Can't update MSE or other Anti-Spyware

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Peachykeen

Thread Starter
Joined
May 19, 2001
Messages
341
I tried updating MS Essentials and got Error Code 0x8007043c. When I ran Super AntiSpyware, it seemed to freeze after scanning about 75K files.
My computer has locked while running the dds (?) program. Saw on another post to run RogueKiller, so that report is below. Thanks SO much for your help!

Hijack this log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:31:38 AM, on 1/11/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Tricia\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.mc1849.mail.yahoo.com/mc/...050&pSize=50&.rand=1051248067&.jsrand=1286539
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Download and Sa - {598F626D-4ACD-DD59-A01C-EDCD19B8FFD8} - C:\ProgramData\Download and Sa\508c59615eb78.ocx (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Event Planner Reminder.lnk = C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\Planner\PLNRnote.exe
O4 - Global Startup: Intuit Data Protect.lnk = C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: QuickBooks_Standard_21.lnk = C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: intu-help-qb5 - {867FCB77-9823-4CD6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\Windows\SysWOW64\nvinit.dll c:\PROGRA~2\APPSAR~1\sprotector.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - c:\Program Files\MozyHome\mozybackup.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: pcCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
O23 - Service: pcCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcCMService.exe
O23 - Service: pcServiceHost - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\pcServiceHost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14370 bytes


RogueKiller V8.4.3 _x64_ [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files...3-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Tricia [Admin rights]
Mode : Scan -- Date : 01/11/2013 11:08:22

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][BLACKLISTDLL] HKLM\[...]\Services\Microsoft\Run : NVHotkey (rundll32.exe C:\Windows\system32\nvHotkey.dll,Start) -> FOUND
[HJPOL] HKCU\[...]\Services\Microsoft\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\Services\Microsoft\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\Services\Microsoft\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 2c035185539c6c28cba4e462e5a7cb45
[BSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 212992 | Size: 20000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41172992 | Size: 933764 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_01112013_02d1108.txt >>
RKreport[1]_S_01112013_02d1108.txt

FRST.TXT below:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2013
Ran by SYSTEM at 11-01-2013 14:46:27
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet [2022976 2011-06-27] ()
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [7214696 2011-05-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start [540992 2011-11-04] (NVIDIA Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray [1935120 2011-11-01] (Intel(R) Corporation)
HKLM\...\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2010-12-17] ()
HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [483424 2012-02-01] ()
HKLM\...\Run: [CyHidWin] C:\Program Files\Cypress\TrackPad\CyHidWin.exe [2354176 2011-10-18] (Cypress Semiconductor, Inc.)
HKLM\...\Run: [CyCpIo] C:\Program Files\Cypress\TrackPad\CyCpIo.exe [2375168 2011-11-08] (Cypress Semiconductor Corporation)
HKLM\...\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [10357008 2011-10-18] (Intel Corporation)
HKLM\...\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\pcTrayApp.exe" [2727936 2012-06-07] (Alcatel-Lucent)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [497648 2010-07-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [66872 2012-02-06] ()
HKLM-x32\...\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup [2643320 2012-10-25] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [x]
HKLM-x32\...\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [2835443 2012-02-01] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot [295072 2012-12-29] (RealNetworks, Inc.)
HKU\Tricia\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
AppInit_DLLs: C:\Windows\System32\nvinitx.dll
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Event Planner Reminder.lnk
ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2011 Deluxe\Planner\PLNRnote.exe (Creative Home)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\MozyHome Status.lnk
ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.)

