000 ____D C:\Users\Ian James\AppData\Roaming\Kyocera
2013-04-30 01:28 - 2013-04-30 01:28 - 00102448 ____A (Trusteer Ltd.) C:\Windows\System32\Drivers\RapportKELL.sys
2013-04-28 11:19 - 2013-04-28 08:28 - 00000000 ____D C:\Users\Ian James\Desktop\Personal Docs
2013-04-28 08:54 - 2010-07-29 14:20 - 00000000 ____D C:\Users\Ian James\AppData\Local\Google
2013-04-28 08:54 - 2010-01-21 22:33 - 00000000 ____D C:\Program Files\Google
2013-04-28 08:50 - 2013-04-24 13:27 - 00000000 ____D C:\Program Files\Citrix
2013-04-25 10:05 - 2013-04-25 10:05 - 00000950 ____A C:\Users\UpdatusUser.IanJames-PC\Desktop\Any PDF to DWG Converter.lnk
2013-04-25 10:05 - 2013-04-25 10:05 - 00000950 ____A C:\Users\Ian James\Desktop\Any PDF to DWG Converter.lnk
2013-04-25 10:05 - 2013-04-25 10:05 - 00000000 ____D C:\Program Files\Any PDF to DWG Converter
2013-04-25 09:11 - 2013-04-25 09:11 - 00000000 ____D C:\Program Files\Common Files\Java
2013-04-25 09:11 - 2013-04-25 09:10 - 00003903 ____A C:\Windows\System32\jupdate-1.7.0_21-b11.log
2013-04-25 09:11 - 2011-03-14 07:47 - 00000000 ____D C:\Program Files\Java
2013-04-24 16:19 - 2013-03-04 15:26 - 00000000 ____D C:\Program Files\MSI Afterburner
2013-04-24 16:18 - 2013-03-04 15:26 - 00000000 ____D C:\Windows\System32\directx
2013-04-24 16:17 - 2013-04-24 16:17 - 00001008 ____A C:\Users\Ian James\Desktop\MSI Afterburner.lnk
2013-04-24 13:44 - 2010-11-24 15:59 - 00002394 ____A C:\Users\Ian James\Desktop\Google Chrome.lnk
2013-04-24 13:26 - 2013-04-24 13:26 - 00000000 ____D C:\Users\Ian James\AppData\Local\Citrix
2013-04-24 09:12 - 2013-02-18 19:19 - 00000000 ____D C:\Users\Ian James\Desktop\Drafts Sent
Other Malware:
===========
C:\ProgramData\ezsidmv.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
Last Boot: 2013-05-15 00:10
==================== End Of Log ============================
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
