Jump to content

SweetpacksIM Infection


craigd
 Share

Recommended Posts

i have been trying to remove this damn sweetpacks garbage unsuccessfully.  Hopefully someone can help.

 

Here is my last log that found something.  I just ran a quick scan that found nothing (see below Mbam for additional info).

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.09.06.10
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Craig :: TIME-MACHINE [administrator]
 
Protection: Enabled
 
9/6/2013 9:01:36 PM
mbam-log-2013-09-06 (21-01-36).txt
 
Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 210298
Time elapsed: 22 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 2
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
 
Registry Values Detected: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {2845034B-CA21-11E2-BE77-9C2A702DFF52} -> Quarantined and deleted successfully.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {2845034B-CA21-11E2-BE77-9C2A702DFF52} -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
 
 
Here is a Junkware Remover's log.  Can someone help me remove Sweetpacks? - Thank You !
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows 8 x64
Ran by Craig on Wed 09/11/2013 at 13:43:00.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
~~~ Services
 
~~~ Registry Values
 
~~~ Registry Keys
 
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\updater by sweetpacks
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\updater by sweetpacks
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B6F2095E-6FB2-49D6-B06F-EE18CFBB555F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B6F2095E-6FB2-49D6-B06F-EE18CFBB555F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{B6F2095E-6FB2-49D6-B06F-EE18CFBB555F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
 
~~~ Files
 
~~~ Folders
 
~~~ Event Viewer Logs were cleared
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 09/11/2013 at 13:45:56.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Link to post
Share on other sites

Did you run this one:

Lets clean out any adware while you're here: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review.
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

i did run AdwCleaner....results below:  didn't know if I should delete them since they didn't say sweetpacks.  Should I delete them?

 

-----------

 

# AdwCleaner v3.003 - Report created 11/09/2013 at 12:48:13
# Updated 07/09/2013 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Craig - TIME-MACHINE
# Running from : C:\Users\Craig\Desktop\Downloads\adwcleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found C:\Users\Craig\AppData\Local\Temp\boost_interprocess
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Google Chrome v29.0.1547.66
 
[ File : C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1293 octets] - [29/08/2013 13:30:45]
AdwCleaner[R1].txt - [1304 octets] - [11/09/2013 12:48:13]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1364 octets] ##########
Link to post
Share on other sites

Yes delete them, what seems to be the problem and in which browsers??

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system)

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

FRST Log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013 01
Ran by Craig (administrator) on TIME-MACHINE on 11-09-2013 15:33:18
Running from C:\Users\Craig\Desktop\Downloads
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(CyberLink) c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Adobe Systems Incorporated) c:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [beatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [41664 2013-07-03] (Hewlett-Packard )
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-07-03] (IDT, Inc.)
HKCU\...\Run: [HP Officejet 6600 (NET)] - C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [CAHeadless] - c:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-11-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [624056 2011-08-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [eFax 4.4] - C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe [95744 2012-08-29] (j2 Global Communications, Inc.)
HKLM-x32\...\Run: [btTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387320 2013-05-03] (IVT Corporation)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk
ShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
Startup: C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6600 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 6600 (Network).lnk -> C:\Program Files\HP\HP Officejet 6600\bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {B6F2095E-6FB2-49D6-B06F-EE18CFBB555F} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {B6F2095E-6FB2-49D6-B06F-EE18CFBB555F} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU -  No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Turn Off the Lights) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.21_0
CHR Extension: (YouTube) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.6_0
CHR Extension: (New Tab Redirect!) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna\2.0_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 
==================== Services (Whitelisted) =================
 