==================== Services (Whitelisted) ===================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-07-11] (SUPERAntiSpyware.com)
2 hasplms; C:\Windows\system32\hasplms.exe -run [4913608 2011-12-02] (SafeNet Inc.)
2 mozybackup; "C:\Program Files\MozyHome\mozybackup.exe" [54632 2012-03-19] (Mozy, Inc.)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)
2 MSSQLSERVER; "C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER [29293408 2010-12-10] (Microsoft Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-11-01] ()
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)
2 pcCMService64; "C:\Program Files\Common Files\Motive\pcCMService.exe" [441344 2012-07-06] (Alcatel-Lucent)
2 RealNetworks Downloader Resolver Service; "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" [38608 2012-11-29] ()

==================== Drivers (Whitelisted) =====================

3 akshhl; C:\Windows\System32\Drivers\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
3 aksusb; C:\Windows\System32\Drivers\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
3 cyhid; C:\Windows\System32\Drivers\cyhid.sys [117248 2011-12-08] (Cypress Semiconductor, Inc.)
3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [13824 2011-12-08] (Cypress Semiconductor, Inc.)
3 cymfltrService; C:\Windows\System32\DRIVERS\cymfltr.sys [79872 2011-12-08] (Cypress Semiconductor, Inc.)
3 fdrawcmd; C:\Windows\System32\Drivers\fdrawcmd.sys [32408 2008-09-27] (simonowen.com)
2 hardlock; C:\Windows\System32\Drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67328 2012-03-19] (Mozy, Inc.)
0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [43008 2012-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [40960 2012-06-14] (Printing Communications Assoc., Inc. (PCAUSA))
2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
1 nvkflt; C:\Windows\System32\Drivers\nvkflt.sys [249152 2011-11-04] (NVIDIA Corporation)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 SydexFDD; C:\Windows\SysWow64\Drivers\SydexFDD.sys [13359 2011-01-24] (Windows (R) 2000 DDK provider)
2 wntpport; C:\Windows\SysWow64\Drivers\wntpport.sys [28416 2011-01-24] (Vireo Software)
3 catchme; \??\C:\username123\catchme.sys [x]
3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-01-11 08:08 - 2013-01-11 08:08 - 00001896 ____A C:\Users\Tricia\Desktop\RKreport[1]_S_01112013_02d1108.txt
2013-01-11 08:07 - 2013-01-11 08:08 - 00000000 ____D C:\Users\Tricia\Desktop\RK_Quarantine
2013-01-11 08:03 - 2013-01-11 08:03 - 00753152 ____A C:\Users\Tricia\Desktop\RogueKillerX64.exe
2013-01-11 07:36 - 2013-01-11 07:36 - 00688992 ____A (Swearware) C:\Users\Tricia\Downloads\dds.scr
2013-01-11 07:35 - 2013-01-11 07:35 - 00688992 ____R (Swearware) C:\Users\Tricia\Desktop\dds.scr
2013-01-11 07:31 - 2013-01-11 07:31 - 00014372 ____A C:\Users\Tricia\My Documents\hijackthis.log
2013-01-11 07:31 - 2013-01-11 07:31 - 00014372 ____A C:\Users\Tricia\Documents\hijackthis.log
2013-01-10 17:29 - 2013-01-11 04:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-01-10 09:29 - 2013-01-10 09:29 - 00714203 ____A C:\Users\Tricia\Desktop\Oklahoma.ai
2013-01-10 09:04 - 2013-01-10 09:04 - 02009035 ____A C:\Users\Tricia\Desktop\Oklahoma.cdr
2013-01-09 16:26 - 2013-01-11 07:09 - 00000000 ____D C:\Users\Tricia\Application Data\IrfanView
2013-01-09 16:26 - 2013-01-11 07:09 - 00000000 ____D C:\Users\Tricia\AppData\Roaming\IrfanView
2013-01-09 13:54 - 2013-01-09 13:54 - 00065343 ____A C:\Users\Tricia\Desktop\rope.zip
2013-01-07 09:54 - 2013-01-07 09:54 - 04914605 ____A C:\Users\Tricia\Desktop\pocket_set1.zip
2013-01-07 09:54 - 2013-01-07 09:54 - 00289418 ____A C:\Users\Tricia\Desktop\heart_frame.zip
2013-01-04 09:03 - 2013-01-04 09:03 - 10361214 ____A C:\Users\Tricia\Desktop\Fancy Fabric Folders by SewMichelle.zip
2012-12-29 15:37 - 2012-12-29 15:37 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00201424 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00000000 ____D C:\Users\All Users\RealNetworks
2012-12-29 15:37 - 2012-12-29 15:37 - 00000000 ____D C:\Users\All Users\Application Data\RealNetworks
2012-12-29 15:37 - 2012-12-29 15:37 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2012-12-26 11:51 - 2012-12-26 11:51 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-12-21 06:19 - 2012-12-16 09:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-21 06:19 - 2012-12-16 06:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-21 06:19 - 2012-12-16 06:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-21 06:19 - 2012-12-16 06:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-18 18:41 - 2012-12-18 18:41 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-12-18 18:41 - 2012-12-18 18:41 - 00001785 ____A C:\Users\All Users\Desktop\iTunes.lnk
