cannot remove sweetpacks from system

vwbatman · November 24, 2013

Have had sweetpacks on my system for a couple months now. First tried running the full scan of malware bytes free. Found several sweetpacks files on my system, which I marked for removal. However sweetpacks was still present. Have looked at other places online and most say to use the uninstaller from Programs and Features, but I do not see any sweetpacks programs registered with Programs and Features. If I search My Computer for "sweet" i find several files in AppData, Program Files and some .exe files that seem to be coming from a web address. I'm not sure what this means. I have tried running a full scan with malware bytes free a couple extra times, and it seems to find more files which i mark for removal, but still i see the sweetpacks files on my system.

Please help me remove sweetpacks entirely from my system.

Thanks

Side question: After I have run a full scan, and it presents the files to mark for deletion, how do i mark all of the files? Convention would indicate that I could select all with ctrl + a and then pressing spacebar, but that does not seem to work.

dds.txt

attach.txt

kevinf80 · November 24, 2013

Hello and

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Next,

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
When it's done you'll see: Pending: Uncheck any elements you don't want removed.
Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
Look over the log especially under Files/Folders for any program you want to save.
If there's a program you want to save, just uncheck it from AdwCleaner.
If you're not sure, post the log for review.
If you're ready to clean it all up.....click the Clean button.
After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
To restore an item that has been deleted (if necessary):
Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Post logs in next reply...

Kevin

vwbatman · November 26, 2013

Here are the logs. after the adw log, you will find a messagebox i pasted that i got after the reboot.

After these fixes, Chrome does not show the conduit home page, so it seems to be working.

ADW:

# AdwCleaner v3.013 - Report created 25/11/2013 at 18:25:38

# Updated 24/11/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Rebecca - REBECCA-HP

# Running from : C:\Users\Rebecca\Downloads\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Conduit

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\OApps

Folder Deleted : C:\Program Files (x86)\Searchprotect

Folder Deleted : C:\Windows\SysWOW64\ARFC

Folder Deleted : C:\Windows\SysWOW64\jmdp

Folder Deleted : C:\Windows\SysWOW64\WNLT

Folder Deleted : C:\Windows\System32\ljkb

Folder Deleted : C:\Users\Rebecca\AppData\Local\Conduit

Folder Deleted : C:\Users\Rebecca\AppData\Local\TBHostSupport

Folder Deleted : C:\Users\Rebecca\AppData\Local\Temp\AirInstaller

Folder Deleted : C:\Users\Rebecca\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Rebecca\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Rebecca\AppData\LocalLow\SweetPacks_A5

Folder Deleted : C:\Users\Rebecca\AppData\Roaming\DefaultTab

Folder Deleted : C:\Users\Rebecca\AppData\Roaming\Searchprotect

File Deleted : C:\Users\Public\Desktop\eBay.lnk

File Deleted : C:\Windows\System32\dmwu.exe

File Deleted : C:\Windows\System32\ImhxxpComm.dll

File Deleted : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage

File Deleted : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal

File Deleted : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage

File Deleted : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journal

File Deleted : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage

File Deleted : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

File Deleted : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage

File Deleted : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal

File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{878B8524-AED5-4870-9A96-A515440DAC75}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{878B8524-AED5-4870-9A96-A515440DAC75}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{878B8524-AED5-4870-9A96-A515440DAC75}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{878B8524-AED5-4870-9A96-A515440DAC75}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{878B8524-AED5-4870-9A96-A515440DAC75}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{878B8524-AED5-4870-9A96-A515440DAC75}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{878B8524-AED5-4870-9A96-A515440DAC75}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{318900E0-77BF-4B75-A9EE-E2C8248AB2FB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87577AEC-92CD-416E-AC29-E81BEED9807F}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DefaultTab

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\AppDataLow\Software\SweetPacks_A5

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DefaultTab

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\SweetPacks_A5

Key Deleted : [x64] HKLM\SOFTWARE\wnlt

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v22.0.1229.95

[ File : C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

Deleted : search_url

Deleted : suggest_url

Deleted : keyword

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [7305 octets] - [25/11/2013 18:22:59]

AdwCleaner[s0].txt - [6800 octets] - [25/11/2013 18:25:38]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6860 octets] ##########

***********************************************************************************************************************

Then I rebooted and got this message

---------------------------

RunDLL

---------------------------

There was a problem starting C:\Users\Rebecca\AppData\Local\TBHostSupport\TBHostSupport.dll

The specified module could not be found.