R2 AdobeActiveFileMonitor11.0; c:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2011-11-23] (Amazon.com)
S3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; 
U4 BthHFEnum; 
U4 bthhfhid; 
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1152712 2013-05-10] (Ralink Technology, Corp.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-09-11 15:27 - 2013-09-11 15:27 - 03314472 _____ C:\windows\system32\FNTCACHE.DAT
2013-09-11 13:45 - 2013-09-11 13:47 - 00002293 _____ C:\Users\Craig\Desktop\JRT.txt
2013-09-11 13:42 - 2013-09-11 13:42 - 00000000 ____D C:\windows\ERUNT
2013-09-11 06:32 - 2013-08-16 01:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-09-11 06:32 - 2013-08-16 01:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-09-11 06:32 - 2013-08-16 01:39 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-09-11 06:32 - 2013-08-16 01:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-09-11 06:32 - 2013-08-16 01:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-09-11 06:32 - 2013-08-16 01:22 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-09-11 06:32 - 2013-08-16 01:21 - 03275776 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 01621504 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00174592 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-09-11 06:32 - 2013-08-16 01:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-09-11 06:32 - 2013-08-16 01:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-09-11 06:32 - 2013-08-15 18:43 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-09-11 06:32 - 2013-08-15 18:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-09-11 06:32 - 2013-08-15 18:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-09-11 06:32 - 2013-08-15 18:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-09-11 06:31 - 2013-08-21 00:12 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-11 06:31 - 2013-08-21 00:12 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-11 06:31 - 2013-08-21 00:11 - 19246592 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-09-11 06:31 - 2013-08-21 00:11 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-09-11 06:31 - 2013-08-20 22:34 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-09-11 06:31 - 2013-08-20 22:06 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-11 06:31 - 2013-08-20 22:06 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-11 06:31 - 2013-08-20 22:06 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 14332928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 02048000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-09-11 06:31 - 2013-08-20 22:05 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-09-11 06:31 - 2013-08-20 21:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-09-11 06:31 - 2013-08-20 19:52 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2013-09-11 06:31 - 2013-08-03 00:30 - 04038144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-09-11 06:31 - 2013-07-09 04:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2013-09-11 06:31 - 2013-07-09 02:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2013-09-11 06:31 - 2013-07-09 00:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2013-09-11 06:31 - 2013-07-08 23:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2013-09-11 06:31 - 2013-07-08 18:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2013-09-11 06:31 - 2013-07-08 18:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2013-09-11 06:31 - 2013-07-08 18:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2013-09-11 06:31 - 2013-07-08 18:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2013-09-11 06:31 - 2013-07-05 20:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2013-09-11 06:31 - 2013-07-02 20:23 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-09-11 06:31 - 2013-07-02 20:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 06:31 - 2013-07-02 20:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2013-09-11 06:31 - 2013-07-02 20:22 - 01300480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-09-11 06:31 - 2013-07-02 20:11 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-09-11 06:31 - 2013-07-02 20:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 06:31 - 2013-07-02 20:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2013-09-11 06:31 - 2013-07-01 18:08 - 00387583 _____ C:\windows\system32\ApnDatabase.xml
2013-09-11 06:31 - 2013-06-30 18:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2013-09-11 06:31 - 2013-06-30 18:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2013-09-11 06:31 - 2013-06-29 02:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-09-11 06:31 - 2013-06-29 02:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-09-11 06:31 - 2013-06-29 01:43 - 00327512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2013-09-11 06:31 - 2013-06-28 21:12 - 01022464 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-09-11 06:31 - 2013-06-25 23:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2013-09-11 06:31 - 2013-06-25 22:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2013-09-11 06:31 - 2013-06-24 18:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-09-11 06:31 - 2013-06-24 18:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2013-09-11 06:31 - 2013-06-24 18:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2013-09-11 06:31 - 2013-06-19 01:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2013-09-11 06:31 - 2013-06-19 01:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2013-09-11 06:31 - 2013-06-18 18:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2013-09-11 06:31 - 2013-06-18 18:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2013-09-11 06:31 - 2013-06-11 19:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2013-09-11 06:31 - 2013-06-11 19:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2013-09-11 06:31 - 2013-06-10 17:17 - 00096512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-09-11 06:31 - 2013-06-10 15:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-09-11 06:31 - 2013-06-10 15:15 - 01156096 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-09-11 06:31 - 2013-06-10 15:15 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-09-11 06:31 - 2013-06-10 15:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-09-11 06:31 - 2013-06-10 15:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-09-11 06:31 - 2013-06-10 15:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 06:31 - 2013-06-06 04:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2013-09-09 15:16 - 2013-09-09 15:16 - 00001456 _____ C:\Users\Craig\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-08-29 13:30 - 2013-09-11 15:30 - 00000000 ____D C:\AdwCleaner
2013-08-21 12:47 - 2013-08-21 12:47 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-08-21 12:47 - 2013-08-21 12:47 - 00000000 ____D C:\Users\Craig\AppData\Local\Windows Live
2013-08-15 12:06 - 2013-08-15 12:06 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-08-14 12:57 - 2013-08-14 12:57 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-14 12:55 - 2013-09-11 06:41 - 00000000 ____D C:\windows\system32\MRT
2013-08-14 12:54 - 2013-07-13 02:18 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2013-08-14 12:54 - 2013-07-13 02:16 - 01889280 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-08-14 12:54 - 2013-07-13 02:16 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2013-08-14 12:54 - 2013-07-13 02:15 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2013-08-14 12:54 - 2013-07-13 02:15 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2013-08-14 12:54 - 2013-07-13 00:24 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2013-08-14 12:54 - 2013-07-13 00:23 - 01568256 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-08-14 12:54 - 2013-07-13 00:23 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2013-08-14 12:54 - 2013-07-13 00:23 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2013-08-14 12:54 - 2013-07-09 02:07 - 02233168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-08-14 12:54 - 2013-07-01 20:44 - 00036288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys
2013-08-14 12:54 - 2013-07-01 18:08 - 00247216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys
2013-08-14 12:54 - 2013-05-23 19:02 - 01314816 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2013-08-14 12:54 - 2013-05-23 18:25 - 00694272 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2013-08-14 12:45 - 2013-08-14 12:45 - 00002199 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (5).lnk
2013-08-14 12:34 - 2013-08-14 12:34 - 00002199 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (4).lnk
2013-08-14 12:09 - 2013-08-14 12:09 - 00002199 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (3).lnk
2013-08-14 12:07 - 2013-08-14 12:07 - 00000000 ____D C:\windows\pss
2013-08-14 11:59 - 2013-08-14 11:59 - 00002225 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (2).lnk
2013-08-14 11:44 - 2013-08-14 11:44 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2013-08-14 11:44 - 2013-08-14 11:44 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-08-14 11:44 - 2013-08-14 11:44 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-08-14 11:44 - 2013-08-14 11:44 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-08-14 11:44 - 2013-08-14 11:44 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-08-14 11:44 - 2013-08-14 11:44 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-14 11:44 - 2013-08-14 11:44 - 00000000 ____D C:\Users\Craig\AppData\Roaming\SystemRequirementsLab
2013-08-14 11:44 - 2013-08-14 11:44 - 00000000 ____D C:\ProgramData\Sun
2013-08-14 11:44 - 2013-08-14 11:44 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-08-14 11:44 - 2013-08-14 11:44 - 00000000 ____D C:\Program Files (x86)\Java
 
