Jump to content

Search the Community

Showing results for tags 'PUPS'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. A couple of week ago, I noticed that Chrome would randomly switch to using yahoo search when I typed a term in the omnibox. I scanned my computer with Hitman Pro, but didn't find anything other than tracking cookies. So, I scanned it with Malwarebytes, and it found several PUPs. I finished up the scan/quarantine, and when I reopened Chrome, none of the pages opened - they would load indefinitely with the occasional "Page Unresponsive" popup. Chrome only worked if I disabled sandbox, and each time I ran MB, it seemed to quarantine the same group of PUPs. I tried uninstalling and reinstalling Chrome but kept running into errors when using the online installer. I had to install the desktop version of Chrome, which appears to be working with sandbox enabled, but I can't set it as my default browser (I don't know if this is Chrome or MB related). MB is still finding the same PUPs when I run it, but I'm hesitant about quarantining them because of the issues I had in the past. I also ran AdwCleaner, which appeared to find another PUP, but I didn't remove it for the same reason. I don't know which log files I should attach. To start, here's the zip file generated by the MB Support tool. mbst-grab-results.zip
  2. I have a couple of PUPs that i want to keep, and it annoys me that they keep coming up in my scans. I want to know how to exclude SOME PUPs from my scans, but i cant figure out how to do that. If you use the "Allow" list, please tell me where to find Registry Keys, and Values in explorer (If thats even possible). IF there is another thread with this information (Specificaly for Malwarebyte 4.1.0) please give me the link Thanks for any help given!
  3. About 2 weeks ago, Malwarebytes Premium 4.1.0.56 flagged PUP.Optional.SaveRecipes. I have PUPs set to warn, not quarantine, but I decided to quarantine this one for a while, since I knew nothing about it. It's true that I do look for recipes on the Internet, but this was the first time this PUP was flagged. It was apparently in C:\Users\[username]\AppData\Roaming\Mozilla\Firefox\Profiles\yr7xoxf3.default\extensions\. My question is, how am I supposed to determine if it's a potentially useful program that may help me save recipes (which sometimes have unfriendly formatting), or whether it could somehow be malicious? Is the fact that it was added to my computer without my knowledge the only problem? I haven't noticed any difference in the time it has been in quarantine. I'm willing to zap it if it's in any way problematic, but I would like to know how I can tell. I should also mention that I run Malwarebytes scans every day, and the scans have turned up no other problems. Thanks in advance.
  4. hello not very familiar with malware and stuff of this sort but can I remove these? # ------------------------------- # Malwarebytes AdwCleaner 8.0.2.0 # ------------------------------- # Build: 01-27-2020 # Database: 2020-01-24.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 02-05-2020 # Duration: 00:00:21 # OS: Windows 10 Pro # Scanned: 34824 # Detected: 4 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\firstdata.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\firstdata.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
  5. This is the log after my full scan: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/26/18 Scan Time: 6:39 PM Log File: e9dbd73e-30e1-11e8-b478-74d435f74a4b.json Administrator: Yes -Software Information- Version: 3.4.4.2398 Components Version: 1.0.322 Update Package Version: 1.0.4488 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: personal-PC\personal -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 194128 Threats Detected: 3 Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 10 min, 12 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 2 PUP.Optional.DriverPack, HKU\S-1-5-21-266259405-1226737751-2890169934-1000\SOFTWARE\DRPSU, No Action By User, [1992], [472301],1.0.4488 PUP.Optional.DriverPack, HKU\S-1-5-21-266259405-1226737751-2890169934-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS\drp.su, No Action By User, [1992], [472299],1.0.4488 Registry Value: 1 PUP.Optional.DriverPack, HKU\S-1-5-21-266259405-1226737751-2890169934-1000\SOFTWARE\DRPSU|CLIENTID, No Action By User, [1992], [472301],1.0.4488 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end)
  6. Over the last seven years, AdwCleaner has grown to become one of the de facto standards for adware and PUP remediation. Thank you for helping us making that happen! With adware and PUPs becoming increasingly annoying and aggressive, we wanted to make sure you had a version of AdwCleaner that keeps up. Over the last few months, we've been working side-by-side with many of our users and, with their input, reviewed every aspect. Since day one, the core of what makes up AdwCleaner is being fast, efficient and easy to use. With these as our guiding principles, we set out to modernize the codebase and deliver the next generation of AdwCleaner. Today, we're ready to share our hard work with you. With AdwCleaner 7.1, you'll enjoy these benefits: Speed and Detection: catches more and is 3.5 times faster New UI: easier, faster and more accessible Settings: fine-tune your experience Let's now take a closer look at AdwCleaner 7.1 and each of the enhancements! Speed and Detection: catches more and is 3.5 times faster With the release of 7.1, you can now detect and eradicate up to 3.5 times faster! We've strengthened our detection to better handle browser add-ons (even while synchronized) as well as settings (homepages, search engines, etc). You'll notice our generic detections have been enhanced as well as threats located on the filesystem and in the registry. New UI: easier, faster and more accessible Within our fresh and modern UI, you can still start scanning with just a single click! In addition to starting your scan quickly, you can get to other important features within one click. Don't forget to check out your usage stats while on the dashboard. We support 26 languages as well as the application is fully scalable. It adds more support for screen readers which is an area we'll keep improving upon in future builds. And of course, if you're in need of proactive protection, we've added a one-click option to grab a free trial of Malwarebytes for Windows. Settings: fine-tune your experience You can now more easily get to your settings and dial them in as you see fit. We've added the ability to manage exclusions if you want to avoid removing certain elements. Resources: get help and level up your knowledge If you're looking to get some additional assistance or read up on the latest research from Malwarebytes, we've added a few great resources to get you connected with us. You'll be able to connect with our Lab, share samples, or even get some help in our community. Thanks again for making AdwCleaner one of your go-to-tools for eradicating adware and PUPs. We're really excited to share this with you and to hear your feedback. As always, give it a try and feel free to stop back and share your thoughts with us (here). Download AdwCleaner 7.1 here: https://malwarebytes.com/adwcleaner/
  7. so i did a normal scan and came across 12 problems, 4 PUP's and 8 Malware. here are the results: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 12/14/17 Scan Time: 12:38 PM Log File: a1e0e58e-e0cb-11e7-b31b-3065ec17b5c3.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3488 License: Free -System Information- OS: Windows 10 (Build 16299.125) CPU: x64 File System: NTFS User: MARKS-PC\mark -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 356187 Threats Detected: 12 Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 26 min, 46 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 6 PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, No Action By User, [8727], [239345],1.0.3488 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\sandboxieinstall64.exe, No Action By User, [650], [249743],1.0.3488 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\START.EXE, No Action By User, [650], [249840],1.0.3488 PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, No Action By User, [8727], [239345],1.0.3488 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\sandboxieinstall64.exe, No Action By User, [650], [249743],1.0.3488 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\START.EXE, No Action By User, [650], [249840],1.0.3488 Registry Value: 6 PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|DEBUGGER, No Action By User, [8727], [239345],1.0.3488 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\sandboxieinstall64.exe|DEBUGGER, No Action By User, [650], [249743],1.0.3488 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\START.EXE|DEBUGGER, No Action By User, [650], [249840],1.0.3488 PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|DEBUGGER, No Action By User, [8727], [239345],1.0.3488 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\sandboxieinstall64.exe|DEBUGGER, No Action By User, [650], [249743],1.0.3488 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\START.EXE|DEBUGGER, No Action By User, [650], [249840],1.0.3488 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) (end) Not sure what to exclude or remove because START.exe seems to me that it's a windows component
  8. Anyone have a solution or advice on the issue... after quarantine select on all items... reboot does not eliminate this detection.
  9. I keep getting these, and I think they are relatively harmless but I don't really know. I did a little research...very little...as I don't fully understand most of this stuff. This is what I keep getting below. I have no bad Toolbars or anything in Programs and Features. PUP.Optional.Conduit, C:\USERS\CHRIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [579], [454835],1.0.3230 PUP.Optional.Trovi, C:\USERS\CHRIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [4977], [454808],1.0.3230 I did a little research about "Conduit" at MBAM.com HERE and HERE but I have run a bevy of all the programs suggested at malwareremovalguides.info. I suspect it is from installing Auslogics DiskDefrag at one time not to long ago, but before all these AntiMalware programs were run. I uninstalled DiskDefrag since. So what do I need to do to get rid of this thing forever? Now I think it is because I installed "GoToMeeting" to listen to one of my favorite Webinars. I just scanned "GoToMeeting" Folder and got the same darn PUP's! When I quarantined them Chrome Shut down! I wonder how to deal with this, just Whitelist that folder and not worry about it? I thought that was a legit program, and I guess it is, but some use this program safely? Thanks pcpunk
  10. Recently after each daily scan Malwarebytes has been reporting a particular PUP that it's asking if I want to quarantine. I always do want to, so I click on quarantine. However, I'd rather that Malwarebytes just quarantine all PUPs on its own without asking. In my settings under protection I have automatic quarantine turned on. Shouldn't it be doing this automatically? If not, is there something I'm missing? It never used to do this, but it's possible that one of the websites I visit is causing the PUP.
  11. It's November 2017 and I just started having the problem Grenpara had in February. I cannot keep real time web protection ON. I follow the FAQ instructions: turn off enable self protection and restart. I'm good till the next morning; then process repeats. Today MB turned off ransomware protection. I have been waiting for 3 days for a reply from customer service. I tried to live chat but they only help with installation. Why am I paying for MB when it keeps turning itself off and I cannot get help from the company?
  12. The Marshmallow upgrade for my cell phone has a new built-in vendor support app that MBAM flags as a PUP. The vendor suggests this is a false positive and I am assuming it is flagged because it probably allows the device to access and send all sorts of configuration related material to the vendor, which would make sense if it is in fact a technical support app. The specific reference is to Android/PUP/AdDisplay.MobiDash.rw I am also assuming a FORCE STOP, DISABLE, and whitelisting of the app will allow me to safely ignore it indefinitely (or at least until I root the phone and dump it) ? Disabling it as just described has no effect on the ability to do everything else. Please advise at your convenience.
  13. System: Windows 10, latest update Browser: Google Chrome I keep getting popups and advertisements on Chrome, but my antivirus software is not detecting anything. I deleted the last file I downloaded, which was a bug fix for a video game, and this did nothing. i reinstalled Chrome, nothing. I ran AdwCleaner and it supposedly deleted something. Still, nothing happened, so I reinstalled Chrome again, but this time deleted my browsing history. This worked until I logged back into my Google account, then the pop ups returned. They do not seem to affect Internet Explorer for some reason, but then again, I haven't used it for that long. Please help, I do not want to have to reboot my computer for this.