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Users\All Users\Application Data\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Program Files\iTunes
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Program Files\iPod
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-12-18 05:38 - 2012-11-13 23:06 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-18 05:38 - 2012-11-13 22:32 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-18 05:38 - 2012-11-13 22:11 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-18 05:38 - 2012-11-13 22:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-18 05:38 - 2012-11-13 22:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-18 05:38 - 2012-11-13 22:02 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-12-18 05:38 - 2012-11-13 22:02 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-12-18 05:38 - 2012-11-13 21:59 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-18 05:38 - 2012-11-13 21:58 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-18 05:38 - 2012-11-13 21:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-12-18 05:38 - 2012-11-13 21:57 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-12-18 05:38 - 2012-11-13 21:55 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-18 05:38 - 2012-11-13 21:55 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-18 05:38 - 2012-11-13 21:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-12-18 05:38 - 2012-11-13 21:52 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-18 05:38 - 2012-11-13 21:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-12-18 05:38 - 2012-11-13 18:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-12-18 05:38 - 2012-11-13 18:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-12-18 05:38 - 2012-11-13 18:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-12-18 05:38 - 2012-11-13 17:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-12-18 05:38 - 2012-11-13 17:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-12-18 05:38 - 2012-11-13 17:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-12-18 05:38 - 2012-11-13 17:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-12-18 05:38 - 2012-11-13 17:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-12-18 05:38 - 2012-11-13 17:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-12-18 05:38 - 2012-11-13 17:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-12-18 05:38 - 2012-11-13 17:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-12-18 05:38 - 2012-11-13 17:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-12-18 05:38 - 2012-11-13 17:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-12-18 05:38 - 2012-11-13 17:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-12-18 05:38 - 2012-11-13 17:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-12-18 05:38 - 2012-11-13 17:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-12-16 06:43 - 2012-12-16 06:43 - 00036664 ____A C:\RPSetup.exe.log
2012-12-12 04:04 - 2012-11-21 19:26 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-12-12 04:04 - 2012-11-08 21:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-12 04:04 - 2012-11-08 20:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-12-12 04:04 - 2012-10-04 09:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-12-12 04:04 - 2012-10-04 09:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-12-12 04:04 - 2012-10-04 09:41 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-12-12 04:04 - 2012-10-04 08:47 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-12-12 04:04 - 2012-10-04 08:47 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-12-12 04:04 - 2012-10-04 07:21 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-12-12 04:03 - 2012-11-01 21:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-12 04:03 - 2012-11-01 21:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-12-12 04:03 - 2012-10-04 09:46 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-12-12 04:03 - 2012-10-04 09:46 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-12-12 04:03 - 2012-10-04 09:46 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-12-12 04:03 - 2012-10-04 09:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:47 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 06:46 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-12-12 04:03 - 2012-10-04 06:46 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-12-12 04:03 - 2012-10-04 06:46 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-12-12 04:03 - 2012-10-04 06:46 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-12-12 04:03 - 2012-10-04 06:41 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 06:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 06:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-12 04:03 - 2012-10-04 06:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll


==================== One Month Modified Files and Folders =======

2013-01-11 14:46 - 2013-01-11 14:46 - 00000000 ____D C:\FRST
2013-01-11 08:08 - 2013-01-11 08:08 - 00001896 ____A C:\Users\Tricia\Desktop\RKreport[1]_S_01112013_02d1108.txt
2013-01-11 08:08 - 2013-01-11 08:07 - 00000000 ____D C:\Users\Tricia\Desktop\RK_Quarantine
2013-01-11 08:03 - 2013-01-11 08:03 - 00753152 ____A C:\Users\Tricia\Desktop\RogueKillerX64.exe
2013-01-11 07:36 - 2013-01-11 07:36 - 00688992 ____A (Swearware) C:\Users\Tricia\Downloads\dds.scr
2013-01-11 07:35 - 2013-01-11 07:35 - 00688992 ____R (Swearware) C:\Users\Tricia\Desktop\dds.scr
2013-01-11 07:31 - 2013-01-11 07:31 - 00014372 ____A C:\Users\Tricia\My Documents\hijackthis.log
2013-01-11 07:31 - 2013-01-11 07:31 - 00014372 ____A C:\Users\Tricia\Documents\hijackthis.log
2013-01-11 07:20 - 2012-05-31 12:46 - 00000000 ____D C:\users\Tricia
2013-01-11 07:15 - 2012-05-07 04:33 - 01958981 ____A C:\Windows\WindowsUpdate.log
2013-01-11 07:09 - 2013-01-09 16:26 - 00000000 ____D C:\Users\Tricia\Application Data\IrfanView
2013-01-11 07:09 - 2013-01-09 16:26 - 00000000 ____D C:\Users\Tricia\AppData\Roaming\IrfanView
2013-01-11 07:06 - 2012-12-02 06:22 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-11 07:05 - 2012-05-07 04:33 - 00000000 ____D C:\Users\All Users\NVIDIA
2013-01-11 07:05 - 2012-05-07 04:33 - 00000000 ____D C:\Users\All Users\Application Data\NVIDIA
2013-01-11 07:05 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-11 07:05 - 2009-07-13 20:51 - 00065576 ____A C:\Windows\setupact.log
2013-01-11 04:32 - 2013-01-10 17:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-01-10 18:58 - 2012-06-03 09:32 - 00000227 ____A C:\Windows\password.klc
2013-01-10 18:55 - 2012-06-15 04:46 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-01-10 18:27 - 2012-12-02 06:22 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-10 13:11 - 2012-08-12 15:25 - 00000000 ____D C:\Users\Tricia\Application Data\Real
2013-01-10 13:11 - 2012-08-12 15:25 - 00000000 ____D C:\Users\Tricia\AppData\Roaming\Real
2013-01-10 13:11 - 2012-08-12 15:23 - 00000000 ____D C:\Users\All Users\Real
2013-01-10 13:11 - 2012-08-12 15:23 - 00000000 ____D C:\Users\All Users\Application Data\Real
2013-01-10 11:55 - 2012-05-07 02:45 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-01-10 11:55 - 2012-05-07 02:45 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-01-10 09:29 - 2013-01-10 09:29 - 00714203 ____A C:\Users\Tricia\Desktop\Oklahoma.ai
2013-01-10 09:04 - 2013-01-10 09:04 - 02009035 ____A C:\Users\Tricia\Desktop\Oklahoma.cdr
2013-01-10 09:01 - 2012-05-31 12:50 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job
2013-01-10 07:01 - 2012-03-19 11:58 - 00003574 ____A C:\Windows\mozy.flt
2013-01-10 07:01 - 2012-03-19 11:58 - 00003016 ____A C:\Windows\mozy.blk
2013-01-10 05:13 - 2009-07-13 21:13 - 00845480 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-10 04:53 - 2012-06-03 09:03 - 00000000 ____D C:\Users\Tricia\Local Settings\Nero
2013-01-10 04:53 - 2012-06-03 09:03 - 00000000 ____D C:\Users\Tricia\Local Settings\Application Data\Nero
2013-01-10 04:53 - 2012-06-03 09:03 - 00000000 ____D C:\Users\Tricia\AppData\Local\Nero
2013-01-10 04:48 - 2009-07-13 20:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-10 04:48 - 2009-07-13 20:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-10 04:39 - 2009-07-13 20:45 - 00644136 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-10 04:36 - 2012-05-31 12:50 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2013-01-09 16:52 - 2012-06-11 12:01 - 00000000 ____D C:\Users\Tricia\Local Settings\CutePDF Writer
2013-01-09 16:52 - 2012-06-11 12:01 - 00000000 ____D C:\Users\Tricia\Local Settings\Application Data\CutePDF Writer
2013-01-09 16:52 - 2012-06-11 12:01 - 00000000 ____D C:\Users\Tricia\AppData\Local\CutePDF Writer
2013-01-09 16:51 - 2012-05-31 12:47 - 00180128 ____A C:\Users\Tricia\Local Settings\GDIPFONTCACHEV1.DAT
2013-01-09 16:51 - 2012-05-31 12:47 - 00180128 ____A C:\Users\Tricia\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-01-09 16:51 - 2012-05-31 12:47 - 00180128 ____A C:\Users\Tricia\AppData\Local\GDIPFONTCACHEV1.DAT
2013-01-09 13:54 - 2013-01-09 13:54 - 00065343 ____A C:\Users\Tricia\Desktop\rope.zip
2013-01-07 09:56 - 2012-06-01 18:27 - 00000000 ____D C:\1designs
