Jump to content

Conduit Malware


Recommended Posts

Hi guys,

 

I just posted on here the other day about a Maware that I got from Utorrent and now I got one from downloading a F%#$#%$# PDF to Word converter from CNET. I had no idea CNET had Malware. I will never go there again. It automatically makes my search engine go to their website now. I ran a Malware bytes scan and had 1,200 infections found. Please help!

Link to post
Share on other sites

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes and use the default font)

P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, Adobe host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16688

Run by Michael at 16:44:15 on 2013-09-19

Microsoft Windows 8 Pro  6.2.9200.0.1252.1.1033.18.8094.5287 [GMT -7:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\dwm.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\WLANExt.exe

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Conexant\SA3\CxUtilSvc.exe

C:\WINDOWS\system32\dashost.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

c:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\WINDOWS\system32\taskhostex.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Elantech\ETDGesture.exe

C:\Program Files\Conexant\SA3\SmartAudio3.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\PDF24\pdf24.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe

C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe

C:\WINDOWS\system32\dmwu.exe

C:\Windows\SysWOW64\jmdp\stij.exe

C:\Users\Michael\AppData\Local\Smartbar\Application\QuickShare.exe

C:\WINDOWS\SysWOW64\rundll32.exe

C:\Users\Michael\AppData\Local\FilesFrog Update Checker\update_checker.exe

C:\Program Files (x86)\lucky leap\updateluckyleap.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\TechSmith\Jing\Jing.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - 

BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll

TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} - 

uRun: [Power8] C:\Users\Michael\Downloads\Power8.exe

uRun: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe

uRun: [Facebook Update] "C:\Users\Michael\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [1987D95A86FCFAF5B82FFA7E9B4B7814763EFF83._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

uRun: [ConduitFloatingPlugin_banjjklfojcdbofbhbgiedekefohoaff] "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3310511\plugins\TBVerifier.dll",RunConduitFloatingPlugin banjjklfojcdbofbhbgiedekefohoaff

uRun: [sDP] C:\Users\Michael\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto 

uRunOnce: [spUninstallDeleteDir] rmdir /s /q "C:\Users\Michael\AppData\Roaming\SearchProtect"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe

mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"

mRunOnce: [spUninstallCleanUp] REG delete HKEY_CURRENT_USER\Software\SearchProtect /f

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NEXDEF~1.LNK - C:\Users\Michael\AppData\Local\Autobahn\nexdef.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1

TCP: Interfaces\{4843B15B-B0B4-4E53-B197-7EAD11726588} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{7DDC3FAB-8FC5-46CF-8562-5A3861F4EF19} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1

TCP: Interfaces\{7DDC3FAB-8FC5-46CF-8562-5A3861F4EF19}\2496C6C6027596024786560235369656E63656026496D27657563747 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.33.1

TCP: Interfaces\{7DDC3FAB-8FC5-46CF-8562-5A3861F4EF19}\24F6F67623031313 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{7DDC3FAB-8FC5-46CF-8562-5A3861F4EF19}\348696361676F60234572637 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1

TCP: Interfaces\{7DDC3FAB-8FC5-46CF-8562-5A3861F4EF19}\34F4E444F4 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{7DDC3FAB-8FC5-46CF-8562-5A3861F4EF19}\34F6E646F6 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{7DDC3FAB-8FC5-46CF-8562-5A3861F4EF19}\7427561647458696E6B637 : DHCPNameServer = 192.168.1.2

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 

x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - 

x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} - 

x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe

x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s

x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet

x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>

x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\


FF - prefs.js: browser.search.selectedEngine - SweetPacks Customized Web Search



FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Michael\AppData\Local\Citrix\Plugins\94\npappdetector.dll

FF - plugin: C:\Users\Michael\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - ExtSQL: 2013-07-25 09:13; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF - ExtSQL: 2013-07-25 20:10; wecarereminder@bryan; C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\extensions\wecarereminder@bryan

FF - ExtSQL: 2013-09-11 20:06; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\Drivers\aswRvrt.sys [2013-3-29 65336]

R0 aswVmm;aswVmm;C:\WINDOWS\System32\Drivers\aswVmm.sys [2013-3-29 204880]

R1 aswKbd;aswKbd;C:\WINDOWS\System32\Drivers\aswKbd.sys [2013-4-23 22600]

R1 aswSnx;aswSnx;C:\WINDOWS\System32\Drivers\aswSnx.sys [2013-3-29 1030952]

R1 aswSP;aswSP;C:\WINDOWS\System32\Drivers\aswSP.sys [2013-3-29 378944]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\System32\Drivers\aswFsBlk.sys [2013-3-29 33400]

R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\Drivers\aswMonFlt.sys [2013-3-29 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-13 46808]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952]

R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-7-6 109184]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-6 13592]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]

R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-7-6 1695040]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]

R2 TurboB;Turbo Boost UI Monitor driver;C:\WINDOWS\System32\Drivers\TurboB.sys [2010-11-29 16120]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-6 363800]

R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [2013-9-19 1616048]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\WINDOWS\System32\Drivers\CtClsFlt.sys [2012-7-6 176096]

R3 ETD;Dell Touchpad;C:\WINDOWS\System32\Drivers\ETD.sys [2012-7-6 201008]

R3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\Drivers\IntcDAud.sys [2012-7-6 331264]

R3 RTL8167;Realtek 8167 NT Driver;C:\WINDOWS\System32\Drivers\Rt64win7.sys [2012-7-6 646248]

RUnknown IBUpdaterService;IBUpdaterService; [x]

RUnknown Update lucky leap;Update lucky leap; [x]

S2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-9-18 38440]

S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-9 166912]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]

S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-3-29 2669840]

S3 btmhsf;btmhsf;C:\WINDOWS\System32\Drivers\btmhsf.sys [2012-2-13 747008]

S3 ibtfltcoex;ibtfltcoex;C:\WINDOWS\System32\Drivers\iBtFltCoex.sys [2012-3-21 60928]

S3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\WINDOWS\System32\Drivers\iusb3hub.sys [2012-7-6 356120]

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\WINDOWS\System32\Drivers\iusb3xhc.sys [2012-7-6 787736]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-3-29 273168]

S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2012-7-6 313448]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-09-19 21:23:35 -------- d-----w- C:\Program Files\CCleaner

2013-09-19 20:07:32 -------- d-----w- C:\Program Files (x86)\lucky leap

2013-09-19 20:07:11 -------- d-----w- C:\Program Files (x86)\Free PDF Solutions

2013-09-19 20:06:57 -------- d-----w- C:\Users\Michael\AppData\Local\Conduit

2013-09-19 20:06:57 -------- d-----w- C:\ProgramData\Conduit

2013-09-19 20:06:57 -------- d-----w- C:\Program Files (x86)\SweetPacks

2013-09-19 20:06:40 -------- d-----w- C:\Users\Michael\AppData\Local\FilesFrog Update Checker

2013-09-19 20:06:33 -------- d-----w- C:\Users\Michael\AppData\Local\CRE

2013-09-19 20:06:33 -------- d-----w- C:\Program Files (x86)\Conduit

2013-09-19 20:06:10 -------- d-----w- C:\Users\Michael\AppData\Local\Smartbar

2013-09-15 16:00:39 -------- d-----w- C:\_OTL

2013-09-15 15:15:04 -------- d-----w- C:\WINDOWS\ERUNT

2013-09-15 05:17:29 -------- d-----w- C:\Users\Michael\AppData\Roaming\Malwarebytes

2013-09-15 05:17:15 -------- d-----w- C:\ProgramData\Malwarebytes

2013-09-15 05:17:13 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2013-09-15 05:17:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-09-15 04:59:20 -------- d-----w- C:\AdwCleaner

2013-09-15 04:49:55 -------- d--h--w- C:\$SysReset

2013-09-15 04:39:35 81920 ----a-w- C:\WINDOWS\eSellerateControl350.dll

2013-09-15 04:39:35 356352 ----a-w- C:\WINDOWS\eSellerateEngine.dll

2013-09-15 04:39:35 274432 ----a-w- C:\WINDOWS\SysWow64\ssleay32.dll

2013-09-15 04:39:35 1122304 ----a-w- C:\WINDOWS\SysWow64\libeay32.dll

2013-09-15 04:39:35 -------- d-----w- C:\Program Files (x86)\Spigot Removal Tool

2013-09-15 04:30:57 78296 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2013-09-15 04:30:56 694232 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2013-09-14 01:35:33 265392 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin

2013-09-12 17:51:13 144896 ----a-w- C:\WINDOWS\System32\tssdisai.dll

2013-09-12 03:10:29 -------- d-----w- C:\Users\Michael\dwhelper

2013-09-11 00:21:59 723968 ----a-w- C:\WINDOWS\System32\BFE.DLL

.

==================== Find3M  ====================

.

2013-09-19 20:05:35 45856 ----a-w- C:\WINDOWS\System32\drivers\avgtpx64.sys

2013-08-30 07:48:10 72016 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys

2013-08-30 07:48:10 65336 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys

2013-08-30 07:48:10 204880 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys

2013-08-30 07:48:10 1030952 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys

2013-08-30 07:48:09 80816 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys

2013-08-30 07:47:40 41664 ----a-w- C:\WINDOWS\avastSS.scr

2013-08-21 04:12:06 2241024 ----a-w- C:\WINDOWS\System32\wininet.dll

2013-08-21 04:11:59 915968 ----a-w- C:\WINDOWS\System32\uxtheme.dll

2013-08-21 04:11:59 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll

2013-08-21 04:11:07 3959296 ----a-w- C:\WINDOWS\System32\jscript9.dll

2013-08-21 04:11:04 67072 ----a-w- C:\WINDOWS\System32\iesetup.dll

2013-08-21 04:11:04 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll

2013-08-21 02:34:51 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb

2013-08-21 02:06:11 1767936 ----a-w- C:\WINDOWS\SysWow64\wininet.dll

2013-08-21 02:06:06 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll

2013-08-21 02:05:28 2876928 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll

2013-08-21 02:05:25 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll

2013-08-21 02:05:25 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll

2013-08-21 01:43:54 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb

2013-08-20 23:52:56 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll

2013-08-16 05:41:13 58200 ----a-w- C:\WINDOWS\System32\drivers\dam.sys

2013-08-16 05:39:26 2371728 ----a-w- C:\WINDOWS\System32\WSService.dll

2013-08-16 05:32:48 209200 ----a-w- C:\WINDOWS\System32\NotificationUI.exe

2013-08-16 05:22:22 40448 ----a-w- C:\WINDOWS\System32\wuapp.exe

2013-08-16 05:22:11 4917760 ----a-w- C:\WINDOWS\System32\sppsvc.exe

2013-08-16 05:20:30 105984 ----a-w- C:\WINDOWS\System32\WinSetupUI.dll

2013-08-15 22:43:21 35328 ----a-w- C:\WINDOWS\SysWow64\wuapp.exe

2013-08-15 22:43:07 84992 ----a-w- C:\WINDOWS\SysWow64\wudriver.dll

2013-08-15 22:43:07 126976 ----a-w- C:\WINDOWS\SysWow64\wuwebv.dll

2013-08-15 22:43:03 562688 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll

2013-08-15 22:43:03 159232 ----a-w- C:\WINDOWS\SysWow64\WSSync.dll

2013-08-15 22:43:02 83968 ----a-w- C:\WINDOWS\SysWow64\OEMLicense.dll

2013-08-15 22:43:02 167424 ----a-w- C:\WINDOWS\SysWow64\WSClient.dll

2013-08-15 22:43:02 143872 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll

2013-08-15 22:43:02 124928 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-08-15 22:42:52 76800 ----a-w- C:\WINDOWS\SysWow64\setupcln.dll

2013-08-15 22:42:47 91648 ----a-w- C:\WINDOWS\SysWow64\sppc.dll

2013-08-03 04:30:14 4038144 ----a-w- C:\WINDOWS\System32\win32k.sys

2013-07-17 16:20:14 1648432 ----a-w- C:\WINDOWS\System32\dmwu.exe

2013-07-17 16:17:30 33792 ----a-w- C:\WINDOWS\System32\ImHttpComm.dll

2013-07-13 06:18:21 337408 ----a-w- C:\WINDOWS\System32\wintrust.dll

2013-07-13 06:16:06 68096 ----a-w- C:\WINDOWS\System32\cryptsvc.dll

2013-07-13 06:16:06 1889280 ----a-w- C:\WINDOWS\System32\crypt32.dll

2013-07-13 06:15:53 98304 ----a-w- C:\WINDOWS\System32\apprepsync.dll

2013-07-13 06:15:53 124416 ----a-w- C:\WINDOWS\System32\apprepapi.dll

2013-07-13 04:24:58 261120 ----a-w- C:\WINDOWS\SysWow64\wintrust.dll

2013-07-13 04:23:11 1568256 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll

2013-07-13 04:23:03 87040 ----a-w- C:\WINDOWS\SysWow64\apprepapi.dll

2013-07-13 04:23:03 74240 ----a-w- C:\WINDOWS\SysWow64\apprepsync.dll

2013-07-09 08:04:07 120144 ----a-w- C:\WINDOWS\System32\drivers\msgpioclx.sys

2013-07-09 06:18:21 439488 ----a-w- C:\WINDOWS\System32\WerFault.exe

2013-07-09 06:07:17 2233168 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys

2013-07-09 04:25:45 385768 ----a-w- C:\WINDOWS\SysWow64\WerFault.exe

2013-07-09 03:57:19 245760 ----a-w- C:\WINDOWS\SysWow64\LocationApi.dll

2013-07-08 22:46:00 543744 ----a-w- C:\WINDOWS\System32\wwanmm.dll

2013-07-08 22:46:00 414208 ----a-w- C:\WINDOWS\System32\wwanconn.dll

2013-07-08 22:46:00 370688 ----a-w- C:\WINDOWS\System32\Wwanadvui.dll

2013-07-08 22:45:16 312832 ----a-w- C:\WINDOWS\System32\LocationApi.dll

2013-07-06 00:16:17 1025024 ----a-w- C:\WINDOWS\System32\localspl.dll

2013-07-03 00:23:43 391168 ----a-w- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll

2013-07-03 00:23:12 778752 ----a-w- C:\WINDOWS\System32\oleaut32.dll

2013-07-03 00:22:26 1300480 ----a-w- C:\WINDOWS\System32\gdi32.dll

2013-07-03 00:11:23 268800 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll

2013-07-03 00:11:02 551424 ----a-w- C:\WINDOWS\SysWow64\oleaut32.dll

2013-07-02 00:44:14 36288 ----a-w- C:\WINDOWS\System32\drivers\WdBoot.sys

2013-07-01 22:08:49 247216 ----a-w- C:\WINDOWS\System32\drivers\WdFilter.sys

2013-06-30 22:30:14 67072 ----a-w- C:\WINDOWS\SysWow64\openfiles.exe

2013-06-30 22:29:22 77312 ----a-w- C:\WINDOWS\System32\openfiles.exe

2013-06-29 06:15:54 195416 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys

2013-06-29 06:15:47 125784 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys

2013-06-29 05:43:16 327512 ----a-w- C:\WINDOWS\System32\drivers\Classpnp.sys

2013-06-29 01:12:01 1022464 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll

2013-06-26 03:01:38 321536 ----a-w- C:\WINDOWS\System32\drivers\udfs.sys

2013-06-24 22:54:52 447488 ----a-w- C:\WINDOWS\System32\wwansvc.dll

2013-06-24 22:54:45 74240 ----a-w- C:\WINDOWS\System32\wcmcsp.dll

2013-06-24 22:54:45 263680 ----a-w- C:\WINDOWS\System32\wcmsvc.dll

2011-12-20 23:32:52 81608 --sha-w- C:\WINDOWS\Panther\Rollback\Boot\Info.exe

.

============= FINISH: 16:45:14.39 ===============
Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8 Pro

Boot Device: \Device\HarddiskVolume2

Install Date: 10/26/2012 11:36:05 AM

System Uptime: 9/19/2013 11:47:54 AM (5 hours ago)

.

Motherboard: Dell Inc. |  | 04G65K

Processor: Intel® Core i5-3210M CPU @ 2.50GHz | U3E1 | 1200/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 918 GiB total, 827.798 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: WAN Miniport (IP)

Device ID: ROOT\MS_NDISWANIP\0000

Manufacturer: Microsoft

Name: WAN Miniport (IP)

PNP Device ID: ROOT\MS_NDISWANIP\0000

Service: NdisWan

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: WAN Miniport (IPv6)

Device ID: ROOT\MS_NDISWANIPV6\0000

Manufacturer: Microsoft

Name: WAN Miniport (IPv6)

PNP Device ID: ROOT\MS_NDISWANIPV6\0000

Service: NdisWan

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: WAN Miniport (Network Monitor)

Device ID: ROOT\MS_NDISWANBH\0000

Manufacturer: Microsoft

Name: WAN Miniport (Network Monitor)

PNP Device ID: ROOT\MS_NDISWANBH\0000

Service: NdisWan

.

==== System Restore Points ===================

.

RP92: 9/4/2013 7:13:59 PM - Windows Update

RP93: 9/8/2013 7:36:32 AM - Windows Update

RP94: 9/11/2013 5:50:58 PM - Windows Update

RP95: 9/15/2013 8:10:10 AM - Windows Update

RP96: 9/18/2013 4:58:49 PM - Windows Update

.

==== Installed Programs ======================

.

Accidental Damage Services Agreement

Adobe AIR

Adobe Digital Editions 2.0

Adobe Download Assistant

Adobe Reader X (10.1.6) MUI

Advanced Audio FX Engine

Apple Application Support

Apple Mobile Device Support

Apple Software Update

avast! Free Antivirus

AVG SafeGuard toolbar

Banctec Service Agreement

BitZipper 2013

Blio

Bonjour

CCleaner

Cisco Connect

Complete Care Business Service Agreement

Conexant SmartAudio HD

Consumer In-Home Service Agreement

Cozi

D3DX10

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Digital Delivery

Dell Edoc Viewer

Dell Getting Started Guide

Dell Home Systems Service Agreement

Dell MusicStage

Dell PhotoStage

Dell Stage Remote

Dell Support Center

Dell Touchpad

Dell VideoStage 

Dell Webcam Central

DivX Web Player

Dropbox

eBay

Facebook Video Calling 1.2.0.287

FilesFrog Update Checker

Free PDF Solutions PDF to WORD version 1.0

GIMP 2.8.6

Google Chrome

Google Drive

GoToMeeting 5.4.0.1082

IB Updater Service

Intel PROSet Wireless

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® PROSet/Wireless for Bluetooth® + High Speed

Intel® Rapid Storage Technology

Intel® Turbo Boost Technology Monitor 2.0

Intel® PROSet/Wireless WiFi Software

Intel® Trusted Connect Service Client

iTunes

Jing

join.me

Junk Mail filter update

lucky leap 3.0.0

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Communicator 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MyPC Backup 

PDF24 Creator 5.7.0

PlayReady PC Runtime x86

Premium Service Agreement

QualxServ Service Agreement

Quickset64

QuickShare

Realtek USB 2.0 Card Reader

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 

Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition 

Shared C Run-time for x64

Skype Click to Call

Skype™ 6.6

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC80CRTRedist - 8.0.50727.762

VLC media player 2.0.5

WebSlingPlayer ActiveX

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Zinio Reader 4

.

==== Event Viewer Messages From Past Week ========

.

9/19/2013 9:23:05 AM, Error: Service Control Manager [7046]  - The following service has repeatedly stopped responding to service control requests: Shell Hardware Detection Contact the service vendor or the system administrator about whether to disable this service until the problem is identified. You may have to restart the computer in safe mode before you can disable the service.

9/19/2013 9:22:35 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.

9/19/2013 9:22:05 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

9/19/2013 9:21:35 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.

9/19/2013 9:20:35 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.

9/19/2013 9:20:05 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

9/19/2013 9:19:35 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service.

9/19/2013 9:18:32 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation - Storage Controller - Intel® 7 Series Chipset Family SATA AHCI Controller.

9/19/2013 11:51:25 AM, Error: Service Control Manager [7034]  - The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

9/19/2013 11:49:41 AM, Error: Service Control Manager [7034]  - The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly.  It has done this 1 time(s).

9/19/2013 11:48:14 AM, Error: BTHUSB [30]  - The local adapter does not support an important Low Energy controller state.  The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff.  Low Energy functionality will be disabled.

9/19/2013 11:47:59 AM, Error: Microsoft-Windows-Kernel-General [6]  - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.

9/19/2013 11:47:17 AM, Error: Service Control Manager [7000]  - The Group Policy Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

9/19/2013 11:46:43 AM, Error: Service Control Manager [7000]  - The Multimedia Class Scheduler service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

9/13/2013 4:40:44 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {B77C4C36-0154-4C52-AB49-FAA03837E47F}  and APPID  {EA022610-0748-4C24-B229-6C507EBDFDBB}  to the user Michael-PC\Michael SID (S-1-5-21-3488405890-2194972499-3896282513-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

.