---------------------------

OK

---------------------------

************************************************************************************************************************************

ADDITIONTXT:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2013 01

Ran by Rebecca at 2013-11-25 18:33:11

Running from C:\Users\Rebecca\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

4500_G510nz_Help (x32 Version: 000.0.439.000)

4500G510nz (x32 Version: 000.0.439.000)

4500G510nz_Software_Min (x32 Version: 000.0.423.000)

64 Bit HP CIO Components Installer (Version: 6.2.1)

Adobe AIR (x32 Version: 3.7.0.1530)

Adobe Download Assistant (x32 Version: 1.2.5)

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)

Adobe Help Manager (x32 Version: 4.0.244)

Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)

Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633)

Adobe Widget Browser (x32 Version: 2.0 Build 348)

Adobe Widget Browser (x32 Version: 2.0.348)

Apple Application Support (x32 Version: 2.3.4)

Apple Mobile Device Support (Version: 6.1.0.13)

Apple Software Update (x32 Version: 2.1.3.127)

AuthenTec TrueAPI 64-bit (Version: 1.6.0.87)

Bejeweled 3 (x32 Version: 2.2.0.97)

bl (x32 Version: 1.0.0)

Blackhawk Striker 2 (x32 Version: 2.2.0.95)

Blio (x32 Version: 2.2.8530)

Bonjour (Version: 3.0.0.10)

BufferChm (x32 Version: 130.0.331.000)

Chuzzle Deluxe (x32 Version: 2.2.0.95)

CodeBlocks (HKCU Version: 9.02-wiley1)

Cradle of Rome 2 (x32 Version: 2.2.0.98)

CyberLink PowerDVD (x32 Version: 10.0.5.3817)

CyberLink YouCam (x32 Version: 3.5.2.4725)

D3DX10 (x32 Version: 15.4.2368.0902)

Destinations (x32 Version: 130.0.0.0)

DeviceDiscovery (x32 Version: 130.0.372.000)

DocMgr (x32 Version: 130.0.000.000)

DocProc (x32 Version: 13.0.0.0)

Dora's World Adventure (x32 Version: 2.2.0.95)

ESU for Microsoft Windows 7 SP1 (x32 Version: 4.1.2)

Evernote v. 4.5.2 (x32 Version: 4.5.2.5904)

Farm Frenzy (x32 Version: 2.2.0.98)

Farmscapes (x32 Version: 2.2.0.98)

FATE (x32 Version: 2.2.0.97)

Fax (x32 Version: 130.0.418.000)

Final Drive Fury (x32 Version: 2.2.0.95)

Google Chrome (x32 Version: 22.0.1229.95)

Google Update Helper (x32 Version: 1.3.21.165)

GPBaseService2 (x32 Version: 130.0.371.000)

Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)

Hoyle Card Games (x32 Version: 2.2.0.95)

HP 3D DriveGuard (Version: 4.2.9.1)

HP Application Assistant (Version: 1.1.466.3970)

HP Auto (Version: 1.0.12935.3667)

HP Client Services (Version: 1.1.12938.3539)

HP CoolSense (x32 Version: 2.10.51)

HP Customer Experience Enhancements (x32 Version: 6.0.1.8)

HP Customer Participation Program 13.0 (Version: 13.0)

HP Document Manager 2.0 (Version: 2.0)

HP Documentation (x32 Version: 1.3.0.0)

HP Games (x32 Version: 1.0.2.5)

HP Imaging Device Functions 13.0 (Version: 13.0)

HP Launch Box (Version: 1.1.5)

HP MovieStore (x32 Version: 2.1.096)

HP MovieStore (x32 Version: 2.1.21096.0)

HP Officejet 4500 G510n-z (Version: 13.0)

HP On Screen Display (x32 Version: 1.3.5)

HP Power Manager (x32 Version: 1.4.7)

HP Quick Launch (x32 Version: 2.7.2)

HP Recovery Manager (x32 Version: 2.0.0)

HP Security Assistant (Version: 3.0.4)

HP Setup (x32 Version: 9.0.15109.3899)

HP Setup Manager (x32 Version: 1.2.14901.3869)

HP SimplePass (x32 Version: 6.0.100.272)

HP Smart Web Printing 4.5 (Version: 4.5)

HP Software Framework (x32 Version: 4.5.12.1)