2013-01-07 09:54 - 2013-01-07 09:54 - 04914605 ____A C:\Users\Tricia\Desktop\pocket_set1.zip
2013-01-07 09:54 - 2013-01-07 09:54 - 00289418 ____A C:\Users\Tricia\Desktop\heart_frame.zip
2013-01-04 13:12 - 2012-04-13 06:38 - 00029184 ____A C:\Users\Tricia\My Documents\Bridgewater Directory.xls
2013-01-04 13:12 - 2012-04-13 06:38 - 00029184 ____A C:\Users\Tricia\Documents\Bridgewater Directory.xls
2013-01-04 09:03 - 2013-01-04 09:03 - 10361214 ____A C:\Users\Tricia\Desktop\Fancy Fabric Folders by SewMichelle.zip
2013-01-02 14:09 - 2012-10-23 09:49 - 00000424 ____A C:\Windows\system32commongn.dat
2012-12-29 15:38 - 2012-08-12 15:26 - 00000000 ____D C:\Users\Tricia\Application Data\RealNetworks
2012-12-29 15:38 - 2012-08-12 15:26 - 00000000 ____D C:\Users\Tricia\AppData\Roaming\RealNetworks
2012-12-29 15:37 - 2012-12-29 15:37 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00201424 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2012-12-29 15:37 - 2012-12-29 15:37 - 00000000 ____D C:\Users\All Users\RealNetworks
2012-12-29 15:37 - 2012-12-29 15:37 - 00000000 ____D C:\Users\All Users\Application Data\RealNetworks
2012-12-29 15:37 - 2012-12-29 15:37 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2012-12-29 15:37 - 2012-08-12 15:25 - 00000000 ____D C:\Program Files (x86)\Real
2012-12-26 11:51 - 2012-12-26 11:51 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-12-24 06:03 - 2012-12-09 13:06 - 00010524 ____A C:\Users\Tricia\My Documents\2012.xlsx
2012-12-24 06:03 - 2012-12-09 13:06 - 00010524 ____A C:\Users\Tricia\Documents\2012.xlsx
2012-12-21 09:07 - 2012-06-02 12:16 - 00000000 ____D C:\Users\Tricia\Desktop\About Me
2012-12-21 06:54 - 2012-06-11 12:50 - 00000090 ____A C:\Windows\QBChanUtil_Trigger.ini
2012-12-18 18:41 - 2012-12-18 18:41 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-12-18 18:41 - 2012-12-18 18:41 - 00001785 ____A C:\Users\All Users\Desktop\iTunes.lnk
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Users\All Users\Application Data\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Program Files\iTunes
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Program Files\iPod
2012-12-18 18:41 - 2012-12-18 18:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-12-18 13:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-12-18 05:40 - 2012-06-02 11:18 - 67413224 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-12-18 05:38 - 2012-06-01 14:12 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-18 05:38 - 2012-06-01 14:12 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2012-12-16 09:11 - 2012-12-21 06:19 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 06:45 - 2012-12-21 06:19 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-16 06:43 - 2012-12-16 06:43 - 00036664 ____A C:\RPSetup.exe.log
2012-12-16 06:43 - 2012-05-07 03:17 - 00036664 ____A C:\Windows\RPSETUP.EXE.LOG
2012-12-16 06:43 - 2012-05-07 03:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-12-16 06:41 - 2012-05-07 04:14 - 00000000 ____D C:\Users\All Users\Dell
2012-12-16 06:41 - 2012-05-07 04:14 - 00000000 ____D C:\Users\All Users\Application Data\Dell
2012-12-16 06:41 - 2012-05-07 03:40 - 00000000 ____D C:\Program Files (x86)\Dell
2012-12-16 06:30 - 2012-05-07 03:21 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
2012-12-16 06:30 - 2012-05-07 03:21 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2012-12-16 06:30 - 2012-05-07 03:21 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2012-12-16 06:30 - 2012-05-07 03:21 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2012-12-16 06:30 - 2012-05-07 03:21 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2012-12-16 06:30 - 2012-05-07 03:21 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2012-12-16 06:13 - 2012-12-21 06:19 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-16 06:13 - 2012-12-21 06:19 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-13 08:32 - 2012-05-31 13:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-13 08:32 - 2010-11-20 19:47 - 00095280 ____A C:\Windows\PFRO.log
2012-12-13 07:35 - 2012-05-31 13:15 - 00001153 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-12-13 07:35 - 2012-05-31 13:15 - 00001153 ____A C:\Users\All Users\Desktop\Mozilla Firefox.lnk