==================== One Month Modified Files and Folders =======
 
2013-09-11 15:33 - 2013-04-29 18:10 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1048302789-1347166234-3868245150-1001
2013-09-11 15:32 - 2012-07-26 03:28 - 00878374 _____ C:\windows\system32\PerfStringBackup.INI
2013-09-11 15:30 - 2013-08-29 13:30 - 00000000 ____D C:\AdwCleaner
2013-09-11 15:28 - 2013-04-30 15:23 - 00000918 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-11 15:27 - 2013-09-11 15:27 - 03314472 _____ C:\windows\system32\FNTCACHE.DAT
2013-09-11 15:27 - 2012-07-26 03:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-09-11 15:26 - 2013-04-29 18:02 - 01123847 _____ C:\windows\WindowsUpdate.log
2013-09-11 15:26 - 2012-07-26 01:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-09-11 15:06 - 2013-07-31 12:48 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-09-11 15:00 - 2012-07-26 04:12 - 00000000 ____D C:\windows\system32\sru
2013-09-11 14:45 - 2013-04-30 15:23 - 00000922 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-11 13:47 - 2013-09-11 13:45 - 00002293 _____ C:\Users\Craig\Desktop\JRT.txt
2013-09-11 13:42 - 2013-09-11 13:42 - 00000000 ____D C:\windows\ERUNT
2013-09-11 13:09 - 2013-05-30 09:36 - 00000358 _____ C:\windows\Tasks\HPCeeScheduleForCraig.job
2013-09-11 13:06 - 2012-07-26 04:12 - 00000000 ____D C:\windows\WinStore
2013-09-11 13:06 - 2012-07-26 04:12 - 00000000 ____D C:\windows\PolicyDefinitions
2013-09-11 13:06 - 2012-07-26 01:38 - 00000000 ____D C:\windows\system32\oobe
2013-09-11 10:17 - 2012-07-26 04:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-09-11 06:41 - 2013-08-14 12:55 - 00000000 ____D C:\windows\system32\MRT
2013-09-11 06:40 - 2013-05-01 11:03 - 79143768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-09-11 06:30 - 2013-04-29 18:04 - 00003942 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{E658E959-2F31-44C9-B0E7-CCC1A0AF4FA7}
2013-09-10 13:14 - 2013-06-07 14:39 - 00000000 ____D C:\Users\Craig\AppData\Roaming\FileZilla
2013-09-10 13:06 - 2013-07-31 12:48 - 00003718 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-09-10 12:25 - 2013-06-07 17:28 - 00000132 _____ C:\Users\Craig\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-09-10 10:54 - 2012-05-31 09:36 - 00000000 ___RD C:\Users\Craig\Desktop\Ghost Tours
2013-09-09 15:16 - 2013-09-09 15:16 - 00001456 _____ C:\Users\Craig\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-09-09 15:16 - 2013-04-29 18:04 - 00000000 ____D C:\Users\Craig\AppData\Roaming\Adobe
2013-09-09 14:43 - 2010-03-11 14:29 - 00000000 ___RD C:\Users\Craig\Desktop\Event Talent Resources
2013-09-08 21:54 - 2013-05-30 09:36 - 00003172 _____ C:\windows\System32\Tasks\HPCeeScheduleForCraig
2013-09-08 21:54 - 2013-04-29 18:02 - 00000000 ____D C:\Users\Craig
2013-09-05 16:09 - 2013-05-18 08:16 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-09-05 16:09 - 2013-05-18 08:16 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-05 16:09 - 2008-03-21 10:06 - 00312832 __SHC C:\Users\Craig\Documents\Thumbs.db
2013-09-04 21:54 - 2013-05-23 09:27 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2013-09-04 21:53 - 2012-10-11 23:24 - 00000000 ____D C:\SWSETUP
2013-09-04 21:36 - 2013-05-23 09:27 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-09-04 21:35 - 2013-05-23 09:26 - 00000000 ____D C:\Users\Craig\AppData\Roaming\HP Support Assistant
2013-09-04 21:35 - 2013-05-10 10:21 - 00000000 ____D C:\Users\Craig\AppData\Roaming\HpUpdate
2013-09-03 08:51 - 2012-07-26 04:12 - 00000000 ____D C:\windows\system32\NDF
2013-08-28 12:02 - 2008-05-28 16:55 - 02387456 __SHC C:\Users\Craig\Desktop\Thumbs.db
2013-08-28 11:55 - 2010-08-18 10:08 - 00000000 ___RD C:\Users\Craig\Desktop\ISES
2013-08-21 12:47 - 2013-08-21 12:47 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-08-21 12:47 - 2013-08-21 12:47 - 00000000 ____D C:\Users\Craig\AppData\Local\Windows Live
2013-08-21 12:47 - 2012-07-26 03:21 - 00038033 _____ C:\windows\setupact.log
2013-08-21 12:16 - 2013-07-17 11:38 - 00000000 ____D C:\Users\Craig\AppData\Local\LogMeIn Rescue Applet