  14. Hello Guys & Gals, I am wring today as I am so tired of sending support requests but they need to be sent to help the support staff and devs find and fix issues. Now with so many different computers and Windows os and others I understand some issues happen just like with games that are early access or betas. But I had thought to go back to 2 for awhile but the problem is i was told support for 2 is ending so I can't even go back to 2 for long before it ends. Now that said here are just a few issues and i see many others have same or similar issues. 1) Real time web protection keeps shutting off and i have to either end malwarebytes 3 processes or restart to be able to turn protection back on. Now I have been told its virus protection doing it yet I have done selective startup where virus protection does not start, and the issue happens. I have tried delays and changing malwarebytes 3 settings that support gives me and the issue still happens. I have several computers in the house (not all mine) some windows 8.1 and some Windows 7. They all now run Kaspersky on them and I have tons of exclusions but I know that's not the issue.. Now I was so sick of web protection today I uninstalled Kaspersky from my one system running Windows 8.1 using the Kaspersky clean tool. Well it did not take long and after a few restarts I waited to see what would happen and Malwarebytes stayed running fine for awhile and then web protection shut off yet again. So now I installed kaspersky again did some restarts and waited then I used revo-uninstaller to remove kaspersky. After some restarts i again waited to see what would happen and now it is the next day and real time web protection again shut off. Well I installed kaspersky again and thought I am ready to give up, but Malwarebytes is worth its money in gold so I will have to keep ending services or restarting to turn real time web protection on forever (which really sucks). Now I love malwarebytes and will keep using it but it is very frustrating. That is my first issue now to my second issue which I only just sent support a message about as i did not want them to have to troubleshoot multiple issues. So here is issue 2. 2) So malwarebytes 3 keeps finding a bunch of .sys files and others and telling me they are pups. And no matter what I do they keep being quarantined almost every day and then I have to un-quarantine them and do many restarts. I have tried checking them and hitting next and it quarantines them. I have tried checking then and hitting cancel and it quarantines them. I have tried unchecking them and hitting next and it quarantines them. I have tried unchecking then and hitting cancel and it quarantines them. I have gotten to the point where it asks if I want to ignore them and I say always or once and Malwarebytes still quarantines them. I tried adding exceptions for them but when i go to directory for exception from inside malwarebytes the files do not show up. Yet when i browse from outside malwarebytes I can see them. And I have the option selected to show hidden and system files. But inside malwarebytes when i browse only like 8 files show which makes no sense as there are hundreds of files in the directory. The files are in C:\windows\system32\drivers *and other various folders* Its funny as when I click always ignore option it adds them to the exclusion list and then tells me the files have been quarantined and to please restart my system. When the system restarts the files are in the exclusion list but they are also quarantined. If I un-quarantine them which I do, the next scan they are again quarantined even thou the are in exclusion list and the process repeats. The files are only on the windows 8.1 system and i need them so having this issue bugs me a tad. I have followed there help pages to the letter and yet this issue still happens. Now all that said i still trust malwarebytes 3 and the staff/support, but I have to constantly fight with the software since i installed version 3 . I moved 2 systems back to version 2 last week but I can't keep them there which means the issues they had with version 3 will again startup again when i switch back (I hope not). I am also running the latest version 3.0.6 which is the last version I was told to download. I have even tried multiple uninstalls using normal add remove programs and then makes sure all files and folder for Malwarebytes 3 are gone and doing a fresh install of it. I have also tried using Revo-uninstaller to remove malwarebytes 3 and all registry entries and files. I could turn off pup protection but that would be worse than the current issue. But none of these steps change any of the issues. This post is not to slam Malwarebytes as I still recommend it to family and friends as it is the best there is. And the support and devs are truly making a good product and provide the best support around by any company I have software from. This post is only letting others who are on the forum who like me trust Malwarebytes but are having problems know that they are not alone. It is also to give the support staff and dev's a great big Thank You for all the hard work they are doing and doing well. As I said with so many computers all having different software and hardware it does take awhile to find and fix issues. Give them the help they also need by sending logs and doing the steps they give as it helps them and us as Malwarebytes users get a better product in the long run. Thanks to the whole Malwarebytes Team. Your hard work and effort does not go unnoticed and you are appreciated. Gren
  15. I noticed symptoms of adware about a week ago and scanned my computer, expecting to find just adware. Apparently, in addition to the adware, I also had 2 trojan viruses. I scan regularly (about once a week) and never found anything until then. All downloads I had done since were from trustworthy sites (although the sites can be hacked so I'm unsure what I downloaded to cause this). I removed the trojans using Malwarebytes, restarted, and scanned again, and all the malware was gone. Then, the next day, I noticed the same problem, and surprise surprise, everything was back. The adware, the trojans, even the same "Potentially Unwanted Programs." Now, I hadn't downloaded ANYTHING between those two scans. I had, however, gone to a site I didn't wholly trust: crunchyroll. So, I repeated the process, but did not go to any untrusted sites. The next day, it was back again. So I didn't download anything, I didn't go to ANY websites besides YouTube and my school website, and yet everything returned once again. This sort of scenario has been repeating itself for the past week or so, the only deviation being that today there were 3 more PUP's than usual. I have refrained from doing things like entering credit card info or logging into my bank account, on the chance this virus monitors keystrokes. Please help. Thanks so much!
  16. Because of a potential virus/malware with Facebook, I purchased Malwarebytes and ran the scan, which identified about 328 pups. After quarantining them, Windows 10 icons disappeared, favorites bar gone, all my photos on desk top gone, etc. I had had a problem with facebook. Feeds were gone or distorted. After scan and quarantine, I opened facebook and it seemed ok. In my own words, if I quarantine the pups I am degrading the computer to an almost unusable condition. I do not know how to correlate the identified pup files with a program, file, folder so I could remove them individually.
  17. My scan completed with 1544 PUPs detected. Its a work computer and my co-workers and supervisor are reluctant to remove or quarantine so many files (they are all marked as PUPs). Are there any potentially harmful consequences to quarantining PUPs (especially so many)? For example, are there files, keys, processes, etc. that Malwarebytes considers PUPs that are essential to the functionality of commonly accepted programs (browsers and such)? Sorry if this is an inappropriate forum for this topic--please direct me to where this post would be best received and I will move it asap, if necessary.
  18. I have an issue with free edition of the software version 2.2.0.1024. After running a scan of my system, I have PUPs that being detected but when selecting to remove them with the check marks they are not being removed at all. It just shows 0 threats successfully quarantined and the finish selection is grayed out unable to select it. Is this a bug that needs to be addressed? Please find a resolution to this problem. I will be waiting on reply Ken
  19. I am running Malwarebytes Premium (paid for version). It recently discovered and quaranteend about 450 PUPS after installing a download. After the quaranteen I notices MBAM did not appear in the system tray so I reinstalled; no change. I also discovered that 'Security Center" was not running but was able to fix that. I would like to insure that my system is clean and see MBAM once again runs in the System Tray. Would appreciate any help. Thanks, Tom C
  20. Last night I ran a full Malwarebytes scan after finishing using one of my laptops for the day. However, after the scan was completed I left my laptop on all night with no open browsers, just the icons and the desktop gadgets on the display screen. Upon waking in the morning, I saw that my laptop had run its scheduled Malwarebytes full scan during the night and detected 56 PUPS. With no browsers open between the time I manually ran the scan and Malwarebytes ran its scheduled scan, 56 PUPS found their way into my system. Where could they have come from with no browsers open? Incidentally, I have two laptops with identical icons and identical desktop gadgets both running off of the same wifi. The other laptop also runs a scheduled Malwarebytes at about the same time as the laptop in question and was unaffected, finding no PUPS. I would be interested in finding out from where the PUPS came. I have attached a screenshot of my display screen with icons and desktop gadgets in hopes it will be of assistance.
  21. Just recently ran a security screen and came up with all these PUP detections relating to the Chrome browser within the last 48 hours. Nothing has changed with the Chrome browser and the PUP's were never detected prior to 48 hours ago. No other security software has detected these PUP's. I feel pretty sure they are false positive detections. I've attached a log file for review. I look forward to anyone's comments. MBAM-log-2015-10-25 (13-30-34).txt
  22. Hey Guys, for some reason today when I scaned with malwarebytes it found these 3 detections. Im attaching my log files like it says to do with Farbar. Thank you guys for your help. PS the ones listed were conduit.A and pricegong Addition.txt FRST.txt malwarebytes_log.txt
  23. In this post are the FRST.txt and Addition.txt logs. Thank you so much!!! (in advance) FRST.txt Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-01-2015Ran by Dodie (administrator) on DODIE-PC on 02-01-2015 19:03:29Running from C:\Users\Dodie\DesktopLoaded Profile: Dodie (Available profiles: Dodie & DefaultAppPool)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Support.com, Inc.) C:\Program Files (x86)\AOL Computer Checkup\sdcService.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(ABBYY) C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe(Vertro Inc.) C:\Users\Dodie\AppData\LocalLow\alotservice\alotservice.exe(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe(Microsoft Corporation) C:\Windows\System32\CISVC.EXE(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe(Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe(Microsoft Corporation) C:\Windows\System32\mqsvc.exe(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE(Microsoft Corporation) C:\Windows\System32\snmp.exe(ABBYY) C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenshotReader.exe(Support.com, Inc.) C:\Program Files (x86)\AOL Computer Checkup\sdcCont.exe(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1403890630\ee\aolsoftware.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(Acer Group) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe() C:\ProgramData\HP Photo Creations\MessageCheck.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [MakiwaraNotify] => C:\Program Files (x86)\AOL Computer Checkup\sdccont.exe [84056 2014-04-25] (Support.com, Inc.)HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1403890630\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-28] (AVAST Software)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKLM\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-1056878267-1787722111-3398097573-1000\...