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-12-24 05:12:23
Restore point made on: 2012-12-24 08:27:55
Restore point made on: 2012-12-28 06:01:26
Restore point made on: 2012-12-31 08:17:37
Restore point made on: 2012-12-31 08:20:34
Restore point made on: 2012-12-31 10:18:23
Restore point made on: 2013-01-01 22:18:23
Restore point made on: 2013-01-05 09:13:42
Restore point made on: 2013-01-07 09:36:46
Restore point made on: 2013-01-09 11:13:31
Restore point made on: 2013-01-09 15:06:24
Restore point made on: 2013-01-10 07:01:25
Restore point made on: 2013-01-11 07:12:05
Restore point made on: 2013-01-11 07:14:47

==================== Memory info ===========================

Percentage of memory in use: 9%
Total physical RAM: 8086.17 MB
Available physical RAM: 7279.18 MB
Total Pagefile: 8084.37 MB
Available Pagefile: 7272.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:911.88 GB) (Free:816.41 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:19.53 GB) (Free:8.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
4 Drive f: (FLASHDRIVE) (Removable) (Total:1.86 GB) (Free:1.76 GB) FAT
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 2048 KB
Disk 1 Online 1908 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 101 MB 31 KB
Partition 2 Primary 19 GB 104 MB
Partition 3 Primary 911 GB 19 GB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 FAT Partition 101 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D RECOVERY NTFS Partition 19 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C OS NTFS Partition 911 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1907 MB 64 KB

==================================================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F FLASHDRIVE FAT Removable 1907 MB Healthy

=========================================================

Last Boot: 2013-01-04 07:09

==================== End Of Log =============================
 

Peachykeen

Thread Starter
Joined
May 19, 2001
Messages
341
Disregard my original request. I have run SuperAntispyware and removed two Trojans. If I still have problems, I'll start a new thread with new HJT logs, etc.
I do appreciate all the time and help the volunteers provide!
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top