2013-08-21 00:12 - 2013-09-11 06:31 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-08-21 00:12 - 2013-09-11 06:31 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-08-21 00:11 - 2013-09-11 06:31 - 19246592 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-08-21 00:11 - 2013-09-11 06:31 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-08-20 22:34 - 2013-09-11 06:31 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-08-20 22:06 - 2013-09-11 06:31 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-08-20 22:06 - 2013-09-11 06:31 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-08-20 22:06 - 2013-09-11 06:31 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 14332928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 02048000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-08-20 22:05 - 2013-09-11 06:31 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-08-20 21:43 - 2013-09-11 06:31 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-08-20 19:52 - 2013-09-11 06:31 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2013-08-16 01:41 - 2013-09-11 06:32 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-08-16 01:39 - 2013-09-11 06:32 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-08-16 01:39 - 2013-09-11 06:32 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-08-16 01:32 - 2013-09-11 06:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-08-16 01:22 - 2013-09-11 06:32 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-08-16 01:22 - 2013-09-11 06:32 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-08-16 01:21 - 2013-09-11 06:32 - 03275776 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 01621504 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00174592 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-08-16 01:21 - 2013-09-11 06:32 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-08-16 01:20 - 2013-09-11 06:32 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-08-15 18:43 - 2013-09-11 06:32 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-08-15 18:43 - 2013-09-11 06:32 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-08-15 18:42 - 2013-09-11 06:32 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-08-15 18:42 - 2013-09-11 06:32 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-08-15 12:07 - 2013-05-01 15:15 - 00003118 _____ C:\windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2013-08-15 12:07 - 2013-05-01 15:15 - 00003092 _____ C:\windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2013-08-15 12:07 - 2013-05-01 15:15 - 00003090 _____ C:\windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2013-08-15 12:07 - 2013-05-01 15:15 - 00003062 _____ C:\windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2013-08-15 12:07 - 2013-05-01 15:15 - 00003060 _____ C:\windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2013-08-15 12:06 - 2013-08-15 12:06 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-08-14 18:22 - 2012-07-26 04:12 - 00000000 ____D C:\windows\rescache
2013-08-14 12:59 - 2012-07-26 04:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-14 12:59 - 2012-07-26 04:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-08-14 12:57 - 2013-08-14 12:57 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-14 12:57 - 2013-06-25 15:47 - 00001785 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-14 12:45 - 2013-08-14 12:45 - 00002199 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (5).lnk
2013-08-14 12:34 - 2013-08-14 12:34 - 00002199 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (4).lnk
2013-08-14 12:09 - 2013-08-14 12:09 - 00002199 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (3).lnk
2013-08-14 12:07 - 2013-08-14 12:07 - 00000000 ____D C:\windows\pss
2013-08-14 11:59 - 2013-08-14 11:59 - 00002225 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard (2).lnk
2013-08-14 11:44 - 2013-08-14 11:44 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2013-08-14 11:44 - 2013-08-14 11:44 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-08-14 11:44 - 2013-08-14 11:44 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-08-14 11:44 - 2013-08-14 11:44 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-08-14 11:44 - 2013-08-14 11:44 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-08-14 11:44 - 2013-08-14 11:44 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-14 11:44 - 2013-08-14 11:44 - 00000000 ____D C:\Users\Craig\AppData\Roaming\SystemRequirementsLab
2013-08-14 11:44 - 2013-08-14 11:44 - 00000000 ____D C:\ProgramData\Sun
2013-08-14 11:44 - 2013-08-14 11:44 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-08-14 11:44 - 2013-08-14 11:44 - 00000000 ____D C:\Program Files (x86)\Java
 
