Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: Windows update will not run

  1. 2013-07-27, 07:38 #11
    grhull
    grhull is offline
    Member
    Join Date
    Nov 2008
    Posts
    36

    Default

    Things are much faster. Thanks again. I run Windows Update three times. First two times had items to update. Last time it came back clean.

    I ran FRS, here is the log and I have attached the file:

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-07-2013
    Ran by Home (administrator) on 27-07-2013 00:32:06
    Running from C:\Users\Home\Desktop\Fixes_07_20_2013
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (AMD) C:\Windows\system32\atiesrxx.exe
    (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
    (Andrea Electronics Corporation) C:\Windows\system32\AERTSr64.exe
    (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
    (Logitech Inc.) C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
    (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
    (Logitech Inc.) C:\Program Files (x86)\Common Files\Logishrd\LVMVFM\LVPrS64H.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    (AMD) C:\Windows\system32\atieclxx.exe
    (2BrightSparks Pte Ltd) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
    (Realtek Semiconductor) C:\Windows\RAVCpl64.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Skytel] - Skytel.exe [x]
    HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [6475808 2008-09-02] (Realtek Semiconductor)
    HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
    HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2012-07-02] (Hewlett-Packard Company)
    HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [251744 2011-06-06] (LeapFrog Enterprises, Inc.)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
    HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-27] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
    HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)
    HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [190808 2011-03-01] (Logitech Inc.)
    HKLM-x32\...\Run: [LGODDFU] - C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-19] (Bitleader)
    HKLM-x32\...\Run: [KeePass 2 PreLoad] - C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1764352 2011-07-12] (Dominik Reichl)
    HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
    HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-27] (cyberlink)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
    HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
    HKU\LogMeInRemoteUser\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120622112818.dll (McAfee, Inc.)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622112818.dll (McAfee, Inc.)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    DPF: HKLM {254AA86E-5655-4518-AA87-185D7CC41801} https://secure.logmeinrescue.com/Tec...cueControl.cab
    DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
    DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activ...eX_Control.cab
    DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab...l_4.4.24.0.cab
    DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 208.67.222.123 208.67.220.123 68.94.156.1

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com/
    CHR RestoreOnStartup: "hxxp://www.google.com/"
    CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
    CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
    CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File
    CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll No File
    CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll No File
    CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
    CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
    CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
    CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

    ==================== Services (Whitelisted) =================

    R2 AERTFilters; C:\Windows\system32\AERTSr64.exe [88576 2008-07-15] (Andrea Electronics Corporation)
    S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-06-07] (LogMeIn, Inc.)
    R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-06-07] (LogMeIn, Inc.)
    R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2011-09-16] (LogMeIn, Inc.)
    R2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
    R2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
    R2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
    S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
    R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
    R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)