==== End Of File ===========================
Link to post
Share on other sites

RogueKiller V8.6.12 [sep 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 8 (6.2.9200 ) 64 bits version

Started in : Normal mode

User : Michael [Admin rights]

Mode : Scan -- Date : 09/19/2013 16:55:52

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] update_checker.exe -- C:\Users\Michael\AppData\Local\FilesFrog Update Checker\update_checker.exe [7] -> KILLED [TermProc]

 

¤¤¤ Registry Entries : 7 ¤¤¤

[RUN][sUSP PATH] HKCU\[...]\Run : SDP (C:\Users\Michael\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto  [7]) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-3488405890-2194972499-3896282513-1000\[...]\Run : SDP (C:\Users\Michael\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto  [7]) -> FOUND

[RUN][sUSP PATH] HKCU\[...]\RunOnce : SpUninstallDeleteDir (rmdir /s /q "C:\Users\Michael\AppData\Roaming\SearchProtect" [x]) -> FOUND

[RUN][sUSP PATH] HKUS\S-1-5-21-3488405890-2194972499-3896282513-1000\[...]\RunOnce : SpUninstallDeleteDir (rmdir /s /q "C:\Users\Michael\AppData\Roaming\SearchProtect" [x]) -> FOUND

[RUN][sUSP PATH] HKLM\[...]\Wow6432Node\[...]\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [x][7][x]) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 1 ¤¤¤

[Michael][sUSP PATH] NexDef Plug-in.lnk : C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk @C:\Users\Michael\AppData\Local\Autobahn\nexdef.exe [-][-] -> FOUND

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - ST1000LM024 HN-M101MBB +++++

--- User ---

[MBR] 6a79a72491a901a4e4aa84d35f47daa7

[bSP] a32d0f07ce51abb5586cb67245f50c1a : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 14142 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 29044736 | Size: 939686 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_09192013_165552.txt >>
Link to post
Share on other sites

Lets clean out any adware: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

# AdwCleaner v3.004 - Report created 19/09/2013 at 21:53:31

# Updated 15/09/2013 by Xplode

# Operating System : Windows 8 Pro  (64 bits)

# Username : Michael - MICHAEL-PC

# Running from : C:\Users\Michael\Downloads\AdwCleaner (1).exe

# Option : Clean

 

***** [ Services ] *****

 

[#] Service Deleted : BackupStack

Service Deleted : CltMngSvc

[#] Service Deleted : IBUpdaterService

Service Deleted : spd Updater

[#] Service Deleted : Update lucky leap

Service Deleted : WajamUpdater

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Conduit

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Savepath Deals

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\lucky leap

Folder Deleted : C:\Program Files (x86)\MixiDJ_V30

Folder Deleted : C:\Program Files (x86)\MyPC Backup 

Folder Deleted : C:\Program Files (x86)\optimizer pro

Folder Deleted : C:\Program Files (x86)\Qwiklinx

Folder Deleted : C:\Program Files (x86)\Savepath Deals

Folder Deleted : C:\Program Files (x86)\Searchprotect

Folder Deleted : C:\Program Files (x86)\SPDUpdater

Folder Deleted : C:\Program Files (x86)\Wajam

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Deleted : C:\WINDOWS\SysWOW64\ARFC

Folder Deleted : C:\WINDOWS\SysWOW64\jmdp

Folder Deleted : C:\WINDOWS\SysWOW64\WNLT

Folder Deleted : C:\Users\Michael\AppData\Local\Conduit

Folder Deleted : C:\Users\Michael\AppData\Local\cre

Folder Deleted : C:\Users\Michael\AppData\Local\FilesFrog Update Checker

Folder Deleted : C:\Users\Michael\AppData\Local\Smartbar

Folder Deleted : C:\Users\Michael\AppData\Local\Wajam

Folder Deleted : C:\Users\Michael\AppData\Local\Temp\Smartbar

Folder Deleted : C:\Users\Michael\AppData\Local\Temp\CT3298566

Folder Deleted : C:\Users\Michael\AppData\Local\Temp\CT3310511

Folder Deleted : C:\Users\Michael\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Michael\AppData\LocalLow\Minibar

Folder Deleted : C:\Users\Michael\AppData\LocalLow\MixiDJ_V30

Folder Deleted : C:\Users\Michael\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Michael\AppData\LocalLow\Smartbar

Folder Deleted : C:\Users\Michael\AppData\Roaming\optimizer pro

Folder Deleted : C:\Users\Michael\AppData\Roaming\Qwiklinx

Folder Deleted : C:\Users\Michael\AppData\Roaming\Searchprotect

Folder Deleted : C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

Folder Deleted : C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup 

Folder Deleted : C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

Folder Deleted : C:\Users\Michael\Documents\optimizer pro

Folder Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\CT3298566

Folder Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\CT3310511

Folder Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}

Folder Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{6921B3CC-9935-4D28-9A83-B3D824210580}

Folder Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}

Folder Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\savepathdeals@savepathdeals.com

Folder Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}

Folder Deleted : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo

Folder Deleted : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

Folder Deleted : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Deleted : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen

File Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\firefox@luckyleap.net.xpi

File Deleted : C:\WINDOWS\System32\dmwu.exe

File Deleted : C:\WINDOWS\System32\ImhxxpComm.dll

File Deleted : C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

File Deleted : C:\Users\Michael\Desktop\Check for Updates.lnk

File Deleted : C:\Users\Michael\Desktop\MyPC Backup.lnk

File Deleted : C:\Users\Michael\Desktop\Optimizer Pro.lnk

File Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\\invalidprefs.js

File Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\searchplugins\Conduit.xml

File Deleted : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\searchplugins\MyStart Search.xml

File Deleted : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage

File Deleted : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eiimolhnbbbdagljikeckdkldgemmmlj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKCU\Software\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [sDP]

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState

Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO

Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO.1

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\SavepathDeals.MyObjectWithSite

Key Deleted : HKLM\SOFTWARE\Classes\SavepathDeals.MyObjectWithSite.1

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO

Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1

Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader

Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298566

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3310511

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_banjjklfojcdbofbhbgiedekefohoaff]

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_fdkednngfjmpnljkolbapdednncafhen]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DAA6D527-6513-453E-A4E6-DA2BFA6C7A75}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{204C0025-C26A-43E2-853C-D8A8EB1BCE51}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{91E6F004-F9BB-4E4C-A023-94BA5E56DF8F}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F66C7EC4-63CC-4452-A8C9-5A2E898F8EFF}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DAA6D527-6513-453E-A4E6-DA2BFA6C7A75}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A45341DA-B878-42ED-954D-1DC8413D0D4A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A74C3691-6FCF-4C3B-ABEC-EE32B2F028DD}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}

Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\Optimizer Pro

Key Deleted : HKCU\Software\Qwiklinx

Key Deleted : HKCU\Software\SearchProtect

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKCU\Software\SmartbarBackup

Key Deleted : HKCU\Software\SmartbarLog

Key Deleted : HKCU\Software\Somoto

Key Deleted : HKCU\Software\Wajam

Key Deleted : HKCU\Software\WNLT

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\AppDataLow\Software\MixiDJ_V30

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\spd

Key Deleted : HKLM\Software\Wajam

Key Deleted : HKLM\Software\MixiDJ_V30

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2E497885-E60B-420A-832D-0148B392E058}_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savepath Deals

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT

Key Deleted : [x64] HKLM\SOFTWARE\WNLT

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lucky leap

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16688

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]

 

-\\ Mozilla Firefox v22.0 (en-US)

 

[ File : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\prefs.js ]

 

Line Deleted : user_pref("CT3298566.FF19Solved", "true");

Line Deleted : user_pref("CT3298566.UserID", "UN44363850217908154");

Line Deleted : user_pref("CT3298566.browser.search.defaultthis.engineName", "true");

Line Deleted : user_pref("CT3298566.fullUserID", "UN44363850217908154.IN.20130919214141");

Line Deleted : user_pref("CT3298566.installDate", "19/09/2013 21:41:45");

Line Deleted : user_pref("CT3298566.installSessionId", "{99A5CFD6-DC2C-4928-922C-4ADBC135A8D9}");

Line Deleted : user_pref("CT3298566.installSp", "TRUE");

Line Deleted : user_pref("CT3298566.installerVersion", "1.7.0.9");

Line Deleted : user_pref("CT3298566.keyword", "true");



Line Deleted : user_pref("CT3298566.originalSearchEngine", "SweetPacks Customized Web Search");

Line Deleted : user_pref("CT3298566.originalSearchEngineName", "SweetPacks Customized Web Search");

Line Deleted : user_pref("CT3298566.searchRevert", "false");

Line Deleted : user_pref("CT3298566.searchUserMode", "2");

Line Deleted : user_pref("CT3298566.smartbar.homepage", "true");

Line Deleted : user_pref("CT3298566.versionFromInstaller", "10.20.0.13");

Line Deleted : user_pref("CT3298566.xpeMode", "0");

Line Deleted : user_pref("CT3310511.FF19Solved", "true");

Line Deleted : user_pref("CT3310511.UserID", "UN16580991023270332");

Line Deleted : user_pref("CT3310511.browser.search.defaultthis.engineName", "true");

Line Deleted : user_pref("CT3310511.fullUserID", "UN16580991023270332.IN.20130919130600");

Line Deleted : user_pref("CT3310511.installDate", "19/09/2013 13:06:02");

Line Deleted : user_pref("CT3310511.installSessionId", "{6735D61A-05EF-4FC0-9CD1-EDDC6805C971}");

Line Deleted : user_pref("CT3310511.installSp", "TRUE");

Line Deleted : user_pref("CT3310511.installerVersion", "1.7.0.9");

Line Deleted : user_pref("CT3310511.keyword", "true");


Line Deleted : user_pref("CT3310511.originalSearchAddressUrl", "");

Line Deleted : user_pref("CT3310511.originalSearchEngine", "AVG Secure Search");

Line Deleted : user_pref("CT3310511.originalSearchEngineName", "AVG Secure Search");

Line Deleted : user_pref("CT3310511.searchRevert", "false");

Line Deleted : user_pref("CT3310511.searchUserMode", "2");

Line Deleted : user_pref("CT3310511.smartbar.homepage", "true");

Line Deleted : user_pref("CT3310511.versionFromInstaller", "10.20.0.13");

Line Deleted : user_pref("CT3310511.xpeMode", "0");


Line Deleted : user_pref("browser.search.defaultenginename", "MixiDJ V30 Customized Web Search");

Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V30 Customized Web Search");


Line Deleted : user_pref("browser.search.selectedEngine", "MixiDJ V30 Customized Web Search");


Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);

Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);

Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

Line Deleted : user_pref("extensions.helperbar.Visibility", false);

Line Deleted : user_pref("extensions.helperbar.countryiso", "us");

Line Deleted : user_pref("extensions.helperbar.downloadprovider", "quickobrw");

Line Deleted : user_pref("extensions.helperbar.installationid", "cd64c2e9-7765-fcc6-b13c-7bb5e2bc5b6c");

Line Deleted : user_pref("extensions.helperbar.installdate", "19/09/2013");

Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");

Line Deleted : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Filesfrog Update Checker\",\"description\":\"Filesfrog Update Checker\",\"button\":{\"tooltip\":\"Check for updates\",\"icon\":\"hxxp:[...]

Line Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAAETUlEQVQ4jY2UfTTVBxjHn7C0kxLJLaoVNy8TOalxTXG65HJ7G+noRauxRC8TMc20Ky8HC[...]