Files to move or delete:
====================
C:\Users\Craig\AppData\Local\Temp\Extract.exe
C:\Users\Craig\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Craig\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Craig\AppData\Local\Temp\sonarinst.exe
C:\Users\Craig\AppData\Local\Temp\SP58983.exe
C:\Users\Craig\AppData\Local\Temp\SP59485.exe
C:\Users\Craig\AppData\Local\Temp\SP61596.exe
C:\Users\Craig\AppData\Local\Temp\SP61667.exe
C:\Users\Craig\AppData\Local\Temp\SP61673.exe
C:\Users\Craig\AppData\Local\Temp\SP62107.exe
C:\Users\Craig\AppData\Local\Temp\SP62186.exe
C:\Users\Craig\AppData\Local\Temp\SP62231.exe
C:\Users\Craig\AppData\Local\Temp\SP62764.exe
C:\Users\Craig\AppData\Local\Temp\uninstaller.exe
C:\Users\Craig\AppData\Local\Temp\WSSetup.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-09-10 03:00
 
==================== End Of Log ============================
 
 
 
 
 
Additional Log:
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2013 01
Ran by Craig at 2013-09-11 15:33:58
Running from C:\Users\Craig\Desktop\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
4 Elements II (x32 Version: 2.2.0.98)
Adobe Acrobat  8 Standard - English, Français, Deutsch (x32 Version: 8.3.1)
Adobe Acrobat 8.3.1 - CPSID_83708 (x32)
Adobe Acrobat 8.3.1 Standard (x32 Version: 8.3.1)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (x32 Version: 8.1.2)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Photoshop Elements 11 (x32 Version: 11.0)
Adobe Premiere Elements 11 (Version: 11.0)
Amazon Unbox Video (x32 Version: 2.2.0.153)
AMD Accelerated Video Transcoding (Version: 12.5.100.21114)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
Any Video Converter 5.0.5 (x32)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Battlelog Web Plugins (x32 Version: 2.1.4)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.1114.401.6988)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1114.401.6988)
Catalyst Control Center InstallProxy (x32 Version: 2012.1114.401.6988)
Catalyst Control Center Localization All (x32 Version: 2012.1114.401.6988)
Catalyst Control Center Profiles Desktop (x32 Version: 2012.1114.401.6988)
CCC Help Chinese Standard (x32 Version: 2012.1114.0400.6988)
CCC Help Chinese Traditional (x32 Version: 2012.1114.0400.6988)
CCC Help Czech (x32 Version: 2012.1114.0400.6988)
CCC Help Danish (x32 Version: 2012.1114.0400.6988)
CCC Help Dutch (x32 Version: 2012.1114.0400.6988)
CCC Help English (x32 Version: 2012.1114.0400.6988)
CCC Help Finnish (x32 Version: 2012.1114.0400.6988)
CCC Help French (x32 Version: 2012.1114.0400.6988)
CCC Help German (x32 Version: 2012.1114.0400.6988)
CCC Help Greek (x32 Version: 2012.1114.0400.6988)
CCC Help Hungarian (x32 Version: 2012.1114.0400.6988)
CCC Help Italian (x32 Version: 2012.1114.0400.6988)
CCC Help Japanese (x32 Version: 2012.1114.0400.6988)
CCC Help Korean (x32 Version: 2012.1114.0400.6988)
CCC Help Norwegian (x32 Version: 2012.1114.0400.6988)
CCC Help Polish (x32 Version: 2012.1114.0400.6988)
CCC Help Portuguese (x32 Version: 2012.1114.0400.6988)
CCC Help Russian (x32 Version: 2012.1114.0400.6988)
CCC Help Spanish (x32 Version: 2012.1114.0400.6988)
CCC Help Swedish (x32 Version: 2012.1114.0400.6988)
CCC Help Thai (x32 Version: 2012.1114.0400.6988)
CCC Help Turkish (x32 Version: 2012.1114.0400.6988)
ccc-utility64 (Version: 2012.1114.401.6988)
Citrix Online Launcher (x32 Version: 1.0.109)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98)