    ==================== Drivers (Whitelisted) ====================

    S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
    R3 AE3000; C:\Windows\System32\DRIVERS\AE3000w764.sys [1717824 2012-03-02] (Ralink Technology Corp.)
    R3 AVerBDA6x_x64; C:\Windows\System32\DRIVERS\AVerBDA716x_x64.sys [1353600 2009-04-30] (AVerMedia TECHNOLOGIES, Inc.)
    S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
    R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-05-31] (LogMeIn, Inc.)
    R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
    S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
    S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
    R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2010-07-15] (McAfee, Inc.)
    S3 catchme; \??\C:\ComboFix\catchme.sys [x]
    S4 LMIRfsClientNP; No ImagePath
    U3 mfeavfk01; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-07-27 00:31 - 2013-07-27 00:31 - 00000000 ____D C:\FRST
    2013-07-27 00:25 - 2013-07-27 00:25 - 00003344 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3957244681-1652356609-3623623028-1000
    2013-07-27 00:20 - 2013-07-27 00:20 - 00000000 ____D C:\Windows\system32\MRT
    2013-07-26 21:53 - 2013-04-17 02:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2013-07-26 21:53 - 2013-04-17 01:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-07-26 21:31 - 2013-07-26 21:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-07-26 21:31 - 2013-07-26 21:31 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2013-07-26 21:31 - 2013-07-26 21:31 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-07-26 21:31 - 2013-07-26 21:31 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-07-26 21:31 - 2013-07-26 21:31 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2013-07-26 21:31 - 2013-07-26 21:31 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2013-07-26 21:31 - 2013-07-26 21:31 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2013-07-26 21:31 - 2013-07-26 21:31 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2013-07-26 21:31 - 2013-07-26 21:31 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-07-26 21:31 - 2013-07-26 21:31 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-07-26 19:00 - 2013-07-26 19:00 - 00015785 _____ C:\ComboFix.txt
    2013-07-26 18:51 - 2011-06-26 01:45 - 00256000 _____ C:\Windows\PEV.exe
    2013-07-26 18:51 - 2010-11-07 12:20 - 00208896 _____ C:\Windows\MBR.exe
    2013-07-26 18:51 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2013-07-26 18:51 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2013-07-26 18:51 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2013-07-26 18:51 - 2000-08-30 19:00 - 00098816 _____ C:\Windows\sed.exe
    2013-07-26 18:51 - 2000-08-30 19:00 - 00080412 _____ C:\Windows\grep.exe
    2013-07-26 18:51 - 2000-08-30 19:00 - 00068096 _____ C:\Windows\zip.exe
    2013-07-26 18:12 - 2013-07-26 19:00 - 00000000 ____D C:\Qoobox
    2013-07-26 18:12 - 2013-07-26 18:59 - 00000000 ____D C:\Windows\erdnt
    2013-07-26 18:11 - 2013-07-26 18:09 - 05093969 ____R (Swearware) C:\Users\Home\Desktop\ComboFix.exe
    2013-07-26 18:01 - 2013-07-26 18:01 - 00000000 ____D C:\Users\Home\Desktop\rkill
    2013-07-26 17:54 - 2013-07-26 18:50 - 00002360 _____ C:\Users\Home\Desktop\Rkill.txt
    2013-07-26 05:04 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2013-07-26 05:04 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2013-07-25 10:35 - 2013-07-25 10:35 - 00262144 ____N C:\Windows\Minidump\072513-24975-01.dmp
    2013-07-20 08:33 - 2013-07-20 08:33 - 00014389 _____ C:\Users\Home\Desktop\attach.txt
    2013-07-20 08:33 - 2013-07-20 08:33 - 00011790 _____ C:\Users\Home\Desktop\dds.txt
    2013-07-20 08:26 - 2013-07-27 00:21 - 00000000 ____D C:\Users\Home\Desktop\Fixes_07_20_2013
    2013-07-20 08:25 - 2013-07-20 08:25 - 00000909 _____ C:\Users\LogMeInRemoteUser\Desktop\ERUNT.lnk
    2013-07-20 08:25 - 2013-07-20 08:25 - 00000909 _____ C:\Users\Home\Desktop\ERUNT.lnk
    2013-07-20 08:25 - 2013-07-20 08:25 - 00000000 ____D C:\Program Files (x86)\ERUNT
    2013-07-19 20:20 - 2013-07-19 20:20 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-07-19 20:17 - 2013-07-26 21:34 - 00012260 _____ C:\Windows\IE10_main.log
    2013-07-19 02:18 - 2013-07-19 02:18 - 00000000 ____D C:\Windows\9E23819E8AF44D25A7FE7756C9E3DBB9.TMP
    2013-07-18 21:51 - 2013-07-27 00:25 - 00003208 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3957244681-1652356609-3623623028-1000
    2013-07-10 03:53 - 2013-06-04 22:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-07-10 03:53 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2013-07-10 03:53 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2013-07-10 03:53 - 2013-05-06 01:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2013-07-10 03:53 - 2013-05-05 23:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