 

-\\ Google Chrome v29.0.1547.66

 

[ File : C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted : homepage

Deleted : icon_url

Deleted : search_url

Deleted : suggest_url

Deleted : keyword

Deleted : urls_to_restore_on_startup

 

*************************

 

AdwCleaner[R0].txt - [2897 octets] - [14/09/2013 21:59:22]

AdwCleaner[R1].txt - [25365 octets] - [19/09/2013 21:51:27]

AdwCleaner[s0].txt - [2892 octets] - [14/09/2013 22:00:38]

AdwCleaner[s1].txt - [23472 octets] - [19/09/2013 21:53:31]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [23533 octets] ##########
Link to post
Share on other sites

Scan options disabled: P2P

Objects scanned: 225901

Time elapsed: 5 minute(s), 24 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 1

HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 12

C:\Users\Michael\AppData\Local\Temp\checktbexist.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Michael\AppData\Local\Temp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Michael\Downloads\Setup.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\A56W4M4W\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\A56W4M4W\wajam_install[1].exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\B01SD3P0\MixiDJ_V30[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\ID8H7TWD\OptimizerPro[1].exe (PUP.Optional.OptimizePro.A) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\ID8H7TWD\wajam_download[1] (PUP.Optional.Wajam) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\NBUDYBW1\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\NBUDYBW1\MixiCND_CID2_20130716[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\NBUDYBW1\MixiDJ_V30_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Michael\Local Settings\Temporary Internet Files\Content.IE5\NBUDYBW1\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

 

(end)
Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to a folder. (use correct version for your system)

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01

Ran by Michael (administrator) on MICHAEL-PC on 20-09-2013 07:29:55

Running from C:\Users\Michael\Downloads

Windows 8 Pro (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\CxUtilSvc.exe

(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel® Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

(Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe

(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio3.exe

() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

(Microsoft Corporation) C:\WINDOWS\splwow64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2894640 2012-03-14] (ELAN Microelectronics Corp.)

HKLM\...\Run: [intelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-11-29] ()

HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [5729648 2012-02-07] (Dell Inc.)

HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SA3\SACpl.exe [1628288 2011-09-08] (Conexant Systems, Inc.)

HKLM\...\Run: [stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()

HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKCU\...\Run: [Power8] - C:\Users\Michael\Downloads\Power8.exe

HKCU\...\Run: [Jing] - C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation)

HKCU\...\Run: [Facebook Update] - C:\Users\Michael\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-30] (Facebook Inc.)

HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)

HKCU\...\Run: [1987D95A86FCFAF5B82FFA7E9B4B7814763EFF83._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [829392 2013-09-02] (Google Inc.)

MountPoints2: E - "E:\LaunchU3.exe" -a

MountPoints2: {8996f659-81f4-11e2-be7d-685d437e7619} - "E:\LaunchU3.exe" -a

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)

HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)

HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)

HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)

HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)

AppInit_DLLs:  C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL [162856 2013-07-22] ()

AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll [ ] ()

Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk

ShortcutTarget: NexDef Plug-in.lnk -> C:\Users\Michael\AppData\Local\Autobahn\nexdef.exe ()

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

SearchScopes: HKLM - DefaultScope {860D5A1A-05F1-4B8E-B494-F0C1BF36282F} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121016195421.dll No File

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Qwiklinx - {3E7C8B5A-96AB-438F-BF9B-782400655440} - C:\Users\Michael\AppData\Roaming\Qwiklinx\Qwiklinx.dll No File

BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121016195421.dll No File

BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Cartwheel - {B50DF051-E1D4-439C-B94E-F4DE82B56542} - C:\Users\Michael\AppData\Roaming\Cartwheel\Cartwheel.dll (Cartwheel, Inc.)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Michael\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Michael\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Extension: ShoppingChip - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\lksys34msqv@vqoyoiyt.co.uk

FF Extension: TopArcadeHits - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3}

FF Extension: Cartwheel Shopping - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{162C9CAB-86EA-44BC-A0FD-8D6C7678EC30}

FF Extension: DownloadHelper - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

FF Extension: No Name - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{cd64c2e9-7765-fcc6-b13c-7bb5e2bc5b6c}

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

 

Chrome: 

=======



CHR DefaultSearchURL: (Conduit) - http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11323005886989114&ctid=CT3298566&UM=2

CHR DefaultSuggestURL: (Conduit) - http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN11323005886989114&UM=2

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()

CHR Plugin: (Conduit Chrome Plugin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/ConduitChromeApiPlugin.dll No File

CHR Plugin: (Conduit Radio Plugin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/np-cwmp.dll No File

CHR Plugin: (Conduit Chrome Approve TB Plugin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/ChromeApproveTBPlugin.dll No File

CHR Plugin: (Conduit Chrome Plugin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\search/plugins/npConduitNewTabPlugin.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll No File

CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.94) - C:\Users\Michael\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)

CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Michael\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)

CHR Extension: (Adblock Plus) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0

CHR Extension: (Tampermonkey) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.4.3568.10_0

CHR Extension: (Skype Click to Call) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_2

CHR Extension: (Chrome In-App Payments service) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1

CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Michael\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)

R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

S2 vToolbarUpdater15.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [x]

 

==================== Drivers (Whitelisted) ====================

 

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-06] (AVAST Software)

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)

R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()

R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)

R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)

R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-09-20 07:29 - 2013-09-20 07:29 - 01950622 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe

2013-09-20 07:29 - 2013-09-20 07:29 - 00000000 ____D C:\FRST

2013-09-20 07:10 - 2013-09-20 07:10 - 00659968 _____ C:\Users\Michael\Downloads\MicrosoftFixit50195.msi

2013-09-20 06:59 - 2013-09-20 07:01 - 00011503 _____ C:\WINDOWS\WindowsUpdate.log

2013-09-19 22:20 - 2013-09-19 22:20 - 00012225 _____ C:\Users\Michael\Downloads\Itinerary as of 9-18-2013.xlsx

2013-09-19 21:57 - 2013-09-19 21:57 - 01039554 _____ C:\Users\Michael\Downloads\AdwCleaner (2).exe

2013-09-19 21:54 - 2013-09-20 07:04 - 00012108 _____ C:\WINDOWS\setupact.log

2013-09-19 21:54 - 2013-09-19 22:06 - 00387282 _____ C:\WINDOWS\PFRO.log

2013-09-19 21:54 - 2013-09-19 21:54 - 00000000 _____ C:\WINDOWS\setuperr.log

2013-09-19 21:50 - 2013-09-19 21:50 - 01039554 _____ C:\Users\Michael\Downloads\AdwCleaner (1).exe

2013-09-19 21:45 - 2013-09-19 21:45 - 00000000 ____D C:\Program Files (x86)\FileOpenerPro

2013-09-19 21:43 - 2013-09-19 21:44 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Cartwheel

2013-09-19 16:55 - 2013-09-19 16:55 - 00002805 _____ C:\Users\Michael\Desktop\RKreport[0]_S_09192013_165552.txt

2013-09-19 16:53 - 2013-09-19 16:56 - 00000000 ____D C:\Users\Michael\Desktop\RK_Quarantine

2013-09-19 16:53 - 2013-09-19 16:53 - 00922112 _____ C:\Users\Michael\Downloads\RogueKiller.exe

2013-09-19 16:44 - 2013-09-19 16:44 - 00688992 ____R (Swearware) C:\Users\Michael\Downloads\dds (1).com

2013-09-19 14:23 - 2013-09-19 14:23 - 04454952 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup405.exe

2013-09-19 14:23 - 2013-09-19 14:23 - 00002776 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC

2013-09-19 14:23 - 2013-09-19 14:23 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk

2013-09-19 14:23 - 2013-09-19 14:23 - 00000000 ____D C:\Program Files\CCleaner

2013-09-19 14:16 - 2013-09-19 14:16 - 00003174 _____ C:\WINDOWS\System32\Tasks\{4616599B-4639-4E49-AE1E-A3B31EC91E0A}

2013-09-19 13:07 - 2013-09-19 13:08 - 00000000 ____D C:\Program Files (x86)\Free PDF Solutions

2013-09-19 13:05 - 2013-09-19 14:30 - 00000000 ____D C:\ProgramData\ShoppingChip

2013-09-19 13:05 - 2013-09-19 13:06 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar

2013-09-19 13:05 - 2013-09-19 13:05 - 00045856 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys

2013-09-19 13:05 - 2013-09-19 13:05 - 00000000 ____D C:\Users\Michael\AppData\Local\AVG SafeGuard toolbar

2013-09-19 13:05 - 2013-09-19 13:05 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar

2013-09-19 13:04 - 2013-09-19 13:04 - 00894600 _____ (CNET Download.com) C:\Users\Michael\Downloads\cbsidlm-cbsi134-Free_PDF_to_Word-SEO-75732609.exe

2013-09-15 09:00 - 2013-09-15 09:00 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Downloads\OTL (1).exe

2013-09-15 09:00 - 2013-09-15 09:00 - 00000000 ____D C:\_OTL

2013-09-15 08:33 - 2013-09-15 08:34 - 00130858 _____ C:\Users\Michael\Desktop\OTL.Txt

2013-09-15 08:30 - 2013-09-15 08:30 - 00075262 _____ C:\Users\Michael\Downloads\Extras.Txt

2013-09-15 08:29 - 2013-09-15 08:29 - 00130858 _____ C:\Users\Michael\Downloads\OTL.Txt

2013-09-15 08:23 - 2013-09-15 08:23 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Downloads\OTL.exe

2013-09-15 08:20 - 2013-09-15 08:22 - 00000856 _____ C:\Users\Michael\Desktop\JRT.txt

2013-09-15 08:15 - 2013-09-15 08:15 - 00000000 ____D C:\WINDOWS\ERUNT

2013-09-15 08:14 - 2013-09-15 08:14 - 01029675 _____ (Thisisu) C:\Users\Michael\Downloads\JRT.exe

2013-09-15 07:42 - 2013-09-19 16:45 - 00026815 _____ C:\Users\Michael\Desktop\dds.txt

2013-09-15 07:42 - 2013-09-19 16:45 - 00012123 _____ C:\Users\Michael\Desktop\attach.txt

2013-09-15 07:40 - 2013-09-15 07:41 - 00688992 ____R (Swearware) C:\Users\Michael\Downloads\dds.com

2013-09-14 22:17 - 2013-09-14 22:17 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-09-14 22:17 - 2013-09-14 22:17 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Malwarebytes

2013-09-14 22:17 - 2013-09-14 22:17 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-09-14 22:17 - 2013-09-14 22:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-09-14 22:17 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2013-09-14 22:16 - 2013-09-14 22:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Michael\Downloads\mbam-setup-1.75.0.1300.exe

2013-09-14 22:01 - 2013-09-14 22:01 - 00426752 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-09-14 21:59 - 2013-09-19 21:53 - 00000000 ____D C:\AdwCleaner

2013-09-14 21:58 - 2013-09-14 21:58 - 01039554 _____ C:\Users\Michael\Downloads\AdwCleaner.exe

2013-09-14 21:49 - 2013-09-14 21:50 - 00000000 ___HD C:\$SysReset

2013-09-14 21:39 - 2013-09-14 22:09 - 00000000 ____D C:\Program Files (x86)\Spigot Removal Tool

2013-09-14 21:39 - 2013-09-14 21:39 - 02880824 _____ (Security Stronghold                                         ) C:\Users\Michael\Downloads\SpigotRemovalTool.exe

2013-09-14 21:39 - 2013-09-14 21:39 - 00003248 _____ C:\WINDOWS\System32\Tasks\RegClean Pro