\Run: [ABBYY Screenshot Reader Retail] => C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenshotReader.exe [959752 2009-10-26] (ABBYY)HKU\S-1-5-21-1056878267-1787722111-3398097573-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [72296 2014-09-16] (AOL Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SDCDisabled ()Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnkShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnkShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnkShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1056878267-1787722111-3398097573-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-1056878267-1787722111-3398097573-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}HKU\S-1-5-21-1056878267-1787722111-3398097573-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006URLSearchHook: HKLM-x32 - (No Name) - {7f0d2b4d-8224-4987-b8c8-311b59909a36} - No FileSearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKLM-x32 -> {1C725617-C489-43B3-9188-4B3AC0C7823D} URL = http://search.aol.com/aol/search?q={searchTerms}&s_it=clireset-ieSearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGWSearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}SearchScopes: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> {643E0B63-18C8-4655-9AD0-4230DF3BCBDF} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2429397SearchScopes: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enUS469US469SearchScopes: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> {A531D99C-5A22-449b-83DA-872725C6D0ED} URL = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=1012EC7001CD3DAB0058536E&install_time=2012-05-29T14:55:24Z&src_id=31152&camp_id=2986&tb_version=1.2.1000.1(B)SearchScopes: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> {B272CED0-C6A4-4BB1-99D7-A0A9942E08CB} URL = http://groovorio.com/results.php?f=4&q={searchTerms}&a=grv_otbrw3_14_35&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0Dzyzz0D0D0EyByC0DyCyDtN0D0Tzu0StCtDyBtAtN1L2XzutAtFyCtFtCtDtFtCtN1L1Czu1N1C2X1V1F2Z1S1C2W1O1L1C1B2Z1VtCyE1VtByEtN1L1G1B1V1N2Y1L1Qzu2StCyB0EtCyC0BtA0CtG0EzytAyEtG0Czy0BtAtG0ByDtCyDtGyEtA0AtAzz0CtA0A0CtD0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CzztCtCtDyEyC0DtGyB0EyDyDtGyEyCyDzytGzz0AtAtBtGyE0B0CtCyE0A0F0DyE0E0B0E2Q&cr=1856151474&ir=SearchScopes: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> {E5840621-D7E0-428D-8B27-C1C56FF602AE} URL = http://search.aol.com/aol/search?q={searchTerms}&s_it=clireset-ieSearchScopes: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No FileBHO-x32: No Name -> {7f0d2b4d-8224-4987-b8c8-311b59909a36} -> No FileBHO-x32: No Name -> {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} -> No FileBHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No FileBHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)Toolbar: HKLM-x32 - No Name - {7f0d2b4d-8224-4987-b8c8-311b59909a36} - No FileToolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)Toolbar: HKLM-x32 - No Name - {A531D99C-5A22-449b-83DA-872725C6D0ED} - No FileToolbar: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileToolbar: HKU\S-1-5-21-1056878267-1787722111-3398097573-1000 -> No Name - {7F0D2B4D-8224-4987-B8C8-311B59909A36} - No FileHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No FileHandler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No FileFilter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Dodie\AppData\Roaming\Mozilla\Firefox\Profiles\a3jmxa1j.defaultFF DefaultSearchEngine: Google (avast)FF SearchEngineOrder.1: Google (avast)FF SelectedSearchEngine: Google (avast)FF Keyword.URL: https://www.google.com/search/?trackid=sp-006FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006FF Homepage: https://www.google.com/?trackid=sp-006FF NewTab: about:newtabFF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF SearchPlugin: C:\Users\Dodie\AppData\Roaming\Mozilla\Firefox\Profiles\a3jmxa1j.default\searchplugins\aolsearch.xmlFF SearchPlugin: C:\Users\Dodie\AppData\Roaming\Mozilla\Firefox\Profiles\a3jmxa1j.default\searchplugins\google-avast.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\aolsearch.xmlFF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xmlFF Extension: AOL Toolbar - C:\Users\Dodie\AppData\Roaming\Mozilla\Firefox\Profiles\a3jmxa1j.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2014-10-09]FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisorFF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-03-31]FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCoreFF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2014-12-03]FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-28]FF HKU\S-1-5-21-1056878267-1787722111-3398097573-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: =======CHR HomePage: Default -> hxxp://www.my.aol.com/CHR StartupUrls: Default -> "hxxp://groovorio.com/?f=7&a=grv_otbrw3_14_35&cd=2XzuyEtN2Y1L1Qzuzzzz0A0EtC0Dzyzz0D0D0EyByC0DyCyDtN0D0Tzu0StCtDyBtAtN1L2XzutAtFyCtFtCtDtFtCtN1L1Czu1N1C2X1V1F2Z1S1C2W1O1L1C1B2Z1VtCyE1VtByEtN1L1G1B1V1N2Y1L1Qzu2StCyB0EtCyC0BtA0CtG0EzytAyEtG0Czy0BtAtG0ByDtCyDtGyEtA0AtAzz0CtA0A0CtD0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CzztCtCtDyEyC0DtGyB0EyDyDtGyEyCyDzytGzz0AtAtBtGyE0B0CtCyE0A0F0DyE0E0B0E2Q&cr=1856151474&ir="CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}CHR Profile: C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-13]CHR Extension: (Google Drive) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-13]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]CHR Extension: (YouTube) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-05]CHR Extension: (Google Search) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-05]CHR Extension: (Avast SafePrice) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-02]CHR Extension: (Avast Online Security) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-28]CHR Extension: (Google Wallet) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-27]CHR Extension: (Gmail) - C:\Users\Dodie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-05]CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-28]CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No PathCHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)R2 AlotService; C:\Users\Dodie\AppData\LocalLow\alotservice\alotservice.exe [252264 2012-05-23] (Vertro Inc.)R2 AOL Computer Checkup; C:\Program Files (x86)\AOL Computer Checkup\SDCService.exe [586840 2014-04-25] (Support.com, Inc.)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-28] (AVAST Software)S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]S4 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC)S4 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC)R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [116224 2009-10-14] (WDC) [File not signed]R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]S2 0083101417646986mcinstcleanup; C:\Windows\TEMP\008310~1.EXE -cleanup -nolog [X]S2 ssrang_supportdotcom; "C:\Program Files (x86)\supportdotcom\rang\ssrangsv.exe" -service "-provider" "supportdotcom" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138872 2011-08-19] (SlySoft, Inc.)R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138872 2011-08-19] (SlySoft, Inc.)R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-28] ()R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-28] (AVAST Software)R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-28] (AVAST Software)R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-28] ()R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-28] (AVAST Software)R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-28] (AVAST Software)R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-28] (AVAST Software)R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-28] ()R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)S3 EtmDevPch; C:\Windows\System32\DRIVERS\EtmDevPch.sys [67392 2012-10-13] (Intel Corporation)S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-01] (Malwarebytes Corporation)R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)R3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-14] (support.com, Inc) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-02 19:03 - 2015-01-02 19:05 - 00026570 _____ () C:\Users\Dodie\Desktop\FRST.txt2015-01-02 19:01 - 2015-01-02 19:03 - 00000000 ____D () C:\Users\Dodie\Desktop\FRST-OlderVersion2015-01-02 14:28 - 2015-01-02 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee2015-01-02 13:22 - 2015-01-02 13:22 - 00093968 _____ () C:\Users\Dodie\Downloads\bookmarks (1).html2015-01-02 13:13 - 2015-01-02 13:13 - 00141615 _____ () C:\Users\Dodie\Documents\Favorite Places 2.pfc2015-01-02 13:07 - 2015-01-02 13:07 - 00093968 _____ () C:\Users\Dodie\Downloads\bookmarks.html2015-01-02 12:58 - 2015-01-02 12:58 - 00000000 __SHD () C:\Users\Dodie\AppData\Local\EmieBrowserModeList2014-12-29 10:06 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-12-29 10:06 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-12-28 15:05 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll2014-12-28 15:05 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll2014-12-28 14:36 - 2015-01-02 18:56 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d022ddf9ff14a0.job2014-12-28 14:36 - 2015-01-02 14:41 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d022ddf9b7ab58.job2014-12-28 14:36 - 2014-12-28 14:36 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d022ddf9ff14a02014-12-28 14:36 - 2014-12-28 14:36 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d022ddf9b7ab582014-12-28 14:08 - 2012-10-13 07:08 - 00165952 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys2014-12-28 14:08 - 2012-10-13 07:08 - 00067392 _____ (Intel Corporation) C:\Windows\system32\Drivers\EtmDevPch.sys2014-12-28 13:49 - 2014-12-28 13:49 - 00000000 _____ () C:\Windows\SysWOW64\枈lotserviceruntime.log2014-12-28 13:44 - 2014-12-28 14:08 - 00011058 _____ () C:\Windows\DPINST.LOG2014-12-28 13:43 - 2014-12-28 13:43 - 00510496 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe2014-12-28 13:43 - 2013-03-11 15:51 - 00384904 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll2014-12-28 13:43 - 2013-03-11 15:51 - 00384832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll2014-12-28 13:43 - 2013-03-11 15:51 - 00104792 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll2014-12-28 13:43 - 2013-03-11 15:51 - 00104720 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll2014-12-28 13:43 - 2013-03-11 15:50 - 00034824 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll2014-12-28 13:43 - 2012-11-27 00:35 - 00017448 _____ () C:\Windows\system32\iglhxs64.vp2014-12-28 13:43 - 2012-11-27 00:31 - 00418336 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe2014-12-28 13:43 - 2012-11-27 00:31 - 00240672 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe2014-12-28 13:43 - 2012-11-27 00:31 - 00168480 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe2014-12-28 13:43 - 2012-11-27 00:30 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2858.dll2014-12-28 13:43 - 2012-11-27 00:00 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00285184 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00285184 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00283648 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc2014-12-28 13:43 - 2012-11-27 00:00 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl2014-12-28 13:43 - 2012-11-26 23:59 - 00390144 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll2014-12-28 13:43 - 2012-11-26 23:59 - 00378368 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll2014-12-28 13:43 - 2012-11-26 23:59 - 00376320 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll2014-12-28 13:43 - 2012-11-26 23:59 - 00062464 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll2014-12-28 13:43 - 2012-11-26 23:59 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll2014-12-28 13:43 - 2012-11-26 23:58 - 09014784 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll2014-12-28 13:43 - 2012-11-26 23:58 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc2014-12-28 13:43 - 2012-11-26 23:58 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll2014-12-28 13:43 - 2012-11-26 23:56 - 00293888 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll2014-12-28 13:43 - 2012-11-26 23:56 - 00024576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll2014-12-28 13:43 - 2012-11-26 23:54 - 00246784 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll2014-12-28 13:43 - 2012-11-26 23:54 - 00219136 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll2014-12-28 13:42 - 2013-03-11 15:50 - 08369024 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll2014-12-28 13:42 - 2013-03-11 15:50 - 04834040 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll2014-12-28 13:42 - 2012-11-27 00:31 - 04379680 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe2014-12-28 13:42 - 2012-11-27 00:31 - 00393760 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe2014-12-28 13:42 - 2012-11-27 00:26 - 12311776 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys2014-12-28 13:42 - 2012-11-27 00:07 - 18664960 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll2014-12-28 13:42 - 2012-11-27 00:03 - 13913600 _____ () C:\Windows\SysWOW64\ig4icd32.dll2014-12-28 13:42 - 2012-11-27 00:00 - 00211303 _____ () C:\Windows\system32\Gfxres.th-TH.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00182706 _____ () C:\Windows\system32\Gfxres.ru-RU.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00153167 _____ () C:\Windows\system32\Gfxres.ja-JP.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00140216 _____ () C:\Windows\system32\Gfxres.it-IT.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00138727 _____ () C:\Windows\system32\Gfxres.ko-KR.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00136603 _____ () C:\Windows\system32\Gfxres.ro-RO.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00135370 _____ () C:\Windows\system32\Gfxres.tr-TR.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00134836 _____ () C:\Windows\system32\Gfxres.pt-BR.