    ==================== One Month Modified Files and Folders =======

    2013-07-27 00:31 - 2013-07-27 00:31 - 00000000 ____D C:\FRST
    2013-07-27 00:30 - 2012-11-12 20:00 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-07-27 00:29 - 2010-01-30 17:27 - 00001828 _____ C:\Users\Public\Desktop\McAfee Security Center.lnk
    2013-07-27 00:27 - 2009-07-13 23:45 - 00017760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-07-27 00:27 - 2009-07-13 23:45 - 00017760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-07-27 00:26 - 2010-01-30 16:30 - 01783269 _____ C:\Windows\WindowsUpdate.log
    2013-07-27 00:25 - 2013-07-27 00:25 - 00003344 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3957244681-1652356609-3623623028-1000
    2013-07-27 00:25 - 2013-07-18 21:51 - 00003208 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3957244681-1652356609-3623623028-1000
    2013-07-27 00:24 - 2012-11-12 20:00 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-07-27 00:24 - 2011-03-10 20:27 - 00000000 ____D C:\Windows\SysWOW64\logishrd
    2013-07-27 00:24 - 2011-03-10 20:27 - 00000000 ____D C:\Windows\system32\logishrd
    2013-07-27 00:24 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-07-27 00:24 - 2009-07-13 23:51 - 00045430 _____ C:\Windows\setupact.log
    2013-07-27 00:22 - 2013-07-27 00:20 - 00000000 ____D C:\Windows\system32\MRT
    2013-07-27 00:21 - 2013-07-20 08:26 - 00000000 ____D C:\Users\Home\Desktop\Fixes_07_20_2013
    2013-07-27 00:13 - 2010-01-30 16:30 - 00001417 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2013-07-27 00:11 - 2009-07-13 23:45 - 00279648 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-07-27 00:10 - 2010-01-30 17:08 - 00039304 _____ C:\Windows\PFRO.log
    2013-07-27 00:09 - 2012-02-25 10:29 - 00000000 ____D C:\ProgramData\LogMeIn
    2013-07-27 00:09 - 2009-07-14 02:45 - 00000000 ____D C:\Program Files\Windows Journal
    2013-07-27 00:09 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
    2013-07-27 00:09 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2013-07-27 00:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
    2013-07-27 00:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
    2013-07-27 00:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\zh-HK
    2013-07-27 00:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\tr-TR
    2013-07-27 00:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
    2013-07-26 23:50 - 2012-07-26 21:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-07-26 21:38 - 2009-07-14 00:13 - 00740322 _____ C:\Windows\system32\PerfStringBackup.INI
    2013-07-26 21:34 - 2013-07-19 20:17 - 00012260 _____ C:\Windows\IE10_main.log
    2013-07-26 21:31 - 2013-07-26 21:31 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-07-26 21:31 - 2013-07-26 21:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-07-26 21:31 - 2013-07-26 21:31 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2013-07-26 21:31 - 2013-07-26 21:31 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-07-26 21:31 - 2013-07-26 21:31 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-07-26 21:31 - 2013-07-26 21:31 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2013-07-26 21:31 - 2013-07-26 21:31 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2013-07-26 21:31 - 2013-07-26 21:31 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2013-07-26 21:31 - 2013-07-26 21:31 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2013-07-26 21:31 - 2013-07-26 21:31 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-07-26 21:31 - 2013-07-26 21:31 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-07-26 21:31 - 2013-07-26 21:31 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2013-07-26 21:31 - 2013-07-26 21:31 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-07-26 19:00 - 2013-07-26 19:00 - 00015785 _____ C:\ComboFix.txt
    2013-07-26 19:00 - 2013-07-26 18:12 - 00000000 ____D C:\Qoobox
    2013-07-26 19:00 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Default
    2013-07-26 18:59 - 2013-07-26 18:12 - 00000000 ____D C:\Windows\erdnt
    2013-07-26 18:59 - 2009-07-13 21:34 - 00000215 _____ C:\Windows\system.ini
    2013-07-26 18:50 - 2013-07-26 17:54 - 00002360 _____ C:\Users\Home\Desktop\Rkill.txt
    2013-07-26 18:09 - 2013-07-26 18:11 - 05093969 ____R (Swearware) C:\Users\Home\Desktop\ComboFix.exe
    2013-07-26 18:01 - 2013-07-26 18:01 - 00000000 ____D C:\Users\Home\Desktop\rkill
    2013-07-25 10:35 - 2013-07-25 10:35 - 00262144 ____N C:\Windows\Minidump\072513-24975-01.dmp
    2013-07-25 10:35 - 2010-08-28 20:41 - 00000000 ____D C:\Windows\Minidump
    2013-07-20 09:35 - 2011-05-02 07:11 - 00000000 ____D C:\Users\Home\AppData\Roaming\KeePass
    2013-07-20 08:33 - 2013-07-20 08:33 - 00014389 _____ C:\Users\Home\Desktop\attach.txt
    2013-07-20 08:33 - 2013-07-20 08:33 - 00011790 _____ C:\Users\Home\Desktop\dds.txt
    2013-07-20 08:25 - 2013-07-20 08:25 - 00000909 _____ C:\Users\LogMeInRemoteUser\Desktop\ERUNT.lnk
    2013-07-20 08:25 - 2013-07-20 08:25 - 00000909 _____ C:\Users\Home\Desktop\ERUNT.lnk
    2013-07-20 08:25 - 2013-07-20 08:25 - 00000000 ____D C:\Program Files (x86)\ERUNT
    2013-07-19 23:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
    2013-07-19 20:20 - 2013-07-19 20:20 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-07-19 20:20 - 2013-07-19 20:20 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-07-19 20:12 - 2013-03-18 21:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-07-19 20:12 - 2013-03-18 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2013-07-19 19:21 - 2012-12-10 22:15 - 00000000 ____D C:\Users\Home\AppData\Roaming\Real
    2013-07-19 02:18 - 2013-07-19 02:18 - 00000000 ____D C:\Windows\9E23819E8AF44D25A7FE7756C9E3DBB9.TMP
    2013-07-19 02:11 - 2012-12-10 22:11 - 00000000 ____D C:\ProgramData\Real
    2013-07-18 23:39 - 2012-07-15 19:57 - 00000343 _____ C:\Windows\lgfwup.ini
    2013-07-18 23:34 - 2012-07-15 19:57 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
    2013-07-18 22:53 - 2011-03-10 20:05 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
    2013-07-12 23:31 - 2012-11-12 20:00 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2013-07-11 17:25 - 2012-11-12 20:00 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2013-07-11 17:25 - 2012-11-12 20:00 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2013-07-05 09:39 - 2010-01-31 20:06 - 00000000 ____D C:\Users\Public\Documents\camp
    2013-07-04 09:52 - 2013-01-07 07:47 - 00000000 ____D C:\Users\Public\Documents\donations 2013
    2013-07-03 06:48 - 2010-01-31 20:07 - 00000000 ____D C:\Users\Public\Documents\Personal
    2013-07-02 21:44 - 2010-01-31 20:07 - 00000000 ____D C:\Users\Public\Documents\recipes
    2013-07-02 13:25 - 2010-01-31 20:06 - 00000000 ____D C:\Users\Public\Documents\art hyde
    2013-07-02 13:07 - 2013-03-10 21:04 - 00000000 ____D C:\Users\Public\Documents\blue and tan rhombi problem
    2013-06-30 08:08 - 2010-01-31 20:06 - 00000000 ____D C:\Users\Public\Documents\evie