2013-09-14 21:39 - 2012-12-10 11:04 - 00356352 _____ (eSellerate Inc.) C:\WINDOWS\eSellerateEngine.dll

2013-09-14 21:39 - 2012-12-10 11:04 - 00081920 _____ (eSellerate Inc.) C:\WINDOWS\eSellerateControl350.dll

2013-09-14 21:39 - 2009-07-23 18:32 - 01122304 _____ (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\SysWOW64\libeay32.dll

2013-09-14 21:39 - 2009-07-23 18:32 - 00274432 _____ (The OpenSSL Project, http://www.openssl.org/) C:\WINDOWS\SysWOW64\ssleay32.dll

2013-09-14 21:30 - 2013-09-05 13:09 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2013-09-14 21:30 - 2013-09-05 13:09 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2013-09-12 15:35 - 2013-09-12 15:35 - 01130576 _____ (BitTorrent Inc.) C:\Users\Michael\Downloads\utorrent.exe

2013-09-12 10:51 - 2013-08-06 22:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll

2013-09-11 20:36 - 2013-09-19 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-09-11 20:10 - 2013-09-11 20:21 - 2923949595 _____ C:\Users\Michael\Desktop\Chicago Bears at Cincinnati Bengals [08 09 13] Full Match.mp4

2013-09-11 20:10 - 2013-09-11 20:10 - 00000000 ____D C:\Users\Michael\dwhelper

2013-09-10 17:22 - 2013-08-20 21:12 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2013-09-10 17:22 - 2013-08-20 21:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2013-09-10 17:22 - 2013-08-20 21:11 - 19246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2013-09-10 17:22 - 2013-08-20 21:11 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2013-09-10 17:22 - 2013-08-20 19:34 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2013-09-10 17:22 - 2013-08-20 19:06 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2013-09-10 17:22 - 2013-08-20 19:06 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2013-09-10 17:22 - 2013-08-20 19:06 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 14332928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 02048000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2013-09-10 17:22 - 2013-08-20 19:05 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2013-09-10 17:22 - 2013-08-20 18:43 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2013-09-10 17:22 - 2013-08-20 16:52 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll

2013-09-10 17:22 - 2013-08-15 22:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys

2013-09-10 17:22 - 2013-08-15 22:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll

2013-09-10 17:22 - 2013-08-15 22:39 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2013-09-10 17:22 - 2013-08-15 22:32 - 00209200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe

2013-09-10 17:22 - 2013-08-15 22:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2013-09-10 17:22 - 2013-08-15 22:22 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2013-09-10 17:22 - 2013-08-15 22:21 - 03275776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2013-09-10 17:22 - 2013-08-15 22:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2013-09-10 17:22 - 2013-08-15 22:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00083968 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll

2013-09-10 17:22 - 2013-08-15 15:43 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2013-09-10 17:22 - 2013-08-15 15:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2013-09-10 17:22 - 2013-08-15 15:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll

2013-09-10 17:22 - 2013-08-15 15:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll

2013-09-10 17:22 - 2013-07-05 17:16 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2013-09-10 17:22 - 2013-07-02 17:23 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2013-09-10 17:22 - 2013-07-02 17:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2013-09-10 17:22 - 2013-07-02 17:11 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2013-09-10 17:22 - 2013-07-02 17:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2013-09-10 17:22 - 2013-06-10 12:15 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL

2013-09-10 17:21 - 2013-08-02 21:30 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2013-09-10 17:21 - 2013-07-09 01:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys

2013-09-10 17:21 - 2013-07-08 23:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe

2013-09-10 17:21 - 2013-07-08 21:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe

2013-09-10 17:21 - 2013-07-08 20:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll

2013-09-10 17:21 - 2013-07-08 15:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll

2013-09-10 17:21 - 2013-07-08 15:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll

2013-09-10 17:21 - 2013-07-08 15:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll

2013-09-10 17:21 - 2013-07-08 15:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll

2013-09-10 17:21 - 2013-07-02 17:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll

2013-09-10 17:21 - 2013-07-02 17:22 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2013-09-10 17:21 - 2013-07-02 17:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2013-09-10 17:21 - 2013-07-01 15:08 - 00387583 _____ C:\WINDOWS\system32\ApnDatabase.xml

2013-09-10 17:21 - 2013-06-30 15:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe

2013-09-10 17:21 - 2013-06-30 15:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe

2013-09-10 17:21 - 2013-06-28 23:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2013-09-10 17:21 - 2013-06-28 23:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2013-09-10 17:21 - 2013-06-28 22:43 - 00327512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys

2013-09-10 17:21 - 2013-06-28 18:12 - 01022464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2013-09-10 17:21 - 2013-06-25 20:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys

2013-09-10 17:21 - 2013-06-24 15:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2013-09-10 17:21 - 2013-06-24 15:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2013-09-10 17:21 - 2013-06-24 15:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2013-09-10 17:21 - 2013-06-18 22:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll

2013-09-10 17:21 - 2013-06-18 22:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll

2013-09-10 17:21 - 2013-06-18 15:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll

2013-09-10 17:21 - 2013-06-18 15:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll

2013-09-10 17:21 - 2013-06-11 16:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll

2013-09-10 17:21 - 2013-06-11 16:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll

2013-09-10 17:21 - 2013-06-10 14:17 - 00096512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys

2013-09-10 17:21 - 2013-06-10 12:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll

2013-09-10 17:21 - 2013-06-10 12:15 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2013-09-10 17:21 - 2013-06-10 12:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL

2013-09-10 17:21 - 2013-06-10 12:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll

2013-09-10 17:21 - 2013-06-10 12:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL

2013-09-10 17:21 - 2013-06-06 01:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

 

==================== One Month Modified Files and Folders =======

 

2013-09-20 07:29 - 2013-09-20 07:29 - 01950622 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe

2013-09-20 07:29 - 2013-09-20 07:29 - 00000000 ____D C:\FRST

2013-09-20 07:20 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\system32\sru

2013-09-20 07:10 - 2013-09-20 07:10 - 00659968 _____ C:\Users\Michael\Downloads\MicrosoftFixit50195.msi

2013-09-20 07:07 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\system32\FxsTmp

2013-09-20 07:06 - 2013-03-29 08:09 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update

2013-09-20 07:05 - 2012-10-26 11:24 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks

2013-09-20 07:05 - 2012-10-26 11:24 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks

2013-09-20 07:05 - 2012-10-15 18:11 - 00000896 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2013-09-20 07:05 - 2012-07-06 18:26 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup

2013-09-20 07:05 - 2012-07-06 18:04 - 00003742 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2013-09-20 07:05 - 2012-07-06 18:04 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-09-20 07:04 - 2013-09-19 21:54 - 00012108 _____ C:\WINDOWS\setupact.log

2013-09-20 07:04 - 2012-07-26 00:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2013-09-20 07:04 - 2012-07-25 22:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2013-09-20 07:01 - 2013-09-20 06:59 - 00011503 _____ C:\WINDOWS\WindowsUpdate.log

2013-09-20 07:01 - 2012-11-20 12:45 - 00000000 ____D C:\Users\Michael\Desktop\Barefoot

2013-09-19 23:22 - 2012-10-26 11:42 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3488405890-2194972499-3896282513-1000

2013-09-19 22:45 - 2012-10-15 18:11 - 00000900 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2013-09-19 22:20 - 2013-09-19 22:20 - 00012225 _____ C:\Users\Michael\Downloads\Itinerary as of 9-18-2013.xlsx

2013-09-19 22:06 - 2013-09-19 21:54 - 00387282 _____ C:\WINDOWS\PFRO.log

2013-09-19 21:57 - 2013-09-19 21:57 - 01039554 _____ C:\Users\Michael\Downloads\AdwCleaner (2).exe

2013-09-19 21:54 - 2013-09-19 21:54 - 00000000 _____ C:\WINDOWS\setuperr.log

2013-09-19 21:54 - 2013-01-18 09:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2013-09-19 21:53 - 2013-09-14 21:59 - 00000000 ____D C:\AdwCleaner

2013-09-19 21:53 - 2012-10-15 18:07 - 00000000 ___RD C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2013-09-19 21:50 - 2013-09-19 21:50 - 01039554 _____ C:\Users\Michael\Downloads\AdwCleaner (1).exe

2013-09-19 21:45 - 2013-09-19 21:45 - 00000000 ____D C:\Program Files (x86)\FileOpenerPro

2013-09-19 21:44 - 2013-09-19 21:43 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Cartwheel

2013-09-19 21:44 - 2013-09-11 20:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-09-19 21:44 - 2012-10-26 11:39 - 01162240 ___SH C:\Users\Michael\Desktop\Thumbs.db

2013-09-19 16:56 - 2013-09-19 16:53 - 00000000 ____D C:\Users\Michael\Desktop\RK_Quarantine

2013-09-19 16:55 - 2013-09-19 16:55 - 00002805 _____ C:\Users\Michael\Desktop\RKreport[0]_S_09192013_165552.txt

2013-09-19 16:53 - 2013-09-19 16:53 - 00922112 _____ C:\Users\Michael\Downloads\RogueKiller.exe

2013-09-19 16:45 - 2013-09-15 07:42 - 00026815 _____ C:\Users\Michael\Desktop\dds.txt

2013-09-19 16:45 - 2013-09-15 07:42 - 00012123 _____ C:\Users\Michael\Desktop\attach.txt

2013-09-19 16:44 - 2013-09-19 16:44 - 00688992 ____R (Swearware) C:\Users\Michael\Downloads\dds (1).com

2013-09-19 15:16 - 2013-04-30 09:11 - 00000958 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3488405890-2194972499-3896282513-1000UA.job

2013-09-19 14:59 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\rescache

2013-09-19 14:30 - 2013-09-19 13:05 - 00000000 ____D C:\ProgramData\ShoppingChip

2013-09-19 14:24 - 2012-10-26 10:41 - 00000000 ____D C:\WINDOWS\Panther

2013-09-19 14:23 - 2013-09-19 14:23 - 04454952 _____ (Piriform Ltd) C:\Users\Michael\Downloads\ccsetup405.exe

2013-09-19 14:23 - 2013-09-19 14:23 - 00002776 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC

2013-09-19 14:23 - 2013-09-19 14:23 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk

2013-09-19 14:23 - 2013-09-19 14:23 - 00000000 ____D C:\Program Files\CCleaner

2013-09-19 14:16 - 2013-09-19 14:16 - 00003174 _____ C:\WINDOWS\System32\Tasks\{4616599B-4639-4E49-AE1E-A3B31EC91E0A}

2013-09-19 13:41 - 2012-10-17 10:26 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Skype

2013-09-19 13:08 - 2013-09-19 13:07 - 00000000 ____D C:\Program Files (x86)\Free PDF Solutions

2013-09-19 13:06 - 2013-09-19 13:05 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar

2013-09-19 13:05 - 2013-09-19 13:05 - 00045856 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys

2013-09-19 13:05 - 2013-09-19 13:05 - 00000000 ____D C:\Users\Michael\AppData\Local\AVG SafeGuard toolbar