Cradle of Rome 2 (x32 Version: 2.2.0.98)
CyberLink LabelPrint (x32 Version: 2.5.2.5630)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2126)
CyberLink PowerDVD (x32 Version: 10.0.7.4605)
D3DX10 (x32 Version: 15.4.2368.0902)
eFax Messenger (x32 Version: 4.4.2.533)
Elements 11 Organizer (x32 Version: 11.0)
ESN Sonar (x32 Version: 0.70.4)
Farm Frenzy (x32 Version: 2.2.0.98)
FATE: The Cursed King (x32 Version: 2.2.0.97)
FileZilla Client 3.7.2 (x32 Version: 3.7.2)
Final Drive Fury (x32 Version: 2.2.0.95)
Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32)
Google Chrome (x32 Version: 29.0.1547.66)
Google Update Helper (x32 Version: 1.3.21.153)
GoToMeeting 5.4.0.1082 (HKCU Version: 5.4.0.1082)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98)
Hoyle Card Games (x32 Version: 2.2.0.95)
HP Connected Music (Meridian - installer) (x32 Version: v1.0)
HP Connected Remote (x32 Version: 1.0.1218)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Games (x32 Version: 1.0.3.0)
HP MyRoom (x32 Version: 9.0.0.0)
HP Officejet 6600 Basic Device Software (Version: 28.0.1315.0)
HP Officejet 6600 Help (x32 Version: 140.0.2.2)
HP Officejet 6600 Product Improvement Study (Version: 28.0.1315.0)
HP Postscript Converter (Version: 3.1.3591)
HP Quick Start (x32 Version: 1.0.4660.30220)
HP Registration Service (Version: 1.1.6232.4245)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Support Information (x32 Version: 12.00.0000)
HP Update (x32 Version: 5.003.003.001)
HydraVision (x32 Version: 4.2.236.0)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
IDT Audio (x32 Version: 1.0.6457.0)
Intel® Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Rapid Storage Technology (Version: 12.6.0.1033)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iTunes (Version: 11.0.4.4)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Luxor Evolved (x32 Version: 2.2.0.98)
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0)
Microsoft Office Standard Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98)
Movie Maker (x32 Version: 16.4.3503.0728)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98)
Peggle Nights (x32 Version: 2.2.0.98)
Penguins! (x32 Version: 2.2.0.98)
Photo Common (x32 Version: 16.4.3503.0728)
Photo Gallery (x32 Version: 16.4.3503.0728)
Polar Bowler (x32 Version: 2.2.0.97)
Polar Golfer (x32 Version: 2.2.0.98)
PRE11 STI 64Installer (x32 Version: 11.0)
PSE11 STI Installer (x32 Version: 11.0)
QuickTime (x32 Version: 7.74.80.86)
Ralink Bluetooth Stack64 (Version: 11.0.737.10)
Ralink RT3290 802.11bgn Wi-Fi Adapter (x32 Version: 5.0.5.0)
Recovery Manager (x32 Version: 5.5.0.5826)
Roads of Rome 3 (x32 Version: 2.2.0.98)
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32)
System Requirements Lab for Intel (x32 Version: 4.5.15.0)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update Installer for WildTangent Games App (x32)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.7)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728)
Windows Live Essentials (x32 Version: 16.4.3503.0728)
Windows Live Installer (x32 Version: 16.4.3503.0728)
Windows Live Photo Common (x32 Version: 16.4.3503.0728)
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)
Windows Live SOXE (x32 Version: 16.4.3503.0728)
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)
Windows Live UX Platform (x32 Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)
Youda Jewel Shop (x32 Version: 3.0.2.32)
Zuma's Revenge (x32 Version: 2.2.0.98)
 