    Files to move or delete:
    ====================
    C:\ProgramData\Tempmozy-autoupdate-9168e69c9b17c74056d68fc0f28ff63a.exe
    C:\ProgramData\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe
    C:\ProgramData\Tempmozy-manualupdate-5ab4a737bec6be5a44cdd634ea82d76b.exe
    C:\ProgramData\Tempmozy-manualupdate-8262dfa079e3ea66519693899238bbfb.exe
    C:\ProgramData\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe
    C:\ProgramData\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe
    C:\ProgramData\Tempmozy-update-c0261ff8012aad585d55140a9b6ddcb9.exe

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-07-24 10:45

    ==================== End Of Log ============================
    Attached Files Attached Files
  2. 2013-07-27, 08:21 #12
    OCD
    OCD is offline
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi grhull,

    1. FRST Fix Script

    Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

    Code:
    C:\ProgramData\Tempmozy-autoupdate-9168e69c9b17c74056d68fc0f28ff63a.exe
C:\ProgramData\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe
C:\ProgramData\Tempmozy-manualupdate-5ab4a737bec6be5a44cdd634ea82d76b.exe
C:\ProgramData\Tempmozy-manualupdate-8262dfa079e3ea66519693899238bbfb.exe
C:\ProgramData\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe
C:\ProgramData\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe
C:\ProgramData\Tempmozy-update-c0261ff8012aad585d55140a9b6ddcb9.exe
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    =========================

    2. Malwarebytes' Anti-Malware

    Please download Malwarebytes' Anti-Malware to your desktop.