2013-09-19 13:05 - 2013-09-19 13:05 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar

2013-09-19 13:04 - 2013-09-19 13:04 - 00894600 _____ (CNET Download.com) C:\Users\Michael\Downloads\cbsidlm-cbsi134-Free_PDF_to_Word-SEO-75732609.exe

2013-09-15 09:16 - 2013-04-30 09:11 - 00000936 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3488405890-2194972499-3896282513-1000Core.job

2013-09-15 09:00 - 2013-09-15 09:00 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Downloads\OTL (1).exe

2013-09-15 09:00 - 2013-09-15 09:00 - 00000000 ____D C:\_OTL

2013-09-15 08:34 - 2013-09-15 08:33 - 00130858 _____ C:\Users\Michael\Desktop\OTL.Txt

2013-09-15 08:30 - 2013-09-15 08:30 - 00075262 _____ C:\Users\Michael\Downloads\Extras.Txt

2013-09-15 08:29 - 2013-09-15 08:29 - 00130858 _____ C:\Users\Michael\Downloads\OTL.Txt

2013-09-15 08:23 - 2013-09-15 08:23 - 00602112 _____ (OldTimer Tools) C:\Users\Michael\Downloads\OTL.exe

2013-09-15 08:22 - 2013-09-15 08:20 - 00000856 _____ C:\Users\Michael\Desktop\JRT.txt

2013-09-15 08:15 - 2013-09-15 08:15 - 00000000 ____D C:\WINDOWS\ERUNT

2013-09-15 08:14 - 2013-09-15 08:14 - 01029675 _____ (Thisisu) C:\Users\Michael\Downloads\JRT.exe

2013-09-15 07:41 - 2013-09-15 07:40 - 00688992 ____R (Swearware) C:\Users\Michael\Downloads\dds.com

2013-09-14 22:17 - 2013-09-14 22:17 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-09-14 22:17 - 2013-09-14 22:17 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Malwarebytes

2013-09-14 22:17 - 2013-09-14 22:17 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-09-14 22:17 - 2013-09-14 22:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-09-14 22:16 - 2013-09-14 22:16 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Michael\Downloads\mbam-setup-1.75.0.1300.exe

2013-09-14 22:09 - 2013-09-14 21:39 - 00000000 ____D C:\Program Files (x86)\Spigot Removal Tool

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\tr

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\sv

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\ru

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\pt

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\nl

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\it

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\fi

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\es

2013-09-14 22:09 - 2012-11-22 16:51 - 00000000 ____D C:\Users\Michael\Downloads\de

2013-09-14 22:01 - 2013-09-14 22:01 - 00426752 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2013-09-14 21:58 - 2013-09-14 21:58 - 01039554 _____ C:\Users\Michael\Downloads\AdwCleaner.exe

2013-09-14 21:50 - 2013-09-14 21:49 - 00000000 ___HD C:\$SysReset

2013-09-14 21:39 - 2013-09-14 21:39 - 02880824 _____ (Security Stronghold                                         ) C:\Users\Michael\Downloads\SpigotRemovalTool.exe

2013-09-14 21:39 - 2013-09-14 21:39 - 00003248 _____ C:\WINDOWS\System32\Tasks\RegClean Pro

2013-09-14 21:26 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\WinStore

2013-09-14 21:26 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2013-09-14 21:26 - 2012-07-25 22:38 - 00000000 ____D C:\WINDOWS\system32\oobe

2013-09-14 21:23 - 2013-01-31 11:18 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Dropbox

2013-09-13 13:02 - 2012-10-15 18:31 - 00000000 ____D C:\ProgramData\Microsoft Help

2013-09-13 09:53 - 2013-03-29 08:09 - 00000000 _____ C:\WINDOWS\SysWOW64\config.nt

2013-09-12 15:44 - 2012-10-30 19:43 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc

2013-09-12 15:35 - 2013-09-12 15:35 - 01130576 _____ (BitTorrent Inc.) C:\Users\Michael\Downloads\utorrent.exe

2013-09-12 12:50 - 2013-08-14 17:39 - 00000000 ____D C:\WINDOWS\system32\MRT

2013-09-12 12:48 - 2012-12-13 08:38 - 79143768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2013-09-11 20:21 - 2013-09-11 20:10 - 2923949595 _____ C:\Users\Michael\Desktop\Chicago Bears at Cincinnati Bengals [08 09 13] Full Match.mp4

2013-09-11 20:10 - 2013-09-11 20:10 - 00000000 ____D C:\Users\Michael\dwhelper

2013-09-11 20:10 - 2012-10-26 11:19 - 00000000 ____D C:\Users\Michael

2013-09-07 20:07 - 2012-07-26 00:28 - 00915518 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2013-09-05 13:09 - 2013-09-14 21:30 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2013-09-05 13:09 - 2013-09-14 21:30 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2013-09-05 07:58 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent

2013-08-30 00:48 - 2013-03-29 08:10 - 00378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2013-08-30 00:48 - 2013-03-29 08:10 - 00072016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2013-08-30 00:48 - 2013-03-29 08:10 - 00064288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys

2013-08-30 00:48 - 2013-03-29 08:10 - 00033400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys

2013-08-30 00:48 - 2013-03-29 08:09 - 01030952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2013-08-30 00:48 - 2013-03-29 08:09 - 00204880 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys

2013-08-30 00:48 - 2013-03-29 08:09 - 00080816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2013-08-30 00:48 - 2013-03-29 08:09 - 00065336 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys

2013-08-30 00:47 - 2013-03-29 08:09 - 00287840 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2013-08-30 00:47 - 2013-03-29 08:09 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr

2013-08-29 17:42 - 2013-01-31 11:26 - 00000000 ___RD C:\Users\Michael\Dropbox

2013-08-29 15:15 - 2013-01-31 11:26 - 00001029 _____ C:\Users\Michael\Desktop\Dropbox.lnk

2013-08-29 15:15 - 2013-01-31 11:26 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2013-08-29 08:52 - 2012-12-16 21:15 - 00000000 ____D C:\Users\Michael\Desktop\Sports Card Folder

2013-08-27 19:23 - 2013-07-31 20:51 - 00010083 _____ C:\Users\Michael\Desktop\Password list.xlsx

2013-08-21 18:49 - 2012-10-17 10:26 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-08-21 18:49 - 2012-07-06 18:29 - 00000000 ____D C:\ProgramData\Skype

 

Some content of TEMP:

====================

C:\Users\Michael\AppData\Local\Temp\6_Offer_17.exe

C:\Users\Michael\AppData\Local\Temp\BackupSetup.exe

C:\Users\Michael\AppData\Local\Temp\nsb9EB1.exe

C:\Users\Michael\AppData\Local\Temp\nsdE4D4.exe

C:\Users\Michael\AppData\Local\Temp\nsf1107.exe

C:\Users\Michael\AppData\Local\Temp\nsf68FB.exe

C:\Users\Michael\AppData\Local\Temp\nsi9661.exe

C:\Users\Michael\AppData\Local\Temp\nsj8B5C.exe

C:\Users\Michael\AppData\Local\Temp\nsoBEB.exe

C:\Users\Michael\AppData\Local\Temp\nsvDC05.exe

C:\Users\Michael\AppData\Local\Temp\nsw5FB1.exe

C:\Users\Michael\AppData\Local\Temp\nsx1499.exe

C:\Users\Michael\AppData\Local\Temp\nsxF33C.exe

C:\Users\Michael\AppData\Local\Temp\nsy95B0.exe

C:\Users\Michael\AppData\Local\Temp\nszA820.exe

C:\Users\Michael\AppData\Local\Temp\oi_{7D1CF83D-84D5-4B3C-822D-DC44B129AC3B}.exe

C:\Users\Michael\AppData\Local\Temp\Quarantine.exe

C:\Users\Michael\AppData\Local\Temp\SweetIMInstallValidator.exe

C:\Users\Michael\AppData\Local\Temp\tbSwee.dll

C:\Users\Michael\AppData\Local\Temp\vcredist_x64.exe

C:\Users\Michael\AppData\Local\Temp\WSSetup.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2013-09-19 12:02

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2013 01

Ran by Michael at 2013-09-20 07:30:37

Running from C:\Users\Michael\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Installed Programs =======================

 

Accidental Damage Services Agreement (x32 Version: 2.0.0)

Adobe AIR (x32 Version: 3.6.0.6090)

Adobe Digital Editions 2.0 (x32 Version: 2.0)

Adobe Download Assistant (x32 Version: 1.2.3)

Adobe Reader X (10.1.6) MUI (x32 Version: 10.1.6)

Advanced Audio FX Engine (x32 Version: 1.12.05)

Apple Application Support (x32 Version: 2.3.4)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (x32 Version: 2.1.3.127)

avast! Free Antivirus (x32 Version: 8.0.1497.0)

AVG SafeGuard toolbar (x32 Version: 15.4.0.5)

Banctec Service Agreement (x32 Version: 2.0.0)

BitZipper 2013 (x32 Version: 2013.12.10.17)

Blio (x32 Version: 2.3.7140)

Bonjour (Version: 3.0.0.10)

Cartwheel Shopping (x32 Version: 1.5.0.1904)

CCleaner (Version: 4.05)

Cisco Connect (x32 Version: 1.4.11287.0)

Complete Care Business Service Agreement (x32 Version: 2.0.0)

Conexant SmartAudio HD (Version: 8.54.29.0)

Consumer In-Home Service Agreement (x32 Version: 2.0.0)

Cozi (x32 Version: 1.0.6505.38692)

D3DX10 (x32 Version: 15.4.2368.0902)

Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.67)

Dell DataSafe Local Backup (x32 Version: 9.4.67)

Dell DataSafe Online (x32 Version: 2.1.19634)

Dell Digital Delivery (x32 Version: 2.1.1002.0)

Dell Edoc Viewer (Version: 1.0.0)

Dell Getting Started Guide (x32 Version: 1.00.0000)

Dell Home Systems Service Agreement (x32 Version: 2.0.0)

Dell MusicStage (x32 Version: 1.6.225.0)

Dell PhotoStage (x32 Version: 1.5.0.130)

Dell Stage Remote (x32 Version: 2.0.0.43)

Dell Support Center (Version: 3.1.5907.16)

Dell Touchpad (Version: 10.3.2.2)

Dell VideoStage  (x32 Version: 1.3.0.2513)

Dell Webcam Central (x32 Version: 2.00.44)

DivX Web Player (x32 Version: 1.5.0)

Dropbox (HKCU Version: 2.0.22)

eBay (x32 Version: 1.4.0)

Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)

File Opener Pro (x32)

Free PDF Solutions PDF to WORD version 1.0 (x32 Version: 1.0)

GIMP 2.8.6 (Version: 2.8.6)

Google Chrome (x32 Version: 29.0.1547.66)

Google Drive (x32 Version: 1.11.4865.2530)

GoToMeeting 5.4.0.1082 (HKCU Version: 5.4.0.1082)

Intel PROSet Wireless

Intel® Control Center (x32 Version: 1.2.1.1007)