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00134412 _____ () C:\Windows\system32\Gfxres.nl-NL.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00134384 _____ () C:\Windows\system32\Gfxres.hu-HU.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00133846 _____ () C:\Windows\system32\Gfxres.sv-SE.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00133709 _____ () C:\Windows\system32\Gfxres.pt-PT.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00133178 _____ () C:\Windows\system32\Gfxres.pl-PL.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00132788 _____ () C:\Windows\system32\Gfxres.sk-SK.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00131839 _____ () C:\Windows\system32\Gfxres.hr-HR.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00128996 _____ () C:\Windows\system32\Gfxres.sl-SI.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00128831 _____ () C:\Windows\system32\Gfxres.nb-NO.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00117636 _____ () C:\Windows\system32\Gfxres.zh-TW.resources2014-12-28 13:42 - 2012-11-27 00:00 - 00116348 _____ () C:\Windows\system32\Gfxres.zh-CN.resources2014-12-28 13:42 - 2012-11-26 23:59 - 00146432 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll2014-12-28 13:42 - 2012-11-26 23:59 - 00110080 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll2014-12-28 13:42 - 2012-11-26 23:54 - 02780160 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll2014-12-28 13:42 - 2012-11-26 23:54 - 02191872 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll2014-12-28 13:41 - 2012-11-27 00:31 - 00185376 _____ (Intel Corporation) C:\Windows\system32\difx64.exe2014-12-28 13:41 - 2012-11-27 00:00 - 00198139 _____ () C:\Windows\system32\Gfxres.el-GR.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00156233 _____ () C:\Windows\system32\Gfxres.ar-SA.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00149009 _____ () C:\Windows\system32\Gfxres.he-IL.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00137846 _____ () C:\Windows\system32\Gfxres.de-DE.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00137668 _____ () C:\Windows\system32\Gfxres.es-ES.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00135628 _____ () C:\Windows\system32\Gfxres.fr-FR.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00133404 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00132889 _____ () C:\Windows\system32\Gfxres.fi-FI.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00128535 _____ () C:\Windows\system32\Gfxres.da-DK.resources2014-12-28 13:41 - 2012-11-27 00:00 - 00124052 _____ () C:\Windows\system32\Gfxres.en-US.resources2014-12-28 13:28 - 2015-01-01 19:41 - 00002578 _____ () C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c2014-12-28 13:28 - 2015-01-01 19:41 - 00000304 _____ () C:\Windows\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job2014-12-28 13:28 - 2014-12-28 13:28 - 00001245 _____ () C:\Users\Dodie\Desktop\DriverMax.lnk2014-12-28 13:28 - 2014-12-28 13:28 - 00000000 ____D () C:\Users\Dodie\AppData\Roaming\RHEng2014-12-28 13:28 - 2014-12-28 13:28 - 00000000 ____D () C:\Users\Dodie\AppData\Roaming\Innovative Solutions2014-12-28 13:28 - 2014-12-28 13:28 - 00000000 ____D () C:\Users\Dodie\AppData\Local\Innovative Solutions2014-12-28 13:28 - 2014-12-28 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax2014-12-28 13:28 - 2014-12-28 13:28 - 00000000 ____D () C:\Program Files (x86)\Innovative Solutions2014-12-28 13:24 - 2014-12-28 13:25 - 05714824 _____ (Innovative Solutions ) C:\Users\Dodie\Downloads\drivermax_7_47_cnet.exe2014-12-28 13:05 - 2014-12-28 13:05 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia2014-12-28 13:05 - 2014-12-28 13:05 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia2014-12-28 11:39 - 2015-01-01 20:14 - 00003278 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1056878267-1787722111-3398097573-10002014-12-28 11:35 - 2014-12-28 11:35 - 00000112 _____ () C:\INSTALLHELPER.LOG2014-12-28 11:29 - 2014-12-28 11:29 - 00000000 ____D () C:\Users\Dodie\AppData\Roaming\Dropbox2014-12-28 11:18 - 2014-12-28 11:18 - 00000000 ____D () C:\Users\Dodie\AppData\Roaming\AVAST Software2014-12-28 11:17 - 2014-12-28 11:17 - 00001971 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk2014-12-28 11:17 - 2014-12-28 11:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software2014-12-28 11:16 - 2015-01-02 12:20 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update2014-12-28 11:16 - 2014-12-28 11:17 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys2014-12-28 11:16 - 2014-12-28 11:16 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys2014-12-28 11:16 - 2014-12-28 11:16 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe2014-12-28 11:16 - 2014-12-28 11:16 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys2014-12-28 11:16 - 2014-12-28 11:16 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys2014-12-28 11:16 - 2014-12-28 11:16 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys2014-12-28 11:16 - 2014-12-28 11:16 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys2014-12-28 11:16 - 2014-12-28 11:16 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys2014-12-28 11:16 - 2014-12-28 11:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr2014-12-28 11:16 - 2014-12-28 11:16 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys2014-12-28 11:10 - 2014-12-28 11:10 - 00000000 ____D () C:\Program Files\AVAST Software2014-12-28 11:09 - 2014-12-28 11:10 - 00000000 ____D () C:\ProgramData\AVAST Software2014-12-28 11:08 - 2014-12-28 11:09 - 05006864 _____ (AVAST Software) C:\Users\Dodie\Downloads\avast_free_antivirus_setup_online.exe2014-12-28 00:24 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2014-12-28 00:24 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2014-12-28 00:24 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-12-28 00:24 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-12-28 00:24 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-12-28 00:24 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-12-28 00:24 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-12-28 00:24 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-12-28 00:24 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-12-28 00:24 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-12-28 00:24 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2014-12-28 00:24 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-12-28 00:24 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-12-28 00:24 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2014-12-28 00:24 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-12-28 00:24 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-12-28 00:24 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-12-28 00:24 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2014-12-28 00:24 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll2014-12-28 00:24 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-12-28 00:24 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-12-28 00:24 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-12-28 00:24 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-12-28 00:24 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-12-28 00:24 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-12-28 00:24 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-12-28 00:24 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-12-28 00:24 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll2014-12-28 00:24 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2014-12-28 00:24 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-12-28 00:24 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll2014-12-28 00:24 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll2014-12-28 00:24 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-12-28 00:24 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-12-28 00:24 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-12-28 00:24 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll2014-12-28 00:24 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-12-28 00:24 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-12-28 00:24 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-12-28 00:24 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-12-28 00:24 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-12-28 00:24 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-12-28 00:24 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll2014-12-28 00:24 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll2014-12-28 00:24 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys2014-12-28 00:23 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-12-28 00:23 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-12-28 00:23 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2014-12-28 00:23 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-12-28 00:23 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-12-28 00:23 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-12-28 00:23 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2014-12-28 00:23 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-12-28 00:23 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2014-12-28 00:23 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2014-12-28 00:23 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-12-28 00:23 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-12-28 00:22 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe2014-12-28 00:22 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe2014-12-28 00:21 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2014-12-28 00:21 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll2014-12-28 00:21 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll2014-12-28 00:21 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll2014-12-28 00:21 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll2014-12-28 00:21 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll2014-12-28 00:21 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe2014-12-28 00:21 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll2014-12-28 00:21 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll2014-12-28 00:21 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll2014-12-28 00:21 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll2014-12-28 00:21 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe2014-12-28 00:15 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2014-12-28 00:15 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2014-12-28 00:15 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2014-12-28 00:15 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2014-12-28 00:15 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2014-12-28 00:15 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2014-12-28 00:15 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll2014-12-28 00:15 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll2014-12-28 00:15 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll2014-12-28 00:15 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll2014-12-28 00:15 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll2014-12-28 00:15 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll2014-12-28 00:14 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2014-12-28 00:13 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll2014-12-28 00:13 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll2014-12-28 00:02 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll2014-12-28 00:02 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2014-12-28 00:02 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2014-12-28 00:02 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll2014-12-28 00:02 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll2014-12-28 00:02 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-12-28 00:02 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-12-28 00:02 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-12-28 00:02 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-12-28 00:02 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL2014-12-28 00:02 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL2014-12-28 00:01 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2014-12-28 00:01 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll2014-12-28 00:01 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll2014-12-28 00:01 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll2014-12-28 00:01 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll2014-12-28 00:01 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll2014-12-28 00:01 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll2014-12-28 00:01 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll2014-12-28 00:01 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2014-12-28 00:01 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2014-12-28 00:01 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll2014-12-28 00:01 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll2014-12-28 00:01 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll2014-12-28 00:01 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll2014-12-28 