    Right click mbam-setup.exe and select "Run as Administrator" and follow the prompts to install the program.
    • At the end, be sure a check-mark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan as shown below.



    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.

    =========================

    3. ESET Online Scanner

    *Note:
    • It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
    • Please don't go surfing while your resident protection is disabled!
    • Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

    ** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

    = = = = = = = = = = = = = = = = = = = =

    Go here to run ESET Online Scanner

    (Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)

    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Disable your Antivirus software. You can usually do this with its Notfication Tray icon near the clock
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is Checked.
    • Click Scan.
    • Wait for the scan to finish.
    • When the scan completes, click List of found threats
    • click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
    • Include the contents of this report in your next reply

      Note - when ESET doesn't find any threats, no report will be created.
    • Push the back button.
    • Push Finish
    • Re-enable your Antivirus software.

    =========================

    In your next post please provide the following:

    • Fixlog.txt
    • MBAM log
    • ESET's log.txt
    • How is the computer running, any remaining issues?
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days
  3. 2013-07-27, 17:15 #13
    grhull
    grhull is offline
    Member
    Join Date
    Nov 2008
    Posts
    36

    Default

    The scans ran successfully. The only problem I am still having is the brs.exe MSVCR71.dll issue. As long as that isn't malware related I should be able to figure it out. Here are the logs:

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-07-2013
    Ran by Home at 2013-07-27 07:43:56 Run:1
    Running from C:\Users\Home\Desktop\Fixes_07_20_2013
    Boot Mode: Normal
    ==============================================

    C:\ProgramData\Tempmozy-autoupdate-9168e69c9b17c74056d68fc0f28ff63a.exe => Moved successfully.
    C:\ProgramData\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe => Moved successfully.
    C:\ProgramData\Tempmozy-manualupdate-5ab4a737bec6be5a44cdd634ea82d76b.exe => Moved successfully.
    C:\ProgramData\Tempmozy-manualupdate-8262dfa079e3ea66519693899238bbfb.exe => Moved successfully.
    C:\ProgramData\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe => Moved successfully.
    C:\ProgramData\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe => Moved successfully.
    C:\ProgramData\Tempmozy-update-c0261ff8012aad585d55140a9b6ddcb9.exe => Moved successfully.

    ==== End of Fixlog ====

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.07.27.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16635
    Home :: MEDIA_01_10 [administrator]

    7/27/2013 8:00:45 AM
    mbam-log-2013-07-27 (08-00-45).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 237883
    Time elapsed: 2 minute(s), 23 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    ESET didn't find any threats.

    Thanks again for all the help.
  4. 2013-07-28, 05:49 #14
    OCD
    OCD is offline
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi grhull,

    The issues with these files don't appear to be malware related

    Can you explain what issues you are having with each of these files:

    =========================

    This next step will look for copies already on your computer.

    1. SystemLook

    Please download SystemLook from one of the links below and save it to your Desktop.

    Download the version suitable to your computer.
    • Right click SystemLook.exe and select "Run as Administrator" to run it.
    • Copy the content of the following code-box into the main text-field:
      Code:
      :filefind
brs.exe
MSVCR71.dll
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt

    =========================

    In your next post please provide the following:

    • SystemLook.txt
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days
  5. 2013-07-28, 13:27 #15
    grhull
    grhull is offline
    Member
    Join Date
    Nov 2008
    Posts
    36

    Default

    The only problem with this is on startup. I get the attached message. Here are the results of the look:
    SystemLook 30.07.11 by jpshortstuff
    Log created at 23:23 on 27/07/2013 by Home
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "brs.exe"
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe ------- 75048 bytes [00:54 16/07/2012] [00:37 28/09/2011] 90B142C67907BCC2A5D2CDFDC008BE8E

