kdill168
Members-
Posts
13 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by kdill168
-
Running off to work now. Will do steps 2 and 3 tonight. Thanks! Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/22/2014Scan Time: 6:18:41 AMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.07.22.02Rootkit Database: v2014.07.17.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: Dave Scan Type: Threat ScanResult: CompletedObjects Scanned: 340553Time Elapsed: 22 min, 19 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 1PUP.Optional.uTorrentTB.A, HKU\S-1-5-21-1923651785-319983845-472338908-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pacgpkgadgmibnhpdidcnfafllnmeomc, No Action By User, [acf5adf3ccaf0d296b814c8fd1310bf5], Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end)
-
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014 Ran by Dave (administrator) on DAVE-PC on 20-07-2014 18:20:02 Running from C:\Users\Dave\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe (NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe () C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe (IOI) C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (Acer Group) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe (RapidSolution Software AG) C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe (SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe (SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe (SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor) HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] () HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-11] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Gateway Photo Frame] => C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe [124416 2009-07-20] (IOI) HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [103936 2013-06-26] (LeapFrog Enterprises, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM-x32\...\Run: [instaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-02-24] (Affinegy, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.) HKLM-x32\...\Run: [updateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [updatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [uCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.) HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-26] (Bitleader) HKLM-x32\...\Run: [updatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-06-01] (CyberLink Corp.) HKLM-x32\...\Run: [WinCast] => D:\CDSetup\setup.exe -leng HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [728120 2012-03-16] (Sony Corporation) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.) HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [377800 2012-11-05] () HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [MediaFace Integration] => C:\Program Files (x86)\Fellowes\MediaFACE 4.2\SetHook.exe [53248 2005-03-28] (Fellowes, Inc.) HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation) HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [Google Update] => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2011-03-15] (Google Inc.) HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung) HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung) HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4851008 2014-05-01] (Evernote) HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: M - M:\EasySuite.exe HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {36cf9423-f559-11e2-82cc-d02788027694} - O:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {3ec4560a-5718-11e0-b107-d02788027694} - M:\EasySuite.exe HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {47697f98-04b3-11e3-98ad-d02788027694} - O:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {4f1cbb59-b65e-11e2-807d-d02788027694} - N:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {bf470c47-db38-11e3-b214-d02788027694} - O:\VZW_Software_upgrade_assistant.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnk ShortcutTarget: NETGEAR WN111v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR) Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.) ShellIconOverlayIdentifiers: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.) ShellIconOverlayIdentifiers: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.) ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers-x32: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360311e106p0415v155k4772r348 SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM - {12D9ECDC-9D0B-4FFA-914C-CBCEC8DA71AD} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW SearchScopes: HKCU - {12D9ECDC-9D0B-4FFA-914C-CBCEC8DA71AD} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3299568&CUI=UN14548697815555117&UM=2 SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enUS423US423 SearchScopes: HKCU - {D73B3D7F-5C8D-4176-B3AE-E211FC3E2064} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms} BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation) DPF: HKLM-x32 {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 FireFox: ======== FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default FF Homepage: hxxp://xfinity.comcast.net/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Dave\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF Extension: Screengrab - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\Extensions\{02450954-cdd9-410f-b1da-db804e18c671}.xpi [2011-07-19] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-18] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-29] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-07-20] FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-03] FF HKCU\...\Firefox\Extensions: [{FB304EF5-15D3-D544-9F7F-4585F9A14A3B}] - C:\Program Files (x86)\di5Re-Markable\175.xpi Chrome: ======= CHR HomePage: CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll (Catalina Marketing Corporation) CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Entanglement Web App) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-12-23] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24] CHR Extension: (Skype Click to Call) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-05] CHR Extension: (Google Wallet) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21] CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Dave\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2013-08-21] CHR HKCU\...\Chrome\Extension: [pcajpdcjfekhfnapaiphaecoajeollnc] - C:\Users\Dave\AppData\Local\CRE\pcajpdcjfekhfnapaiphaecoajeollnc.crx [2013-08-08] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\Exts\Chrome.crx [2014-06-04] CHR HKLM-x32\...\Chrome\Extension: [pcajpdcjfekhfnapaiphaecoajeollnc] - C:\Users\Dave\AppData\Local\CRE\pcajpdcjfekhfnapaiphaecoajeollnc.crx [2013-08-08] ==================== Services (Whitelisted) ================= R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-02-24] (Affinegy, Inc.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2011-02-11] (CyberLink) S3 GSService; C:\Windows\SysWOW64\GSService.exe [249856 2012-02-14] () [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed] R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7391232 2013-06-26] (LeapFrog Enterprises, Inc.) [File not signed] R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\N360.exe [265040 2014-05-23] (Symantec Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [476728 2012-03-16] (Sony Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [243712 2012-02-14] (SMServer) [File not signed] R2 Virtual CDAudio Service; C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [178528 2011-09-09] (RapidSolution Software AG) S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X] ==================== Drivers (Whitelisted) ==================== R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation) S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2008-04-01] (LeapFrog) S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [191944 2011-10-31] (Hauppauge, Inc.) R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation) R3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [18328 2010-04-09] (Initio Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) R3 MusCAudio; C:\Windows\System32\drivers\MusCAudio.sys [34040 2012-02-14] (Windows ® Win 7 DDK provider) R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140720.003\ENG64.SYS [126040 2014-07-13] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140720.003\EX64.SYS [2099288 2014-07-13] (Symantec Corporation) S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA)) R3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA)) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-06-14] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-06-14] (RapidSolution Software AG) R3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45160 2011-09-09] (RapidSolution Software AG) R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation) S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2014-01-09] (support.com, Inc) R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-29] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation) R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-20 15:59 - 2014-07-20 16:03 - 00000000 ____D () C:\AdwCleaner 2014-07-20 15:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-20 15:17 - 2014-07-20 15:18 - 00000830 _____ () C:\Users\Dave\Downloads\SystemLook.txt 2014-07-20 15:16 - 2014-07-20 15:16 - 00165376 _____ () C:\Users\Dave\Downloads\SystemLook_x64.exe 2014-07-20 14:21 - 2014-07-20 14:21 - 00000259 _____ () C:\Users\Dave\Downloads\fixlist.txt 2014-07-20 09:52 - 2014-07-20 09:53 - 00045414 _____ () C:\Users\Dave\Downloads\Addition.txt 2014-07-20 09:51 - 2014-07-20 18:20 - 00038701 _____ () C:\Users\Dave\Downloads\FRST.txt 2014-07-20 09:51 - 2014-07-20 18:20 - 00000000 ____D () C:\FRST 2014-07-20 09:50 - 2014-07-20 09:50 - 02089984 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe 2014-07-19 22:23 - 2014-07-19 22:23 - 00184320 _____ () C:\Users\Dave\Desktop\firefox bookmarks.html 2014-07-19 22:22 - 2014-07-19 22:22 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1405823027144 2014-07-19 22:19 - 2014-07-20 09:19 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-07-19 22:18 - 2014-07-19 22:18 - 04862664 _____ (AVAST Software) C:\Users\Dave\Downloads\avast_free_antivirus_setup_online.exe 2014-07-19 22:14 - 2014-07-19 22:14 - 00001231 _____ () C:\Users\Dave\Desktop\Revo Uninstaller.lnk 2014-07-19 22:14 - 2014-07-19 22:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-07-19 22:13 - 2014-07-19 22:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dave\Downloads\revosetup.exe 2014-07-19 21:39 - 2014-07-19 21:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-19 21:39 - 2014-07-19 21:39 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-19 21:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-19 21:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-19 21:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-19 21:37 - 2014-07-19 21:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\DriverRestore 2014-07-19 21:03 - 2014-07-19 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore 2014-07-19 21:00 - 2014-07-19 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf 2014-07-19 21:00 - 2014-07-07 11:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys 2014-07-16 18:50 - 2014-07-16 18:50 - 00000000 ____D () C:\Users\Dave\Downloads\GoBuster Ringtones 2014-07-16 15:54 - 2014-07-16 16:02 - 00000000 ____D () C:\Users\Dave\Downloads\Dependent Verification 2014-07-15 13:39 - 2014-07-17 12:04 - 00000000 ____D () C:\Users\Dave\Downloads\Allentown Comic Con 2014-07-09 22:20 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 22:20 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 22:20 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 22:20 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 22:20 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 22:20 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 22:20 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 22:20 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 22:20 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 22:20 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 22:20 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 22:20 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 22:20 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 22:20 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 22:20 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 22:20 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 22:20 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 22:20 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 22:20 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 22:20 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 22:20 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 22:20 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 22:19 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 22:19 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 22:19 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 22:19 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 22:19 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 22:19 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 22:19 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 22:19 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 22:19 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 22:19 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 22:19 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 22:19 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 22:19 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 22:19 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 22:19 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 22:19 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 22:19 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 22:19 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 22:19 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 22:19 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 22:19 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 22:19 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 22:19 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 22:19 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 22:19 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 22:19 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 22:19 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 22:19 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 22:19 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 22:19 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 22:19 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 22:19 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 22:19 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 22:19 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 22:19 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 22:19 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 22:19 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 22:19 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 22:19 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 22:19 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 22:19 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 22:19 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 22:19 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 22:19 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 22:19 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 22:19 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 22:19 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 22:19 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 22:19 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 22:19 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 22:19 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 22:19 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 22:19 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 22:19 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 22:19 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 22:19 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 22:19 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 22:19 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 22:19 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 04:37 - 2014-07-09 04:37 - 00000550 _____ () C:\Users\Dave\Desktop\comics.txt 2014-07-07 09:23 - 2014-07-07 20:43 - 00000000 ____D () C:\Users\Dave\Downloads\Emma - 2009 2014-07-06 10:10 - 2014-07-06 12:48 - 00001087 _____ () C:\Users\Dave\Desktop\Play Monkey Quest.lnk 2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monkey Quest 2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Local\Monkey Quest 2014-07-06 10:08 - 2014-07-06 10:09 - 09611504 _____ (Viacom) C:\Users\Dave\Downloads\InstallMonkeyQuest.exe 2014-06-30 18:23 - 2014-06-30 18:24 - 00000000 ____D () C:\Users\Dave\Documents\2014 Playhouse 2014-06-24 15:42 - 2014-06-24 15:42 - 00895120 _____ (Google Inc.) C:\Users\Dave\Downloads\GoogleVoiceAndVideoSetup.exe 2014-06-24 13:19 - 2014-06-24 13:19 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll 2014-06-24 13:19 - 2014-06-24 13:19 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll 2014-06-24 13:19 - 2014-06-24 13:19 - 00057168 _____ (Microsoft Corporation) C:\Windows\system32\vcomp100.dll 2014-06-23 16:08 - 2014-06-23 16:08 - 00019968 _____ () C:\Users\Dave\Desktop\2014 vacations (version 2).xls 2014-06-23 15:31 - 2014-06-23 15:38 - 00000000 ____D () C:\Users\Dave\Downloads\Norman Reedus ==================== One Month Modified Files and Folders ======= 2014-07-20 18:22 - 2014-07-20 09:51 - 00038701 _____ () C:\Users\Dave\Downloads\FRST.txt 2014-07-20 18:20 - 2014-07-20 09:51 - 00000000 ____D () C:\FRST 2014-07-20 17:56 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-20 17:56 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-20 17:52 - 2010-08-14 01:41 - 01342370 _____ () C:\Windows\WindowsUpdate.log 2014-07-20 17:46 - 2014-06-11 03:33 - 00000000 ____D () C:\Users\Dave\AppData\Local\Skitch 2014-07-20 17:44 - 2011-11-18 20:16 - 00000343 _____ () C:\Windows\lgfwup.ini 2014-07-20 17:44 - 2011-11-18 20:12 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate 2014-07-20 17:43 - 2011-04-23 22:20 - 00000430 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-07-20 17:42 - 2010-05-31 23:34 - 02903828 _____ () C:\Windows\PFRO.log 2014-07-20 17:42 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-20 17:42 - 2009-07-14 00:51 - 00354826 _____ () C:\Windows\setupact.log 2014-07-20 17:34 - 2014-03-30 16:57 - 00023040 _____ () C:\Users\Dave\Desktop\2014 vacations.xls 2014-07-20 16:48 - 2012-02-14 08:19 - 00398848 ___SH () C:\Users\Dave\Desktop\Thumbs.db 2014-07-20 16:33 - 2012-04-24 11:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-20 16:32 - 2011-03-26 09:23 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA.job 2014-07-20 16:03 - 2014-07-20 15:59 - 00000000 ____D () C:\AdwCleaner 2014-07-20 15:51 - 2010-08-14 01:47 - 00000000 ____D () C:\Program Files (x86)\Gateway Photo Frame 2014-07-20 15:32 - 2011-03-26 09:23 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core.job 2014-07-20 15:18 - 2014-07-20 15:17 - 00000830 _____ () C:\Users\Dave\Downloads\SystemLook.txt 2014-07-20 15:16 - 2014-07-20 15:16 - 00165376 _____ () C:\Users\Dave\Downloads\SystemLook_x64.exe 2014-07-20 14:21 - 2014-07-20 14:21 - 00000259 _____ () C:\Users\Dave\Downloads\fixlist.txt 2014-07-20 09:53 - 2014-07-20 09:52 - 00045414 _____ () C:\Users\Dave\Downloads\Addition.txt 2014-07-20 09:50 - 2014-07-20 09:50 - 02089984 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe 2014-07-20 09:37 - 2011-06-30 05:20 - 00000000 ____D () C:\Users\Dave\Documents\ProcessExplorer 2014-07-20 09:19 - 2014-07-19 22:19 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-07-20 09:18 - 2010-05-31 23:24 - 00000000 ____D () C:\Windows\oem 2014-07-19 22:23 - 2014-07-19 22:23 - 00184320 _____ () C:\Users\Dave\Desktop\firefox bookmarks.html 2014-07-19 22:22 - 2014-07-19 22:22 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1405823027144 2014-07-19 22:18 - 2014-07-19 22:18 - 04862664 _____ (AVAST Software) C:\Users\Dave\Downloads\avast_free_antivirus_setup_online.exe 2014-07-19 22:14 - 2014-07-19 22:14 - 00001231 _____ () C:\Users\Dave\Desktop\Revo Uninstaller.lnk 2014-07-19 22:14 - 2014-07-19 22:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-07-19 22:13 - 2014-07-19 22:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dave\Downloads\revosetup.exe 2014-07-19 21:39 - 2014-07-19 21:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-19 21:39 - 2014-07-19 21:39 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-19 21:39 - 2012-04-17 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-19 21:38 - 2014-07-19 21:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-19 21:15 - 2011-11-02 13:12 - 00036864 ___SH () C:\Users\Dave\Thumbs.db 2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\DriverRestore 2014-07-19 21:05 - 2014-07-19 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore 2014-07-19 21:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-07-19 21:00 - 2014-07-19 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf 2014-07-19 21:00 - 2011-09-15 22:33 - 00000258 __RSH () C:\ProgramData\ntuser.pol 2014-07-19 20:58 - 2014-06-18 00:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-19 01:36 - 2011-11-29 15:55 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\uTorrent 2014-07-17 12:04 - 2014-07-15 13:39 - 00000000 ____D () C:\Users\Dave\Downloads\Allentown Comic Con 2014-07-16 18:50 - 2014-07-16 18:50 - 00000000 ____D () C:\Users\Dave\Downloads\GoBuster Ringtones 2014-07-16 16:02 - 2014-07-16 15:54 - 00000000 ____D () C:\Users\Dave\Downloads\Dependent Verification 2014-07-10 12:51 - 2014-05-02 13:31 - 00886459 _____ () C:\QDATA1.IDX 2014-07-10 12:51 - 2011-03-25 23:26 - 00000000 ____D () C:\Users\Dave\Quicken 2014-07-10 12:51 - 2006-07-31 11:20 - 06316056 _____ () C:\QDATA1.QDF 2014-07-10 12:51 - 2006-07-31 11:20 - 00035840 _____ () C:\QDATA1.QEL 2014-07-10 12:40 - 2011-04-07 00:46 - 00000000 ____D () C:\BACKUP 2014-07-10 04:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache 2014-07-10 03:23 - 2009-07-14 00:45 - 00351752 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-10 03:21 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-10 03:21 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-10 03:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-10 03:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-10 03:04 - 2013-08-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 03:03 - 2011-03-26 08:58 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 04:40 - 2012-04-25 15:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-09 04:37 - 2014-07-09 04:37 - 00000550 _____ () C:\Users\Dave\Desktop\comics.txt 2014-07-09 01:33 - 2012-04-24 11:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 01:33 - 2012-04-24 11:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 01:33 - 2011-05-26 05:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-07 20:43 - 2014-07-07 09:23 - 00000000 ____D () C:\Users\Dave\Downloads\Emma - 2009 2014-07-07 11:04 - 2014-07-19 21:00 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys 2014-07-07 00:35 - 2011-09-15 22:02 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server 2014-07-06 12:48 - 2014-07-06 10:10 - 00001087 _____ () C:\Users\Dave\Desktop\Play Monkey Quest.lnk 2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monkey Quest 2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Local\Monkey Quest 2014-07-06 10:09 - 2014-07-06 10:08 - 09611504 _____ (Viacom) C:\Users\Dave\Downloads\InstallMonkeyQuest.exe 2014-07-05 16:21 - 2014-01-31 12:01 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-07-04 17:11 - 2013-09-14 10:12 - 00000000 ____D () C:\Users\Dave\Downloads\MMPRToys 2014-07-04 15:40 - 2013-11-29 11:13 - 00000000 ____D () C:\Users\Dave\AppData\Local\Paint.NET 2014-06-30 18:24 - 2014-06-30 18:23 - 00000000 ____D () C:\Users\Dave\Documents\2014 Playhouse 2014-06-29 22:09 - 2014-07-09 22:20 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-29 22:04 - 2014-07-09 22:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-28 15:40 - 2011-03-30 07:15 - 00000000 ____D () C:\Users\Dave\AppData\Local\CrashDumps 2014-06-28 14:47 - 2013-11-29 11:14 - 00001195 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk 2014-06-28 14:47 - 2013-11-29 11:14 - 00001183 _____ () C:\Users\Public\Desktop\Paint.NET.lnk 2014-06-28 14:47 - 2013-11-29 11:14 - 00000000 ____D () C:\Program Files\Paint.NET 2014-06-28 14:11 - 2011-03-15 03:07 - 00084440 _____ () C:\Users\Dave\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-25 11:17 - 2012-06-07 09:31 - 02932224 ___SH () C:\Users\Dave\Downloads\Thumbs.db 2014-06-24 16:20 - 2013-10-24 11:55 - 00000000 ____D () C:\Users\Dave\Downloads\Monster High 2014-06-24 15:42 - 2014-06-24 15:42 - 00895120 _____ (Google Inc.) C:\Users\Dave\Downloads\GoogleVoiceAndVideoSetup.exe 2014-06-24 15:42 - 2011-03-15 18:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Mozilla 2014-06-24 15:42 - 2011-03-15 03:38 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google 2014-06-24 13:19 - 2014-06-24 13:19 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll 2014-06-24 13:19 - 2014-06-24 13:19 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll 2014-06-24 13:19 - 2014-06-24 13:19 - 00057168 _____ (Microsoft Corporation) C:\Windows\system32\vcomp100.dll 2014-06-23 16:08 - 2014-06-23 16:08 - 00019968 _____ () C:\Users\Dave\Desktop\2014 vacations (version 2).xls 2014-06-23 15:38 - 2014-06-23 15:31 - 00000000 ____D () C:\Users\Dave\Downloads\Norman Reedus 2014-06-23 15:27 - 2011-03-26 09:23 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA 2014-06-23 15:27 - 2011-03-26 09:23 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core 2014-06-20 16:14 - 2014-07-09 22:19 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 15:39 - 2014-07-09 22:19 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll Some content of TEMP: ==================== C:\Users\Dave\AppData\Local\Temp\air1510.exe C:\Users\Dave\AppData\Local\Temp\air5115.exe C:\Users\Dave\AppData\Local\Temp\airC41E.exe C:\Users\Dave\AppData\Local\Temp\airC6DE.exe C:\Users\Dave\AppData\Local\Temp\airC9BD.exe C:\Users\Dave\AppData\Local\Temp\DRHelper_installFinish.exe C:\Users\Dave\AppData\Local\Temp\DRHelper_installStart.exe C:\Users\Dave\AppData\Local\Temp\DRHelper_uninstallComplete.exe C:\Users\Dave\AppData\Local\Temp\Quarantine.exe C:\Users\Dave\AppData\Local\Temp\SfpcHelper_installFinish.exe C:\Users\Dave\AppData\Local\Temp\SfpcHelper_installStart.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 01:45 ==================== End Of Log ============================
-
I booted in safe mode. Uninstall from Control Panel didn't work, it got about halfway through then was stuck for over 20 minutes. I shut that down then ran through Revo and it worked! First through moderate mode then advanced, so hopefully it got everything. I don't see any evidence of the program and I opened Firefox and it's working again. Thanks so much! Anything else I need to do?
-
Here are the results from step 2. I will try the directions in your most recent message. # AdwCleaner v3.216 - Report created 20/07/2014 at 16:02:10# Updated 17/07/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Dave - DAVE-PC# Running from : C:\Users\Dave\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** Service Deleted : webinstr ***** [ Files / Folders ] ***** Folder Deleted : C:\SearchProtectFolder Deleted : C:\ProgramData\NCH SoftwareFolder Deleted : C:\ProgramData\PartnerFolder Deleted : C:\Program Files (x86)\ConduitFolder Deleted : C:\Program Files (x86)\File Type AssistantFolder Deleted : C:\Program Files (x86)\System Optimizer ProFolder Deleted : C:\Windows\SysWOW64\SearchProtectFolder Deleted : C:\Users\Dave\AppData\Local\ConduitFolder Deleted : C:\Users\Dave\AppData\Local\eSupport.comFolder Deleted : C:\Users\Dave\AppData\Local\FileTypeAssistantFolder Deleted : C:\Users\Dave\AppData\Local\torchFolder Deleted : C:\Users\Dave\AppData\LocalLow\Conduit[x] Not Deleted : C:\Users\Dave\AppData\Roaming\Aimersoft Video Converter UltimateFolder Deleted : C:\Users\Dave\AppData\Roaming\dvdvideosoftiehelpersFolder Deleted : C:\Users\Dave\AppData\Roaming\NCH SoftwareFolder Deleted : C:\Users\Dave\AppData\Roaming\SearchProtect[x] Not Deleted : C:\Users\Dave\Documents\Aimersoft Video Converter UltimateFile Deleted : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpiFile Deleted : C:\ENDFile Deleted : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\user.jsFile Deleted : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhpKey Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLLKey Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exeKey Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManagerKey Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancsKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCSKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3299568Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Key Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\IGearSettingsKey Deleted : HKCU\Software\Myfree CodecKey Deleted : HKCU\Software\OCSKey Deleted : HKCU\Software\SoftwareUpdaterKey Deleted : HKCU\Software\torchKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\Freeze.comKey Deleted : HKLM\Software\torch ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Mozilla Firefox v30.0 (en-US) [ File : C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\prefs.js ] Line Deleted : user_pref("CT3281675.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DZQdRJRQ9tgk%26list%3DPL3D04FE12A78B652D\",\"EB_MAIN_FRAME_TITLE\":\"Darkwing%20Duck%2[...]Line Deleted : user_pref("CT3281675_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1367590754491,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");Line Deleted : user_pref("CT3299568_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376930986285,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&SearchSource=2&CUI=UN23192938167530147&UM=2&q=");Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3299568");Line Deleted : user_pref("browser.search.defaultthis.engineName", "entrusted11 Customized Web Search");Line Deleted : user_pref("smartbar.machineId", "9GXZLVUUEEYS+YVPL1/LX99PYA+LIMLPEDHSPDCB/FD7KOD9UJUUHELQZFNBGP3ZEFR7AIY8QDR8SAK61K18JW"); -\\ Google Chrome v [ File : C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://isearch.avg.com/search?cid={C8EED65C-AB51-47AA-956F-896CB6C3A78C}&mid=〈=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN24501010554306260&ctid=CT3299568&UM=2Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfglDeleted [Extension] : flpcjncodpafbgdpnkljologafpionhb ************************* AdwCleaner[R0].txt - [11150 octets] - [20/07/2014 15:59:18]AdwCleaner[s0].txt - [10732 octets] - [20/07/2014 16:02:10] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10793 octets] ##########
-
I downloaded and tried to run the program. Norton identified it as a security risk and deleted it.
-
SystemLook 30.07.11 by jpshortstuff Log created at 15:17 on 20/07/2014 by Dave Administrator - Elevation successful ========== folderfind ========== Searching for "*DesktopTemperature*" C:\Users\Dave\AppData\Local\DesktopTemperature d------ [01:02 20/07/2014] C:\Users\Dave\AppData\Local\System_Alerts_LLC\DesktopTemperature.exe_Url_er5aqtwibhbrlyw3fc3slp2vcmebwzaa d------ [01:03 20/07/2014] -= EOF =-
-
Step one isn't working. I downloaded the fixlist.txt, both that and FRST.exe are running out of the same directory. I'm getting this error message.
-
I can't close Norton. When I try to kill n360.exe in task manager, I get an error. I looked online and it says this happens because viruses try to kill Norton and then they could harm the computer. The only way to stop Norton appears to be completely uninstalling it, and I don't want to do that. What if this uninstall.exe is actually a virus that will do bad things to my PC if Norton is turned off?
-
-
I chose that and when Revo got to the built-in uninstaller it gave me the same message to shut down Norton among other programs. I took a screenshot if you'd like it. I cancelled that, as I can't and don't think I'd want to shut down Norton. Revo gave me the option to scan for any leftover references to the program, but I didn't run that since I didn't uninstall anything.
-
How do I disable Norton realtime protection? When I right-click Norton in my task bar, I have these two options: Disable smart firewallDisable antivirus auto-protect I tried disabling antivirus auto-protect yesterday and used Revo, but the uninstaller still wanted me to completely stop Norton (n360.exe in Task Manager). Maybe I was doing the wrong thing with Norton, though. I also tried installing avast, thinking if I killed the n360.exe I would still be protected with avast. However I wasn't able to kill n360.exe and the uninstaller then wanted me to kill Norton and Avast.
-
Hello Jurgen and thanks for helping me! I tried to attach the addition.txt and it said the message was too long. I didn't want to post another message until someone else responded so no one thought I was already being helped. Here is the file. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014Ran by Dave at 2014-07-20 09:52:46Running from C:\Users\Dave\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== Leawo DVD Creator version 4.0.0.0 (HKLM-x32\...\{29312768-5795-483C-805A-7D01B8FC7C0E}_is1) (Version: - )µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.30017 - BitTorrent Inc.)µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.2.28595 - BitTorrent Inc.)7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) HiddenAdobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)Advertising Center (x32 Version: 0.0.0.2 - Nero AG) HiddenAge of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )Aimersoft Blu-ray Ripper(Build 3.0.0.3) (HKLM-x32\...\Aimersoft Blu-ray Ripper_is1) (Version: - Aimersoft Software)Aimersoft DRM Media Converter(Build 1.5.3.0) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version: - Aimersoft Software)Aimersoft DVD to iPad Converter(Build 2.5.0.0) (HKLM-x32\...\Aimersoft DVD to iPad Converter_is1) (Version: - Aimersoft Software)Aimersoft Video Converter Ultimate(Build 4.2.4.0) (HKLM-x32\...\Aimersoft Video Converter Ultimate_is1) (Version: - Aimersoft Software)AllMusicConverter 4.3.5 (HKLM-x32\...\AllMusicConverter_is1) (Version: 4.3.5 - Ramka Ltd.)AMD DnD V1.0.20 (x32 Version: 1.0.20 - AMD) HiddenApple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)ArcSoft TotalMedia Extreme (HKLM-x32\...\{E7A1B94F-A981-49B2-868F-DFEA471AB17D}) (Version: 2.0.45.12 - ArcSoft)ATI AVIVO64 Codecs (Version: 10.12.0.00210 - ATI Technologies Inc.) HiddenATI Catalyst Install Manager (HKLM\...\{CADBC192-932B-EC76-510D-4012A33C5E20}) (Version: 3.0.765.0 - ATI Technologies, Inc.)Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)Audials (HKLM-x32\...\{D8F247BA-4325-465E-A62D-D3DD1E6E70A7}) (Version: 8.0.54900.0 - RapidSolution Software AG)Audials TV (HKLM-x32\...\{4044436C-3A01-4ECA-8FC9-AC8F3F838EDC}) (Version: 1.3.10803.300 - RapidSolution Software AG)Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - )Blaze Audio Power Record (HKLM-x32\...\Blaze Audio Power Record_is1) (Version: - Blaze Audio)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Brother MFL-Pro Suite MFC-240C (HKLM-x32\...\{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}) (Version: 1.0.3.0 - Brother Industries, Ltd.)Caillou's Kindergarten (HKLM-x32\...\Caillou's Kindergarten) (Version: - Brighter Child Interactive)Canon DIGITAL CAMERA Solution Disk Software Guide (HKLM-x32\...\Software Guide) (Version: 1.3.0.1 - Canon Inc.)CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)Canon Personal Printing Guide (HKLM-x32\...\Personal Printing Guide) (Version: 1.1.1.3 - Canon Inc.)Canon PowerShot SX130 IS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSSX130IS) (Version: 1.0.0.1 - Canon Inc.)Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.3.0.6 - Canon Inc.)Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.1.0.4 - Canon Inc.)Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.5.0 build 3621 (Oct-10-2013) - Carbonite)Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTIONCatalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) HiddenCatalyst Control Center Core Implementation (x32 Version: 2010.0210.2206.39615 - ATI) HiddenCatalyst Control Center Graphics Full Existing (x32 Version: 2010.0210.2206.39615 - ATI) HiddenCatalyst Control Center Graphics Full New (x32 Version: 2010.0210.2206.39615 - ATI) HiddenCatalyst Control Center Graphics Light (x32 Version: 2010.0210.2206.39615 - ATI) HiddenCatalyst Control Center Graphics Previews Vista (x32 Version: 2010.0210.2206.39615 - ATI) HiddenCatalyst Control Center InstallProxy (x32 Version: 2010.0210.2206.39615 - ATI Technologies, Inc.) HiddenCatalyst Control Center Localization All (x32 Version: 2010.0210.2206.39615 - ATI) HiddenCCC Help Chinese Standard (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Chinese Traditional (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Czech (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Danish (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Dutch (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help English (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Finnish (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help French (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help German (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Greek (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Hungarian (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Italian (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Japanese (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Korean (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Norwegian (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Polish (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Portuguese (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Russian (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Spanish (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Swedish (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Thai (x32 Version: 2010.0210.2205.39615 - ATI) HiddenCCC Help Turkish (x32 Version: 2010.0210.2205.39615 - ATI) Hiddenccc-core-static (x32 Version: 2010.0210.2206.39615 - ATI) Hiddenccc-utility64 (Version: 2010.0210.2206.39615 - ATI) HiddenCDisplayEx 1.8 (HKLM-x32\...\CDisplayEx_is1) (Version: - Henri Gourvest.)Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.3.0.8 - Citrix Systems, Inc.)Citrix online plug-in (DV) (x32 Version: 12.3.0.8 - Citrix Systems, Inc.) HiddenCitrix online plug-in (HDX) (x32 Version: 12.3.0.8 - Citrix Systems, Inc.) HiddenCitrix online plug-in (USB) (x32 Version: 12.3.0.8 - Citrix Systems, Inc.) HiddenCitrix online plug-in (Web) (x32 Version: 12.3.0.8 - Citrix Systems, Inc.) HiddenCompatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)ConvertMovie 4.4 (HKLM-x32\...\ConvertMovie 4.4) (Version: 4.4 - MOVAVI)Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)Cucusoft DVD to iPod + iPod Video Converter Suite 8.8.8.8 (HKLM-x32\...\Cucusoft DVD to iPod + iPod Video Converter Suite_is1) (Version: - Cucusoft, Inc.)Cucusoft iPad Video Converter 8.08 (HKLM-x32\...\Cucusoft iPad Video Converter_is1) (Version: - Cucusoft, Inc.)CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: - )CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)CyberLink Blu-ray Disc Suite (x32 Version: 6.0.3226 - CyberLink Corp.) HiddenCyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)CyberLink LG Burning Tool (x32 Version: 6.2.4009 - CyberLink Corp.) HiddenCyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.) HiddenCyberLink PhotoDirector 4 (HKLM-x32\...\InstallShield_{44510C84-AE2A-4079-A75B-D44E68D73B9A}) (Version: 4.0.4317.0 - CyberLink Corp.)CyberLink PhotoDirector 4 (x32 Version: 4.0.4317.0 - CyberLink Corp.) HiddenCyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)CyberLink PhotoNow (x32 Version: 1.1.0.6904 - CyberLink Corp.) HiddenCyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3305 - CyberLink Corp.)CyberLink PowerDirector (Version: 9.0.0.3305 - CyberLink Corp.) HiddenCyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3817.50 - CyberLink Corp.)CyberLink PowerDVD 9 (x32 Version: 9.0.3817.50 - CyberLink Corp.) HiddenCyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2512 - CyberLink Corp.)CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.) HiddenCyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2821 - CyberLink Corp.)CyberLink WaveEditor (x32 Version: 1.0.1.2821 - CyberLink Corp.) HiddenCyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.3530 - CyberLink Corp.)CyberLink YouCam (x32 Version: 1.0.3530 - CyberLink Corp.) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDaniusoft DVD to MP4 Converter(Build 2.3.5.1) (HKLM-x32\...\Daniusoft DVD to MP4 Converter_is1) (Version: - Daniusoft Software)Desktop Temperature Monitor (HKCU\...\Desktop Temperature Monitor) (Version: 1.24.0.0 - System Alerts LLC)DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)eM Client (HKLM-x32\...\{88B17ABF-1B95-4DE8-B06F-CB511AFC2D8A}) (Version: 5.0.19406.0 - eM Client Inc.)Evernote v. 5.4 (HKLM-x32\...\{59071464-DAEE-11E3-9080-00163E98E7D0}) (Version: 5.4.0.3698 - Evernote Corp.)Free YouTube Download version 3.2.38.530 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.38.530 - DVDVideoSoft Ltd.)Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)Gateway Photo Frame 4.2.3.10 (HKLM-x32\...\Gateway Photo Frame) (Version: 4.2.3.10 - I/O Interconnect)Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Gateway Incorporated)Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3006 - Gateway Incorporated)Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0812 - Gateway Incorporated)Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Gateway Incorporated)GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )Hauppauge HDPVR Scheduler (HKLM-x32\...\Hauppauge HDPVR Scheduler) (Version: - Hauppauge Computer Works)Hauppauge WinTV IR Blaster (HKLM-x32\...\Hauppauge WinTV IR Blaster) (Version: 7.4.29102 - Hauppauge Computer Works, Inc.)Hauppauge WinTV Scheduler (HKLM-x32\...\Hauppauge WinTV Scheduler) (Version: - )Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3009 - Gateway Incorporated)Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Gateway Incorporated)ImagXpress (x32 Version: 7.0.74.0 - Nero AG) HiddenImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) HiddenJavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.0.20.17316 - LeapFrog)LeapFrog Connect (x32 Version: 5.0.20.17316 - LeapFrog) HiddenLeapFrog Tag Junior Plugin (x32 Version: 5.0.19.17305 - LeapFrog) HiddenLeapFrog Tag Plugin (x32 Version: 5.0.19.17305 - LeapFrog) HiddenLearning Lodge Navigator (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )MakeMKV v1.7.2 (HKLM-x32\...\MakeMKV) (Version: v1.7.2 - GuinpinSoft inc)Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)MediaFACE 4.2 (HKLM-x32\...\InstallShield_{E129EC5D-FC37-4260-B6B7-1113D8613A89}) (Version: 4.2 - Fellowes)MediaFACE 4.2 (x32 Version: 4.2 - Fellowes) HiddenMediaFACE 4.2 Image Library (HKLM-x32\...\InstallShield_{2D6DFE76-A197-4337-90BA-8DCB840CA84B}) (Version: 4.2 - Fellowes)MediaFACE 4.2 Image Library (x32 Version: 4.2 - Fellowes) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft GIF Animator (HKLM-x32\...\GIF Animator) (Version: - )Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)Mozilla Thunderbird 24.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-US)) (Version: 24.6.0 - Mozilla)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)Nero 9 Essentials (HKLM-x32\...\{e6817f01-cedf-45af-8195-bd1691311e1c}) (Version: - Nero AG)Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) HiddenNero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) HiddenNero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) HiddenNero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) HiddenNero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) HiddenNero Express Help (x32 Version: 9.6.2.101 - Nero AG) HiddenNero InfoTool (x32 Version: 6.4.12.100 - Nero AG) HiddenNero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) HiddenNero Installer (x32 Version: 4.4.9.0 - Nero AG) HiddenNero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) HiddenNero StartSmart (x32 Version: 9.4.37.100 - Nero AG) HiddenNero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) HiddenNero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) HiddenNeroExpress (x32 Version: 9.4.33.100 - Nero AG) Hiddenneroxml (x32 Version: 1.0.0 - Nero AG) HiddenNorton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)Norton Security Suite (HKLM-x32\...\N360) (Version: 21.3.0.12 - Symantec Corporation)OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)Opera 11.50 (HKLM-x32\...\Opera 11.50.1074) (Version: 11.50.1074 - Opera Software ASA)paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)Pepakura Designer 3 (HKLM-x32\...\pepakura_designer3en) (Version: - TamaSoftware)Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version: - TamaSoftware)Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.2.00.03162 - Sony Corporation)PowerDirector (Version: 9.00.0000 - CyberLink Corp.) HiddenPS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.40.0 - PS3 Media Server)Quicken 2006 (HKLM-x32\...\{2818095F-FB6C-42C8-827E-0A406CC9AFF5}) (Version: 15.1.2.7 - Intuit)QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)RangeMax Wireless-N USB Adapter WN111v2 (HKLM-x32\...\InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}) (Version: 3.0.0.3 - NETGEAR)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) HiddenSamsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) HiddenSAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)Skitch (HKLM-x32\...\Skitch 2.3.1.163) (Version: 2.3.1.163 - Evernote Corp.)Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) HiddenSmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.9.0 - SmartSound Software Inc)SmartSound Quicktracks Plugin (x32 Version: 3.0.9.0 - SmartSound Software Inc) HiddenSRWare Iron version SRWare Iron 30.0.1650.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 30.0.1650.0 - SRWare)SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13082_1 - Samsung Electronics Co., Ltd.)SUABnR (x32 Version: 1.1.0.13082_1 - Samsung Electronics Co., Ltd.) HiddenThe Land Before Time Kindergarten Adventure (HKLM-x32\...\The Land Before Time Kindergarten Adventure) (Version: - )The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 1.3.13 - Electronic Arts)TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc)TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2675 - Intuit Inc.) HiddenTurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0436 - Intuit Inc.) HiddenTurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0210 - Intuit Inc.) HiddenTurboTax 2011 wpaiper (x32 Version: 011.000.1429 - Intuit Inc.) HiddenTurboTax 2011 wrapper (x32 Version: 011.000.0120 - Intuit Inc.) HiddenTurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.1804 - Intuit Inc.) HiddenTurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0402 - Intuit Inc.) HiddenTurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0164 - Intuit Inc.) HiddenTurboTax 2012 wpaiper (x32 Version: 012.000.1162 - Intuit Inc.) HiddenTurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) HiddenUlead GIF Animator 5 TBYB (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - Ulead System)UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version: - )Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (HKLM-x32\...\TagJuniorPlugin) (Version: - LeapFrog)Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM-x32\...\TagPlugin) (Version: 5.0.19.17305 - LeapFrog)VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) HiddenWBFS Manager 2.5 (HKLM\...\{9DADBA45-2B06-4F7F-970B-E854ABC8917A}) (Version: 2.5 - WBFS)WBFS Manager 2.5 (HKLM-x32\...\{A5B5B6D8-DE44-44A3-90C4-8C07A1E0FAD4}) (Version: 2.5 - WBFS)Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3013 - Gateway Incorporated)Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWinX HD Video Converter Deluxe 3.10.3 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software,Inc.)WN111v2 (x32 Version: 3.0.0.3 - NETGEAR) HiddenZoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)Zoo Tycoon 2 - Ultimate Collection (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden ==================== Restore Points ========================= 17-07-2014 17:48:47 Scheduled Checkpoint20-07-2014 02:15:44 Revo Uninstaller's restore point - Desktop Temperature Monitor20-07-2014 02:20:34 avast! antivirus system restore point20-07-2014 02:32:00 Revo Uninstaller's restore point - Desktop Temperature Monitor20-07-2014 02:33:56 avast! antivirus system restore point ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {016AE68E-99E7-4529-AE89-A27456FF10B2} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)Task: {0558B69C-B840-4686-8C1E-952BB608C053} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-15] (Google Inc.)Task: {20D2C945-3700-474E-86FE-B0253AB27D10} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)Task: {5B751779-593B-4718-A0FB-D2C562EC8387} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)Task: {5D11633F-A3C4-4B42-9B58-8EF933DC3BA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)Task: {6792B421-8313-4211-85DD-67537D516A0E} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exeTask: {9D58DAC7-ECB8-4308-BD90-E2759695C1BF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-15] (Google Inc.)Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core.job => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA.job => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-08-04 08:40 - 2010-08-04 08:40 - 00611872 _____ () C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe2011-11-18 20:06 - 2009-07-02 10:02 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe2011-08-26 15:25 - 2010-08-19 05:43 - 00386344 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe2012-11-05 05:40 - 2012-11-05 04:50 - 00377800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe2009-08-14 13:55 - 2009-08-14 13:55 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll2010-08-14 01:39 - 2010-08-14 01:39 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll2014-03-03 21:55 - 2014-03-03 21:55 - 01046288 _____ () C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2010-08-04 05:47 - 2010-08-04 05:47 - 00144896 _____ () C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyHook.dll2009-06-12 19:37 - 2009-06-12 19:37 - 00032768 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIUSBLib.dll2009-06-12 19:37 - 2009-06-12 19:37 - 00025088 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIHIDLib.dll2011-03-25 20:17 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll2011-01-17 16:19 - 2011-03-16 17:15 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll2012-11-05 05:40 - 2010-06-23 21:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll2012-11-05 05:40 - 2010-07-13 09:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll2012-11-05 05:40 - 2010-06-01 22:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll2012-11-05 05:40 - 2010-06-01 22:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll2012-11-05 05:40 - 2012-08-06 05:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll2012-11-05 05:40 - 2010-06-01 22:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll2012-11-05 05:40 - 2010-06-01 22:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll2012-11-05 05:40 - 2010-07-05 05:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll2012-11-05 05:40 - 2010-11-11 05:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll2012-11-05 05:40 - 2010-06-02 01:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll2013-11-13 21:55 - 2013-10-05 22:22 - 00875008 _____ () C:\Program Files (x86)\SRWare Iron\libglesv2.dll2013-11-13 21:55 - 2013-10-05 22:25 - 00102912 _____ () C:\Program Files (x86)\SRWare Iron\libegl.dll2013-11-13 21:55 - 2013-10-05 21:12 - 00861696 _____ () C:\Program Files (x86)\SRWare Iron\ffmpegsumo.dll2014-07-09 01:33 - 2014-07-09 01:33 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:96D0C06F ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Microsoft PS/2 MouseDescription: Microsoft PS/2 MouseClass Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: i8042prtProblem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.Devices stay in this state if they have been prepared for removal.After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Standard PS/2 KeyboardDescription: Standard PS/2 KeyboardClass Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard keyboards)Service: i8042prtProblem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)Resolution: Enable the device in the BIOS of the device. ==================== Event log errors: ========================= Application errors:==================Error: (07/20/2014 00:48:39 AM) (Source: SideBySide) (EventID: 63) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (07/19/2014 09:18:31 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070013, The media is write protected.. Error: (07/19/2014 09:18:31 PM) (Source: VSS) (EventID: 13) (User: )Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.] Error: (07/18/2014 11:46:38 PM) (Source: SideBySide) (EventID: 63) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (07/17/2014 01:43:19 PM) (Source: SideBySide) (EventID: 63) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (07/15/2014 01:26:58 AM) (Source: SideBySide) (EventID: 63) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (07/13/2014 01:10:56 AM) (Source: SideBySide) (EventID: 63) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (07/12/2014 00:57:07 AM) (Source: SideBySide) (EventID: 63) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (07/10/2014 11:52:10 PM) (Source: SideBySide) (EventID: 63) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. Error: (07/10/2014 01:35:13 AM) (Source: SideBySide) (EventID: 63) (User: )Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid. System errors:=============Error: (07/20/2014 09:40:51 AM) (Source: ipnathlp) (EventID: 31004) (User: )Description: 0 Error: (07/20/2014 09:38:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Skype Click to Call PNR Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/20/2014 09:34:44 AM) (Source: ipnathlp) (EventID: 31004) (User: )Description: 0 Error: (07/20/2014 09:33:41 AM) (Source: ipnathlp) (EventID: 31004) (User: )Description: 0 Error: (07/20/2014 09:30:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )Description: The Windows Update service hung on starting. Error: (07/20/2014 09:29:47 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error: (07/20/2014 09:29:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error: (07/20/2014 09:28:33 AM) (Source: ipnathlp) (EventID: 31004) (User: )Description: 0 Error: (07/20/2014 09:27:14 AM) (Source: ipnathlp) (EventID: 31004) (User: )Description: 0 Error: (07/20/2014 09:23:27 AM) (Source: ipnathlp) (EventID: 30013) (User: )Description: 10.0.0.3192.168.137.0255.255.255.0 Microsoft Office Sessions:=========================Error: (07/20/2014 00:48:39 AM) (Source: SideBySide) (EventID: 63) (User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (07/19/2014 09:18:31 PM) (Source: VSS) (EventID: 8193) (User: )Description: CoCreateInstance0x80070013, The media is write protected. Error: (07/19/2014 09:18:31 PM) (Source: VSS) (EventID: 13) (User: )Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, The media is write protected. Error: (07/18/2014 11:46:38 PM) (Source: SideBySide) (EventID: 63) (User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (07/17/2014 01:43:19 PM) (Source: SideBySide) (EventID: 63) (User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (07/15/2014 01:26:58 AM) (Source: SideBySide) (EventID: 63) (User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (07/13/2014 01:10:56 AM) (Source: SideBySide) (EventID: 63) (User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (07/12/2014 00:57:07 AM) (Source: SideBySide) (EventID: 63) (User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (07/10/2014 11:52:10 PM) (Source: SideBySide) (EventID: 63) (User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (07/10/2014 01:35:13 AM) (Source: SideBySide) (EventID: 63) (User: )Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 ==================== Memory info =========================== Percentage of memory in use: 32%Total physical RAM: 8175.76 MBAvailable physical RAM: 5546.05 MBTotal Pagefile: 16349.7 MBAvailable Pagefile: 13608.45 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (Gateway) (Fixed) (Total:915.35 GB) (Free:20.03 GB) NTFSDrive d: (New Volume) (Fixed) (Total:298.09 GB) (Free:32.35 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931 GB) (Disk ID: BA1D51B1)Partition 1: (Not Active) - (Size=16 GB) - (Type=27)Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=915 GB) - (Type=07 NTFS) ========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 1549F232)Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS) ==================== End Of Log ============================
-
Yesterday I received a notification from Firefox that my browser wasn't protected and ran a fix. This installed Desktop Temperature Monitor. When I try to uninstall it, Norton gives me a warning about the file (uninstall.exe) being too new and recommends not running it. When I try to run it, it wants me to shut down Norton, among other programs. I didn't run it. Now, Firefox isn't working and svchost.exe seems to be eating up a lot of memory. I shut the Desktop Temperature Monitor off in Process Manager. Here's the output from the scans. Do you need me to run them when Desktop Temperature Monitor is running? I do have uTorrent but I don't think it's running. If it is, could someone tell me how to disable it? Thanks for any help! Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014Ran by Dave (administrator) on DAVE-PC on 20-07-2014 09:51:11Running from C:\Users\Dave\DownloadsPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe() C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe(IOI) C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe(NETGEAR) C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe() C:\Program Files\CyberLink\Shared files\RichVideo64.exe(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe(Acer Group) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe(RapidSolution Software AG) C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Windows\System32\alg.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\n360.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe(Microsoft Corporation) C:\Windows\System32\taskmgr.exe(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [611872 2010-08-04] ()HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-11] (Advanced Micro Devices, Inc.)HKLM-x32\...\Run: [Gateway Photo Frame] => C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe [124416 2009-07-20] (IOI)HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [103936 2013-06-26] (LeapFrog Enterprises, Inc.)HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)HKLM-x32\...\Run: [instaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1770400 2011-02-24] (Affinegy, Inc.)HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)HKLM-x32\...\Run: [updateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)HKLM-x32\...\Run: [updatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)HKLM-x32\...\Run: [uCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-26] (Bitleader)HKLM-x32\...\Run: [updatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-06-01] (CyberLink Corp.)HKLM-x32\...\Run: [WinCast] => D:\CDSetup\setup.exe -lengHKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeHKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [728120 2012-03-16] (Sony Corporation)HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [377800 2012-11-05] ()HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)HKLM-x32\...\Run: [MediaFace Integration] => C:\Program Files (x86)\Fellowes\MediaFACE 4.2\SetHook.exe [53248 2005-03-28] (Fellowes, Inc.)HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [Google Update] => C:\Users\Dave\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2011-03-15] (Google Inc.)HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\Run: [skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4851008 2014-05-01] (Evernote)HKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: M - M:\EasySuite.exeHKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {36cf9423-f559-11e2-82cc-d02788027694} - O:\VZW_Software_upgrade_assistant.exeHKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {3ec4560a-5718-11e0-b107-d02788027694} - M:\EasySuite.exeHKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {47697f98-04b3-11e3-98ad-d02788027694} - O:\VZW_Software_upgrade_assistant.exeHKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {4f1cbb59-b65e-11e2-807d-d02788027694} - N:\HTC_Sync_Manager_PC.exeHKU\S-1-5-21-1923651785-319983845-472338908-1000\...\MountPoints2: {bf470c47-db38-11e3-b214-d02788027694} - O:\VZW_Software_upgrade_assistant.exeStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnkShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WN111v2 Smart Wizard.lnkShortcutTarget: NETGEAR WN111v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WN111v2\WN111v2.exe (NETGEAR)Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop Temperature Monitor.lnkShortcutTarget: Desktop Temperature Monitor.lnk -> C:\Users\Dave\AppData\Local\DesktopTemperature\DesktopTemperature.exe (System Alerts LLC)Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnkShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnkShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No FileShellIconOverlayIdentifiers: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\buShell.dll (Symantec Corporation)ShellIconOverlayIdentifiers-x32: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers-x32: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers-x32: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4320&r=17360311e106p0415v155k4772r348URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No FileSearchScopes: HKLM - {12D9ECDC-9D0B-4FFA-914C-CBCEC8DA71AD} URL = SearchScopes: HKLM-x32 - DefaultScope {12D9ECDC-9D0B-4FFA-914C-CBCEC8DA71AD} URL = SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGWSearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKCU - {12D9ECDC-9D0B-4FFA-914C-CBCEC8DA71AD} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3299568&CUI=UN14548697815555117&UM=2SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enUS423US423SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={C8EED65C-AB51-47AA-956F-896CB6C3A78C}&mid=8cbd2acabaed47d0b9d3016ecee69f67-5d4283b35e9969dc98305c1e4234bf6729e2ee91〈=en&ds=ft011&pr=sa&d=2012-04-12 15:33:19&v=10.2.0.3&sap=dsp&q={searchTerms} SearchScopes: HKCU - {D73B3D7F-5C8D-4176-B3AE-E211FC3E2064} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileDPF: HKLM-x32 {44990B00-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlcm.cabHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Winsock: Catalog9 01 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 02 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 03 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 04 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 05 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Winsock: Catalog9 16 C:\Users\Dave\AppData\Local\DesktopTemperature\DTWxSvc.dll [1046288] ()Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 FireFox:========FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.defaultFF Homepage: hxxp://xfinity.comcast.net/FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Dave\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dave\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dave\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Dave\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)FF user.js: detected! => C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\user.jsFF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)FF Plugin ProgramFiles/Appdata: C:\Users\Dave\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)FF Extension: Screengrab - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\Extensions\{02450954-cdd9-410f-b1da-db804e18c671}.xpi [2011-07-19]FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\5xdl1qtj.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-18]FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFFFF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-29]FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgnFF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-07-20]FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ffFF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-03]FF HKCU\...\Firefox\Extensions: [{FB304EF5-15D3-D544-9F7F-4585F9A14A3B}] - C:\Program Files (x86)\di5Re-Markable\175.xpi Chrome: =======CHR Plugin: (Remoting Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()CHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No FileCHR Plugin: (Shockwave Flash) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll No FileCHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll (Catalina Marketing Corporation)CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No FileCHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No FileCHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No FileCHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No FileCHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No FileCHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No FileCHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No FileCHR Extension: (Entanglement Web App) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-12-23]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]CHR Extension: (Skype Click to Call) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-05]CHR Extension: (Google Wallet) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-06-03]CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Dave\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2014-06-03]CHR HKCU\...\Chrome\Extension: [pcajpdcjfekhfnapaiphaecoajeollnc] - C:\Users\Dave\AppData\Local\CRE\pcajpdcjfekhfnapaiphaecoajeollnc.crx [2013-08-08]CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\Exts\Chrome.crx [2014-06-04]CHR HKLM-x32\...\Chrome\Extension: [pcajpdcjfekhfnapaiphaecoajeollnc] - C:\Users\Dave\AppData\Local\CRE\pcajpdcjfekhfnapaiphaecoajeollnc.crx [2013-08-08] ==================== Services (Whitelisted) ================= R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [566688 2011-02-24] (Affinegy, Inc.)R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2011-02-11] (CyberLink)S3 GSService; C:\Windows\SysWOW64\GSService.exe [249856 2012-02-14] () [File not signed]S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [File not signed]R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7391232 2013-06-26] (LeapFrog Enterprises, Inc.) [File not signed]R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.3.0.12\N360.exe [265040 2014-05-23] (Symantec Corporation)R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [476728 2012-03-16] (Sony Corporation)R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()S3 SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [243712 2012-02-14] (SMServer) [File not signed]R2 Virtual CDAudio Service; C:\Program Files (x86)\RapidSolution\Audials 8\VCDWriter\64\VCDAudioService.exe [178528 2011-09-09] (RapidSolution Software AG)S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X] ==================== Drivers (Whitelisted) ==================== R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2008-04-01] (LeapFrog)S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [191944 2011-10-31] (Hauppauge, Inc.)R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)R3 INIDVD; C:\Windows\System32\DRIVERS\inidvd.sys [18328 2010-04-09] (Initio Corporation)R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)R3 MusCAudio; C:\Windows\System32\drivers\MusCAudio.sys [34040 2012-02-14] (Windows ® Win 7 DDK provider)R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\ENG64.SYS [126040 2014-07-13] (Symantec Corporation)R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\EX64.SYS [2099288 2014-07-13] (Symantec Corporation)S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))R3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-06-14] (RapidSolution Software AG)R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-06-14] (RapidSolution Software AG)R3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45160 2011-09-09] (RapidSolution Software AG)R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2014-01-09] (support.com, Inc)R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-29] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)R2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [57528 2014-07-07] (Corsica)R3 WN111v2; C:\Windows\System32\DRIVERS\WN111v2w7x.sys [767488 2009-10-21] (Atheros Communications, Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-20 09:51 - 2014-07-20 09:52 - 00041142 _____ () C:\Users\Dave\Downloads\FRST.txt2014-07-20 09:51 - 2014-07-20 09:51 - 00000000 ____D () C:\FRST2014-07-20 09:50 - 2014-07-20 09:50 - 02089984 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe2014-07-19 22:23 - 2014-07-19 22:23 - 00184320 _____ () C:\Users\Dave\Desktop\firefox bookmarks.html2014-07-19 22:22 - 2014-07-19 22:22 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.14058230271442014-07-19 22:19 - 2014-07-20 09:19 - 00000000 ____D () C:\ProgramData\AVAST Software2014-07-19 22:18 - 2014-07-19 22:18 - 04862664 _____ (AVAST Software) C:\Users\Dave\Downloads\avast_free_antivirus_setup_online.exe2014-07-19 22:14 - 2014-07-19 22:14 - 00001231 _____ () C:\Users\Dave\Desktop\Revo Uninstaller.lnk2014-07-19 22:14 - 2014-07-19 22:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group2014-07-19 22:13 - 2014-07-19 22:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dave\Downloads\revosetup.exe2014-07-19 21:39 - 2014-07-19 21:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-07-19 21:39 - 2014-07-19 21:39 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-07-19 21:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-07-19 21:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-07-19 21:39 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-07-19 21:37 - 2014-07-19 21:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.2.1012.exe2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\System Optimizer Pro2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\DriverRestore2014-07-19 21:03 - 2014-07-19 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore2014-07-19 21:03 - 2014-07-19 21:03 - 00000000 ____D () C:\Users\Dave\AppData\Local\System_Alerts_LLC2014-07-19 21:02 - 2014-07-20 09:23 - 00000000 ____D () C:\Users\Dave\AppData\Local\DesktopTemperature2014-07-19 21:02 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature2014-07-19 21:00 - 2014-07-19 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf2014-07-19 21:00 - 2014-07-07 11:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys2014-07-16 18:50 - 2014-07-16 18:50 - 00000000 ____D () C:\Users\Dave\Downloads\GoBuster Ringtones2014-07-16 15:54 - 2014-07-16 16:02 - 00000000 ____D () C:\Users\Dave\Downloads\Dependent Verification2014-07-15 13:39 - 2014-07-17 12:04 - 00000000 ____D () C:\Users\Dave\Downloads\Allentown Comic Con2014-07-09 22:20 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-07-09 22:20 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-07-09 22:20 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe2014-07-09 22:20 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe2014-07-09 22:20 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-07-09 22:20 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2014-07-09 22:20 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll2014-07-09 22:20 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-07-09 22:20 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-07-09 22:20 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-07-09 22:20 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2014-07-09 22:20 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-07-09 22:20 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-07-09 22:20 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-07-09 22:20 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-07-09 22:20 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-07-09 22:20 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-07-09 22:20 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2014-07-09 22:20 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-07-09 22:20 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-07-09 22:20 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-07-09 22:20 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys2014-07-09 22:19 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-07-09 22:19 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-07-09 22:19 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-07-09 22:19 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-07-09 22:19 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-07-09 22:19 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-07-09 22:19 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-07-09 22:19 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-07-09 22:19 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-07-09 22:19 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-07-09 22:19 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-07-09 22:19 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-07-09 22:19 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-07-09 22:19 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-07-09 22:19 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-07-09 22:19 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-07-09 22:19 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-07-09 22:19 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-07-09 22:19 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-07-09 22:19 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-07-09 22:19 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-07-09 22:19 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-07-09 22:19 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-07-09 22:19 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-07-09 22:19 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-07-09 22:19 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-07-09 22:19 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-07-09 22:19 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-07-09 22:19 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-07-09 22:19 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-07-09 22:19 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-07-09 22:19 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-07-09 22:19 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-07-09 22:19 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-07-09 22:19 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-07-09 22:19 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-07-09 22:19 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-07-09 22:19 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-07-09 22:19 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-07-09 22:19 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-07-09 22:19 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-07-09 22:19 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-07-09 22:19 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-07-09 22:19 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-07-09 22:19 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-07-09 22:19 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-07-09 22:19 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-07-09 22:19 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-07-09 22:19 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-07-09 22:19 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-07-09 22:19 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-07-09 22:19 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-07-09 22:19 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-07-09 22:19 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-07-09 22:19 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-07-09 22:19 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-07-09 22:19 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-07-09 22:19 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-07-09 22:19 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-07-09 04:37 - 2014-07-09 04:37 - 00000550 _____ () C:\Users\Dave\Desktop\comics.txt2014-07-07 09:23 - 2014-07-07 20:43 - 00000000 ____D () C:\Users\Dave\Downloads\Emma - 20092014-07-06 10:10 - 2014-07-06 12:48 - 00001087 _____ () C:\Users\Dave\Desktop\Play Monkey Quest.lnk2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monkey Quest2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Local\Monkey Quest2014-07-06 10:08 - 2014-07-06 10:09 - 09611504 _____ (Viacom) C:\Users\Dave\Downloads\InstallMonkeyQuest.exe2014-06-30 18:23 - 2014-06-30 18:24 - 00000000 ____D () C:\Users\Dave\Documents\2014 Playhouse2014-06-24 15:42 - 2014-06-24 15:42 - 00895120 _____ (Google Inc.) C:\Users\Dave\Downloads\GoogleVoiceAndVideoSetup.exe2014-06-24 13:19 - 2014-06-24 13:19 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll2014-06-24 13:19 - 2014-06-24 13:19 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll2014-06-24 13:19 - 2014-06-24 13:19 - 00057168 _____ (Microsoft Corporation) C:\Windows\system32\vcomp100.dll2014-06-23 16:08 - 2014-06-23 16:08 - 00019968 _____ () C:\Users\Dave\Desktop\2014 vacations (version 2).xls2014-06-23 15:31 - 2014-06-23 15:38 - 00000000 ____D () C:\Users\Dave\Downloads\Norman Reedus ==================== One Month Modified Files and Folders ======= 2014-07-20 09:52 - 2014-07-20 09:51 - 00041142 _____ () C:\Users\Dave\Downloads\FRST.txt2014-07-20 09:51 - 2014-07-20 09:51 - 00000000 ____D () C:\FRST2014-07-20 09:50 - 2014-07-20 09:50 - 02089984 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe2014-07-20 09:41 - 2010-08-14 01:41 - 01331099 _____ () C:\Windows\WindowsUpdate.log2014-07-20 09:37 - 2011-06-30 05:20 - 00000000 ____D () C:\Users\Dave\Documents\ProcessExplorer2014-07-20 09:35 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-07-20 09:35 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-07-20 09:33 - 2012-04-24 11:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-07-20 09:32 - 2011-03-26 09:23 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA.job2014-07-20 09:24 - 2014-06-11 03:33 - 00000000 ____D () C:\Users\Dave\AppData\Local\Skitch2014-07-20 09:23 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\Dave\AppData\Local\DesktopTemperature2014-07-20 09:23 - 2011-04-23 22:20 - 00000429 _____ () C:\Windows\system32\Drivers\etc\hosts.ics2014-07-20 09:22 - 2011-11-18 20:16 - 00000343 _____ () C:\Windows\lgfwup.ini2014-07-20 09:22 - 2011-11-18 20:12 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate2014-07-20 09:20 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-07-20 09:20 - 2009-07-14 00:51 - 00354714 _____ () C:\Windows\setupact.log2014-07-20 09:19 - 2014-07-19 22:19 - 00000000 ____D () C:\ProgramData\AVAST Software2014-07-20 09:19 - 2010-05-31 23:34 - 02901910 _____ () C:\Windows\PFRO.log2014-07-20 09:18 - 2010-05-31 23:24 - 00000000 ____D () C:\Windows\oem2014-07-19 22:23 - 2014-07-19 22:23 - 00184320 _____ () C:\Users\Dave\Desktop\firefox bookmarks.html2014-07-19 22:22 - 2014-07-19 22:22 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.14058230271442014-07-19 22:18 - 2014-07-19 22:18 - 04862664 _____ (AVAST Software) C:\Users\Dave\Downloads\avast_free_antivirus_setup_online.exe2014-07-19 22:14 - 2014-07-19 22:14 - 00001231 _____ () C:\Users\Dave\Desktop\Revo Uninstaller.lnk2014-07-19 22:14 - 2014-07-19 22:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group2014-07-19 22:13 - 2014-07-19 22:13 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dave\Downloads\revosetup.exe2014-07-19 21:39 - 2014-07-19 21:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-07-19 21:39 - 2014-07-19 21:39 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-07-19 21:39 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-07-19 21:39 - 2012-04-17 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-07-19 21:38 - 2014-07-19 21:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Dave\Downloads\mbam-setup-2.0.2.1012.exe2014-07-19 21:15 - 2011-11-02 13:12 - 00036864 ___SH () C:\Users\Dave\Thumbs.db2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\System Optimizer Pro2014-07-19 21:05 - 2014-07-19 21:05 - 00000000 ____D () C:\Program Files (x86)\DriverRestore2014-07-19 21:05 - 2014-07-19 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore2014-07-19 21:03 - 2014-07-19 21:03 - 00000000 ____D () C:\Users\Dave\AppData\Local\System_Alerts_LLC2014-07-19 21:02 - 2014-07-19 21:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Temperature2014-07-19 21:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy2014-07-19 21:00 - 2014-07-19 21:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf2014-07-19 21:00 - 2011-09-15 22:33 - 00000258 __RSH () C:\ProgramData\ntuser.pol2014-07-19 20:58 - 2014-06-18 00:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-07-19 15:32 - 2011-03-26 09:23 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core.job2014-07-19 01:36 - 2011-11-29 15:55 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\uTorrent2014-07-17 12:04 - 2014-07-15 13:39 - 00000000 ____D () C:\Users\Dave\Downloads\Allentown Comic Con2014-07-16 18:50 - 2014-07-16 18:50 - 00000000 ____D () C:\Users\Dave\Downloads\GoBuster Ringtones2014-07-16 16:02 - 2014-07-16 15:54 - 00000000 ____D () C:\Users\Dave\Downloads\Dependent Verification2014-07-10 12:51 - 2014-05-02 13:31 - 00886459 _____ () C:\QDATA1.IDX2014-07-10 12:51 - 2011-03-25 23:26 - 00000000 ____D () C:\Users\Dave\Quicken2014-07-10 12:51 - 2006-07-31 11:20 - 06316056 _____ () C:\QDATA1.QDF2014-07-10 12:51 - 2006-07-31 11:20 - 00035840 _____ () C:\QDATA1.QEL2014-07-10 12:40 - 2011-04-07 00:46 - 00000000 ____D () C:\BACKUP2014-07-10 04:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache2014-07-10 03:23 - 2009-07-14 00:45 - 00351752 _____ () C:\Windows\system32\FNTCACHE.DAT2014-07-10 03:21 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel2014-07-10 03:21 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal2014-07-10 03:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism2014-07-10 03:21 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism2014-07-10 03:04 - 2013-08-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT2014-07-10 03:03 - 2011-03-26 08:58 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-07-09 04:40 - 2012-04-25 15:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-07-09 04:37 - 2014-07-09 04:37 - 00000550 _____ () C:\Users\Dave\Desktop\comics.txt2014-07-09 01:33 - 2012-04-24 11:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-07-09 01:33 - 2012-04-24 11:35 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-07-09 01:33 - 2011-05-26 05:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-07-07 20:43 - 2014-07-07 09:23 - 00000000 ____D () C:\Users\Dave\Downloads\Emma - 20092014-07-07 11:04 - 2014-07-19 21:00 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys2014-07-07 00:35 - 2011-09-15 22:02 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server2014-07-06 20:47 - 2010-08-14 01:47 - 00000000 ____D () C:\Program Files (x86)\Gateway Photo Frame2014-07-06 12:48 - 2014-07-06 10:10 - 00001087 _____ () C:\Users\Dave\Desktop\Play Monkey Quest.lnk2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monkey Quest2014-07-06 10:10 - 2014-07-06 10:10 - 00000000 ____D () C:\Users\Dave\AppData\Local\Monkey Quest2014-07-06 10:09 - 2014-07-06 10:08 - 09611504 _____ (Viacom) C:\Users\Dave\Downloads\InstallMonkeyQuest.exe2014-07-05 16:21 - 2014-01-31 12:01 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-07-04 17:11 - 2013-09-14 10:12 - 00000000 ____D () C:\Users\Dave\Downloads\MMPRToys2014-07-04 15:40 - 2013-11-29 11:13 - 00000000 ____D () C:\Users\Dave\AppData\Local\Paint.NET2014-06-30 18:24 - 2014-06-30 18:23 - 00000000 ____D () C:\Users\Dave\Documents\2014 Playhouse2014-06-29 22:09 - 2014-07-09 22:20 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll2014-06-29 22:04 - 2014-07-09 22:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll2014-06-28 15:40 - 2011-03-30 07:15 - 00000000 ____D () C:\Users\Dave\AppData\Local\CrashDumps2014-06-28 14:47 - 2013-11-29 11:14 - 00001195 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk2014-06-28 14:47 - 2013-11-29 11:14 - 00001183 _____ () C:\Users\Public\Desktop\Paint.NET.lnk2014-06-28 14:47 - 2013-11-29 11:14 - 00000000 ____D () C:\Program Files\Paint.NET2014-06-28 14:11 - 2011-03-15 03:07 - 00084440 _____ () C:\Users\Dave\AppData\Local\GDIPFONTCACHEV1.DAT2014-06-25 11:17 - 2012-06-07 09:31 - 02932224 ___SH () C:\Users\Dave\Downloads\Thumbs.db2014-06-24 16:20 - 2013-10-24 11:55 - 00000000 ____D () C:\Users\Dave\Downloads\Monster High2014-06-24 15:42 - 2014-06-24 15:42 - 00895120 _____ (Google Inc.) C:\Users\Dave\Downloads\GoogleVoiceAndVideoSetup.exe2014-06-24 15:42 - 2011-03-15 18:02 - 00000000 ____D () C:\Users\Dave\AppData\Roaming\Mozilla2014-06-24 15:42 - 2011-03-15 03:38 - 00000000 ____D () C:\Users\Dave\AppData\Local\Google2014-06-24 13:19 - 2014-06-24 13:19 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll2014-06-24 13:19 - 2014-06-24 13:19 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll2014-06-24 13:19 - 2014-06-24 13:19 - 00057168 _____ (Microsoft Corporation) C:\Windows\system32\vcomp100.dll2014-06-23 16:08 - 2014-06-23 16:08 - 00019968 _____ () C:\Users\Dave\Desktop\2014 vacations (version 2).xls2014-06-23 15:38 - 2014-06-23 15:31 - 00000000 ____D () C:\Users\Dave\Downloads\Norman Reedus2014-06-23 15:27 - 2011-03-26 09:23 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000UA2014-06-23 15:27 - 2011-03-26 09:23 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1923651785-319983845-472338908-1000Core2014-06-20 16:14 - 2014-07-09 22:19 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-06-20 15:39 - 2014-07-09 22:19 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll Some content of TEMP:====================C:\Users\Dave\AppData\Local\Temp\air1510.exeC:\Users\Dave\AppData\Local\Temp\air5115.exeC:\Users\Dave\AppData\Local\Temp\airC41E.exeC:\Users\Dave\AppData\Local\Temp\airC6DE.exeC:\Users\Dave\AppData\Local\Temp\airC9BD.exeC:\Users\Dave\AppData\Local\Temp\DRHelper_installFinish.exeC:\Users\Dave\AppData\Local\Temp\DRHelper_installStart.exeC:\Users\Dave\AppData\Local\Temp\DRHelper_uninstallComplete.exeC:\Users\Dave\AppData\Local\Temp\SfpcHelper_installFinish.exeC:\Users\Dave\AppData\Local\Temp\SfpcHelper_installStart.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-18 01:45 ==================== End Of Log ============================