Jump to content

CoriolisSTORM

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

Reputation

0 Neutral
  1. CoriolisSTORM
    Realize I did something wrong, I attached instead of copying and pasting. My apologies! FRST.TXT: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01Ran by Leah (administrator) on LEAH-PC on 11-05-2014 20:02:38Running from C:\Users\Leah\DownloadsPlatform: Windows 7 Home Premium (X64) OS Language: English(US)Internet Explorer Version 8Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe(NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe() C:\monitor.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe(Cisco Systems, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe(Intel Corporation) C:\Windows\System32\igfxext.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.)HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-28] (NewTech Infosystems, Inc.)HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)HKLM-x32\...\Run: [nmctxth] => C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)HKLM-x32\...\Run: [nmapp] => C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe [472112 2009-07-08] (Cisco Systems, Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-13] (Citrix Systems, Inc.)HKLM-x32\...\Run: [sMessaging] => C:\Users\Leah\AppData\Local\Strongvault Online Backup\SMessaging.exeHKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]HKLM\...\Policies\Explorer: [NoControlPanel] 0HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKU\S-1-5-21-467810099-2641645116-3989843410-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-10-25] (Google Inc.)HKU\S-1-5-21-467810099-2641645116-3989843410-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.comHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.comHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeBHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No FileBHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - C:\Program Files\mcafee\msk\mskapbho.dll ()BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cabHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)Winsock: Catalog9 01 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)Winsock: Catalog9 02 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)Winsock: Catalog9 03 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)Winsock: Catalog9 04 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)Winsock: Catalog9 15 C:\Windows\SysWOW64\PCProtect.dll [293984] (Objectify Media Inc)Winsock: Catalog9-x64 01 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)Winsock: Catalog9-x64 02 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)Winsock: Catalog9-x64 03 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)Winsock: Catalog9-x64 04 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)Winsock: Catalog9-x64 15 C:\Windows\system32\PCProtect64.dll [330624] (Objectify Media Inc)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.202.166Tcpip\..\Interfaces\{3EFE5DF0-B830-44E9-AB84-2CD15616C373}: [NameServer]8.8.8.8,8.8.8.8Tcpip\..\Interfaces\{9E53CF37-C4BD-4D13-8164-CA8B6F0638C6}: [NameServer]8.8.8.8,8.8.8.8Tcpip\..\Interfaces\{BA8DB028-43E4-40DC-AACA-A0E3F052D9E4}: [NameServer]8.8.8.8,8.8.8.8 FireFox:========FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\FirefoxFF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2010-12-24]FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2010-11-19]FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-17]FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKFF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2010-11-19]FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-17] Chrome: =======CHR Extension: (Google Docs) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-09]CHR Extension: (Google Drive) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-09]CHR Extension: (YouTube) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-09]CHR Extension: (Google Search) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-09]CHR Extension: (Google Wallet) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-09]CHR Extension: (Gmail) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-09]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONCHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-02-02] (Alcatel-Lucent)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025712 2014-01-21] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4292960 2013-11-11] (Symantec Corporation)R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-16] (NTI, Inc.)S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-02-13] ()R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) ==================== Drivers (Whitelisted) ==================== R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [422712 2014-01-21] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-01-21] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA))S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-01-28] (Printing Communications Assoc., Inc. (PCAUSA))S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-11 20:04 - 2014-05-11 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-05-11 20:02 - 2014-05-11 20:06 - 00025269 _____ () C:\Users\Leah\Downloads\FRST.txt2014-05-11 20:02 - 2014-05-11 20:02 - 02066944 _____ (Farbar) C:\Users\Leah\Downloads\FRST64.exe2014-05-11 20:02 - 2014-05-11 20:02 - 00000000 ____D () C:\FRST2014-05-09 23:13 - 2014-05-09 17:25 - 00000147 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140509-231326.backup2014-05-09 23:01 - 2014-05-09 23:01 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2014-05-09 23:00 - 2014-05-09 23:49 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-05-09 23:00 - 2014-05-09 23:03 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22014-05-09 23:00 - 2014-05-09 23:00 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-05-09 23:00 - 2014-05-09 23:00 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-05-09 23:00 - 2014-05-09 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-05-09 23:00 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe2014-05-09 22:55 - 2014-05-09 22:57 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Leah\Downloads\spybot-2.3.exe2014-05-09 22:51 - 2014-05-09 22:51 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-05-09 22:51 - 2014-05-09 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-05-08 22:21 - 2014-05-08 22:21 - 00000000 ____D () C:\Users\Leah\AppData\Roaming\QuickScan2014-05-08 20:34 - 2014-05-11 20:00 - 00000392 _____ () C:\Windows\setupact.log2014-05-08 20:34 - 2014-05-08 20:34 - 00000000 _____ () C:\Windows\setuperr.log2014-05-07 22:24 - 2014-05-07 22:24 - 00000960 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-05-07 22:24 - 2014-05-07 22:24 - 00000000 ____D () C:\Users\Leah\AppData\Roaming\Malwarebytes2014-05-07 22:24 - 2014-05-07 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware2014-05-07 22:23 - 2014-05-07 22:23 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-05-07 22:23 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-05-07 22:22 - 2014-05-07 22:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-05-07 22:16 - 2014-05-07 22:17 - 00000000 ____D () C:\Users\Leah\Downloads\mbam-chameleon-1.62.1.10002014-05-07 21:58 - 2014-05-07 21:58 - 01440846 _____ () C:\Users\Leah\Downloads\mbam-chameleon-1.62.1.1000.zip2014-05-07 21:08 - 2014-03-31 09:35 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe2014-04-24 11:17 - 2014-04-24 11:17 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt2014-04-17 16:59 - 2014-04-17 16:59 - 00000000 ____D () C:\Users\Leah\AppData\Local\{A1C1DE8F-7957-40C1-9917-8513D3EC704D} ==================== One Month Modified Files and Folders ======= 2014-05-11 20:06 - 2014-05-11 20:02 - 00025269 _____ () C:\Users\Leah\Downloads\FRST.txt2014-05-11 20:06 - 2010-12-24 00:24 - 01205129 _____ () C:\Windows\WindowsUpdate.log2014-05-11 20:04 - 2014-05-11 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2014-05-11 20:04 - 2011-12-24 13:39 - 00000000 ____D () C:\ProgramData\boost_interprocess2014-05-11 20:04 - 2010-11-19 06:38 - 00001767 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk2014-05-11 20:02 - 2014-05-11 20:02 - 02066944 _____ (Farbar) C:\Users\Leah\Downloads\FRST64.exe2014-05-11 20:02 - 2014-05-11 20:02 - 00000000 ____D () C:\FRST2014-05-11 20:00 - 2014-05-08 20:34 - 00000392 _____ () C:\Windows\setupact.log2014-05-11 20:00 - 2011-10-25 16:56 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-05-11 20:00 - 2010-12-24 00:20 - 00073402 _____ () C:\Windows\PFRO.log2014-05-11 20:00 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-05-09 23:49 - 2014-05-09 23:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-05-09 23:20 - 2014-01-05 17:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-05-09 23:18 - 2011-10-25 16:56 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-05-09 23:03 - 2014-05-09 23:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22014-05-09 23:01 - 2014-05-09 23:01 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2014-05-09 23:00 - 2014-05-09 23:00 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-05-09 23:00 - 2014-05-09 23:00 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-05-09 23:00 - 2014-05-09 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-05-09 22:57 - 2014-05-09 22:55 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Leah\Downloads\spybot-2.3.exe2014-05-09 22:51 - 2014-05-09 22:51 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-05-09 22:51 - 2014-05-09 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-05-09 22:51 - 2011-10-25 16:55 - 00000000 ____D () C:\Users\Leah\AppData\Local\Google2014-05-09 22:51 - 2011-10-25 16:55 - 00000000 ____D () C:\Program Files (x86)\Google2014-05-09 22:41 - 2009-07-13 23:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-09 22:41 - 2009-07-13 23:45 - 00017600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-09 22:32 - 2009-07-14 00:13 - 00727334 _____ () C:\Windows\system32\PerfStringBackup.INI2014-05-09 17:29 - 2011-07-23 17:19 - 00000000 ____D () C:\Users\Leah\AppData\Roaming\Skype2014-05-09 17:25 - 2014-05-09 23:13 - 00000147 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140509-231326.backup2014-05-09 17:25 - 2009-07-13 21:34 - 00000147 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140509-235325.backup2014-05-09 17:25 - 2009-07-13 21:34 - 00000147 __RSH () C:\Windows\system32\Drivers\etc\hosts.20140509-230755.backup2014-05-08 22:21 - 2014-05-08 22:21 - 00000000 ____D () C:\Users\Leah\AppData\Roaming\QuickScan2014-05-08 21:52 - 2014-03-20 18:53 - 00000000 ____D () C:\Program Files (x86)\Web Protect2014-05-08 21:39 - 2012-11-20 10:08 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin2014-05-08 20:34 - 2014-05-08 20:34 - 00000000 _____ () C:\Windows\setuperr.log2014-05-08 20:34 - 2009-07-14 00:08 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2014-05-07 22:24 - 2014-05-07 22:24 - 00000960 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-05-07 22:24 - 2014-05-07 22:24 - 00000000 ____D () C:\Users\Leah\AppData\Roaming\Malwarebytes2014-05-07 22:24 - 2014-05-07 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware2014-05-07 22:24 - 2014-05-07 22:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-05-07 22:23 - 2014-05-07 22:23 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-05-07 22:17 - 2014-05-07 22:16 - 00000000 ____D () C:\Users\Leah\Downloads\mbam-chameleon-1.62.1.10002014-05-07 21:58 - 2014-05-07 21:58 - 01440846 _____ () C:\Users\Leah\Downloads\mbam-chameleon-1.62.1.1000.zip2014-05-07 21:00 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF2014-05-07 18:04 - 2009-07-13 21:34 - 00000457 _____ () C:\Windows\win.ini2014-05-07 14:26 - 2014-01-05 17:51 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-05-07 14:25 - 2014-01-05 17:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-05-07 14:25 - 2011-08-05 09:35 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-05-07 14:08 - 2011-10-25 16:56 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-05-07 14:08 - 2011-10-25 16:56 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-04-24 11:17 - 2014-04-24 11:17 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt2014-04-17 16:59 - 2014-04-17 16:59 - 00000000 ____D () C:\Users\Leah\AppData\Local\{A1C1DE8F-7957-40C1-9917-8513D3EC704D}2014-04-16 16:03 - 2013-08-14 17:32 - 00000000 ____D () C:\Windows\system32\MRT2014-04-16 15:59 - 2012-03-13 19:54 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-24 15:28 ==================== End Of Log ============================ Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01Ran by Leah at 2014-05-11 20:10:02Running from C:\Users\Leah\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== 18 Wheels of Steel - American Long Haul (x32 Version: 2.2.0.95 - WildTangent) Hidden64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) HiddenAcer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)Acer Crystal Eye webcam Ver:1.1.194.1021 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.194.1021 - Chicony Electronics Co.,Ltd.)Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)Acer Game Console (x32 Version: - WildTangent) HiddenAcer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.1124.2010 - Acer Incorporated)Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) HiddenAdobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) HiddenAlcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}) (Version: 1.9.17.06019 - Alcor Micro Corp.)Alcor Micro USB Card Reader (x32 Version: 1.9.17.06019 - Alcor Micro Corp.) HiddenApple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) HiddenBejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) HiddenBing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)Bing Bar Platform (x32 Version: 6.0.2282.0 - Microsoft Corporation) HiddenBing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) HiddenBlackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) HiddenBonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation)BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenBuild-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) HiddenChuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) HiddenCisco Network Magic (x32 Version: 5.5.09195.0 - Pure Networks) HiddenCitrix online plug-in (Web) (HKLM-x32\...\{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}) (Version: 11.2.0.31560 - Citrix Systems, Inc.)CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3216.50 - CyberLink Corp.)CyberLink PowerDVD 9 (x32 Version: 9.0.3216.50 - CyberLink Corp.) HiddenD110 (x32 Version: 140.0.283.000 - Hewlett-Packard) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDestinations (x32 Version: 140.0.77.000 - Hewlett-Packard) HiddenDeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenDiner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) HiddenDora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) HiddeneBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) HiddenFATE (x32 Version: 2.2.0.95 - WildTangent) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.24.7 - Google Inc.) HiddenGPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) HiddenHP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP)HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) HiddenHPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) HiddenHPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenHPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) HiddenIdentity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) HiddenJewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) HiddenJohn Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) HiddenJunk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenLaunch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenMcAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 12.8.957 - McAfee, Inc.)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) HiddenMicrosoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) HiddenMicrosoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Search Enhancement Pack (x32 Version: 3.0.131.0 - Microsoft Corporation) HiddenMicrosoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) HiddenMyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) HiddenNetwork Magic (HKLM-x32\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)Network64 (Version: 140.0.215.000 - Hewlett-Packard) HiddenNetwork64 (Version: 140.0.221.000 - Hewlett-Packard) HiddenNOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.1.237 - Barnesandnoble.com)Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.1.10 - Symantec Corporation)NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems)NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) HiddenNTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems)NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) HiddenPenguins! (x32 Version: 2.2.0.95 - WildTangent) HiddenPlants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) HiddenPolar Bowler (x32 Version: 2.2.0.95 - WildTangent) HiddenPolar Golfer (x32 Version: 2.2.0.95 - WildTangent) HiddenPS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) HiddenPure Networks Platform (x32 Version: 11.2.09195.1 - Pure Networks) HiddenQuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) HiddenRealtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) HiddenShared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)Shredder (Version: 2.0.8.3 - Egis Technology Inc.) HiddenShredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) HiddenSkype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) HiddenSolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) HiddenSpybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)Status (x32 Version: 140.0.256.000 - Hewlett-Packard) HiddenStrongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)Times Reader (x32 Version: 2.055 - The New York Times Company) HiddenToolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) HiddenTrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) HiddenUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) HiddenWebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) HiddenWelcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3005 - Acer Incorporated)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenYahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) <==== ATTENTIONZuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Restore Points ========================= ==================== Hosts content: ========================== 2009-07-13 21:34 - 2014-05-09 17:25 - 00000147 _RASH C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {148234F7-E418-4E65-9679-7C4C912FBE11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25] (Google Inc.)Task: {68648D6F-27F4-4A65-9DA2-6DF501A1766B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-25] (Google Inc.)Task: {717C8EF9-C45A-47B7-A726-4BA50BCAA877} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {7D5B70E6-B484-4EE9-B37F-09074A38CAB8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeTask: {8318CCA5-6E60-4436-97F1-315EC5604D43} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exeTask: {BD528D0A-306A-405C-93C3-FBF7A60270C6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exeTask: {E4F0789A-F15E-4D0F-9406-46EC98A476AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-07] (Adobe Systems Incorporated)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-02-13 09:01 - 2014-02-13 09:01 - 00487518 _____ () C:\monitor.exe2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2010-06-28 18:20 - 2010-06-28 18:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll2010-06-28 18:12 - 2010-06-28 18:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll2010-12-24 00:14 - 2009-05-20 17:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll2009-07-13 17:37 - 2009-07-13 17:37 - 00152112 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll2009-07-13 17:37 - 2009-07-13 17:37 - 00098304 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll2014-05-09 23:00 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl2014-05-09 23:00 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl2014-05-09 23:00 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl2014-05-09 22:51 - 2014-04-23 19:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll2014-05-09 22:51 - 2014-04-23 19:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll2014-05-09 22:51 - 2014-04-23 19:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll2014-05-09 23:00 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll2014-05-09 23:00 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll2014-05-09 22:51 - 2014-04-23 19:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll2014-05-09 22:51 - 2014-04-23 19:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll2014-05-09 22:51 - 2014-04-23 19:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Photosmart D110 seriesDescription: Photosmart D110 seriesClass Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Manufacturer: HPService: StillCamProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart D110 seriesDescription: Photosmart D110 seriesClass Guid: {4d36e971-e325-11ce-bfc1-08002be10318}Manufacturer: HPService: Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (05/11/2014 08:11:28 PM) (Source: CVHSVC) (User: ) (EventID: 100)Description: Information only.(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved Error: (05/09/2014 10:38:08 PM) (Source: CVHSVC) (User: ) (EventID: 100)Description: Information only.(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. Error: (05/09/2014 05:39:17 PM) (Source: CVHSVC) (User: ) (EventID: 100)Description: Information only.(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. Error: (05/09/2014 03:59:59 AM) (Source: Application Error) (User: ) (EventID: 1000)Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16768, time stamp: 0x4d688122Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec4b137Exception code: 0xc0000022Fault offset: 0x00000000000d0108Faulting process id: 0x4d8Faulting application start time: 0xExplorer.EXE0Faulting application path: Explorer.EXE1Faulting module path: Explorer.EXE2Report Id: Explorer.EXE3 Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.Invalid Xml syntax. Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.Invalid Xml syntax. Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.Invalid Xml syntax. Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.Invalid Xml syntax. Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.Invalid Xml syntax. Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.Invalid Xml syntax. System errors:=============Error: (05/11/2014 08:00:47 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 Error: (05/11/2014 08:00:47 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. Error: (05/11/2014 08:00:17 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)Description: The Protect Monitor service failed to start due to the following error: %%1053 Error: (05/11/2014 08:00:17 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)Description: A timeout was reached (30000 milliseconds) while waiting for the Protect Monitor service to connect. Error: (05/09/2014 10:27:39 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)Description: The Protect Monitor service failed to start due to the following error: %%1053 Error: (05/09/2014 10:27:39 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)Description: A timeout was reached (30000 milliseconds) while waiting for the Protect Monitor service to connect. Error: (05/09/2014 05:42:55 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)Description: The Protect Monitor service failed to start due to the following error: %%1053 Error: (05/09/2014 05:42:55 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)Description: A timeout was reached (30000 milliseconds) while waiting for the Protect Monitor service to connect. Error: (05/09/2014 05:28:49 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)Description: The Protect Monitor service failed to start due to the following error: %%1053 Error: (05/09/2014 05:28:49 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)Description: A timeout was reached (30000 milliseconds) while waiting for the Protect Monitor service to connect. Microsoft Office Sessions:=========================Error: (05/11/2014 08:11:28 PM) (Source: CVHSVC) (User: ) (EventID: 100)Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved Error: (05/09/2014 10:38:08 PM) (Source: CVHSVC) (User: ) (EventID: 100)Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. Error: (05/09/2014 05:39:17 PM) (Source: CVHSVC) (User: ) (EventID: 100)Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected. Error: (05/09/2014 03:59:59 AM) (Source: Application Error) (User: ) (EventID: 1000)Description: Explorer.EXE6.1.7600.167684d688122ntdll.dll6.1.7600.169154ec4b137c000002200000000000d01084d801cf6b369c79fe1fC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll4bfeae5c-d758-11e3-bfdf-206a8a2a4a36 Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: C:\Windows\system32\ctfmon.exeC:\Windows\system32\ctfmon.exe0 Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: C:\Windows\system32\ctfmon.exeC:\Windows\system32\ctfmon.exe0 Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: C:\Windows\system32\ctfmon.exeC:\Windows\system32\ctfmon.exe0 Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: C:\Windows\system32\ctfmon.exeC:\Windows\system32\ctfmon.exe0 Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: C:\Windows\system32\ctfmon.exeC:\Windows\system32\ctfmon.exe0 Error: (05/08/2014 11:07:06 PM) (Source: SideBySide) (User: ) (EventID: 59)Description: C:\Windows\system32\ctfmon.exeC:\Windows\system32\ctfmon.exe0 CodeIntegrity Errors:=================================== Date: 2014-05-08 23:02:41.480 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-05-08 23:02:41.278 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-05-08 23:02:40.856 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-24 15:34:15.933 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-24 15:34:15.703 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-04-24 15:34:15.472 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-03-21 13:41:00.866 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-03-21 13:41:00.666 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-03-21 13:41:00.464 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. Date: 2014-03-20 19:44:01.131 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 82%Total physical RAM: 3764.39 MBAvailable physical RAM: 659.3 MBTotal Pagefile: 7528.79 MBAvailable Pagefile: 3579.02 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.79 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:283.34 GB) (Free:214.4 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 16CE16CD)Partition 1: (Not Active) - (Size=15 GB) - (Type=27)Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  2. CoriolisSTORM
    Everyone, this is a computer that was handed to me by a family member. It had a bunch of adware junk on it, and at least one trojan, (I can't remember what it was called off the top of my head.) I've cleaned it with McAfee (came with the PC), Kaspersky System Rescue CD, Malware Bytes and Spyware S&D, and for whatever reason, an instance of iexplore.exe always cranks up in the back ground and consumes upwards of 40-50% of the CPU. If I kill it, it always comes back. THe following are the logs that are usually requested, but I am at a loss on this thing. I'm just trying to see if its normal or if there's still something living on here that I need to get rid of before I hand it back to them. Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.