    Searching for "MSVCR71.dll"
    C:\Program Files (x86)\CyberLink\Advisor\msvcr71.dll ------- 348160 bytes [00:47 16/07/2012] [19:38 10/08/2011] 86F1895AE8C5E8B17D99ECE768A70732
    C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\msvcr71.dll --a---- 353576 bytes [20:05 31/08/2011] [20:05 31/08/2011] 1BBB022AE7A9918DFD7D5B5679AE5229
    C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\OLRSubmission\msvcr71.dll --a---- 353576 bytes [20:06 31/08/2011] [20:06 31/08/2011] A9F4941AB87DDC0E71DF912F9CB34C01
    C:\Program Files (x86)\CyberLink\LabelPrint\msvcr71.dll --a---- 353576 bytes [16:44 24/12/2010] [16:44 24/12/2010] 29B863D9E19722BC32AF38436B8E36B5
    C:\Program Files (x86)\CyberLink\LabelPrint\OLRSubmission\msvcr71.dll --a---- 348160 bytes [19:12 15/11/2010] [19:12 15/11/2010] 86F1895AE8C5E8B17D99ECE768A70732
    C:\Program Files (x86)\CyberLink\MediaEspresso\msvcr71.dll ------- 348160 bytes [00:50 16/07/2012] [07:40 25/04/2011] CA2F560921B7B8BE1CF555A5A18D54C3
    C:\Program Files (x86)\CyberLink\MediaEspresso\Custom\Setting\MSVCR71.dll ------- 348160 bytes [00:50 16/07/2012] [07:40 25/04/2011] CA2F560921B7B8BE1CF555A5A18D54C3
    C:\Program Files (x86)\CyberLink\MediaEspresso\OLRSubmission\msvcr71.dll ------- 348160 bytes [00:50 16/07/2012] [06:12 15/11/2010] 86F1895AE8C5E8B17D99ECE768A70732
    C:\Program Files (x86)\CyberLink\MediaEspresso\subsys\BigBang\Runtime\msvcr71.dll ------- 348160 bytes [00:50 16/07/2012] [04:37 05/01/2011] 86F1895AE8C5E8B17D99ECE768A70732
    C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll --a---- 353576 bytes [18:44 15/12/2009] [18:44 15/12/2009] C861657FF753F4A6FA97C7ADFF4F3347
    C:\Program Files (x86)\CyberLink\Power2Go\BigBang\msvcr71.dll --a---- 353576 bytes [17:15 12/03/2009] [17:15 12/03/2009] BF83BB75C7FB5624902930799998EF60
    C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll ------- 348160 bytes [00:52 16/07/2012] [00:52 16/07/2012] 86F1895AE8C5E8B17D99ECE768A70732
    C:\Program Files (x86)\CyberLink\PowerDVD10\EvoParser\msvcr71.dll --a---- 348160 bytes [00:53 16/07/2012] [06:12 15/11/2010] 86F1895AE8C5E8B17D99ECE768A70732
    C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\msvcr71.dll --a---- 348160 bytes [15:25 03/10/2011] [15:25 03/10/2011] 86F1895AE8C5E8B17D99ECE768A70732
    C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\MSVCR71.dll --a---- 348160 bytes [20:34 05/05/2011] [20:34 05/05/2011] 86F1895AE8C5E8B17D99ECE768A70732
    C:\Program Files (x86)\CyberLink\PowerProducer\msvcr71.dll --a---- 353576 bytes [00:10 20/10/2010] [00:10 20/10/2010] 509ABA4C03F816C232817C7F30BA554E
    C:\Program Files (x86)\CyberLink\PowerProducer\OLRSubmission\msvcr71.dll --a---- 348160 bytes [19:12 15/11/2010] [19:12 15/11/2010] 86F1895AE8C5E8B17D99ECE768A70732

    -= EOF =-
    Attached Images Attached Images
  6. 2013-07-28, 17:10 #16
    OCD
    OCD is offline
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi grhull,

    Both of those files appear to be related to CyberLink.

    These are the programs installed related to CyberLink:

    • LG CyberLink BD Advisor (x32 Version: 2.0.4606)
    • LG CyberLink LabelPrint (x32 Version: 2.5.3624)
    • LG CyberLink Media Suite (x32 Version: 8.0.2820)
    • LG CyberLink MediaEspresso (x32 Version: 6.5.1622_37397b)
    • LG CyberLink PowerDVD (x32 Version: 10.0.3424.52)
    • LG CyberLink PowerProducer (x32 Version: 5.0.2.2820a)

    1. Do you use that program?
    2. If so, was it a download or do you have an installation disk for it?

    The easiest way to remedy the error messages you are receiving would be to uninstall and reinstall.