==================== Restore Points  =========================
 
23-08-2013 07:01:45 Scheduled Checkpoint
29-08-2013 14:56:57 HPSF Applying updates
29-08-2013 14:57:05 HPSF Applying updates
05-09-2013 01:51:46 HPSF Applying updates
05-09-2013 01:51:54 HPSF Applying updates
11-09-2013 10:39:45 Windows Update
 
==================== Hosts content: ==========================
 
2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-04] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A4E58E-2D3F-4082-8D33-5F15DC652C56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2013-08-16] (Microsoft Corporation)
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {32ADEB55-153F-45E8-8448-130D4BD06F92} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3958A3C1-9473-422F-B774-616831320F60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-01] (Microsoft Corporation)
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3F8D3FB2-BB21-4890-B6D4-D07758954A6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)
Task: {4071F81E-9AE8-44F2-BAEE-7AE0FDA4C34A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {44BA17BF-AC47-4153-8F15-5E7F0F6EC260} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv
Task: {454E4A7C-5692-44BA-BA26-823175A4E6B1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10] (Adobe Systems Incorporated)
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4A2F2311-322E-42C6-9FDD-CE3AE674EE14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5D07E879-A9B2-4A87-94C5-A8CFD6B434A6} - System32\Tasks\HPCeeScheduleForCraig => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {5D64EDAB-A52E-4B07-8042-822750382ABF} - System32\Tasks\User_Feed_Synchronization-{E658E959-2F31-44C9-B0E7-CCC1A0AF4FA7} => C:\windows\system32\msfeedssync.exe [2012-07-25] (Microsoft Corporation)
Task: {5E175B98-A1EB-4490-9BE6-227A741252CE} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1048302789-1347166234-3868245150-1001
Task: {61358AB3-C845-428B-941B-2B9D93E9048D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation)
Task: {6DC559B9-70B0-4BCF-8542-C782DDD63AB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-10-11] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {735A3F7D-DB3E-4AA1-90DF-FA6AF03BA891} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {78BF1614-E263-43BE-A02B-38AFE989435A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-01] (Microsoft Corporation)
Task: {795B10F3-2FD9-4756-B1E5-8D12840BCC39} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {8203C237-320B-4167-B3B0-344952AC69F4} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {8F5CD1D7-B11A-4C8C-9FFF-E7374CE28DA6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {931CBE9A-2386-40FE-A418-BE0DE49AB8AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2013-07-01] (Microsoft Corporation)
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94B946FD-112E-4DE9-A0F0-C54F1BEF1257} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-30] (Google Inc.)
Task: {94BEA6EA-387E-4379-848C-7CD34D2DC388} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9D501FA6-76A5-4B78-BAAD-C1DA494EE4B3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {A0D88FB2-51F3-478C-BDE2-3984D8369F36} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {A12A137A-C748-4024-8A5A-A3E540D0A5D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2013-08-16] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B641EF36-9578-4E40-BCD5-BABBD42D2A15} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B906B2A1-12DA-43FD-99E5-6269D53EF47E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C33074DE-7765-438A-8044-7E6202BF1DF9} - System32\Tasks\AdobeAAMUpdater-1.0-Time-Machine-Craig => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {C3A1396D-F9D6-4831-A35D-A449695BB654} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-25] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E2A650CC-A01F-4E6C-B80A-4E49356A07C0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E56D3484-E245-44F4-8B95-51FAF97C3164} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-30] (Google Inc.)
Task: {E87B75CB-53D2-4D58-9B23-AB8D6D690416} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-10-11] (Microsoft Corporation)
Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-25] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {F436F174-6D53-4770-876F-A7A31A0098C8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForCraig.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-20 17:24 - 2013-04-20 17:24 - 00023456 _____ (Hewlett-Packard) C:\windows\assembly\GAC_MSIL\HPSeekerModule\1.0.1218.0__91e5a4b21af71fa1\HPSeekerModule.dll
2013-04-20 17:24 - 2013-04-20 17:24 - 00030112 _____ (Hewlett-Packard) C:\windows\assembly\GAC_MSIL\HPConnectedRemoteAddIn\1.0.1218.0__91e5a4b21af71fa1\HPConnectedRemoteAddIn.dll
2012-10-12 20:22 - 2012-10-12 20:22 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2013-04-29 18:04 - 2013-04-29 18:04 - 00043424 _____ (Hewlett-Packard) C:\Users\Craig\AppData\Local\assembly\dl3\B2XMMT5G.1XA\DZKE7PLD.O5K\c8f8de94\003119c4_d8a8cd01\HPSeeker.DLL
2013-04-29 18:04 - 2013-04-29 18:04 - 00075680 _____ (Hewlett-Packard) C:\Users\Craig\AppData\Local\assembly\dl3\B2XMMT5G.1XA\DZKE7PLD.O5K\4ed6c5b6\003119c4_d8a8cd01\HPSwitchBoard.DLL
2013-04-29 18:04 - 2013-04-29 18:04 - 00120224 _____ () C:\Users\Craig\AppData\Local\assembly\dl3\B2XMMT5G.1XA\DZKE7PLD.O5K\a1b8a3d8\008b7bc6_d8a8cd01\HPItunesModule.DLL
2012-10-12 20:22 - 2012-10-12 20:22 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2013-04-29 18:04 - 2013-04-29 18:04 - 00069024 _____ (Hewlett-Packard) C:\Users\Craig\AppData\Local\assembly\dl3\B2XMMT5G.1XA\DZKE7PLD.O5K\92167bd9\005e4ac5_d8a8cd01\HPWMCModule.DLL
2013-04-29 18:04 - 2013-04-29 18:04 - 00062368 _____ (Hewlett-Packard) C:\Users\Craig\AppData\Local\assembly\dl3\B2XMMT5G.1XA\DZKE7PLD.O5K\c73b21f1\003119c4_d8a8cd01\HPWMPModule.DLL
2012-10-12 20:22 - 2012-10-12 20:22 - 00026016 _____ (michaelnoonan) c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\WindowsInput.dll
2012-10-12 20:22 - 2012-10-12 20:22 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-04-20 17:25 - 2012-06-07 23:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
 
==================== Alternate Data Streams (whitelisted) ==========
 
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/11/2013 01:10:35 PM) (Source: ESENT) (User: )
Description: taskhostex (3708) An attempt to open the file "C:\Users\Craig\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (09/11/2013 06:32:12 AM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 29.0.1547.66 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1894
 