HP Solution Center 13.0 (Version: 13.0)

HP Support Assistant (x32 Version: 7.0.39.15)

HP Update (x32 Version: 4.000.011.006)

HPProductAssistant (x32 Version: 130.0.371.000)

HPSSupply (x32 Version: 130.0.371.000)

iCloud (Version: 3.0.2.163)

IDT Audio (x32 Version: 1.0.6418.0)

Intel PROSet Wireless

Intel® Control Center (x32 Version: 1.2.1.1007)

Intel® Management Engine Components (x32 Version: 8.0.0.1351)

Intel® OpenCL CPU Runtime (x32)

Intel® Processor Graphics (x32 Version: 8.15.10.2712)

Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.2.0.0284)

Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.1.1.0153)

Intel® Rapid Storage Technology (x32 Version: 11.0.0.1032)

Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.0.199)

Intel® WiDi (x32 Version: 3.0.12.0)

Intel® Wireless Display

Intel® Wireless Music device driver (Version: 1.5.5310.0)

Intel® PROSet/Wireless WiFi Software (Version: 15.02.0000.1258)

Intel® Trusted Connect Service Client (Version: 1.23.216.0)

iTunes (Version: 11.0.3.42)

Jewel Match 3 (x32 Version: 2.2.0.98)

Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98)

John Deere Drive Green (x32 Version: 2.2.0.95)

Junk Mail filter update (x32 Version: 15.4.3502.0922)

Letters from Nowhere 2 (x32 Version: 2.2.0.97)

Luxor HD (x32 Version: 2.2.0.98)

Mah Jong Medley (x32 Version: 2.2.0.95)

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)

MarketResearch (x32 Version: 130.0.374.000)

Mesh Runtime (x32 Version: 15.4.5722.2)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)

Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)

Microsoft Office Home and Student 2013 - en-us (Version: 15.0.4551.1005)

Microsoft Office Starter 2010 - English (x32 Version: 14.0.5139.5005)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SkyDrive (HKCU Version: 17.0.2003.1112)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)

Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)

Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)

MSVCRT (x32 Version: 15.4.2862.0708)

MSVCRT_amd64 (x32 Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)

Network64 (Version: 130.0.374.000)

Norton Internet Security (x32 Version: 19.1.0.28)

NVIDIA Control Panel 310.90 (Version: 310.90)

NVIDIA Graphics Driver 310.90 (Version: 310.90)

NVIDIA Install Application (Version: 2.1002.95.599)

NVIDIA Optimus 1.11.3 (Version: 1.11.3)

NVIDIA PhysX (x32 Version: 9.12.1031)

NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)

NVIDIA Update 1.11.3 (Version: 1.11.3)

NVIDIA Update Components (Version: 1.11.3)

OCR Software by I.R.I.S. 13.0 (Version: 13.0)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1005)

Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005)

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1005)

opensource (x32 Version: 1.0.14960.3876)

Penguins! (x32 Version: 2.2.0.98)

ph (x32 Version: 1.0.0)

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)

PlayReady PC Runtime x86 (x32 Version: 1.3.0)

Poker Superstars III (x32 Version: 2.2.0.95)

Polar Bowler (x32 Version: 2.2.0.97)

Polar Golfer (x32 Version: 2.2.0.98)

RealDownloader (x32 Version: 1.3.2)

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0)

RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0)

RealPlayer (x32 Version: 16.0.2)

Realtek Ethernet Controller Driver (x32 Version: 7.48.823.2011)

Realtek PCIE Card Reader (x32 Version: 6.1.7601.29005)

RealUpgrade 1.1 (x32 Version: 1.1.0)

RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98)

Scan (x32 Version: 13.0.0.0)

SelectionLinks (x32 Version: 1.0)

Shop for HP Supplies (Version: 13.0)

Skype™ 5.10 (x32 Version: 5.10.116)

SmartWebPrinting (x32 Version: 130.0.373.000)

SolutionCenter (x32 Version: 130.0.373.000)

Status (x32 Version: 130.0.373.000)

swMSM (x32 Version: 12.0.0.1)

Synaptics Pointing Device Driver (Version: 15.3.29.0)

The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98)

Toolbox (x32 Version: 130.0.648.000)

Torchlight (x32 Version: 2.2.0.98)

TrayApp (x32 Version: 130.0.376.000)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)

Update Installer for WildTangent Games App (x32)

Validity WBF DDK (Version: 4.3.301.0)