    Uninstall methods:
    1. If the program has an uninstall feature try that first.
    2. Next tryuninstall via Programs & Features in the Control Panel.

    If you can uninstall parts of CyberLink individually I would do CyberLink PowerDVD (x32 Version: 10.0.3424.52) as this is what the file brs.exe is related to.

    After you complete the uninstall / reinstall, reboot and see if the error message are still present.
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days
  7. 2013-07-28, 20:58 #17
    grhull
    grhull is offline
    Member
    Join Date
    Nov 2008
    Posts
    36

    Default

    I upgraded to the latest version 10 of cyberlink and the error has been resolved. Anything else left to do?
  8. 2013-07-28, 21:29 #18
    OCD
    OCD is offline
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi grhull,

    Your log appears to be clean.

    We have a few items to take care of before we get to the All Clean Speech.

    =========================

    1. Uninstall Combofix

    The following will implement important cleanup procedures as well as reset System Restore points:

    Click on the Start button and then in the Search field enter combofix /uninstall, as shown in the image below with the blue arrow.
    Please note that there is a space between combofix and /uninstall.



    Once you have typed this in, press Enter on your keyboard. A Open File security warning will appear asking if you are sure you want to run ComboFix. Please click on the Run button to start the program.

    ComboFix will now uninstall itself from your computer and remove any backups and quarantined files. When it has finished you will be greeted by a dialog box stating that ComboFix has been uninstalled.

    =========================

    2. Clean up with OTL:
    • Right-click OTL.exe select "Run as Administrator" to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.

    =========================

    3. You can now delete any tools and/or logs remaining on your desktop.

    =========================

    4. Uninstall via Programs and Features

    Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
    • Adobe Reader 10.1.7

    =========================

    5. Adobe Reader:

    Go to http://get.adobe.com/reader/otherversions/
    • Use the drop down menu's to select your operating system
    • Select your language > Select The current version of Adobe Reader for your language
    • Remove the check mark from the box "Free! McAfee Security Scan Plus"
    • Click the Download button, and follow the onscreen directions to complete the installation.
    Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

    =========================

    With the above items taken care of let's move on to the All Clean part of the process.

    The following procedures are recommendations for helping to keep your system running smoothly. If you are currently satisfied with how your system is running some or all of these may not pertain to you. Impliment what you need.

    This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

    Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

    Here are some tips to reduce the potential for spyware infection in the future:

    Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
    • Change the Download signed ActiveX controls to Prompt
    • Change the Download unsigned ActiveX controls to Disable
    • Change the Initialize and script ActiveX controls not marked as safe to Disable
    • Change the Installation of desktop items to Prompt
    • Change the Launching programs and files in an IFRAME to Prompt
    • Change the Navigate sub-frames across different domains to Prompt
    • When all these settings have been made, click on the OK button.
    • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.

    Make your Mozilla Firefox more secure - This can be done by adding these add-ons:

    Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

    Free Anti-Virus

    Free Firewall
    Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here.

    Make sure you keep your Windows OS current. Windows XP users can visit Windows update regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems. Without these you are leaving the back door open.

    Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002
    Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

    WOT (Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites. WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.

    Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place?

    Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days
  9. 2013-07-28, 23:04 #19
    grhull
    grhull is offline
    Member
    Join Date
    Nov 2008
    Posts
    36

    Default

    I have performed the outlined steps with the following exceptions:

    I was never able to get OTL to run, so it wasn't installed on my computer and didn't need to be uninstalled.
    Combofixer /uninstall didn't come up in the search, so I ran it from a command prompt with the uninstall switch.
    I also uninstalled malware bytes from the programs uninstall menu.
    I also uninstalled urunt from the programs uninstall menu.

    I am very happy with the way my computer is working and I am very grateful for your help. Where can I contribute to the cause?

    Thanks!

    Greg
  10. 2013-07-29, 03:04 #20
    OCD
    OCD is offline
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi Greg ,

    You're very welcome. Glad I was able to help.

    If you would like to make a donation please visit here for information on how to do so.

    Thank you, have a great day.
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules