bamboni

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-07-2014 Ran by Kading at 2014-07-30 17:40:40 Run:1 Running from C:\Users\Kading\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_18437\blabbers-ch.crx C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_18437\CRX_INSTALL\witmain.js ProxyServer: http=127.0.0.1:16110;https=127.0.0.1:16110 CHR Extension: (Upromise RewardU Toolbar) - C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddpocmpoechljihmgemoaahhmadaenbc [2014-04-30] C:\Users\Kading\Photoshop_12_LS1.exe AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09 ***************** C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_18437\blabbers-ch.crx => Moved successfully. C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_18437\CRX_INSTALL\witmain.js => Moved successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddpocmpoechljihmgemoaahhmadaenbc => Moved successfully. C:\Users\Kading\Photoshop_12_LS1.exe => Moved successfully. C:\ProgramData\TEMP => ":B1FBBD09" ADS removed successfully. ==== End of Fixlog ====

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014 Ran by Kading at 2014-07-30 05:22:11 Running from C:\Users\Kading\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 2.1.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated) Adobe Download Assistant (x32 Version: 1.2.8 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 12 (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.) Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.) Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon MG2200 series User Registration (HKLM-x32\...\Canon MG2200 series User Registration) (Version: - Canon Inc.‎) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Creative Memories StoryBook Creator Plus 3 (HKLM-x32\...\{95ED1AC3-DF2A-4719-B029-909C0875CD8F}) (Version: 3.0 - Caspedia Corporation) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.) Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.3.2.10 - Dell) Dell System Detect Bootstrapper (HKCU\...\8e3135b376bd523e) (Version: 1.1.0.15 - Dell) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.115.102 - ALPS ELECTRIC CO., LTD.) Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd) Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.) Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH) e-Rewards Notify (HKLM-x32\...\{C625BFEC-D44A-4739-843C-C31F63195699}) (Version: 1.1.0.194 - e-Rewards Opinion Panel) Full Color Ordering System (HKCU\...\Full Color Ordering System) (Version: - Full Color, Inc.) Full Color ROES (HKCU\...\Full Color ROES) (Version: - Full Color) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.) Java Auto Updater (x32 Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden Java 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.) Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle) Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7252 - Memeo Inc.) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.) PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.) Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.2.0.0 - Shutterfly, Inc.) Shutterfly Express Uploader (x32 Version: 1.2.0 - Shutterfly, Inc.) Hidden Silhouette Studio (HKLM-x32\...\{739394E5-3E62-4DC6-9BD5-A27775E4C9BD}) (Version: 2.7.18 - Aspex Research & Technology) Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.) StoryBook Creator 4.0 (HKLM\...\{4B5A7ADC-52EB-491C-8824-40466AB844A5}) (Version: 4.0.4728 - Creative Memories) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Unity Web Player (HKLM-x32\...\UnityWebPlayer) (Version: 2.5.5b4_50 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft) Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft) Upromise RewardU Toolbar (HKCU\...\Upromise RewardU Toolbar) (Version: - Upromise.com) Upromise RewardU Toolbar (HKLM-x32\...\Upromise RewardU Toolbar) (Version: - Upromise.com) Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () CustomCLSID: HKU\S-1-5-21-1794151253-3064182797-4059908097-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Java\jre6\bin\jp2iexp.dll () ==================== Restore Points ========================= 22-07-2014 02:01:03 Windows Update 23-07-2014 20:00:17 Windows Update 25-07-2014 03:12:54 Installed Adobe Photoshop Elements 12. 25-07-2014 06:20:38 Checkpoint by HitmanPro 25-07-2014 06:25:49 Checkpoint by HitmanPro 27-07-2014 02:17:38 Windows Update 28-07-2014 16:42:54 Removed Savings Bond Wizard ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2014-07-25 01:26 - 00000019 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05630CF3-1184-492D-91AF-7C737485828A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {067B95D2-8C18-4D8C-B8A7-2D1CB68C60EB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1794151253-3064182797-4059908097-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.) Task: {0E5A69D5-C834-47FB-9182-804640190A44} - System32\Tasks\D85Z71K1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.) Task: {11C80031-31EF-4B95-AF70-180DDDCE1689} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {171F6F0D-6EB2-478A-B116-C230CEFED731} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {25DEB1CD-6944-47BF-B727-DF54164DC0AE} - System32\Tasks\AdobeAAMUpdater-1.0-Kading-PC-Kading => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated) Task: {3909D051-0A9A-43EA-B29D-23A826516076} - System32\Tasks\{557EE22E-8250-4F4B-89CA-BA2F492AB3F4} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Task: {3AC7341E-E085-4F27-97BB-22DC69897E47} - System32\Tasks\{3092B3A7-84D1-41C7-BE0A-AD96DC047330} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Task: {410A771B-1FC9-41A3-954C-7FB9ACF91F57} - System32\Tasks\{C4F96C9F-8F34-476E-A76E-BB01C768A001} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Task: {56CD630C-EC94-4DC2-9CF3-91F72DA87E2D} - System32\Tasks\{A27E4C59-D07F-47E0-988B-C62E75AF5D7C} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Task: {5CE598CA-B64A-4782-A14B-4F4984113541} - System32\Tasks\{C7771414-0911-43A7-B747-14B63F65B4A0} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Task: {603EB026-C55C-450C-B910-AE1822473CF2} - System32\Tasks\{F35EB668-CFEB-4BBB-8A4F-FED53263E195} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Task: {6A6342E2-B36B-4B40-B7D7-8E7264B1DA6E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {796D9A05-B7A3-4B94-80C7-DB0A6816CDB4} - System32\Tasks\{E3C368B3-75BA-412D-A72C-8B531F0A6DE8} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Task: {8D92AF38-37BC-4E9B-AA37-AA353A5C7FC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18] (Google Inc.) Task: {9589F1AC-D588-43E0-A764-44DBDEEC5295} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {966D24D7-0429-465C-ADF9-8D3A99BE62B9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1794151253-3064182797-4059908097-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.) Task: {9FF32BD1-64EF-433F-ABBB-D6C4D0FA4B98} - System32\Tasks\{B4A5A0E6-F232-4282-AB06-292FB0B35766} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-07-02] (Skype Technologies S.A.) Task: {ABA78F57-1FB3-4590-8FD3-D8177EDF27DC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1794151253-3064182797-4059908097-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.) Task: {B69708BC-01DF-4918-8912-D08783A5602F} - System32\Tasks\{98BDBE2D-030B-4FE5-53FA-F1BFA509CC38} => C:\Windows\system32\osutfxs.dll [2014-07-21] () Task: {B7CEC13A-D2DE-4C9D-A7D4-0E4DFE6700D6} - System32\Tasks\{0D842792-0306-42E8-9EE9-8CB893C97F25} => C:\Program Files (x86)\Shutterfly\Shutterfly Express Uploader\Shutterfly Express Uploader.exe [2014-01-04] () Task: {BE71190B-9A62-4DAD-9611-80EF20D07B27} - System32\Tasks\{3262CA51-2DC7-4352-AC35-589D4573C591} => C:\Program Files (x86)\Shutterfly\Shutterfly Express Uploader\Shutterfly Express Uploader.exe [2014-01-04] () Task: {C87BF8CD-A4DB-493D-8932-DCDAE9FA6D41} - System32\Tasks\{5A1FDAE4-7A7C-46FA-BEAE-13024E905F50} => C:\Program Files (x86)\Shutterfly\Shutterfly Express Uploader\Shutterfly Express Uploader.exe [2014-01-04] () Task: {D90D4D0F-3057-4B2D-9089-DA4A7D1C0076} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18] (Google Inc.) Task: {DC100748-4C13-4971-8B1A-991B73711683} - System32\Tasks\LAUNCH CDPCO => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe Task: {E863E9DB-7F5A-458B-9E66-0768D8C169FD} - System32\Tasks\{7D1D29A2-3607-4170-A74C-30E1EBCB0946} => C:\Program Files (x86)\Shutterfly\Shutterfly Express Uploader\Shutterfly Express Uploader.exe [2014-01-04] () Task: {F70B22AF-9055-4313-95C7-2EFF58ED983A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1794151253-3064182797-4059908097-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-10-25] (RealNetworks, Inc.) Task: {F888FAA3-571A-4A19-A65D-2B5F5755755E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-06-20 11:40 - 2014-06-20 11:40 - 00082944 _____ () C:\Program Files (x86)\MR APP\MRAPP.Common.dll 2014-06-20 11:40 - 2014-06-20 11:40 - 00013824 _____ () C:\Program Files (x86)\MR APP\MRAPP.Scheduler.dll 2014-06-20 11:40 - 2014-06-20 11:40 - 00272384 _____ () C:\Program Files (x86)\MR APP\C5.dll 2013-06-11 22:54 - 2011-09-06 06:02 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2014-06-20 11:40 - 2014-06-20 11:40 - 00079872 _____ () C:\Program Files (x86)\MR APP\MRAPP.UI.Resources.R23.dll 2014-07-25 23:10 - 2014-06-18 15:50 - 00703800 _____ () C:\Program Files (x86)\Emsisoft Anti-Malware\fw32.dll 2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-12-07 22:59 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2013-12-07 22:59 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2013-12-07 22:59 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-12-07 22:59 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2013-12-07 22:59 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\45112660.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\45112660.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeActiveFileMonitor8.0 => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: bckwfs => 2 MSCONFIG\Services: FLEXnet Licensing Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: IAANTMON => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MemeoBackgroundService => 2 MSCONFIG\Services: SeagateDashboardService => 2 MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\Services: STacSV => 2 MSCONFIG\Services: wltrysvc => 2 MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Kading\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 MSCONFIG\startupreg: Gamevance => C:\Program Files (x86)\Gamevance\gamevance32.exe a MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: PhotoshopElements8SyncAgent => C:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe" MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot MSCONFIG\startupreg: Upromise Tray => C:\Program Files (x86)\Upromise\UpromiseTray.exe MSCONFIG\startupreg: Upromise Update => C:\Program Files (x86)\Upromise\dca-ua.exe MSCONFIG\startupreg: WLSync => C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe /background ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/30/2014 05:19:51 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/30/2014 05:19:44 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/30/2014 05:19:44 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/30/2014 05:15:19 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/29/2014 10:02:58 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15616 Error: (07/29/2014 10:02:58 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15616 Error: (07/29/2014 10:02:58 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/29/2014 09:29:21 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/29/2014 09:28:59 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/29/2014 09:28:59 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (07/29/2014 10:17:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Akamai NetSession Interface service terminated with the following error: %%126 Error: (07/29/2014 10:17:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SAS Core Service service failed to start due to the following error: %%2 Error: (07/29/2014 08:19:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Akamai NetSession Interface service terminated with the following error: %%126 Error: (07/29/2014 08:19:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SAS Core Service service failed to start due to the following error: %%2 Error: (07/29/2014 08:06:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Akamai NetSession Interface service terminated with the following error: %%126 Error: (07/29/2014 08:06:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SAS Core Service service failed to start due to the following error: %%2 Error: (07/28/2014 08:01:49 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.179.1326.0 Update Source: %NT AUTHORITY59 Update Stage: 4.5.0216.00 Source Path: 4.5.0216.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (07/28/2014 07:47:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Akamai NetSession Interface service terminated with the following error: %%126 Error: (07/28/2014 07:47:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SAS Core Service service failed to start due to the following error: %%2 Error: (07/28/2014 07:45:33 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 59% Total physical RAM: 3032.36 MB Available physical RAM: 1237.64 MB Total Pagefile: 6062.91 MB Available Pagefile: 3394.16 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:222.14 GB) (Free:86.73 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 68000000) Partition 1: (Not Active) - (Size=63 MB) - (Type=DE) Partition 2: (Active) - (Size=11 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=222 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014 Ran by Kading (administrator) on KADING-PC on 30-07-2014 05:20:30 Running from C:\Users\Kading\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Digital Market Research Apps Pty Ltd) C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Digital Market Research Apps Pty Ltd) C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Microsoft) C:\Program Files (x86)\MR APP\MRAPP.UI.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [MouseDriver] => TiltWheelMouse.exe HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [NPSStartup] => [X] HKLM-x32\...\Run: [bingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4841824 2014-07-09] (Emsisoft GmbH) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-1794151253-3064182797-4059908097-1000\...\Run: [spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.) HKU\S-1-5-21-1794151253-3064182797-4059908097-1000\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1400224 2013-09-25] (Adobe Systems Incorporated) HKU\S-1-5-21-1794151253-3064182797-4059908097-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1794151253-3064182797-4059908097-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:16110;https=127.0.0.1:16110 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = URLSearchHook: HKCU - Default Value = (value not set) URLSearchHook: HKCU - FCToolbarURLSearchHook Class - {6f52f077-2dbf-f864-8da7-73cc1a21005a} - C:\Program Files\Upromise RewardU Toolbar\Helper.dll () URLSearchHook: HKCU - FCToolbarURLSearchHook Class - {6f52f077-2dbf-f864-8da7-73cc1a21005a} - C:\Program Files (x86)\Upromise RewardU Toolbar\Helper.dll () SearchScopes: HKLM-x32 - {35e9438f-19d4-4516-b2ac-59ba9241de4d} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^9N^xdm003^YY^us&si=COfwo7e0-LQCFSemPAodfxYA7g&ptb=A4A4D2B1-5528-44D2-833A-B975B897ADBA&ind=2013012021&n=77fc2035&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKCU - {35e9438f-19d4-4516-b2ac-59ba9241de4d} URL = BHO: Upromise RewardU Toolbar BHO -> {2E1946E4-D51E-6074-C16F-ED7E0D98A8E4} -> C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) BHO-x32: Upromise RewardU Toolbar BHO -> {2E1946E4-D51E-6074-C16F-ED7E0D98A8E4} -> C:\Program Files (x86)\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) Toolbar: HKLM - Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) Toolbar: HKLM-x32 - Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files (x86)\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) Toolbar: HKCU - Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {62AEFF80-16AD-4AC4-B812-E70EB5F37301} http://www.zenfolio.com/zf/code/upload-ie-win-x86.cab DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://purewellness.webex.com/client/WBXclient-T28L10NSP7-15458/nbr/ieatgpc1.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.nd.gov/dana-cached/sc/JuniperSetupClient.cab Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 24.220.0.10 24.220.0.11 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @unity3d.com/UnityPlayer - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext Chrome: ======= CHR HomePage: hxxp://www.bing.com/?pc=U160&ocid=U160DHP&dt=081113 CHR StartupUrls: "hxxp://www.bing.com/?pc=U160&ocid=U160DHP&dt=081113" CHR DefaultSearchKeyword: bing.com CHR DefaultNewTabURL: CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll No File CHR Plugin: (RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) CHR Plugin: (Unity Player) - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-01] CHR Extension: (Upromise RewardU Toolbar) - C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddpocmpoechljihmgemoaahhmadaenbc [2014-04-30] CHR Extension: (Google Wallet) - C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4741384 2014-07-09] (Emsisoft GmbH) R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated) R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) R2 EventService; C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe [33280 2014-06-20] (Digital Market Research Apps Pty Ltd) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.) R2 TransferService; C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe [32256 2014-06-20] (Digital Market Research Apps Pty Ltd) [File not signed] S4 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed] S2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [X] S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH) R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH) R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH) R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH) R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-29] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) S3 MWAC; \??\C:\Windows\system32\drivers\ [0 ] () [File not signed] S3 MWAC; \??\C:\Windows\SysWOW64\drivers\ [0 ] () [File not signed] R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () S1 hshlnnwb; \??\C:\Windows\system32\drivers\hshlnnwb.sys [X] S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-30 05:18 - 2014-07-30 05:18 - 00000959 _____ () C:\Users\Kading\Desktop\threats.txt 2014-07-29 19:16 - 2014-07-29 19:16 - 02347384 _____ (ESET) C:\Users\Kading\Desktop\esetsmartinstaller_enu.exe 2014-07-29 17:03 - 2014-07-29 17:03 - 00044460 _____ () C:\Users\Kading\Desktop\FRST1.txt 2014-07-29 08:21 - 2014-07-29 08:21 - 00001163 _____ () C:\Users\Kading\Desktop\AdwCleaner[R0].txt 2014-07-28 23:22 - 2014-07-28 23:22 - 00001807 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-07-28 23:22 - 2014-07-28 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-07-28 23:21 - 2014-07-28 23:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-07-28 22:52 - 2014-07-28 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-07-28 21:27 - 2014-07-28 21:33 - 00000000 ____D () C:\Users\Kading\Desktop\Chris Phone 2014-07-28 17:14 - 2014-07-28 17:14 - 00003882 _____ () C:\Users\Kading\Desktop\AdwCleaner[s0].txt 2014-07-28 11:49 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-28 11:47 - 2014-07-29 10:15 - 00000000 ____D () C:\AdwCleaner 2014-07-28 11:46 - 2014-07-28 11:46 - 01365525 _____ () C:\Users\Kading\Desktop\AdwCleaner.exe 2014-07-27 23:20 - 2014-07-27 23:21 - 00089916 _____ () C:\Users\Kading\Desktop\Addition.txt 2014-07-27 23:18 - 2014-07-30 05:21 - 00020363 _____ () C:\Users\Kading\Desktop\FRST.txt 2014-07-27 23:18 - 2014-07-30 05:20 - 00000000 ____D () C:\FRST 2014-07-27 23:17 - 2014-07-27 23:18 - 02093568 _____ (Farbar) C:\Users\Kading\Desktop\FRST64.exe 2014-07-26 08:53 - 2014-07-26 08:53 - 00000000 ____D () C:\Users\Kading\Documents\Adobe 2014-07-26 08:14 - 2014-07-26 08:14 - 31909432 _____ () C:\Users\Kading\Desktop\Em River.psd 2014-07-26 08:05 - 2014-07-26 08:05 - 00709106 _____ () C:\Users\Kading\Desktop\Em Riveredi.jpged 2014-07-26 06:58 - 2014-07-26 07:40 - 00000000 ____D () C:\Users\Kading\Desktop\Upload 2014-07-25 23:15 - 2014-07-25 23:15 - 00000000 ____D () C:\ProgramData\Emsisoft 2014-07-25 23:11 - 2014-07-25 23:11 - 00001057 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-07-25 23:11 - 2014-07-25 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2014-07-25 23:10 - 2014-07-30 05:11 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware 2014-07-25 20:53 - 2014-07-25 20:53 - 375334421 _____ () C:\Users\Kading\Desktop\Untitled-1.psd 2014-07-25 14:48 - 2014-07-25 14:48 - 15933939 _____ () C:\Users\Kading\Desktop\Prayer.psd 2014-07-25 01:26 - 2014-07-25 01:26 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2014-07-25 00:15 - 2014-07-25 19:19 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-07-24 22:21 - 2014-07-24 22:21 - 00001912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 12.lnk 2014-07-24 22:21 - 2014-07-24 22:21 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 12.lnk 2014-07-24 22:21 - 2013-07-19 03:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys 2014-07-24 21:50 - 2014-07-24 22:10 - 00000000 ____D () C:\Users\Kading\Desktop\Adobe Photoshop Elements 12 2014-07-24 21:41 - 2014-07-24 21:41 - 00001005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk 2014-07-24 21:41 - 2014-07-24 21:41 - 00000993 _____ () C:\Users\Public\Desktop\Adobe Download Assistant.lnk 2014-07-24 21:41 - 2014-07-24 21:41 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant 2014-07-24 19:38 - 2014-07-24 19:38 - 02588472 _____ () C:\Users\Kading\Downloads\AdobeDownloadAssistant.exe 2014-07-22 22:28 - 2014-07-22 22:28 - 00000000 ____D () C:\MR APP 2014-07-22 12:38 - 2014-07-24 22:42 - 00000000 ____D () C:\Users\Kading\Desktop\Gallery wall 2014-07-21 17:54 - 2014-07-21 17:54 - 00072704 _____ () C:\Windows\system32\osutfxs.dll 2014-07-21 17:54 - 2014-07-21 17:54 - 00003968 _____ () C:\Windows\System32\Tasks\{98BDBE2D-030B-4FE5-53FA-F1BFA509CC38} 2014-07-21 17:54 - 2014-07-21 17:54 - 00000000 _____ () C:\Windows\system32\vedvfq.dll 2014-07-20 09:14 - 2014-07-20 09:14 - 00041876 _____ () C:\Users\Kading\Desktop\jailbirdjenna.zip 2014-07-09 20:30 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 20:30 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 20:30 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 20:30 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 20:30 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 20:30 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 20:30 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 20:30 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 20:29 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 20:29 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 20:29 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 20:29 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 20:29 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 20:29 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 20:29 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 20:29 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 20:29 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 20:29 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 20:29 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 20:29 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 20:29 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 20:29 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 20:29 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 20:29 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 20:29 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 20:29 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 20:29 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 20:29 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 20:29 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 20:29 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 20:29 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 20:29 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 20:29 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 20:29 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 20:29 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 20:29 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 20:29 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 20:29 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 20:29 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 20:29 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 20:29 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 20:29 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 20:29 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 20:29 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 20:29 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 20:29 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 20:29 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 20:29 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 20:29 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 20:29 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 20:29 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 20:29 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 20:29 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 20:29 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 20:29 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 20:29 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 20:29 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 20:29 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 20:29 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 20:29 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 20:29 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 20:29 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 20:29 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 20:29 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 20:29 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 20:29 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 20:29 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-30 05:21 - 2014-07-27 23:18 - 00020363 _____ () C:\Users\Kading\Desktop\FRST.txt 2014-07-30 05:20 - 2014-07-27 23:18 - 00000000 ____D () C:\FRST 2014-07-30 05:18 - 2014-07-30 05:18 - 00000959 _____ () C:\Users\Kading\Desktop\threats.txt 2014-07-30 05:16 - 2014-05-02 18:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-30 05:11 - 2014-07-25 23:10 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware 2014-07-30 05:08 - 2010-06-18 22:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-30 02:01 - 2010-06-21 16:30 - 00000000 ____D () C:\Users\Kading\AppData\Local\Adobe 2014-07-29 22:07 - 2009-07-14 00:10 - 01156695 _____ () C:\Windows\WindowsUpdate.log 2014-07-29 21:28 - 2014-05-18 19:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-29 19:16 - 2014-07-29 19:16 - 02347384 _____ (ESET) C:\Users\Kading\Desktop\esetsmartinstaller_enu.exe 2014-07-29 17:03 - 2014-07-29 17:03 - 00044460 _____ () C:\Users\Kading\Desktop\FRST1.txt 2014-07-29 14:08 - 2010-06-18 22:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-29 11:02 - 2014-06-25 08:01 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1794151253-3064182797-4059908097-1000 2014-07-29 11:02 - 2014-06-25 08:01 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1794151253-3064182797-4059908097-1000 2014-07-29 10:27 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-29 10:27 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-29 10:17 - 2014-06-29 01:00 - 00003316 _____ () C:\Windows\setupact.log 2014-07-29 10:17 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-29 10:16 - 2010-06-16 15:19 - 00880938 _____ () C:\Windows\PFRO.log 2014-07-29 10:15 - 2014-07-28 11:47 - 00000000 ____D () C:\AdwCleaner 2014-07-29 08:21 - 2014-07-29 08:21 - 00001163 _____ () C:\Users\Kading\Desktop\AdwCleaner[R0].txt 2014-07-29 04:15 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-28 23:22 - 2014-07-28 23:22 - 00001807 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-07-28 23:22 - 2014-07-28 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-07-28 23:22 - 2014-07-28 23:21 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-07-28 22:52 - 2014-07-28 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-07-28 21:33 - 2014-07-28 21:27 - 00000000 ____D () C:\Users\Kading\Desktop\Chris Phone 2014-07-28 17:14 - 2014-07-28 17:14 - 00003882 _____ () C:\Users\Kading\Desktop\AdwCleaner[s0].txt 2014-07-28 11:46 - 2014-07-28 11:46 - 01365525 _____ () C:\Users\Kading\Desktop\AdwCleaner.exe 2014-07-28 11:43 - 2010-06-16 13:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-27 23:21 - 2014-07-27 23:20 - 00089916 _____ () C:\Users\Kading\Desktop\Addition.txt 2014-07-27 23:18 - 2014-07-27 23:17 - 02093568 _____ (Farbar) C:\Users\Kading\Desktop\FRST64.exe 2014-07-27 22:55 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-26 10:33 - 2010-11-27 22:08 - 00000000 ____D () C:\Users\Kading\AppData\Roaming\Skype 2014-07-26 08:56 - 2010-06-16 21:58 - 00000000 ____D () C:\Users\Kading\AppData\Roaming\Adobe 2014-07-26 08:53 - 2014-07-26 08:53 - 00000000 ____D () C:\Users\Kading\Documents\Adobe 2014-07-26 08:14 - 2014-07-26 08:14 - 31909432 _____ () C:\Users\Kading\Desktop\Em River.psd 2014-07-26 08:05 - 2014-07-26 08:05 - 00709106 _____ () C:\Users\Kading\Desktop\Em Riveredi.jpged 2014-07-26 07:40 - 2014-07-26 06:58 - 00000000 ____D () C:\Users\Kading\Desktop\Upload 2014-07-25 23:15 - 2014-07-25 23:15 - 00000000 ____D () C:\ProgramData\Emsisoft 2014-07-25 23:11 - 2014-07-25 23:11 - 00001057 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-07-25 23:11 - 2014-07-25 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2014-07-25 20:53 - 2014-07-25 20:53 - 375334421 _____ () C:\Users\Kading\Desktop\Untitled-1.psd 2014-07-25 19:40 - 2012-04-26 18:47 - 00000000 ____D () C:\Users\Kading\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2014-07-25 19:38 - 2009-07-13 23:45 - 06209600 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-25 19:19 - 2014-07-25 00:15 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-07-25 14:48 - 2014-07-25 14:48 - 15933939 _____ () C:\Users\Kading\Desktop\Prayer.psd 2014-07-25 12:33 - 2010-08-10 18:44 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2014-07-25 01:26 - 2014-07-25 01:26 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2014-07-25 01:26 - 2012-01-11 08:46 - 00000000 __SHD () C:\Users\Kading\AppData\Local\{0fc4ad35-27b1-fc7b-2a29-e53dc14be096} 2014-07-24 22:42 - 2014-07-22 12:38 - 00000000 ____D () C:\Users\Kading\Desktop\Gallery wall 2014-07-24 22:32 - 2010-08-10 18:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-07-24 22:27 - 2010-06-16 22:09 - 00071384 _____ () C:\Users\Kading\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-24 22:23 - 2010-06-21 16:30 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-07-24 22:21 - 2014-07-24 22:21 - 00001912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 12.lnk 2014-07-24 22:21 - 2014-07-24 22:21 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 12.lnk 2014-07-24 22:10 - 2014-07-24 21:50 - 00000000 ____D () C:\Users\Kading\Desktop\Adobe Photoshop Elements 12 2014-07-24 21:41 - 2014-07-24 21:41 - 00001005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk 2014-07-24 21:41 - 2014-07-24 21:41 - 00000993 _____ () C:\Users\Public\Desktop\Adobe Download Assistant.lnk 2014-07-24 21:41 - 2014-07-24 21:41 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant 2014-07-24 19:38 - 2014-07-24 19:38 - 02588472 _____ () C:\Users\Kading\Downloads\AdobeDownloadAssistant.exe 2014-07-23 22:59 - 2013-11-29 23:28 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-23 22:59 - 2013-11-29 23:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-23 15:03 - 2013-11-29 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-22 22:28 - 2014-07-22 22:28 - 00000000 ____D () C:\MR APP 2014-07-21 18:17 - 2012-12-26 13:59 - 00000000 ____D () C:\Users\Kading\AppData\Local\CrashDumps 2014-07-21 17:54 - 2014-07-21 17:54 - 00072704 _____ () C:\Windows\system32\osutfxs.dll 2014-07-21 17:54 - 2014-07-21 17:54 - 00003968 _____ () C:\Windows\System32\Tasks\{98BDBE2D-030B-4FE5-53FA-F1BFA509CC38} 2014-07-21 17:54 - 2014-07-21 17:54 - 00000000 _____ () C:\Windows\system32\vedvfq.dll 2014-07-21 17:54 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep 2014-07-20 10:53 - 2010-11-27 22:08 - 00000000 ____D () C:\ProgramData\Skype 2014-07-20 09:14 - 2014-07-20 09:14 - 00041876 _____ () C:\Users\Kading\Desktop\jailbirdjenna.zip 2014-07-10 17:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache 2014-07-10 16:31 - 2014-05-02 16:53 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-10 16:31 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-10 16:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-10 16:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-10 15:06 - 2013-07-13 09:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 15:03 - 2010-06-17 17:28 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 11:16 - 2014-05-02 18:09 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 11:16 - 2014-05-02 18:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-09 11:16 - 2013-07-28 22:27 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-02 13:45 - 2013-06-11 22:53 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-06-30 20:25 - 2013-06-30 17:13 - 00000000 ____D () C:\Users\Kading\AppData\Local\Deployment Files to move or delete: ==================== C:\Users\Kading\Photoshop_12_LS1.exe Some content of TEMP: ==================== C:\Users\Kading\AppData\Local\Temp\ose00000.exe C:\Users\Kading\AppData\Local\Temp\px.dll C:\Users\Kading\AppData\Local\Temp\pxafs.dll C:\Users\Kading\AppData\Local\Temp\PxCpyA64.exe C:\Users\Kading\AppData\Local\Temp\PxCpyI64.exe C:\Users\Kading\AppData\Local\Temp\pxdrv.dll C:\Users\Kading\AppData\Local\Temp\pxhpinst.exe C:\Users\Kading\AppData\Local\Temp\PxInsA64.exe C:\Users\Kading\AppData\Local\Temp\PxInsI64.exe C:\Users\Kading\AppData\Local\Temp\pxmas.dll C:\Users\Kading\AppData\Local\Temp\pxsetup.exe C:\Users\Kading\AppData\Local\Temp\pxsfs.dll C:\Users\Kading\AppData\Local\Temp\pxwave.dll C:\Users\Kading\AppData\Local\Temp\Quarantine.exe C:\Users\Kading\AppData\Local\Temp\readSTILog.dll C:\Users\Kading\AppData\Local\Temp\vxblock.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-28 12:47 ==================== End Of Log ============================

ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK esets_scanner_update returned -1 esets_gle=12 esets_scanner_update returned -1 esets_gle=12 esets_scanner_update returned -1 esets_gle=12 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=c9bf28c112c9c5448edb7331fdbbe1c8 # engine=19409 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-07-30 02:28:21 # local_time=2014-07-29 09:28:21 (-0600, Central Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Microsoft Security Essentials' # compatibility_mode=5895 16777213 100 100 9271039 77869323 0 0 # compatibility_mode_1='Emsisoft Anti-Malware' # compatibility_mode=16642 16777213 100 100 0 207817989 0 0 # scanned=24659 # found=0 # cleaned=0 # scan_time=7620 ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=c9bf28c112c9c5448edb7331fdbbe1c8 # engine=19409 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-07-30 07:10:51 # local_time=2014-07-30 02:10:51 (-0600, Central Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Microsoft Security Essentials' # compatibility_mode=5895 16777213 100 100 9287988 77886272 0 0 # compatibility_mode_1='Emsisoft Anti-Malware' # compatibility_mode=16642 16777213 100 100 0 207834938 0 0 # scanned=324721 # found=8 # cleaned=0 # scan_time=16783 sh=C776B331F1F97D83BF13FDB90FE2CB487143A91F ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G potentially unwanted application" ac=I fn="C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_18437\blabbers-ch.crx" sh=BAF484A557E4D20CC42C78977351A10C5638CC05 ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G potentially unwanted application" ac=I fn="C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_18437\CRX_INSTALL\witmain.js" sh=80922BA3FBF9E5EDAC2F33FEE81CE59CAE701355 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.ROA trojan" ac=I fn="C:\Users\Kading\AppData\Local\Temp\jar_cache4241991285931522357.tmp" sh=80922BA3FBF9E5EDAC2F33FEE81CE59CAE701355 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.ROA trojan" ac=I fn="C:\Users\Kading\AppData\Local\Temp\~+JF8411914495429276653.tmp" sh=CEF28088B8E05D9F8390FED07FAD4CD142F44034 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.RJQ trojan" ac=I fn="C:\Users\Kading\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\465cb443-1d5f72cd" sh=E77BB38FB93F38CC15EED2E16487B2C5DA34B6D2 ft=1 fh=7eab84a27bc8a8f1 vn="a variant of Win32/PCCleaners potentially unwanted application" ac=I fn="C:\Windows\uninst.exe" sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\System32\Adobe\Shockwave 11\gt.exe" sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 11\gt.exe"

Here is the Malwarebytes log. Downloading ESET now Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 7/29/2014 Scan Time: 6:42:48 PM Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.29.08 Rootkit Database: v2014.07.17.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Kading Scan Type: Threat Scan Result: Completed Objects Scanned: 301664 Time Elapsed: 28 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.FreeCauseTB.A, HKU\S-1-5-21-1794151253-3064182797-4059908097-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FREECAUSE\Toolbars, , [1f824d53ff7cb680df97c628ad55966a], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014 Ran by Kading (administrator) on KADING-PC on 29-07-2014 16:58:42 Running from C:\Users\Kading\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Digital Market Research Apps Pty Ltd) C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Digital Market Research Apps Pty Ltd) C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Microsoft) C:\Program Files (x86)\MR APP\MRAPP.UI.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [MouseDriver] => TiltWheelMouse.exe HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [NPSStartup] => [X] HKLM-x32\...\Run: [bingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4841824 2014-07-09] (Emsisoft GmbH) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-1794151253-3064182797-4059908097-1000\...\Run: [spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.) HKU\S-1-5-21-1794151253-3064182797-4059908097-1000\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1400224 2013-09-25] (Adobe Systems Incorporated) HKU\S-1-5-21-1794151253-3064182797-4059908097-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1794151253-3064182797-4059908097-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:16110;https=127.0.0.1:16110 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = URLSearchHook: HKCU - Default Value = (value not set) URLSearchHook: HKCU - FCToolbarURLSearchHook Class - {6f52f077-2dbf-f864-8da7-73cc1a21005a} - C:\Program Files\Upromise RewardU Toolbar\Helper.dll () URLSearchHook: HKCU - FCToolbarURLSearchHook Class - {6f52f077-2dbf-f864-8da7-73cc1a21005a} - C:\Program Files (x86)\Upromise RewardU Toolbar\Helper.dll () SearchScopes: HKLM-x32 - {35e9438f-19d4-4516-b2ac-59ba9241de4d} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^9N^xdm003^YY^us&si=COfwo7e0-LQCFSemPAodfxYA7g&ptb=A4A4D2B1-5528-44D2-833A-B975B897ADBA&ind=2013012021&n=77fc2035&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKCU - {35e9438f-19d4-4516-b2ac-59ba9241de4d} URL = BHO: Upromise RewardU Toolbar BHO -> {2E1946E4-D51E-6074-C16F-ED7E0D98A8E4} -> C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) BHO-x32: Upromise RewardU Toolbar BHO -> {2E1946E4-D51E-6074-C16F-ED7E0D98A8E4} -> C:\Program Files (x86)\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) Toolbar: HKLM - Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) Toolbar: HKLM-x32 - Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files (x86)\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) Toolbar: HKCU - Upromise RewardU Toolbar - {BCB2559D-DE26-E8F4-D552-AE05CE2BAC69} - C:\Program Files\Upromise RewardU Toolbar\Upromise RewardU Toolbar.dll (Freecause Inc.) DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {62AEFF80-16AD-4AC4-B812-E70EB5F37301} http://www.zenfolio.com/zf/code/upload-ie-win-x86.cab DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://purewellness.webex.com/client/WBXclient-T28L10NSP7-15458/nbr/ieatgpc1.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn.nd.gov/dana-cached/sc/JuniperSetupClient.cab Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 24.220.0.10 24.220.0.11 FireFox: ======== FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @unity3d.com/UnityPlayer - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext Chrome: ======= CHR HomePage: hxxp://www.bing.com/?pc=U160&ocid=U160DHP&dt=081113 CHR StartupUrls: "hxxp://www.bing.com/?pc=U160&ocid=U160DHP&dt=081113" CHR DefaultSearchKeyword: bing.com CHR DefaultNewTabURL: CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll No File CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll No File CHR Plugin: (RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) CHR Plugin: (Unity Player) - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-01] CHR Extension: (Upromise RewardU Toolbar) - C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddpocmpoechljihmgemoaahhmadaenbc [2014-04-30] CHR Extension: (Google Wallet) - C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4741384 2014-07-09] (Emsisoft GmbH) R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated) R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) R2 EventService; C:\Program Files (x86)\MR APP\MRAPP.Event.Service.exe [33280 2014-06-20] (Digital Market Research Apps Pty Ltd) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2011-09-06] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.) R2 TransferService; C:\Program Files (x86)\MR APP\MRAPP.Transfer.Service.exe [32256 2014-06-20] (Digital Market Research Apps Pty Ltd) [File not signed] S4 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed] S2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [X] S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH) R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH) R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH) R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH) R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-29] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) S3 MWAC; \??\C:\Windows\system32\drivers\ [0 ] () [File not signed] S3 MWAC; \??\C:\Windows\SysWOW64\drivers\ [0 ] () [File not signed] R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () S1 hshlnnwb; \??\C:\Windows\system32\drivers\hshlnnwb.sys [X] S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-29 08:21 - 2014-07-29 08:21 - 00001163 _____ () C:\Users\Kading\Desktop\AdwCleaner[R0].txt 2014-07-28 23:22 - 2014-07-28 23:22 - 00001807 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-07-28 23:22 - 2014-07-28 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-07-28 23:21 - 2014-07-28 23:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-07-28 22:52 - 2014-07-28 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-07-28 21:27 - 2014-07-28 21:33 - 00000000 ____D () C:\Users\Kading\Desktop\Chris Phone 2014-07-28 17:14 - 2014-07-28 17:14 - 00003882 _____ () C:\Users\Kading\Desktop\AdwCleaner[s0].txt 2014-07-28 11:49 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-28 11:47 - 2014-07-29 10:15 - 00000000 ____D () C:\AdwCleaner 2014-07-28 11:46 - 2014-07-28 11:46 - 01365525 _____ () C:\Users\Kading\Desktop\AdwCleaner.exe 2014-07-27 23:20 - 2014-07-27 23:21 - 00089916 _____ () C:\Users\Kading\Desktop\Addition.txt 2014-07-27 23:18 - 2014-07-29 16:58 - 00020351 _____ () C:\Users\Kading\Desktop\FRST.txt 2014-07-27 23:18 - 2014-07-29 16:58 - 00000000 ____D () C:\FRST 2014-07-27 23:17 - 2014-07-27 23:18 - 02093568 _____ (Farbar) C:\Users\Kading\Desktop\FRST64.exe 2014-07-26 08:53 - 2014-07-26 08:53 - 00000000 ____D () C:\Users\Kading\Documents\Adobe 2014-07-26 08:14 - 2014-07-26 08:14 - 31909432 _____ () C:\Users\Kading\Desktop\Em River.psd 2014-07-26 08:05 - 2014-07-26 08:05 - 00709106 _____ () C:\Users\Kading\Desktop\Em Riveredi.jpged 2014-07-26 06:58 - 2014-07-26 07:40 - 00000000 ____D () C:\Users\Kading\Desktop\Upload 2014-07-25 23:15 - 2014-07-25 23:15 - 00000000 ____D () C:\ProgramData\Emsisoft 2014-07-25 23:11 - 2014-07-25 23:11 - 00001057 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-07-25 23:11 - 2014-07-25 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2014-07-25 23:10 - 2014-07-29 16:13 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware 2014-07-25 20:53 - 2014-07-25 20:53 - 375334421 _____ () C:\Users\Kading\Desktop\Untitled-1.psd 2014-07-25 14:48 - 2014-07-25 14:48 - 15933939 _____ () C:\Users\Kading\Desktop\Prayer.psd 2014-07-25 01:26 - 2014-07-25 01:26 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2014-07-25 00:15 - 2014-07-25 19:19 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-07-24 22:21 - 2014-07-24 22:21 - 00001912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 12.lnk 2014-07-24 22:21 - 2014-07-24 22:21 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 12.lnk 2014-07-24 22:21 - 2013-07-19 03:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys 2014-07-24 21:50 - 2014-07-24 22:10 - 00000000 ____D () C:\Users\Kading\Desktop\Adobe Photoshop Elements 12 2014-07-24 21:41 - 2014-07-24 21:41 - 00001005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk 2014-07-24 21:41 - 2014-07-24 21:41 - 00000993 _____ () C:\Users\Public\Desktop\Adobe Download Assistant.lnk 2014-07-24 21:41 - 2014-07-24 21:41 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant 2014-07-24 19:38 - 2014-07-24 19:38 - 02588472 _____ () C:\Users\Kading\Downloads\AdobeDownloadAssistant.exe 2014-07-22 22:28 - 2014-07-22 22:28 - 00000000 ____D () C:\MR APP 2014-07-22 12:38 - 2014-07-24 22:42 - 00000000 ____D () C:\Users\Kading\Desktop\Gallery wall 2014-07-21 17:54 - 2014-07-21 17:54 - 00072704 _____ () C:\Windows\system32\osutfxs.dll 2014-07-21 17:54 - 2014-07-21 17:54 - 00003968 _____ () C:\Windows\System32\Tasks\{98BDBE2D-030B-4FE5-53FA-F1BFA509CC38} 2014-07-21 17:54 - 2014-07-21 17:54 - 00000000 _____ () C:\Windows\system32\vedvfq.dll 2014-07-20 09:14 - 2014-07-20 09:14 - 00041876 _____ () C:\Users\Kading\Desktop\jailbirdjenna.zip 2014-07-09 20:30 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 20:30 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 20:30 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 20:30 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 20:30 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 20:30 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 20:30 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 20:30 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 20:29 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 20:29 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 20:29 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 20:29 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 20:29 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 20:29 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 20:29 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 20:29 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 20:29 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 20:29 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 20:29 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 20:29 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 20:29 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 20:29 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 20:29 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 20:29 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 20:29 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 20:29 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 20:29 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 20:29 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 20:29 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 20:29 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 20:29 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 20:29 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 20:29 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 20:29 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 20:29 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 20:29 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 20:29 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 20:29 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 20:29 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 20:29 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 20:29 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 20:29 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 20:29 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 20:29 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 20:29 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 20:29 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 20:29 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 20:29 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 20:29 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 20:29 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 20:29 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 20:29 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 20:29 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 20:29 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 20:29 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 20:29 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 20:29 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 20:29 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 20:29 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 20:29 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 20:29 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 20:29 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 20:29 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 20:29 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 20:29 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 20:29 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 20:29 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 20:29 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 20:29 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-06-29 01:00 - 2014-07-29 10:17 - 00003316 _____ () C:\Windows\setupact.log 2014-06-29 01:00 - 2014-06-29 01:00 - 00000000 _____ () C:\Windows\setuperr.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-29 17:00 - 2014-07-27 23:18 - 00020351 _____ () C:\Users\Kading\Desktop\FRST.txt 2014-07-29 16:58 - 2014-07-27 23:18 - 00000000 ____D () C:\FRST 2014-07-29 16:55 - 2014-05-18 19:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-29 16:45 - 2009-07-14 00:10 - 01154048 _____ () C:\Windows\WindowsUpdate.log 2014-07-29 16:16 - 2014-05-02 18:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-29 16:13 - 2014-07-25 23:10 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware 2014-07-29 16:08 - 2010-06-18 22:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-29 14:08 - 2010-06-18 22:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-29 11:02 - 2014-06-25 08:01 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1794151253-3064182797-4059908097-1000 2014-07-29 11:02 - 2014-06-25 08:01 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1794151253-3064182797-4059908097-1000 2014-07-29 10:27 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-29 10:27 - 2009-07-13 23:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-29 10:17 - 2014-06-29 01:00 - 00003316 _____ () C:\Windows\setupact.log 2014-07-29 10:17 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-29 10:16 - 2010-06-16 15:19 - 00880938 _____ () C:\Windows\PFRO.log 2014-07-29 10:15 - 2014-07-28 11:47 - 00000000 ____D () C:\AdwCleaner 2014-07-29 08:21 - 2014-07-29 08:21 - 00001163 _____ () C:\Users\Kading\Desktop\AdwCleaner[R0].txt 2014-07-29 04:15 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-29 02:00 - 2010-06-21 16:30 - 00000000 ____D () C:\Users\Kading\AppData\Local\Adobe 2014-07-28 23:22 - 2014-07-28 23:22 - 00001807 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk 2014-07-28 23:22 - 2014-07-28 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-07-28 23:22 - 2014-07-28 23:21 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-07-28 22:52 - 2014-07-28 22:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-07-28 21:33 - 2014-07-28 21:27 - 00000000 ____D () C:\Users\Kading\Desktop\Chris Phone 2014-07-28 17:14 - 2014-07-28 17:14 - 00003882 _____ () C:\Users\Kading\Desktop\AdwCleaner[s0].txt 2014-07-28 11:46 - 2014-07-28 11:46 - 01365525 _____ () C:\Users\Kading\Desktop\AdwCleaner.exe 2014-07-28 11:43 - 2010-06-16 13:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-27 23:21 - 2014-07-27 23:20 - 00089916 _____ () C:\Users\Kading\Desktop\Addition.txt 2014-07-27 23:18 - 2014-07-27 23:17 - 02093568 _____ (Farbar) C:\Users\Kading\Desktop\FRST64.exe 2014-07-27 22:55 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-26 10:33 - 2010-11-27 22:08 - 00000000 ____D () C:\Users\Kading\AppData\Roaming\Skype 2014-07-26 08:56 - 2010-06-16 21:58 - 00000000 ____D () C:\Users\Kading\AppData\Roaming\Adobe 2014-07-26 08:53 - 2014-07-26 08:53 - 00000000 ____D () C:\Users\Kading\Documents\Adobe 2014-07-26 08:14 - 2014-07-26 08:14 - 31909432 _____ () C:\Users\Kading\Desktop\Em River.psd 2014-07-26 08:05 - 2014-07-26 08:05 - 00709106 _____ () C:\Users\Kading\Desktop\Em Riveredi.jpged 2014-07-26 07:40 - 2014-07-26 06:58 - 00000000 ____D () C:\Users\Kading\Desktop\Upload 2014-07-25 23:15 - 2014-07-25 23:15 - 00000000 ____D () C:\ProgramData\Emsisoft 2014-07-25 23:11 - 2014-07-25 23:11 - 00001057 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk 2014-07-25 23:11 - 2014-07-25 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2014-07-25 20:53 - 2014-07-25 20:53 - 375334421 _____ () C:\Users\Kading\Desktop\Untitled-1.psd 2014-07-25 19:40 - 2012-04-26 18:47 - 00000000 ____D () C:\Users\Kading\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2014-07-25 19:38 - 2009-07-13 23:45 - 06209600 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-25 19:19 - 2014-07-25 00:15 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-07-25 14:48 - 2014-07-25 14:48 - 15933939 _____ () C:\Users\Kading\Desktop\Prayer.psd 2014-07-25 12:33 - 2010-08-10 18:44 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe 2014-07-25 01:26 - 2014-07-25 01:26 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2014-07-25 01:26 - 2012-01-11 08:46 - 00000000 __SHD () C:\Users\Kading\AppData\Local\{0fc4ad35-27b1-fc7b-2a29-e53dc14be096} 2014-07-24 22:42 - 2014-07-22 12:38 - 00000000 ____D () C:\Users\Kading\Desktop\Gallery wall 2014-07-24 22:32 - 2010-08-10 18:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-07-24 22:27 - 2010-06-16 22:09 - 00071384 _____ () C:\Users\Kading\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-24 22:23 - 2010-06-21 16:30 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-07-24 22:21 - 2014-07-24 22:21 - 00001912 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 12.lnk 2014-07-24 22:21 - 2014-07-24 22:21 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Photoshop Elements 12.lnk 2014-07-24 22:10 - 2014-07-24 21:50 - 00000000 ____D () C:\Users\Kading\Desktop\Adobe Photoshop Elements 12 2014-07-24 21:41 - 2014-07-24 21:41 - 00001005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk 2014-07-24 21:41 - 2014-07-24 21:41 - 00000993 _____ () C:\Users\Public\Desktop\Adobe Download Assistant.lnk 2014-07-24 21:41 - 2014-07-24 21:41 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant 2014-07-24 19:38 - 2014-07-24 19:38 - 02588472 _____ () C:\Users\Kading\Downloads\AdobeDownloadAssistant.exe 2014-07-23 22:59 - 2013-11-29 23:28 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-23 22:59 - 2013-11-29 23:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-23 15:03 - 2013-11-29 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-22 22:28 - 2014-07-22 22:28 - 00000000 ____D () C:\MR APP 2014-07-21 18:17 - 2012-12-26 13:59 - 00000000 ____D () C:\Users\Kading\AppData\Local\CrashDumps 2014-07-21 17:54 - 2014-07-21 17:54 - 00072704 _____ () C:\Windows\system32\osutfxs.dll 2014-07-21 17:54 - 2014-07-21 17:54 - 00003968 _____ () C:\Windows\System32\Tasks\{98BDBE2D-030B-4FE5-53FA-F1BFA509CC38} 2014-07-21 17:54 - 2014-07-21 17:54 - 00000000 _____ () C:\Windows\system32\vedvfq.dll 2014-07-21 17:54 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep 2014-07-20 10:53 - 2010-11-27 22:08 - 00000000 ____D () C:\ProgramData\Skype 2014-07-20 09:14 - 2014-07-20 09:14 - 00041876 _____ () C:\Users\Kading\Desktop\jailbirdjenna.zip 2014-07-10 17:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache 2014-07-10 16:31 - 2014-05-02 16:53 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-10 16:31 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-10 16:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-10 16:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-10 15:06 - 2013-07-13 09:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 15:03 - 2010-06-17 17:28 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 11:16 - 2014-05-02 18:09 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 11:16 - 2014-05-02 18:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-09 11:16 - 2013-07-28 22:27 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-02 13:45 - 2013-06-11 22:53 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-06-30 20:25 - 2013-06-30 17:13 - 00000000 ____D () C:\Users\Kading\AppData\Local\Deployment 2014-06-29 21:09 - 2014-07-09 20:30 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-29 21:04 - 2014-07-09 20:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-29 10:46 - 2010-06-18 22:19 - 00000000 ____D () C:\Users\Kading\Documents\KADING 2014-06-29 01:00 - 2014-06-29 01:00 - 00000000 _____ () C:\Windows\setuperr.log Files to move or delete: ==================== C:\Users\Kading\Photoshop_12_LS1.exe Some content of TEMP: ==================== C:\Users\Kading\AppData\Local\Temp\ose00000.exe C:\Users\Kading\AppData\Local\Temp\px.dll C:\Users\Kading\AppData\Local\Temp\pxafs.dll C:\Users\Kading\AppData\Local\Temp\PxCpyA64.exe C:\Users\Kading\AppData\Local\Temp\PxCpyI64.exe C:\Users\Kading\AppData\Local\Temp\pxdrv.dll C:\Users\Kading\AppData\Local\Temp\pxhpinst.exe C:\Users\Kading\AppData\Local\Temp\PxInsA64.exe C:\Users\Kading\AppData\Local\Temp\PxInsI64.exe C:\Users\Kading\AppData\Local\Temp\pxmas.dll C:\Users\Kading\AppData\Local\Temp\pxsetup.exe C:\Users\Kading\AppData\Local\Temp\pxsfs.dll C:\Users\Kading\AppData\Local\Temp\pxwave.dll C:\Users\Kading\AppData\Local\Temp\Quarantine.exe C:\Users\Kading\AppData\Local\Temp\readSTILog.dll C:\Users\Kading\AppData\Local\Temp\vxblock.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-28 12:47 ====================

AdwCleaner v3.301 - Report created 29/07/2014 at 10:15:08 # Updated 28/07/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Kading - KADING-PC # Running from : C:\Users\Kading\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Freecause ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Google Chrome v36.0.1985.125 [ File : C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3990 octets] - [28/07/2014 11:47:52] AdwCleaner[R1].txt - [979 octets] - [28/07/2014 19:38:23] AdwCleaner[R2].txt - [1099 octets] - [29/07/2014 08:12:58] AdwCleaner[R3].txt - [1219 octets] - [29/07/2014 10:06:17] AdwCleaner[s0].txt - [3882 octets] - [28/07/2014 11:57:22] AdwCleaner[s1].txt - [1041 octets] - [28/07/2014 19:45:00] AdwCleaner[s2].txt - [1163 octets] - [29/07/2014 08:16:05] AdwCleaner[s3].txt - [1143 octets] - [29/07/2014 10:15:08] ########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [1203 octets] ##########

AdwCleaner v3.301 - Report created 28/07/2014 at 19:38:23 # Updated 28/07/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Kading - KADING-PC # Running from : C:\Users\Kading\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\Software\Freecause ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Google Chrome v36.0.1985.125 [ File : C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3990 octets] - [28/07/2014 11:47:52] AdwCleaner[R1].txt - [781 octets] - [28/07/2014 19:38:23] AdwCleaner[s0].txt - [3882 octets] - [28/07/2014 11:57:22] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [900 octets] ##########

this is what keeps popping up and stops my internet. Malicious Website blocked Domain: kkjhvudjyaskgjhylarqfjb.com IP: 217.23.3.200 Port: 49238 Type: Outbound Process: c:\windows\sysWOW64\sychost.exe

AdwCleaner v3.301 - Report created 28/07/2014 at 19:38:23 # Updated 28/07/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Kading - KADING-PC # Running from : C:\Users\Kading\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\Software\Freecause ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Google Chrome v36.0.1985.125 [ File : C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3990 octets] - [28/07/2014 11:47:52] AdwCleaner[R1].txt - [781 octets] - [28/07/2014 19:38:23] AdwCleaner[s0].txt - [3882 octets] - [28/07/2014 11:57:22] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [900 octets] ##########

Hi. I can't get this to paste so I attached it.***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100987.FCTB000100987Pos Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100987.FCTB000100987Pos.1 Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100987.IEToolbar Key Deleted : HKLM\SOFTWARE\Classes\FCTB000100987.IEToolbar.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2086743 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\wscontb Key Deleted : HKCU\Software\Zugo Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc Key Deleted : HKCU\Software\AppDataLow\Software\Freecause Key Deleted : HKLM\Software\CompeteInc Key Deleted : HKLM\Software\firstsearch ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Google Chrome v36.0.1985.125 [ File : C:\Users\Kading\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://isearch.avg.com/search?cid={10B79207-54D4-4D93-A0C1-A3AF832D2FD5}&mid=181cec3229244bfb8685cc3c07f691a3-d8ab68861d3896aa6a751a6ef71f9ad4b9433864〈=en&ds=pl011&pr=sa&d=2012-06-27 07:51:05&v=11.1.0.12&sap=dsp&q={searchTerms} Deleted [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ARCD&o=102810&locale=en_US&apn_uid=92fd69bb-9268-42fb-bbca-fd1e9f6ef60c&apn_ptnrs=8W&apn_sauid=3CC63DA8-AC2E-40C6-B989-39B8BC892B97&apn_dtid=YYYYYYYYUS&q={searchTerms} Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms} ************************* AdwCleaner[R0].txt - [3990 octets] - [28/07/2014 11:47:52] AdwCleaner[s0].txt - [3722 octets] - [28/07/2014 11:57:22] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3782 octets] ##########

Farbar recovery steps Addition.txt FRST.txt