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)

WebReg (x32 Version: 130.0.132.017)

WildTangent Games App (HP Games) (x32 Version: 4.0.5.32)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3502.0922)

Windows Live Essentials (x32 Version: 15.4.3538.0513)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (x32 Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3538.0513)

Windows Live Mail (x32 Version: 15.4.3502.0922)

Windows Live Mesh (x32 Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)

Windows Live Messenger (x32 Version: 15.4.3538.0513)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (x32 Version: 15.4.3502.0922)

Windows Live Photo Common (x32 Version: 15.4.3502.0922)

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (x32 Version: 15.4.3502.0922)

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)

Windows Live UX Platform (x32 Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)

Windows Live Writer (x32 Version: 15.4.3502.0922)

Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

Zuma's Revenge (x32 Version: 2.2.0.98)

==================== Restore Points =========================

23-10-2013 02:46:30 Windows Update

29-10-2013 23:28:45 Windows Update

02-11-2013 04:44:43 Windows Update

05-11-2013 22:23:34 Windows Update

09-11-2013 03:02:10 Windows Update

13-11-2013 04:35:41 Windows Update

13-11-2013 23:58:30 Windows Update

16-11-2013 18:27:08 Windows Update

20-11-2013 03:07:14 Windows Update

==================== Hosts content: ==========================

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C968048-DB99-4413-AAC1-D17EE4A91252} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2011-10-06] ()

Task: {10765D0B-8E95-4FDF-B84F-96726760A7EF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe [2011-08-13] (Symantec Corporation)

Task: {1DEEC26B-8698-4CBB-8982-C1422801F27B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-09-14] (Apple Inc.)

Task: {1ED12455-8E23-4B11-B10A-391F0F2870EB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\symerr.exe [2011-08-11] (Symantec Corporation)

Task: {25920136-1269-4B66-AC52-51566868E061} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\symerr.exe [2011-08-11] (Symantec Corporation)

Task: {3F01D4C5-766E-49D2-9364-FB7321EAEE3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-01] (Google Inc.)

Task: {47F1AFDE-002F-43C8-8556-D29F4547D74B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3089268158-2338258896-3558577568-1001 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)

Task: {544ECA78-5B3C-4E2C-A15F-DEB020ABEB60} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation)

Task: {5B9F9DF9-B7F0-4128-A820-8F3967F5B3CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)

Task: {5EFD2EFE-0E2A-4B74-BD19-5314EEC1EA00} - System32\Tasks\HPCeeScheduleForRebecca => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {67D8BD6D-358A-4024-9DDA-FA85124502E5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {8A311E51-2C5D-451E-BA4B-BB6DDE19E24E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {9652FA6B-DDE1-4340-9200-261871887A10} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

Task: {9C4C277D-7D50-4F0E-AAD7-C04AAE4D7CC7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {BAAF6593-C6C3-4CC3-A3D3-38725A041610} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)

Task: {C2A3194C-0DE6-44DD-A13A-7EDD4AA91907} - \BackgroundContainer Startup Task No Task File

Task: {C78FB322-DE59-4800-B1E2-A11481F350AA} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3089268158-2338258896-3558577568-1001 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)

Task: {CAAAAE5A-0EAD-4102-8891-CF4EE8A73567} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-11-28] (CyberLink)

Task: {CF066C9D-3FE9-43A2-97F9-FC7A678C7F48} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)

Task: {E6801FDE-8EF1-4B89-9226-D1A078E037CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-01] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForRebecca.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-11-12 22:38 - 2013-11-12 22:38 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2012-11-26 12:52 - 2012-01-18 17:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll

2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll

2013-07-01 21:36 - 2012-10-12 16:49 - 00578072 _____ () C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\libglesv2.dll

2013-07-01 21:36 - 2012-10-12 16:49 - 00123928 _____ () C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\libegl.dll

2013-07-01 21:36 - 2012-10-12 16:50 - 04005912 _____ () C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\pdf.dll

2013-07-01 21:36 - 2012-10-12 16:50 - 00460312 _____ () C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\ppGoogleNaClPluginChrome.dll

2013-07-01 21:36 - 2012-10-12 16:48 - 02168360 _____ () C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\avcodec-54.dll

2013-07-01 21:36 - 2012-10-12 16:48 - 00156712 _____ () C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\avutil-51.dll

2013-07-01 21:36 - 2012-10-12 16:48 - 00275496 _____ () C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\avformat-54.dll