Intel® Management Engine Components (x32 Version: 8.0.1.1399)

Intel® Processor Graphics (x32 Version: 9.17.10.2849)

Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)

Intel® Rapid Storage Technology (x32 Version: 11.1.0.1006)

Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)

Intel® PROSet/Wireless WiFi Software (Version: 15.01.1000.0927)

Intel® Trusted Connect Service Client (Version: 1.23.219.2)

iTunes (Version: 11.0.4.4)

Jing (x32 Version: 2.8.13007.1)

join.me (HKCU Version: 1.9.0.130)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

Mesh Runtime (x32 Version: 15.4.5722.2)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office 2007 Service Pack 3 (SP3) (x32)

Microsoft Office 2010 (x32 Version: 14.0.4763.1000)

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Communicator 2007 (x32 Version: 2.0.6362.0)

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)

Microsoft Silverlight (Version: 5.1.20513.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)

Mozilla Firefox 22.0 (x86 en-US) (x32 Version: 22.0)

Mozilla Maintenance Service (x32 Version: 22.0)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MyPC Backup  (Version: )

PDF24 Creator 5.7.0 (x32)

PlayReady PC Runtime x86 (x32 Version: 1.3.0)

Premium Service Agreement (x32 Version: 2.0.0)

QualxServ Service Agreement (x32 Version: 2.0.0)

Quickset64 (Version: 10.14.010)

QuickShare (x32 Version: 1.135.60.12323)

Realtek USB 2.0 Card Reader (x32 Version: 6.1.7601.39019)

Shared C Run-time for x64 (Version: 10.0.0)

Skype Click to Call (x32 Version: 6.11.13348)

Skype™ 6.6 (x32 Version: 6.6.106)

Update for 2007 Microsoft Office System (KB967642) (x32)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)

Update for Microsoft Office Access 2007 Help (KB963663) (x32)

Update for Microsoft Office Excel 2007 Help (KB963678) (x32)

Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)

Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition (x32)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)

Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)

Update for Microsoft Office Script Editor Help (KB963671) (x32)

Update for Microsoft Office Word 2007 Help (KB963665) (x32)

VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0)

VLC media player 2.0.5 (x32 Version: 2.0.5)

WebSlingPlayer ActiveX (x32 Version: 1.5.12732)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3508.1109)

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3508.1109)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Mesh (x32 Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)

Windows Live Messenger (x32 Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

Zinio Reader 4 (x32 Version: 4.2.4164)

 

==================== Restore Points  =========================

 

05-09-2013 02:13:59 Windows Update

08-09-2013 14:36:32 Windows Update

12-09-2013 00:50:58 Windows Update

15-09-2013 15:10:10 Windows Update

18-09-2013 23:58:49 Windows Update

20-09-2013 14:00:00 Restore Operation

 

==================== Hosts content: ==========================

 

2012-07-25 22:26 - 2012-07-25 22:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {04ACFFB6-810F-4359-91F8-DEDB34F7EF1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe

Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-25] (Microsoft Corporation)

Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical

Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\System32\sysmain.dll [2013-05-03] (Microsoft Corporation)

Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents

Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance

Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy

Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\WSClient.dll [2013-08-15] (Microsoft Corporation)

Task: {25D9C75E-5407-41D1-AB0D-E77CF131168B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe

Task: {26A5E551-6E87-415B-A5BB-8C5FA11BCA4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

Task: {289A503C-0447-4929-9613-F8FB771C6777} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => Sc.exe start wuauserv

Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh

Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks

Task: {2F0F3A62-C7DA-45C6-9000-BF3FDF0FCBC3} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2013-07-01] (Microsoft Corporation)

Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update

Task: {30AEFC67-F451-41D0-9107-9E3C062295CE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator

Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask

Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem

Task: {3D1B8B0E-6642-4134-B72D-F76D88BE4544} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance

Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage

Task: {45C63B22-8A1B-4FC7-8004-5555CC55796C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)

Task: {470D749A-1A84-43E5-8A3C-786DC6AFFB27} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect

Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)

Task: {491B4BCC-39A6-49C4-B411-D62377D6CDBB} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync

Task: {4935EF1B-7288-4F82-A3C8-A3F10F8A1D75} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon

Task: {4CE4033A-BEB9-45F8-9ACE-085A50C2E917} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {4D899404-D2B4-4E3D-A595-E7F067B64FB9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall

Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance

Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required

Task: {61F655F8-95BD-4DB3-8ED4-1E46AFDA3A7B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-25] (Microsoft Corporation)

Task: {62CD5F12-2156-440D-BE8B-E128153E58A2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

Task: {6A819AAD-E5D9-47D8-B820-2052B15DF2FF} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\Regcleanpro.exe

Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-19] (Microsoft Corporation)

Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319

Task: {6FF23391-470F-41F8-8778-7115D605DE02} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3488405890-2194972499-3896282513-1000Core => C:\Users\Michael\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-30] (Facebook Inc.)

Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update

Task: {7A14CA65-B2A2-4788-B4F3-D25BEFE56933} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance

Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance

Task: {86D94453-3FA2-419D-8B76-93774B4F8965} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup

Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)

Task: {8B3454B0-E5CB-4BEA-9D5F-DC36E6E6A619} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe

Task: {8CC764A0-B47D-4174-9FED-261CA4736C55} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

Task: {8E2F8FBF-7919-4402-9073-796BA9BD3043} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3488405890-2194972499-3896282513-1000UA => C:\Users\Michael\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-30] (Facebook Inc.)

Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses

Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime

Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64

Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic

Task: {9DC31B36-D800-4CDC-B216-94FCE7F1B786} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

Task: {A45031B4-CE64-45E6-A290-E46EE19ED9FE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\WSClient.dll [2013-08-15] (Microsoft Corporation)

Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask

Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh

Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask

Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask

Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan

Task: {AF8A3E39-9473-4330-BD94-B3C528494432} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-15] (Google Inc.)

Task: {B6E52F4E-FEB8-47F6-84A6-00E48371CCA0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall

Task: {B80B82BB-EF32-41FC-82B7-78EA124485F8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

Task: {B8541BDC-C229-498C-9F4F-02E7897007D0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {B9336385-A22F-40E6-8179-17A91682D072} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-06] (Adobe Systems Incorporated)

Task: {BAEE117B-20B4-49EA-94A2-D757CE74E18B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific

Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan

Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender

Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\System32\Windows.Storage.ApplicationData.dll [2012-07-25] (Microsoft Corporation)

Task: {CA209243-FFD3-4C33-8101-CF53D720C344} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork

Task: {D33852CA-C423-4FD3-AC01-697759769829} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {D45EBC99-8FA6-4530-A517-0C90C411992D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task

Task: {D52DBF9B-1E16-4152-931B-D54DC26EE25C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {D9C2216B-8C1B-4098-8505-7EEAA98E9EA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)

Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical

Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery

Task: {E200266D-D810-4BB1-A776-87CA1F1D92F7} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3488405890-2194972499-3896282513-1000

Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask

Task: {E7CE2F71-A981-4344-A9D2-3CF6FE79E734} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe

Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-19] (Microsoft Corporation)

Task: {E997BFF6-82BF-4911-9FD5-9A11E27DA6DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-15] (Google Inc.)

Task: {EAD237E7-D276-4257-9F16-51DF41548733} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started

Task: {EBDA93AA-CA2F-46D5-AAD9-B4343295206C} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-15] (Microsoft Corporation)

Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\System32\Startupscan.dll [2012-07-25] (Microsoft Corporation)

Task: {ECB6050B-1EED-402B-8686-244B9ACDCB1D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM

Task: {EF62269D-A795-4E81-B886-6C8C9588251C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

Task: {F365DE6C-571F-4B97-B178-88BE6EF6442A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3488405890-2194972499-3896282513-1000Core.job => C:\Users\Michael\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3488405890-2194972499-3896282513-1000UA.job => C:\Users\Michael\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-05-24 17:36 - 2013-05-24 17:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

2012-10-06 00:12 - 2012-10-06 00:12 - 00286208 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrENU.lrc

2012-07-26 00:58 - 2012-07-26 00:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll

2012-07-06 18:19 - 2012-01-13 17:11 - 00285312 _____ (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio.Core.dll

2012-07-06 18:19 - 2012-01-13 17:02 - 00125568 _____ ( ) C:\Program Files\Conexant\SA3\Interop.CxHDAudioAPILib.dll

2012-07-06 18:19 - 2012-01-13 17:02 - 01255552 _____ (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\CxHDAudioAPI.dll

2012-07-06 18:19 - 2011-10-11 16:43 - 00011904 _____ ( ) C:\Program Files\Conexant\SA3\Interop.CxUtilSvcLib.dll

2012-07-06 18:19 - 2012-01-10 13:36 - 00022656 _____ ( ) C:\Program Files\Conexant\SA3\Interop.MaxxAudioWrapperLib.dll

2012-07-06 18:19 - 2012-01-13 17:11 - 00030208 _____ (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio.Creative.dll

2012-07-06 18:19 - 2012-01-13 17:11 - 02677376 _____ (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio.Dell.dll

2012-07-06 18:19 - 2012-01-13 17:11 - 00446080 _____ (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio.Localization.dll

2012-07-06 18:19 - 2012-01-13 17:12 - 00141952 _____ (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\SmartAudio.Waves.dll

2012-07-06 18:19 - 2012-01-09 15:40 - 00364544 _____ (Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\Languages\en-US\SmartAudio.resources.dll

2012-07-06 18:19 - 2012-01-10 13:36 - 00159360 _____ () C:\Program Files\Conexant\SA3\MaxxAudioWrapper.dll

2012-07-06 18:18 - 2012-01-05 13:35 - 00968536 _____ (Waves Audio Ltd.) C:\WINDOWS\SYSTEM32\MaxxAudioAPOShell64.dll

2012-10-06 00:12 - 2012-10-06 00:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-09-14 21:30 - 2013-09-05 13:09 - 00537560 _____ (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.dll

2013-01-13 15:21 - 2012-03-14 06:00 - 03769344 _____ (CANON INC.) C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNMUIAR.DLL

2013-01-13 15:21 - 2012-03-14 06:00 - 00780288 _____ (CANON INC.) C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNMDRAR.DLL

2013-01-13 15:21 - 2012-03-14 06:00 - 00113664 _____ (CANON INC.) C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNMCPAR.DLL

2010-03-16 18:28 - 2010-03-16 18:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll

2010-03-22 13:52 - 2010-03-22 13:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll

2010-03-16 18:28 - 2010-03-16 18:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll

2010-03-16 18:28 - 2010-03-16 18:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll

2011-06-29 06:52 - 2011-06-29 06:52 - 00077376 _____ (ArcSoft Inc.) C:\Program Files (x86)\Dell\Stage Remote\DMSAdapter.dll

2011-06-27 17:25 - 2011-06-27 17:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll

2011-06-27 17:25 - 2011-06-27 17:25 - 00491968 _____ (ArcSoft Inc.) C:\Program Files (x86)\Dell\Stage Remote\DHServerAgent.dll