00:01 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll2014-12-28 00:01 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll2014-12-28 00:01 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll2014-12-28 00:01 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll2014-12-28 00:01 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll2014-12-28 00:01 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll2014-12-27 21:35 - 2014-12-27 21:36 - 18423384 _____ () C:\Users\Dodie\Downloads\RogueKillerX64.exe2014-12-27 19:43 - 2014-12-27 19:44 - 00037205 _____ () C:\Users\Dodie\Downloads\Addition.txt2014-12-27 19:43 - 2014-12-27 19:44 - 00034952 _____ () C:\Users\Dodie\Downloads\FRST.txt2014-12-22 20:02 - 2014-12-22 20:02 - 00041984 _____ () C:\Users\Dodie\Downloads\2014_Meds (1).xls2014-12-22 20:00 - 2014-12-22 20:00 - 00041984 _____ () C:\Users\Dodie\Downloads\2014_Meds.xls2014-12-13 17:24 - 2014-12-13 17:24 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers2014-12-13 17:22 - 2014-12-13 17:22 - 00834424 _____ (SlimWare Utilities, Inc.) C:\Users\Dodie\Downloads\DriverUpdate-setup.exe2014-12-13 16:58 - 2014-12-27 19:43 - 00000000 ____D () C:\Users\Dodie\Downloads\FRST-OlderVersion2014-12-11 15:50 - 2014-12-11 16:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2014-12-11 15:42 - 2014-12-11 16:06 - 00000000 ____D () C:\Users\Dodie\Downloads\mbar2014-12-11 15:40 - 2014-12-11 15:41 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Dodie\Downloads\mbar-1.08.2.1001.exe2014-12-10 16:37 - 2014-12-10 16:37 - 00823296 _____ ( ) C:\Users\Dodie\Downloads\Free_Download_Setup.exe2014-12-10 16:30 - 2014-12-10 16:30 - 04707328 _____ () C:\Users\Dodie\Downloads\RogueKiller (1).exe2014-12-10 16:27 - 2014-12-10 16:27 - 04707328 _____ () C:\Users\Dodie\Downloads\RogueKiller.exe2014-12-10 16:27 - 2014-12-10 16:27 - 00000000 ____D () C:\ProgramData\RogueKiller2014-12-09 20:08 - 2014-12-11 12:50 - 00000000 ____D () C:\Users\Dodie\AppData\Local\Search Extensions2014-12-09 20:08 - 2014-12-09 21:47 - 00000000 ____D () C:\Users\Dodie\AppData\Local\ICSharpCode.net2014-12-09 19:35 - 2014-12-28 11:43 - 00000000 ____D () C:\Users\Dodie\Desktop\ALL DESKTOP FOLDERS2014-12-09 19:26 - 2014-12-09 19:26 - 00000000 ____D () C:\Users\Dodie\Documents\Optimizer Pro2014-12-09 19:21 - 2014-12-09 21:47 - 00000000 ____D () C:\Users\Dodie\AppData\Roaming\DigitalSites2014-12-09 18:56 - 2015-01-02 19:03 - 02123264 _____ (Farbar) C:\Users\Dodie\Desktop\FRST64.exe2014-12-09 18:56 - 2015-01-02 19:03 - 00000000 ____D () C:\FRST2014-12-08 22:28 - 2015-01-01 19:46 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-12-08 22:27 - 2014-12-11 15:43 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-12-08 22:27 - 2014-12-08 22:27 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-12-08 22:27 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-12-08 22:27 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-12-08 22:17 - 2014-12-08 22:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Dodie\Downloads\mbam-setup-2.0.4.1028.exe2014-12-07 17:10 - 2014-12-08 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-12-07 17:10 - 2014-12-08 22:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-12-07 17:10 - 2014-12-07 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-12-03 18:41 - 2014-12-28 17:56 - 00003460 _____ () C:\Windows\System32\Tasks\SpeedFixTool_Popup2014-12-03 16:21 - 2014-12-03 16:21 - 05160608 _____ (McAfee, Inc.) C:\Users\Dodie\Downloads\McAfeeSetup-Serial (1).exe2014-12-03 16:15 - 2015-01-02 14:28 - 00001851 _____ () C:\Users\Public\Desktop\McAfee Security Center.lnk2014-12-03 16:14 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys2014-12-03 16:13 - 2014-12-03 16:13 - 00000000 ____D () C:\Program Files (x86)\McAfee.com2014-12-03 16:12 - 2014-12-03 16:15 - 00000000 ____D () C:\Program Files\McAfee2014-12-03 16:12 - 2014-12-03 16:14 - 00000000 ____D () C:\Program Files (x86)\McAfee2014-12-03 16:12 - 2014-12-03 16:12 - 00000000 ____D () C:\Program Files\McAfee.com2014-12-03 16:03 - 2014-12-08 23:36 - 00000000 ____D () C:\ProgramData\McAfee2014-12-03 16:03 - 2014-12-08 23:36 - 00000000 ____D () C:\Program Files\Common Files\McAfee2014-12-03 16:03 - 2014-06-20 10:30 - 00189912 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe2014-12-03 16:02 - 2014-12-03 16:02 - 05160608 _____ (McAfee, Inc.) C:\Users\Dodie\Downloads\McAfeeSetup-Serial.exe2014-12-03 15:58 - 2014-12-03 15:58 - 00000550 _____ () C:\Windows\Tasks\MainUIModule_AOL_Computer Checkup_{BDA49F87-1626-484F-AB5B-41EA29B28AD7}.job2014-12-03 15:48 - 2014-12-03 15:48 - 03480040 _____ (McAfee, Inc.) C:\Users\Dodie\Downloads\MCPR.exe2014-12-03 15:09 - 2014-12-03 15:09 - 00001040 _____ () C:\Users\Public\Desktop\AOL Desktop 9.7.lnk2014-12-03 15:07 - 2014-12-08 23:36 - 00000000 ____D () C:\Program Files (x86)\AOL Desktop 9.72014-12-03 15:07 - 2014-12-03 15:09 - 00031944 _____ () C:\install.log2014-12-03 15:03 - 2014-12-03 15:06 - 81551824 _____ (AOL Inc.) C:\Users\Dodie\Downloads\setup.exe2014-12-03 14:40 - 2014-12-03 14:40 - 00000050 _____ () C:\Windows\SysWOW64\⥸N婸Nlotserviceruntime.log2014-12-03 14:37 - 2014-12-03 14:37 - 00002333 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL Computer Checkup.lnk2014-12-03 14:37 - 2014-12-03 14:37 - 00002279 _____ () C:\Users\Public\Desktop\AOL Computer Checkup.lnk2014-12-03 14:37 - 2014-12-03 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL Computer Checkup2014-12-03 14:37 - 2014-12-03 14:37 - 00000000 ____D () C:\ProgramData\AOL Computer Checkup2014-12-03 14:35 - 2014-12-08 23:36 - 00000000 ____D () C:\Program Files (x86)\AOL Computer Checkup2014-12-03 14:35 - 2014-12-03 14:35 - 00768288 _____ (AOL) C:\Users\Dodie\Downloads\AOLComputerCheckupDM.exe2014-12-03 14:21 - 2014-12-28 11:39 - 00001382 _____ () C:\Users\Dodie\Desktop\Internet Explorer.lnk ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-02 18:59 - 2009-07-13 23:13 - 00854542 _____ () C:\Windows\system32\PerfStringBackup.INI2015-01-02 18:55 - 2014-09-30 13:53 - 31498959 _____ () C:\alotserviceruntime.log2015-01-02 18:55 - 2012-04-23 07:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2015-01-02 18:55 - 2012-03-31 22:00 - 00000324 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job2015-01-02 18:55 - 2012-01-15 16:26 - 01538088 _____ () C:\Windows\WindowsUpdate.log2015-01-02 18:55 - 2010-07-23 00:47 - 00000000 ____D () C:\ProgramData\Temp2015-01-01 22:46 - 2012-05-13 16:28 - 00000000 ____D () C:\Users\Dodie\Deskop2015-01-01 22:08 - 2012-02-14 08:46 - 00000000 ____D () C:\ProgramData\AOL2015-01-01 20:14 - 2014-10-09 13:37 - 00000000 ____D () C:\Program Files (x86)\AOL Toolbar2015-01-01 20:14 - 2014-07-02 11:41 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2015-01-01 19:50 - 2009-07-13 22:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-01-01 19:50 - 2009-07-13 22:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-01-01 19:42 - 2014-10-15 19:26 - 00015694 _____ () C:\Windows\DtcInstall.log2015-01-01 19:41 - 2014-10-15 19:26 - 00007572 _____ () C:\Windows\setupact.log2015-01-01 19:41 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-12-30 22:51 - 2012-03-10 13:01 - 00002356 _____ () C:\Windows\system32\regHiveData.bin2014-12-29 18:57 - 2014-05-19 15:58 - 00000000 ____D () C:\Users\DefaultAppPool2014-12-28 18:31 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache2014-12-28 18:06 - 2014-10-08 20:36 - 00000000 ____D () C:\Users\Dodie\Documents\SpeedFixTool2014-12-28 15:19 - 2014-08-13 12:11 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfb722abc7807.job2014-12-28 15:19 - 2014-08-13 12:11 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfb722a4311d9.job2014-12-28 15:19 - 2009-07-13 22:45 - 00428264 _____ () C:\Windows\system32\FNTCACHE.DAT2014-12-28 15:18 - 2014-10-15 19:26 - 00109064 _____ () C:\Windows\PFRO.log2014-12-28 15:18 - 2010-07-23 00:52 - 00000000 ____D () C:\Program Files\Google2014-12-28 15:18 - 2010-07-23 00:52 - 00000000 ____D () C:\Program Files (x86)\Google2014-12-28 15:16 - 2012-03-18 11:28 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-12-28 15:16 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions2014-12-28 15:15 - 2014-08-04 16:01 - 00000000 ____D () C:\Windows\system32\MRT2014-12-28 15:10 - 2012-01-15 20:24 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-12-28 14:39 - 2014-08-13 12:13 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-12-28 14:36 - 2012-01-15 17:14 - 00000000 ____D () C:\Users\Dodie\AppData\Local\Deployment2014-12-28 13:56 - 2012-02-03 18:15 - 00000000 ____D () C:\Users\Dodie\AppData\Local\Google2014-12-28 13:56 - 2010-07-23 00:52 - 00000000 ____D () C:\ProgramData\Google2014-12-28 13:42 - 2010-07-23 01:31 - 05721376 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll2014-12-28 13:05 - 2012-02-08 11:18 - 00000000 ____D () C:\Users\Dodie\AppData\Local\Adobe2014-12-28 13:05 - 2012-01-15 17:33 - 00000000 ____D () C:\Users\Dodie\AppData\Roaming\Adobe2014-12-28 13:05 - 2010-07-23 00:57 - 00000000 ____D () C:\Program Files (x86)\Adobe2014-12-28 11:32 - 2012-02-14 08:41 - 00000569 _____ () C:\Windows\wininit.ini2014-12-28 11:30 - 2012-04-23 07:48 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2014-12-28 11:30 - 2012-04-23 07:48 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2014-12-28 11:30 - 2012-02-04 14:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2014-12-27 20:16 - 2014-11-18 22:42 - 00000000 __HDC () C:\ProgramData\{B867311F-7752-4D43-AD4E-FE953FE49704}2014-12-14 15:11 - 2010-12-18 15:16 - 00000000 ____D () C:\Users\Dodie\Documents\Family Tree Maker2014-12-11 15:45 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism2014-12-11 15:33 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\system32\Dism2014-12-10 12:32 - 2007-07-11 19:49 - 00000000 ____D () C:\Windows\Panther2014-12-09 21:48 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\tracing2014-12-08 23:36 - 2014-10-08 20:37 - 00000000 ____D () C:\Users\Dodie\AppData\Local\SpeedFixTool2014-12-08 23:36 - 2012-04-24 08:26 - 00000000 ____D () C:\Program Files (x86)\ABBYY Screenshot Reader2014-12-08 23:36 - 2012-01-15 16:31 - 00000000 ____D () C:\Program Files (x86)\Launch Manager2014-12-08 23:36 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration2014-12-08 21:38 - 2012-01-15 17:12 - 00000000 ____D () C:\Users\Dodie2014-12-07 17:24 - 2012-02-16 11:02 - 00000000 ____D () C:\Windows\Minidump2014-12-03 18:20 - 2012-03-07 20:37 - 00000000 ____D () C:\Windows\SystemRepair2014-12-03 15:58 - 2012-02-14 08:47 - 00000000 ____D () C:\Users\Dodie\AppData\Roaming\AOL2014-12-03 15:10 - 2012-02-14 08:46 - 00000000 ____D () C:\Users\Dodie\AppData\Local\AOL2014-12-03 15:09 - 2014-06-27 11:38 - 00000974 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\AOL Desktop 9.7.lnk2014-12-03 15:09 - 2012-02-14 08:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL2014-12-03 15:08 - 2014-07-02 11:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox Files to move or delete:====================C:\Users\Dodie\AOLComputerCheckupDM.exeC:\Users\Dodie\install_flashplayer11x64ax_chra_aih.exeC:\Users\Dodie\PS_AIO_07_D110_USW_Basic_Win_enu_140_126.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-28 01:50 ==================== End Of Log ============================
  24. Hi.. I found your site and appreciate any help I can get removing this garbage from my computer. I am not so good at all this. Thank you for any help. Mum. Immediate Email Notification FRST.txt Addition.txt
  25. For the past few weeks I have been dealing with a number of infections. First is the PUPS. I am running BitDefender as my main virus scanner. But every time MBAM does a scan it will tell me it has found one of three things:spigot, conduit, and/or superfish. I quarantine them but when I restart my machine they come back. I was thinking maybe I could handle this on my own because I have experience removing infections from my own computer but I am at my wits end here. I already have MBAM installed and I got the additional security tools cd when I paid for the premium version of MBAM. In addition when I was trying to remove the PUPS I went ahead and installed Spybot Search and Destroy but I don't know how to use it and another spyware removal program that didn't seem to help much. I installed all the programs on the cd and the MBAR (rootkit) program said I could have potential rootkit dll file on my box. Before that when BitDefender did it's regularly scheduled scan yesterday it said it had quarantined a trojan. Thanks for any and all help! scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by A (administrator) on ALEXANDRA-PC on 07-07-2014 23:19:54 Running from C:\Users\A\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Reason Software Company Inc.) C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\Integrator.exe (Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe (Genie-soft) C:\Program Files (x86)\LaCie\Genie Backup Assistant\GBMAgent.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dropbox, Inc.) C:\Users\A\AppData\Roaming\Dropbox\bin\Dropbox.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\downloader.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2824528 2012-06-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2011-12-19] (Intel Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.) HKLM\...\Run: [boxSync] => c:\Program Files\Box\Box Sync\BoxSync.exe [13509056 2014-06-25] (Box, Inc.) HKLM\...\Run: [spywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe HKLM\...\Run: [spywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com) HKLM-x32\...\Run: [GBMLite8AgentLaCie] => C:\Program Files (x86)\LaCie\Genie Backup Assistant\GBMAgent.exe [189056 2008-09-18] (Genie-soft) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-04] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\.DEFAULT\...\Run: [bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-05-23] (Bitdefender) HKU\.DEFAULT\...\Run: [bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-05-23] (Bitdefender) HKU\.DEFAULT\...\Run: [bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614744 2014-05-23] (Bitdefender) HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Run: [Registry Cleaner] => C:\Program Files (x86)\MyTechHelp\Registry Cleaner\RCLauncher.exe HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Run: [OpenDNS Updater] => C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] () HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Run: [MyTechHelp Registry Cleaner] => C:\Program Files (x86)\MyTechHelp\Registry Cleaner\RCLauncher.exe HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Run: [GoogleChromeAutoLaunch_7BF1FD95D04C53B8010C6271BFF3AA5D] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.) HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-1827809378-912741919-3246080145-1000\...\MountPoints2: {0aadc518-319e-11e3-a468-c485083e596c} - E:\LaunchU3.exe -a HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Run: [GBMLite8AgentLaCie] => C:\Program Files (x86)\LaCie\Genie Backup Assistant\GBMAgent.exe [189056 2008-09-18] (Genie-soft) HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1827809378-912741919-3246080145-1001\...\Policies\Explorer: [NoInstrumentation] 1 Startup: C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\A\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers: 0000BoxSyncFileLocked -> {1b9c95e1-ce36-3737-81c8-1ec9807f03c1} => C:\windows\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: 0000BoxSyncNotSynced -> {e22ccf16-2db6-3de8-9a2c-acb66b571b69} => C:\windows\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: 0000BoxSyncProblem -> {84878798-e5c4-3e6b-b7c4-b51c4ac4e7dc} => C:\windows\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: 0000BoxSyncSynced -> {01fcd170-7f0a-3b6a-b992-66a7a20289b5} => C:\windows\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: 01ElephantIconOverlay -> {AFA39CBB-DF66-47f9-A047-47ED25FE655E} => C:\Program Files (x86)\TechZilla\tzCloud\IconOverlay-64bit.dll (TODO: <Company name>) ShellIconOverlayIdentifiers: 02ElephantIconOverlay -> {1E519A85-494E-4706-AC87-1CC8BB9CC5DA} => C:\Program Files (x86)\TechZilla\tzCloud\IconOverlay-64bit.dll (TODO: <Company name>) ShellIconOverlayIdentifiers: 03ElephantIconOverlay -> {0E2DD711-458A-4b39-8211-3F5FDAA0539E} => C:\Program Files (x86)\TechZilla\tzCloud\IconOverlay-64bit.dll (TODO: <Company name>) ShellIconOverlayIdentifiers: 04ElephantIconOverlay -> {2E28D71B-2733-46CD-B61B-49926AC3FD6F} => C:\Program Files (x86)\TechZilla\tzCloud\IconOverlay-64bit.dll (TODO: <Company name>) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: __SafeBox1 -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: __SafeBox2 -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: __SafeBox3 -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: __SafeBox4 -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File BootExecute: autocheck autochk * BootDefrag.exesdnclean64.exe GroupPolicyUsers\S-1-5-21-1827809378-912741919-3246080145-1000\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46CA99D3E24BCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - DefaultScope {6F7974A4-5497-4B67-8A4B-7AC251CEABBC} URL = http://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKCU - {6F7974A4-5497-4B67-8A4B-7AC251CEABBC} URL = http://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms} BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: No Name - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - No File BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll () BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SafeWallet - {F4BD56CF-6EF8-45CA-AB6F-9C9D313C3D07} - C:\Program Files (x86)\SafeWallet\SWIEExtension.dll (SBSH) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass) Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass) Toolbar: HKLM-x32 - SafeWallet Toolbar - {DC0D6E34-F2DB-4007-AF5E-C77AA97A80A0} - C:\Program Files (x86)\SafeWallet\SWIEExtension.dll (SBSH) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7C237B6F-0F7D-44B5-9A08-DC395E4BC548}: [NameServer]8.26.56.26,156.154.70.22 Tcpip\..\Interfaces\{AFB80C86-20E1-4105-9B89-9C92372BC413}: [NameServer]208.67.222.222,208.67.220.220 FireFox: ======== FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\3kftq7hi.default FF DefaultSearchEngine: Google FF SelectedSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media ) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Yahoo! Toolbar - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\3kftq7hi.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-01-25] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-17] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-03-07] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-03-07] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-03-28] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-03-07] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-03-28] Chrome: ======= CHR HomePage: CHR StartupUrls: "hxxp://www.google.com/", "hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN13495198426598598&UM=2", "hxxp://www.google.com" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\A\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll () CHR Plugin: (Bitdefender QuickScan) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.141_0\npqscan.dll (Bitdefender SRL) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Oberon com adapter) - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media ) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java Platform SE 7 U55) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NPLastPass) - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass) CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) CHR Extension: (Math - Expressions and Equations solver) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmlciailbmfgedjkmbmfbaddfhdeljo [2013-12-12] CHR Extension: (BIODIGITAL HUMAN) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-12-12] CHR Extension: (Xmarks Bookmark Sync) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2013-12-12] CHR Extension: (Google Docs) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-11] CHR Extension: (Google Drive) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-12] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23] CHR Extension: (Mangahigh - Making Math Irresistible) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfkecmodcflighmgjiidpfngpigncjkl [2013-12-12] CHR Extension: (Desmos Graphing Calculator) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdheahnajobgndecdbggfmcojekgdko [2013-12-12] CHR Extension: (3D F1 Racing) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjmpnhmdoblkjfijdoaadaeffaaknfip [2013-12-12] CHR Extension: (YouTube) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-11] CHR Extension: (eBay) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2013-12-12] CHR Extension: (Bitdefender Wallet) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-03-07] CHR Extension: (Ebates Cash Back) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2013-12-12] CHR Extension: (Library Extension) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\chkgcmmjoejpekoegkedcpifgfhpjmec [2013-12-12] CHR Extension: (Shopping Mall Parking 3D) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\clipkodmbobgeipjokdkbjnbijkkhmbm [2013-12-12] CHR Extension: (Print Mandalas) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\clofgneecjlbnplodgcdfdkfekngeifl [2013-12-12] CHR Extension: (Weebly - Website Builder) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb [2013-12-12] CHR Extension: (Google Search) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-11] CHR Extension: (Fraction Calculator) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\daknohebamnokicgmpigepchllkhkdah [2013-12-12] CHR Extension: (ColorMandala) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbafebdejmcgpbfkppndjeajebpppnei [2013-12-12] CHR Extension: (Parking Mania™) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\dliaancdkclmoacockpgpcopnfcjgmpe [2013-12-12] CHR Extension: (Word Search) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj [2013-12-12] CHR Extension: (Feedly Notifier) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb [2014-04-27] CHR Extension: (Pixlr-o-matic) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2013-12-12] CHR Extension: (Davitily Math Academy) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgkencbhniekejnjmlkpfmcambmikj [2013-12-12] CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-01-03] CHR Extension: (Practice Math) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcpalfkpbhhiaibalhoedjncjpjhmfge [2013-12-12] CHR Extension: (ZenMate) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-01-03] CHR Extension: (Print this page with CleanPrint) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklmmmdcofimkjmfjdnobmmgmefbapkf [2013-12-12] CHR Extension: (Print Selection) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkdpdnociibpkkpjgmcmdlnjlebpajk [2013-12-12] CHR Extension: (HTTPS Everywhere) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-01-03] CHR Extension: (Math Invaders) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfndgfelifpjlkcpbnjgegkbajimhmce [2013-12-12] CHR Extension: (Visnos Interactive Mathematics) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkaehphddognnolhgnimoadpoacbdhbd [2013-12-12] CHR Extension: (Open PayPal) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\glghgmejmmepalcnengjekjfmfbailbl [2014-01-03] CHR Extension: (HP Smart Print) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi [2013-12-12] CHR Extension: (Where to delete an account) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpofkfbabpbbmchmiekfnlcgaedbgcf [2014-01-01] CHR Extension: (NPR Infinite Player) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf [2013-12-12] CHR Extension: (Allow Right-Click) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo [2013-12-12] CHR Extension: (SpeedAnalysis.com) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccflhnofikabhofiecmimkdmdjbkpnn [2013-12-12] CHR Extension: (Incognito This!) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\icnaplnkjfjncegmphmlfpggildllbho [2014-01-03] CHR Extension: (Hojoki) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifjcgdcbhobdcojhnabjlholpbdmnpaa [2013-12-12] CHR Extension: (Boxcryptor) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijmndaodmdjamfepoijpolhjddgfgmme [2014-01-03] CHR Extension: (Math - Systems solver) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\illoeemapnndmdocobblbpcopiefbene [2013-12-12] CHR Extension: (Typist) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobjdokbkdhnelgogpoompgojjmgnejn [2014-01-03] CHR Extension: (Math Motorway) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdihnhedcafgpbbbbiohamlkbbjlifdb [2013-12-12] CHR Extension: (Turbo Parking - Quickly Park your Car!) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jegpgdincjbdcckcndagnldclicalifa [2013-12-12] CHR Extension: (Disconnect) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2013-12-12] CHR Extension: (Typing Test - KeyHero) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2013-12-12] CHR Extension: (BeFrugal.com Add-On) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdcneeneoifbeenbbnjodcflhdbaggp [2013-12-12] CHR Extension: (Free Invoice Maker) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\kebnkbogolcjifklpmgidaaoogjflajp [2013-12-12] CHR Extension: (Speed Reading Trainer) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\klloefpijaofgelefjimlhdikagaegfe [2013-12-12] CHR Extension: (Google Play) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-12-12] CHR Extension: (Color by Numbers - Animals) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcoipbiondkelalojhpgohnlakmmdjdm [2013-12-12] CHR Extension: (IQ FitFun Lite) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\llkgnpkopalfhlmdaoannmdbpmefhphl [2013-12-12] CHR Extension: (Cleaner Facebook) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnofjfijelilpjdibjjmldcpdenmbfh [2013-12-12] CHR Extension: (BookCollectorConnect) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodnnkllpjmiilmdkodnfaphmnfejhfh [2013-12-12] CHR Extension: (TODO) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\madhkckbjlmbdljfhidcbnpkknjlojoa [2013-12-12] CHR Extension: (Qmee) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde [2014-05-10] CHR Extension: (Extreme Racing) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmkojdflkpldoldoccpobfeaononj [2013-12-12] CHR Extension: (Open Library Book Search) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfabonemecnhlpcdippbpgjhmdciegii [2013-12-12] CHR Extension: (Hide My Identity Pro!) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\mipikfiemonghohkoahdejodajomoedf [2013-12-12] CHR Extension: (Shopping Mall Parking) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjfoehokglnmbbnncflhhgapdfkhahle [2013-12-12] CHR Extension: (Google Play Books) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-12-12] CHR Extension: (Bookmark) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\naghkjogakhpimmejjmakpmnbdeccinm [2013-12-12] CHR Extension: (Coloring Pages) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbldodhfmmfcfaooalepihkfkmjhnmei [2013-12-12] CHR Extension: (Parking Mania) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncnmjokachcjofnjggegaafldpoimikb [2013-12-12] CHR Extension: (Webutation) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfclfmabiojpommfcalfdgjjeaahnjbj [2013-12-12] CHR Extension: (Amazon Windowshop) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nielaigelomefgdoljcpfgbdbfefhdjc [2013-12-12] CHR Extension: (Personality test) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\njopbnajjknkfcmaefnkmjkaknhcjmld [2013-12-12] CHR Extension: (Google Wallet) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Amazon™ Coupons) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogafikdinnpfpcmgiafoaibdkepijahb [2013-12-12] CHR Extension: (Transcribe: transcribe audio/interviews fast!) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm [2013-12-12] CHR Extension: (Cork Board) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\omedpokkgakfifajbapagggilbcenaga [2013-12-12] CHR Extension: (Sales Tax Calculator) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\onjlbagajkgilpkmpophdoocimkfaogg [2013-12-12] CHR Extension: (Spreadshirt Designer for Google Drive) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\oomgjmhhemldplodpialfbafcidjaghm [2013-12-12] CHR Extension: (Click&Clean App) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2013-12-12] CHR Extension: (Bitdefender QuickScan) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-01-03] CHR Extension: (Math Arcade Games) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfodbdfdkebjhdklkkmnjojpfjkkoodd [2013-12-12] CHR Extension: (Gmail) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-11] CHR Extension: (\) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkplgmhfkkhokgkdkblfcnfeccpippe [2014-01-03] CHR Extension: (TTR) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnpbbadbcckmfcbdhkbkegfgpdmoieji [2013-12-12] CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-03-27] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11] CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-04-11] ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-03-25] (Adobe Systems) [File not signed] S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender) S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [21504 2013-12-26] (Box Inc.) [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-07] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-06] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-08-23] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed] R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender) R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [File not signed] R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.) S3 TechZilla-MappedDrive.exe; C:\Program Files (x86)\TechZilla\tzCloud\tzCloud-MappedDrive.exe [126584 2013-04-03] (TechZilla) S3 TechZilla-Service.exe; C:\Program Files (x86)\TechZilla\tzCloud\tzCloud-Service.exe [126584 2013-04-03] (TechZilla) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1526800 2014-05-23] (Bitdefender) ==================== Drivers (Whitelisted) ==================== R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-05-23] (BitDefender LLC) R2 bdfsfltr; C:\windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC) S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL) S3 BDSandBox; C:\windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC) R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) R0 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [389240 2014-03-07] (BitDefender S.R.L.) R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-09] (Windows ® Win 7 DDK provider) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-09] (Windows ® Win 7 DDK provider) S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [X] S3 SBIOSIO; \??\C:\Users\A\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-07 23:19 - 2014-07-07 23:20 - 00044358 _____ () C:\Users\A\Downloads\FRST.txt 2014-07-07 23:19 - 2014-07-07 23:20 - 00000000 ____D () C:\FRST 2014-07-07 23:18 - 2014-07-07 23:18 - 02084352 _____ (Farbar) C:\Users\A\Downloads\FRST64.exe 2014-07-07 23:14 - 2014-07-07 23:14 - 00051496 _____ (Windows ® Win 7 DDK provider) C:\windows\system32\Drivers\stflt.sys 2014-07-07 23:11 - 2014-07-07 23:11 - 00000056 _____ () C:\windows\setupact.log 2014-07-07 23:11 - 2014-07-07 23:11 - 00000000 _____ () C:\windows\setuperr.log 2014-07-07 22:55 - 2014-07-07 23:15 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2014-07-07 21:56 - 2014-07-07 22:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-07-07 21:54 - 2014-07-07 22:37 - 00000000 ____D () C:\Users\A\Desktop\mbar 2014-07-07 21:44 - 2014-07-07 21:44 - 00065232 _____ (Malwarebytes) C:\Users\A\Downloads\regassassin-setup-1.03.exe 2014-07-07 19:04 - 2014-07-07 19:04 - 00004427 _____ () C:\Users\A\Desktop\financialstatements_part2_multistepis_sse_corp.txt 2014-07-04 22:33 - 2014-07-04 22:36 - 141801528 _____ () C:\Users\A\Downloads\avira_free_antivirus_en.exe 2014-07-04 22:11 - 2014-07-04 22:14 - 91906368 _____ (AVAST Software) C:\Users\A\Downloads\avast_free_antivirus_setup.exe 2014-07-04 20:37 - 2014-07-04 20:37 - 00000000 __SHD () C:\Users\A\AppData\Local\EmieUserList 2014-07-04 20:37 - 2014-07-04 20:37 - 00000000 __SHD () C:\Users\A\AppData\Local\EmieSiteList 2014-07-04 20:35 - 2014-07-07 23:15 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator 2014-07-04 20:15 - 2014-07-04 20:15 - 05049344 _____ (Crawler.com ) C:\Users\A\Downloads\Spyware_Terminator_v3.0.0.82.exe 2014-07-01 22:50 - 2014-07-01 22:55 - 00000000 ____D () C:\Users\A\Desktop\2014-07 (Jul) 2014-07-01 15:18 - 2014-07-01 15:18 - 00002768 _____ () C:\Users\A\Documents\cc_20140701_151751.reg 2014-06-30 18:01 - 2014-07-07 22:57 - 00000000 ____D () C:\Users\A\AppData\Roaming\DropboxMaster 2014-06-30 17:55 - 2014-06-30 23:35 - 00000000 ____D () C:\Users\A\Desktop\Graphics 2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\A\Desktop\Patterns Graphics 2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\A\Desktop\Paper Beads 2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\A\Desktop\Flourishes 2014-06-30 17:54 - 2014-06-30 17:54 - 00318944 _____ (Dropbox, Inc.) C:\Users\A\Downloads\DropboxInstaller.exe 2014-06-26 22:04 - 2014-06-26 22:06 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\A\Downloads\mbam_premium.exe 2014-06-26 15:39 - 2014-06-26 15:39 - 00000000 ____D () C:\Users\A\AppData\Local\{F2FB85EC-5EAD-4618-839F-F185828B2FA8} 2014-06-26 00:30 - 2014-06-26 00:31 - 00000000 ____D () C:\Users\A\Desktop\School 2014-06-26 00:30 - 2014-06-26 00:31 - 00000000 ____D () C:\Users\A\Desktop\C 2014-06-26 00:29 - 2014-06-18 15:14 - 00000030 _____ () C:\AVScanner.ini 2014-06-26 00:27 - 2014-07-07 15:59 - 00000000 ____D () C:\Users\A\Desktop\Business 2014-06-25 21:22 - 2014-06-25 21:22 - 00000000 ____D () C:\Users\A\AppData\Local\Adobe 2014-06-25 16:44 - 2014-06-25 16:44 - 00000000 ___HD () C:\Users\A\.boxsync 2014-06-20 17:12 - 2014-06-20 17:10 - 00312728 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2014-06-20 17:11 - 2014-06-20 17:11 - 00000000 ____D () C:\Users\A\Documents\ProcAlyzer Dumps 2014-06-20 17:11 - 2014-06-20 17:10 - 00191384 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2014-06-20 17:11 - 2014-06-20 17:10 - 00190872 _____ (Oracle Corporation) C:\windows\system32\java.exe 2014-06-20 17:11 - 2014-06-20 17:10 - 00111000 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll 2014-06-20 17:10 - 2014-06-20 17:10 - 00000000 ____D () C:\Program Files\Java 2014-06-20 16:55 - 2014-06-20 16:55 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking 2014-06-20 16:54 - 2014-06-20 16:54 - 00001351 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-06-20 16:54 - 2014-06-20 16:54 - 00001339 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-06-20 16:54 - 2014-06-20 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-06-20 16:54 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe 2014-06-20 16:53 - 2014-06-20 17:40 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-06-20 16:53 - 2014-06-20 17:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-06-20 16:45 - 2014-06-20 16:46 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\A\Downloads\spybot-2.3.exe 2014-06-20 16:41 - 2014-06-20 16:42 - 34121112 _____ (Oracle Corporation) C:\Users\A\Downloads\Java_Runtime_Environment_(64bit)_v8.0.exe 2014-06-20 16:06 - 2014-06-20 16:06 - 00000832 _____ () C:\Users\A\Documents\'hosts'.txt 2014-06-20 15:22 - 2014-06-20 15:22 - 02837648 _____ (Emsisoft GmbH ) C:\Users\A\Downloads\Emsisoft_HiJackFree_v4.5.0.10.exe 2014-06-20 11:42 - 2014-07-07 22:53 - 00003340 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1827809378-912741919-3246080145-1001 2014-06-19 12:48 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2014-06-19 12:48 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll 2014-06-19 12:48 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll 2014-06-19 12:48 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll 2014-06-19 12:48 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-06-19 12:48 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2014-06-19 12:48 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2014-06-19 12:48 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2014-06-19 12:48 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2014-06-19 12:48 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2014-06-19 12:48 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll 2014-06-19 12:48 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-06-19 12:48 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll 2014-06-19 12:48 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll 2014-06-19 12:47 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-06-19 12:47 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-06-19 12:47 - 2014-05-30 03:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2014-06-19 12:47 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-06-19 12:47 - 2014-05-30 02:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2014-06-19 12:47 - 2014-05-30 02:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-06-19 12:47 - 2014-05-30 02:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2014-06-19 12:47 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-06-19 12:47 - 2014-05-30 02:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-06-19 12:47 - 2014-05-30 02:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2014-06-19 12:47 - 2014-05-30 02:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2014-06-19 12:47 - 2014-05-30 02:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2014-06-19 12:47 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2014-06-19 12:47 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-06-19 12:47 - 2014-05-30 02:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2014-06-19 12:47 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-06-19 12:47 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-06-19 12:47 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-06-19 12:47 - 2014-05-30 01:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2014-06-19 12:47 - 2014-05-30 01:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-06-19 12:47 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-06-19 12:47 - 2014-05-30 01:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2014-06-19 12:47 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-06-19 12:47 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-06-19 12:47 - 2014-05-30 01:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2014-06-19 12:47 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-06-19 12:47 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-06-19 12:47 - 2014-05-30 01:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-06-19 12:47 - 2014-05-30 01:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-06-19 12:47 - 2014-05-30 01:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2014-06-19 12:47 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-06-19 12:47 - 2014-05-30 01:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2014-06-19 12:47 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2014-06-19 12:47 - 2014-05-30 01:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2014-06-19 12:47 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-06-19 12:47 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-06-19 12:47 - 2014-05-30 01:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-19 12:47 - 2014-05-30 01:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-06-19 12:47 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-06-19 12:47 