need assistance with malware removal

I'm helping a friend attempt to clean her computer. I ran Malwarebytes and Spybot SD ~ 2wks ago and thought everything seemed to be fine, but the popups and ads have reappeared. I just reran Malwarebytes and it found 41 items to remove, and Spybot found a few more... Obviously, I need something stronger, and need help to figure out what to do. Computer has popups appearing frequently along with various ads, but otherwise seems to be running OK.

I ran dds and have attached the logs here. However, I did not run GMER, as it stated in the post that it was for 32 bit OS only, and this Win 7 machine is 64 bit.

Thanks for your help; please advise on next steps.

swpstampede

===========
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457
Run by Mrs. B at 18:24:13 on 2013-01-09
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5921.3695 [GMT -5:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\IB Updater\ExtensionUpdaterService.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Fighters\FighterSuiteService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ZD Systems\ZD Manager\ZDManagerService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Strongvault Online Backup\SMessenger.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.exe
C:\Users\Mrs. B\AppData\Local\StrongVault\StrongVaultApp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.mg205.mail.yahoo.com/dc/launch?.partner=sbc&.gx=1&.rand=0shpdrbma96dn
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
uURLSearchHooks: <No Name>: {f15ff29f-85a1-43cd-9674-e5ba40016c97} - LocalServer32 - <no file>
uURLSearchHooks: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - <orphaned>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
uURLSearchHooks: {2421d847-721c-404f-87b4-bbd2b95d1087} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
BHO: ZD Manager IE Plugin: {18D6D197-45BB-465B-ADC0-274A70B49B55} - C:\Program Files (x86)\ZD Systems\ZD Manager\ZDManager.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll
BHO: {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - <orphaned>
BHO: CouponAmazing: {8F7E461D-1913-4084-9A19-595F391D1CEC} - C:\Users\Mrs. B\AppData\Local\couponamazing\ie\couponamazing_1357273202.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Zoom Downloader: {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} -
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coieplg.dll
TB: att.net Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: MapsGalaxy: {364ea597-e728-4ce4-bb4a-ed846ef47970} -
EB: {c585d593-e7f4-4852-a200-561686ee02e4} - <orphaned>
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Messenger] "C:\Program Files (x86)\Strongvault Online Backup\SMessenger.exe"
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
mRun: [SMessaging] C:\Users\Mrs. B\AppData\Local\Strongvault Online Backup\SMessaging.exe
mRun: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STRONG~1.LNK - C:\Users\Mrs. B\AppData\Local\StrongVault\StrongVaultApp.exe
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{2A4CA243-ABB8-4ED5-A6F5-C4C4A7CCA4A1} : DHCPNameServer = 192.168.0.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://asus.msn.com
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SynAsusAcpi] C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 Spyware Info | Spyware Info | spyware software | spyware program | protection spyware
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309000.009\symds64.sys [2012-10-1 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309000.009\symefa64.sys [2012-10-1 1129120]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-25 17536]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [2013-1-9 1384608]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309000.009\ccsetx64.sys [2012-10-1 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.8.0.14\Definitions\IPSDefs\20130108.002\IDSviA64.sys [2013-1-9 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309000.009\ironx64.sys [2012-10-1 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309000.009\symnets.sys [2012-10-1 405624]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-12-13 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 BrowserProtect;BrowserProtect;C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-1-3 2547816]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 IB Updater;IB Updater;C:\Program Files\IB Updater\ExtensionUpdaterService.exe [2012-11-18 188760]
R2 MapsGalaxy_39Service;MapsGalaxyService;C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe [2012-12-22 87264]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe [2012-10-1 138272]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-12-3 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Suite Service;Suite Service;C:\Program Files (x86)\Fighters\FighterSuiteService.exe [2012-5-10 1267264]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-13 2656280]
R2 ZDManager Service;ZDManager Service;C:\Program Files (x86)\ZD Systems\ZD Manager\ZDManagerService.exe [2012-10-29 176640]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-10-3 129512]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-10-3 394728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-19 138912]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-7-6 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-7-6 169584]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-8 398184]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-8 682344]
S3 Common Toolkit Tools;Common Toolkit Tools;C:\Program Files (x86)\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [2012-6-5 270960]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-29 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-8 24176]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-31 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-01-09 03:08:04 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-09 03:08:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-04 04:25:38 -------- d-----w- C:\ProgramData\BrowserProtect
2013-01-04 04:25:35 -------- d-----w- C:\Users\Mrs. B\AppData\Roaming\Claro
2013-01-04 04:25:30 -------- d-----w- C:\Users\Mrs. B\AppData\Roaming\Claro LTD
2013-01-04 04:25:14 -------- d-----w- C:\Users\Mrs. B\AppData\Local\couponamazing
2012-12-30 05:40:06 -------- d-----w- C:\Users\Mrs. B\AppData\Local\Programs
2012-12-27 03:15:35 -------- d-----w- C:\Users\Mrs. B\AppData\Local\{3AAE44C8-859F-4E14-9D5D-82DFC7F921AE}
2012-12-26 15:14:50 -------- d-----w- C:\Users\Mrs. B\AppData\Local\{8FA33E64-F3F8-4349-812A-1C006E5FC100}
2012-12-25 14:47:56 -------- d-----w- C:\Users\Mrs. B\AppData\Local\{47E8A5AB-7656-47B8-94BE-7A1C957A89C5}
2012-12-22 20:15:12 -------- d-----w- C:\Program Files (x86)\MapsGalaxy_39
2012-12-21 02:49:46 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 02:49:45 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 02:49:45 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 02:49:45 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-17 21:18:55 -------- d-----w- C:\Users\Mrs. B\SyncFolder
2012-12-17 21:17:14 -------- d-----w- C:\Program Files (x86)\JustCloud
2012-12-14 23:39:14 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-12-14 23:34:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-12-14 23:34:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-12-12 19:53:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
.
==================== Find3M ====================
.
2013-01-09 03:35:13 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe
2013-01-09 03:06:51 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 03:06:51 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-04 00:20:21 10669952 ----a-w- C:\mbam-setup-1.65.1.1000.exe
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-26 21:40:10 19896 ----a-w- C:\Windows\System32\roboot64.exe
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
.
============= FINISH: 18:24:36.09 ===============

Attached Files

attach.zip (2.4 KB)