2011-06-24 21:19 - 2011-06-24 21:19 - 00043584 _____ (ArcSoft Inc.) C:\Program Files (x86)\Dell\Stage Remote\ASDBTool.dll

2011-06-27 17:25 - 2011-06-27 17:25 - 00051264 _____ (ArcSoft Inc.) C:\Program Files (x86)\Dell\Stage Remote\ASTransMgr.dll

2011-06-27 17:26 - 2011-06-27 17:26 - 00715400 _____ (ArcSoft Inc.) C:\Program Files (x86)\Dell\Stage Remote\UMediaManager.dll

2011-06-24 21:20 - 2011-06-24 21:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll

2011-06-24 21:19 - 2011-06-24 21:19 - 00043584 _____ (ArcSoft Inc.) C:\Program Files (x86)\Dell\Stage Remote\ASXmlTool.dll

2011-06-24 21:21 - 2011-06-24 21:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll

2010-03-11 17:52 - 2010-03-11 17:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll

2010-03-05 13:07 - 2010-03-05 13:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll

2010-03-05 13:07 - 2010-03-05 13:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll

2010-03-11 17:52 - 2010-03-11 17:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll

2010-01-06 18:43 - 2010-01-06 18:43 - 00017408 _____ (ArcSoft Inc.) C:\Program Files (x86)\Dell\Stage Remote\EndPointCtrl.dll

2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll

2013-04-21 21:44 - 2013-04-21 21:44 - 00053648 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll

2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2011-08-30 23:05 - 2011-08-30 23:05 - 00085864 _____ (Apple Inc.) C:\WINDOWS\SYSTEM32\dnssd.dll

2013-08-15 09:06 - 2013-07-22 11:09 - 00057384 _____ (Geek Software GmbH) C:\Program Files (x86)\PDF24\Settings.dll

2013-08-15 09:06 - 2013-07-22 11:09 - 00395304 _____ (Geek Software GmbH) C:\Program Files (x86)\PDF24\NotifyIcon.dll

2013-08-15 09:06 - 2013-07-22 11:09 - 00047144 _____ (Geek Software GmbH) C:\Program Files (x86)\PDF24\Language.dll

2013-08-15 09:06 - 2013-07-22 11:09 - 00383016 _____ (Geek Software GmbH) C:\Program Files (x86)\PDF24\About.dll

2013-08-17 19:33 - 2013-08-17 19:33 - 00488960 _____ (Intel Corporation) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorUtil\64bd427803478d46019a9bed67ae33fd\IAStorUtil.ni.dll

2013-07-17 07:36 - 2013-07-17 07:36 - 00014336 _____ (Intel Corp.) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorCommon\5078577e7bdd9a157766265d2170be2b\IAStorCommon.ni.dll

2013-09-03 17:46 - 2013-09-02 13:35 - 00709584 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libglesv2.dll

2013-09-03 17:46 - 2013-09-02 13:35 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\libegl.dll

2013-09-03 17:46 - 2013-09-02 13:35 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll

2013-09-03 17:46 - 2013-09-02 13:35 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll

2013-09-03 17:46 - 2013-09-02 13:35 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll

2013-09-14 21:30 - 2013-09-05 13:09 - 14395864 _____ (Adobe Systems, Inc.) C:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx

2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

 

==================== Alternate Data Streams (whitelisted) ==========

 

 

 

==================== Faulty Device Manager Devices =============

 

Name: WAN Miniport (IP)

Description: WAN Miniport (IP)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: WAN Miniport (IPv6)

Description: WAN Miniport (IPv6)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

Name: WAN Miniport (Network Monitor)

Description: WAN Miniport (Network Monitor)

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: NdisWan

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (09/20/2013 07:11:50 AM) (Source: Application Error) (User: )

Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16688, time stamp: 0x5213fe9a

Faulting module name: msxml3.dll, version: 8.110.9200.16447, time stamp: 0x5091db2d

Exception code: 0xc0000005

Fault offset: 0x000ea8a1

Faulting process id: 0xc7c

Faulting application start time: 0xIEXPLORE.EXE0

Faulting application path: IEXPLORE.EXE1

Faulting module path: IEXPLORE.EXE2

Report Id: IEXPLORE.EXE3

Faulting package full name: IEXPLORE.EXE4

Faulting package-relative application ID: IEXPLORE.EXE5

 

Error: (09/20/2013 07:10:45 AM) (Source: MsiInstaller) (User: Michael-PC)

Description: Product: Microsoft Fix it 50195 -- This Microsoft Fix it does not apply to your operating system or application version.

 

Error: (09/20/2013 07:07:13 AM) (Source: Application Error) (User: )

Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16688, time stamp: 0x5213fe9a

Faulting module name: msxml3.dll, version: 8.110.9200.16447, time stamp: 0x5091db2d

Exception code: 0xc0000005

Fault offset: 0x000ea8a1

Faulting process id: 0x14e4

Faulting application start time: 0xIEXPLORE.EXE0

Faulting application path: IEXPLORE.EXE1

Faulting module path: IEXPLORE.EXE2

Report Id: IEXPLORE.EXE3

Faulting package full name: IEXPLORE.EXE4

Faulting package-relative application ID: IEXPLORE.EXE5

 

Error: (09/20/2013 07:07:01 AM) (Source: Application Error) (User: )

Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16688, time stamp: 0x5213fe9a

Faulting module name: msxml3.dll, version: 8.110.9200.16447, time stamp: 0x5091db2d

Exception code: 0xc0000005

Fault offset: 0x000ea8a1

Faulting process id: 0xebc

Faulting application start time: 0xIEXPLORE.EXE0

Faulting application path: IEXPLORE.EXE1

Faulting module path: IEXPLORE.EXE2

Report Id: IEXPLORE.EXE3

Faulting package full name: IEXPLORE.EXE4

Faulting package-relative application ID: IEXPLORE.EXE5

 

Error: (09/20/2013 07:06:08 AM) (Source: System Restore) (User: )

Description: The restore point selected was damaged or deleted during the restore (Windows Update).

 

Error: (09/19/2013 11:22:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8172

 

Error: (09/19/2013 11:22:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8172

 

Error: (09/19/2013 11:22:12 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (09/19/2013 11:22:11 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6907

 

Error: (09/19/2013 11:22:11 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6907

 

 

System errors:

=============

Error: (09/20/2013 07:07:28 AM) (Source: Service Control Manager) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (09/20/2013 07:05:15 AM) (Source: Service Control Manager) (User: )

Description: The vToolbarUpdater15.4.0 service failed to start due to the following error: 

%%2

 

Error: (09/20/2013 07:04:32 AM) (Source: BTHUSB) (User: )

Description: The local adapter does not support an important Low Energy controller state.  The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff.  Low Energy functionality will be disabled.

 

Error: (09/20/2013 07:04:22 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)

Description: 0xc000014d0

 

Error: (09/20/2013 07:01:15 AM) (Source: DCOM) (User: Michael-PC)

Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

 

Error: (09/19/2013 10:09:52 PM) (Source: Service Control Manager) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (09/19/2013 10:07:40 PM) (Source: Service Control Manager) (User: )

Description: The vToolbarUpdater15.4.0 service failed to start due to the following error: 

%%2

 

Error: (09/19/2013 10:07:04 PM) (Source: BTHUSB) (User: )

Description: The local adapter does not support an important Low Energy controller state.  The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff.  Low Energy functionality will be disabled.

 

Error: (09/19/2013 10:06:54 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)

Description: 0xc000014d0

 

Error: (09/19/2013 09:57:37 PM) (Source: Service Control Manager) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

 

 

Microsoft Office Sessions:

=========================

 

CodeIntegrity Errors:

===================================

  Date: 2013-09-18 17:08:28.157

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:08:28.009

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:08:27.851

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:08:27.677

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:08:27.602

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:08:27.530

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:08:24.441

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:08:23.397

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:05:41.919

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

  Date: 2013-09-18 17:05:41.745

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 29%

Total physical RAM: 8094.35 MB

Available physical RAM: 5740.66 MB

Total Pagefile: 16286.35 MB

Available Pagefile: 13734.44 MB

Total Virtual: 8192 MB

Available Virtual: 8191.77 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:917.66 GB) (Free:827.19 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: F8E7B841)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=14 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=918 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

Download the attached fixlist.txt to the same folder as FRST.
Run FRST and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

 

------------------------------------------------

Then you have to manually change these:
 

CHR DefaultSearchURL: (Conduit) - http://search.condui...Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN11323005886989114&ctid=CT3298566&UM=2
CHR DefaultSuggestURL: (Conduit) - http://suggest.searc...on.ashx?prefix={searchTerms}&CUI=UN11323005886989114&UM=2

 


For Chrome...........

First make sure you have the latest version of Chrome:
Open up Chrome > Click on the 3 bars in the upper right hand corner
Click on About Google Chrome
If there's an update available it will automatically update


Next:
Go to Tools > Clear Browser Data
Put a check next to all of these:

  • Clear browsing history
  • Clear download history
  • Empty the cache

Click "Clear Browsing Data"

-------------------------------

Next:
Click the Chrome menu on the browser toolbar.
Select Settings.
In the "Search" section, click Manage search engines.
Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default.
Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.

-------------------------------------

Click the Chrome menu .
Select Settings.
In the "On startup" section, select Open a specific page or set of pages.
Click Set pages. (in blue to the right)
Remove any unfamiliar pages.

-----------------------

Click the Chrome menu .
Select Settings.
In the "Appearance" section, if the "Show Home button" checkbox is selected, see if the page listed below is the home page you’d like to use.
If the page isn't the home page you'd like to use, click Change and select your preferred page.

-------------------------


Carefully check for any odd extensions or plugins: (it's a good idea to disable them all and see if you're still redirected and then add each one back until you find the culprit)

Type the following into the address box and hit Enter:

chrome:plugins

Do the same for:

chrome:extensions

Let me know.....MrC

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-09-2013 01

Ran by Michael at 2013-09-20 10:46:21 Run:1

Running from C:\Users\Michael\Downloads

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

AppInit_DLLs:  C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL [162856 2013-07-22] ()

AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll [ ] ()

FF Extension: No Name - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{cd64c2e9-7765-fcc6-b13c-7bb5e2bc5b6c}

CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Michael\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx

CHR Plugin: (Conduit Chrome Plugin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/ConduitChromeApiPlugin.dll No File

CHR Plugin: (Conduit Radio Plugin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/np-cwmp.dll No File

CHR Plugin: (Conduit Chrome Approve TB Plugin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/ChromeApproveTBPlugin.dll No File

CHR Plugin: (Conduit Chrome Plugin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\search/plugins/npConduitNewTabPlugin.dll No File

 

 

*****************

 

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.

C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\k12s0ujh.default\Extensions\{cd64c2e9-7765-fcc6-b13c-7bb5e2bc5b6c} => Moved successfully.

C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/ConduitChromeApiPlugin.dll not found.

C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/np-cwmp.dll not found.

C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\plugins/ChromeApproveTBPlugin.dll not found.

C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.19.2.505_1\search/plugins/npConduitNewTabPlugin.dll not found.

 

==== End of Fixlog ====

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.