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-06-19 12:47 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-06-19 12:47 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-06-19 12:47 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-06-19 12:47 - 2014-05-30 00:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2014-06-19 12:47 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-06-19 12:47 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-06-19 12:47 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-06-19 12:47 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-06-19 12:47 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-06-19 12:47 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-06-19 12:47 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2014-06-19 12:47 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2014-06-19 12:44 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-06-19 12:44 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2014-06-18 19:18 - 2014-06-28 14:43 - 00000000 ____D () C:\Users\A\AppData\Local\Windows Live 2014-06-18 19:18 - 2014-06-18 19:18 - 00000000 ____D () C:\Users\A\AppData\Local\{2E059732-D2A6-421C-96DC-39F4D6AD899C} 2014-06-18 19:16 - 2014-06-18 19:16 - 00000000 ____D () C:\Users\A\AppData\Local\{98B6B157-F632-46B9-9483-A082D3B3D835} 2014-06-18 14:22 - 2014-07-07 21:56 - 00119000 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-18 14:21 - 2014-07-07 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-06-18 14:21 - 2014-07-07 21:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-06-18 14:21 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-06-18 14:21 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-06-18 14:18 - 2014-06-18 14:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\A\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-17 19:39 - 2014-06-17 19:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-16 15:40 - 2014-06-16 15:40 - 00011908 _____ () C:\Users\A\Documents\cc_20140616_154004.reg 2014-06-16 15:34 - 2014-07-07 20:01 - 00000000 ____D () C:\Users\A\Desktop\ACCT 2014-06-16 15:33 - 2014-07-07 16:00 - 00000000 ____D () C:\Users\A\Desktop\BIOL 2014-06-16 15:33 - 2014-06-26 17:52 - 00000000 ____D () C:\Users\A\Desktop\READ 2014-06-16 15:31 - 2014-07-07 21:29 - 00000000 ____D () C:\Users\A\Desktop\LIT 2014-06-16 15:31 - 2014-07-07 15:57 - 00000000 ____D () C:\Users\A\Desktop\HLTH ==================== One Month Modified Files and Folders ======= 2014-07-07 23:20 - 2014-07-07 23:19 - 00044358 _____ () C:\Users\A\Downloads\FRST.txt 2014-07-07 23:20 - 2014-07-07 23:19 - 00000000 ____D () C:\FRST 2014-07-07 23:18 - 2014-07-07 23:18 - 02084352 _____ (Farbar) C:\Users\A\Downloads\FRST64.exe 2014-07-07 23:15 - 2014-07-07 22:55 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2014-07-07 23:15 - 2014-07-04 20:35 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator 2014-07-07 23:14 - 2014-07-07 23:14 - 00051496 _____ (Windows ® Win 7 DDK provider) C:\windows\system32\Drivers\stflt.sys 2014-07-07 23:11 - 2014-07-07 23:11 - 00000056 _____ () C:\windows\setupact.log 2014-07-07 23:11 - 2014-07-07 23:11 - 00000000 _____ () C:\windows\setuperr.log 2014-07-07 23:01 - 2014-01-15 19:13 - 01281535 ____N () C:\windows\WindowsUpdate.log 2014-07-07 22:57 - 2014-06-30 18:01 - 00000000 ____D () C:\Users\A\AppData\Roaming\DropboxMaster 2014-07-07 22:57 - 2013-09-28 17:39 - 00000000 ___RD () C:\Users\A\Dropbox 2014-07-07 22:57 - 2013-09-28 17:16 - 00000000 ____D () C:\Users\A\AppData\Roaming\Dropbox 2014-07-07 22:57 - 2013-03-21 17:54 - 00000000 ____D () C:\Users\A\AppData\Local\Box Sync 2014-07-07 22:57 - 2009-07-13 21:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-07 22:57 - 2009-07-13 21:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-07 22:56 - 2009-07-13 22:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI 2014-07-07 22:53 - 2014-06-20 11:42 - 00003340 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1827809378-912741919-3246080145-1001 2014-07-07 22:53 - 2014-05-23 21:05 - 00003198 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1827809378-912741919-3246080145-1001 2014-07-07 22:53 - 2014-01-11 01:32 - 00000324 _____ () C:\windows\Tasks\GlaryInitialize 4.job 2014-07-07 22:53 - 2014-01-11 01:31 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4 2014-07-07 22:52 - 2013-06-11 18:35 - 00000884 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-07 22:52 - 2012-05-04 00:03 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2014-07-07 22:48 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-07-07 22:37 - 2014-07-07 21:56 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-07-07 22:37 - 2014-07-07 21:54 - 00000000 ____D () C:\Users\A\Desktop\mbar 2014-07-07 22:33 - 2012-08-23 16:53 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-07-07 22:28 - 2013-06-11 18:35 - 00000888 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-07 21:56 - 2014-06-18 14:22 - 00119000 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-07 21:52 - 2014-06-18 14:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-07 21:52 - 2014-06-18 14:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-07 21:52 - 2014-01-02 14:15 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-07 21:44 - 2014-07-07 21:44 - 00065232 _____ (Malwarebytes) C:\Users\A\Downloads\regassassin-setup-1.03.exe 2014-07-07 21:29 - 2014-06-16 15:31 - 00000000 ____D () C:\Users\A\Desktop\LIT 2014-07-07 20:01 - 2014-06-16 15:34 - 00000000 ____D () C:\Users\A\Desktop\ACCT 2014-07-07 19:04 - 2014-07-07 19:04 - 00004427 _____ () C:\Users\A\Desktop\financialstatements_part2_multistepis_sse_corp.txt 2014-07-07 17:59 - 2013-01-21 19:10 - 00000452 _____ () C:\windows\Tasks\KingSoft_2013121181014.job 2014-07-07 16:00 - 2014-06-16 15:33 - 00000000 ____D () C:\Users\A\Desktop\BIOL 2014-07-07 15:59 - 2014-06-26 00:27 - 00000000 ____D () C:\Users\A\Desktop\Business 2014-07-07 15:57 - 2014-06-16 15:31 - 00000000 ____D () C:\Users\A\Desktop\HLTH 2014-07-07 15:16 - 2012-05-04 00:03 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2014-07-04 22:36 - 2014-07-04 22:33 - 141801528 _____ () C:\Users\A\Downloads\avira_free_antivirus_en.exe 2014-07-04 22:14 - 2014-07-04 22:11 - 91906368 _____ (AVAST Software) C:\Users\A\Downloads\avast_free_antivirus_setup.exe 2014-07-04 21:43 - 2013-05-20 12:44 - 00000000 ____D () C:\windows\Minidump 2014-07-04 20:37 - 2014-07-04 20:37 - 00000000 __SHD () C:\Users\A\AppData\Local\EmieUserList 2014-07-04 20:37 - 2014-07-04 20:37 - 00000000 __SHD () C:\Users\A\AppData\Local\EmieSiteList 2014-07-04 20:15 - 2014-07-04 20:15 - 05049344 _____ (Crawler.com ) C:\Users\A\Downloads\Spyware_Terminator_v3.0.0.82.exe 2014-07-04 19:53 - 2014-03-06 10:34 - 00000000 ____D () C:\ProgramData\ProductData 2014-07-04 19:49 - 2014-01-15 19:12 - 00000000 ____D () C:\Users\A\AppData\Roaming\DiskDefrag 2014-07-01 22:55 - 2014-07-01 22:50 - 00000000 ____D () C:\Users\A\Desktop\2014-07 (Jul) 2014-07-01 17:02 - 2013-04-22 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync 2014-07-01 15:19 - 2014-01-16 15:46 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-01 15:18 - 2014-07-01 15:18 - 00002768 _____ () C:\Users\A\Documents\cc_20140701_151751.reg 2014-07-01 15:05 - 2013-12-11 21:45 - 00000000 ____D () C:\Users\A\AppData\Local\CrashDumps 2014-06-30 23:35 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\A\Desktop\Graphics 2014-06-30 18:01 - 2013-09-28 17:39 - 00001009 _____ () C:\Users\A\Desktop\Dropbox.lnk 2014-06-30 18:01 - 2013-09-28 17:18 - 00000000 ____D () C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\A\Desktop\Patterns Graphics 2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\A\Desktop\Paper Beads 2014-06-30 17:55 - 2014-06-30 17:55 - 00000000 ____D () C:\Users\A\Desktop\Flourishes 2014-06-30 17:54 - 2014-06-30 17:54 - 00318944 _____ (Dropbox, Inc.) C:\Users\A\Downloads\DropboxInstaller.exe 2014-06-28 14:43 - 2014-06-18 19:18 - 00000000 ____D () C:\Users\A\AppData\Local\Windows Live 2014-06-26 22:06 - 2014-06-26 22:04 - 17291904 _____ (Malwarebytes Corporation ) C:\Users\A\Downloads\mbam_premium.exe 2014-06-26 21:00 - 2012-05-04 01:03 - 00000000 ____D () C:\windows\bg 2014-06-26 17:52 - 2014-06-16 15:33 - 00000000 ____D () C:\Users\A\Desktop\READ 2014-06-26 15:39 - 2014-06-26 15:39 - 00000000 ____D () C:\Users\A\AppData\Local\{F2FB85EC-5EAD-4618-839F-F185828B2FA8} 2014-06-26 00:31 - 2014-06-26 00:30 - 00000000 ____D () C:\Users\A\Desktop\School 2014-06-26 00:31 - 2014-06-26 00:30 - 00000000 ____D () C:\Users\A\Desktop\C 2014-06-25 21:22 - 2014-06-25 21:22 - 00000000 ____D () C:\Users\A\AppData\Local\Adobe 2014-06-25 16:44 - 2014-06-25 16:44 - 00000000 ___HD () C:\Users\A\.boxsync 2014-06-25 16:44 - 2012-08-23 14:08 - 00000000 ____D () C:\Users\A 2014-06-24 14:13 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache 2014-06-22 16:23 - 2013-06-11 18:35 - 00003884 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-22 16:23 - 2013-06-11 18:35 - 00003632 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-20 17:40 - 2014-06-20 16:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-06-20 17:11 - 2014-06-20 17:11 - 00000000 ____D () C:\Users\A\Documents\ProcAlyzer Dumps 2014-06-20 17:10 - 2014-06-20 17:12 - 00312728 _____ (Oracle Corporation) C:\windows\system32\javaws.exe 2014-06-20 17:10 - 2014-06-20 17:11 - 00191384 _____ (Oracle Corporation) C:\windows\system32\javaw.exe 2014-06-20 17:10 - 2014-06-20 17:11 - 00190872 _____ (Oracle Corporation) C:\windows\system32\java.exe 2014-06-20 17:10 - 2014-06-20 17:11 - 00111000 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll 2014-06-20 17:10 - 2014-06-20 17:10 - 00000000 ____D () C:\Program Files\Java 2014-06-20 17:00 - 2014-06-20 16:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-06-20 16:55 - 2014-06-20 16:55 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking 2014-06-20 16:54 - 2014-06-20 16:54 - 00001351 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-06-20 16:54 - 2014-06-20 16:54 - 00001339 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-06-20 16:54 - 2014-06-20 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-06-20 16:46 - 2014-06-20 16:45 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\A\Downloads\spybot-2.3.exe 2014-06-20 16:42 - 2014-06-20 16:41 - 34121112 _____ (Oracle Corporation) C:\Users\A\Downloads\Java_Runtime_Environment_(64bit)_v8.0.exe 2014-06-20 16:06 - 2014-06-20 16:06 - 00000832 _____ () C:\Users\A\Documents\'hosts'.txt 2014-06-20 15:22 - 2014-06-20 15:22 - 02837648 _____ (Emsisoft GmbH ) C:\Users\A\Downloads\Emsisoft_HiJackFree_v4.5.0.10.exe 2014-06-20 15:11 - 2012-05-04 01:04 - 00000000 ____D () C:\windows\es 2014-06-20 11:05 - 2013-08-14 03:02 - 00000000 ____D () C:\windows\system32\MRT 2014-06-20 10:51 - 2012-10-10 22:01 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-06-20 10:48 - 2012-08-23 19:15 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-20 10:44 - 2014-05-11 13:38 - 00000000 ___SD () C:\windows\system32\CompatTel 2014-06-18 19:18 - 2014-06-18 19:18 - 00000000 ____D () C:\Users\A\AppData\Local\{2E059732-D2A6-421C-96DC-39F4D6AD899C} 2014-06-18 19:16 - 2014-06-18 19:16 - 00000000 ____D () C:\Users\A\AppData\Local\{98B6B157-F632-46B9-9483-A082D3B3D835} 2014-06-18 15:14 - 2014-06-26 00:29 - 00000030 _____ () C:\AVScanner.ini 2014-06-18 15:13 - 2012-08-23 16:53 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-06-18 15:13 - 2012-08-23 16:53 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-18 15:13 - 2012-08-23 16:53 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-06-18 14:55 - 2014-01-25 01:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-18 14:54 - 2012-05-04 01:04 - 00000000 ____D () C:\windows\he 2014-06-18 14:21 - 2012-08-29 12:10 - 00000000 ____D () C:\Users\A\AppData\Roaming\Malwarebytes 2014-06-18 14:21 - 2012-08-29 12:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-18 14:19 - 2014-06-18 14:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\A\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-17 20:51 - 2013-12-30 19:16 - 00000000 ____D () C:\Users\A\Box Sync 2014-06-17 19:40 - 2014-06-17 19:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-16 15:40 - 2014-06-16 15:40 - 00011908 _____ () C:\Users\A\Documents\cc_20140616_154004.reg 2014-06-16 15:38 - 2013-06-11 18:37 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-08 02:13 - 2014-06-19 12:44 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2014-06-08 02:08 - 2014-06-19 12:44 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll Files to move or delete: ==================== C:\Users\A\AppData\Roaming\options.ini C:\Users\A\AppData\Roaming\options_pdfcombine.ini C:\Users\A\AppData\Roaming\options_pdfrotator.ini C:\Users\A\AppData\Roaming\setup.ini C:\Users\A\AppData\Roaming\setup_pdfcombine.ini C:\Users\A\AppData\Roaming\setup_pdfrotator.ini Some content of TEMP: ==================== C:\Users\A\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpg1l2ja.dll C:\Users\Admin\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe C:\Users\Admin\AppData\Local\Temp\Quarantine.exe C:\Users\Admin Test\AppData\Local\Temp\BullGuard Internet Security Setup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-28 14:24 ==================== End Of Log ============================ Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.