Start Time: 01cead794a9fd1cc
 
Termination Time: 27
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 66470060-1acd-11e3-be91-9c2a702dff52
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (09/10/2013 03:02:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
Error: (09/10/2013 03:02:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
Error: (09/09/2013 00:30:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_wcncsvc, version: 6.2.9200.16420, time stamp: 0x505a9a4e
Faulting module name: ntdll.dll, version: 6.2.9200.16579, time stamp: 0x51637f77
Exception code: 0xc0000005
Fault offset: 0x000000000005ab00
Faulting process id: 0xb74
Faulting application start time: 0xsvchost.exe_wcncsvc0
Faulting application path: svchost.exe_wcncsvc1
Faulting module path: svchost.exe_wcncsvc2
Report Id: svchost.exe_wcncsvc3
Faulting package full name: svchost.exe_wcncsvc4
Faulting package-relative application ID: svchost.exe_wcncsvc5
 
Error: (09/08/2013 07:13:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
Error: (09/07/2013 03:01:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
Error: (09/07/2013 03:01:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
Error: (09/05/2013 03:01:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
Error: (09/04/2013 03:01:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
 
 
System errors:
=============
Error: (09/09/2013 00:30:44 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the SSDP Discovery service, but this action failed with the following error: 
%%1056
 
Error: (09/09/2013 00:30:44 PM) (Source: Service Control Manager) (User: )
Description: The Windows Connect Now - Config Registrar service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (09/09/2013 00:30:44 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
Error: (09/09/2013 00:30:44 PM) (Source: Service Control Manager) (User: )
Description: The Time Broker service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (09/09/2013 00:30:44 PM) (Source: Service Control Manager) (User: )
Description: The SSDP Discovery service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
Error: (09/09/2013 00:30:44 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (08/28/2013 11:31:13 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the SSDP Discovery service, but this action failed with the following error: 
%%1056
 
Error: (08/28/2013 11:31:13 AM) (Source: Service Control Manager) (User: )
Description: The Windows Connect Now - Config Registrar service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (08/28/2013 11:31:13 AM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
Error: (08/28/2013 11:31:13 AM) (Source: Service Control Manager) (User: )
Description: The Time Broker service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (09/11/2013 01:10:35 PM) (Source: ESENT)(User: )
Description: taskhostex3708C:\Users\Craig\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
 
Error: (09/11/2013 06:32:12 AM) (Source: Application Hang)(User: )
Description: chrome.exe29.0.1547.66189401cead794a9fd1cc27C:\Program Files (x86)\Google\Chrome\Application\chrome.exe66470060-1acd-11e3-be91-9c2a702dff52
 
Error: (09/10/2013 03:02:32 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe
 
Error: (09/10/2013 03:02:13 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe
 
Error: (09/09/2013 00:30:43 PM) (Source: Application Error)(User: )
Description: svchost.exe_wcncsvc6.2.9200.16420505a9a4entdll.dll6.2.9200.1657951637f77c0000005000000000005ab00b7401cea8a2b67c6a83C:\windows\system32\svchost.exeC:\windows\SYSTEM32\ntdll.dll2b826b93-196d-11e3-be91-9c2a702dff52
 
Error: (09/08/2013 07:13:19 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe
 
Error: (09/07/2013 03:01:44 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe
 
Error: (09/07/2013 03:01:28 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe
 
Error: (09/05/2013 03:01:51 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe
 
Error: (09/04/2013 03:01:39 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestc:\program files (x86)\ralink corporation\ralink bluetooth stack\BsSMSEditor.exe
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 20%
Total physical RAM: 7635.53 MB
Available physical RAM: 6054.3 MB
Total Pagefile: 8035.53 MB
Available Pagefile: 6390.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:911.59 GB) (Free:704.3 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:18.45 GB) (Free:2.31 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive i: (Jul 04 2013) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF
Drive j: (Elements) (Fixed) (Total:465.76 GB) (Free:376.67 GB) NTFS
Drive k: (My Book) (Fixed) (Total:149.01 GB) (Free:99.27 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 1491AE0E)
 
Partition: GPT Partition Type
========================================================
Disk: 5 (Size: 149 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=149 GB) - (Type=0C)
 
========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 0012FD0B)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.09.11.07

 

Windows 8 x64 NTFS

Internet Explorer 10.0.9200.16688

Craig :: TIME-MACHINE [administrator]

 

Protection: Enabled

 

9/11/2013 3:47:15 PM

mbam-log-2013-09-11 (15-47-15).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 244586

Time elapsed: 2 minute(s), 40 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

Link to post
Share on other sites

Looks OK, I suggest you clean out your temp files.
I like to use CCleaner:

Download, install and run CCleaner free to clean out temp files.
Here's a Tutorial if needed.
You may want to uncheck "cookies" and please stay away from the registry cleaner.

------------------------

Also...tweak your host file with Hosts Anti-PUP/Adware
Just open up AdwCleaner > Tools > Hosts Anti-PUP/Adware
That will download it for you.

Take a look at My Preventive Maintenance to avoid being infected again.

 

Any questions..please post back

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.