2013-07-01 21:36 - 2012-10-12 16:50 - 12435992 _____ () C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\PepperFlash\pepflashplayer.dll

2013-08-26 18:25 - 2013-08-26 18:25 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\991a8d378a3e64b31c0f4770ba9ae071\IsdiInterop.ni.dll

2012-11-26 12:55 - 2011-11-29 22:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2012-11-26 12:52 - 2011-12-16 12:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Rebecca\AppData\Local\Temp:zsqMSvzppLE9q7mOTzczSrc6

AlternateDataStreams: C:\Users\Rebecca\AppData\Local\Temporary Internet Files:yg0D432ZHFKS1h0EVu8D

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: Officejet 4500 G510n-z

Description: Officejet 4500 G510n-z

Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Manufacturer: HP

Service: StillCam

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 4500 G510n-z

Description: Officejet 4500 G510n-z

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (11/25/2013 06:27:35 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2013 06:16:14 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1232

Error: (11/25/2013 06:16:14 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1232

Error: (11/25/2013 06:16:14 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2013 06:14:04 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".

Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (11/23/2013 11:45:19 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (11/23/2013 11:45:19 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (11/23/2013 11:45:19 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2013 09:22:45 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".

Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (11/22/2013 05:42:46 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:

=============

Error: (11/25/2013 06:29:45 PM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Update Service Daemon service failed to start due to the following error:

%%1069

Error: (11/25/2013 06:29:45 PM) (Source: Service Control Manager) (User: )

Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:

%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/22/2013 05:34:35 PM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Update Service Daemon service failed to start due to the following error:

%%1069

Error: (11/22/2013 05:34:35 PM) (Source: Service Control Manager) (User: )

Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:

%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/16/2013 00:45:59 PM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Update Service Daemon service failed to start due to the following error:

%%1069

Error: (11/16/2013 00:45:59 PM) (Source: Service Control Manager) (User: )

Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:

%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/13/2013 06:19:34 PM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Update Service Daemon service failed to start due to the following error:

%%1069

Error: (11/13/2013 06:19:34 PM) (Source: Service Control Manager) (User: )

Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:

%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (11/02/2013 03:30:58 PM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Update Service Daemon service failed to start due to the following error:

%%1069

Error: (11/02/2013 03:30:58 PM) (Source: Service Control Manager) (User: )

Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:

%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Microsoft Office Sessions:

=========================

Error: (11/25/2013 06:27:35 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2013 06:16:14 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1232

Error: (11/25/2013 06:16:14 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1232

Error: (11/25/2013 06:16:14 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/25/2013 06:14:04 PM) (Source: SideBySide)(User: )

Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (11/23/2013 11:45:19 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (11/23/2013 11:45:19 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (11/23/2013 11:45:19 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/23/2013 09:22:45 PM) (Source: SideBySide)(User: )

Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (11/22/2013 05:42:46 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Percentage of memory in use: 34%

Total physical RAM: 8087.31 MB

Available physical RAM: 5291.57 MB

Total Pagefile: 16172.8 MB

Available Pagefile: 13211.93 MB

Total Virtual: 8192 MB

Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:677.99 GB) (Free:550.52 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (Recovery) (Fixed) (Total:20.35 GB) (Free:2.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive e: (THE_CROODS) (CDROM) (Total:37.48 GB) (Free:0 GB) UDF

Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 9D2A869F)

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=678 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=102 MB) - (Type=0C)

==================== End Of Log ============================

vwbatman · November 26, 2013

FRSTXT:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-11-2013 01

Ran by Rebecca (administrator) on REBECCA-HP on 25-11-2013 18:32:18

Running from C:\Users\Rebecca\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe

() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe

() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)

HKLM\...\Run: [setDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-20] (Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()

HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-02-01] (IDT, Inc.)

HKLM\...\Run: [bLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)

HKLM\...\Run: [bTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-19] (Hewlett-Packard)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKCU\...\Run: [AdobeBridge] - [x]

HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)

HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)

HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)

HKCU\...\Run: [TBHostSupport] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Rebecca\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin <===== ATTENTION

HKLM-x32\...\Run: [uSB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)

HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)

HKLM-x32\...\Run: [bDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048 2013-02-10] (cyberlink)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)

HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-07-01] (RealNetworks, Inc.)

AppInit_DLLs: C:\Windows\System32\nvinitx.dll [246024 2012-12-29] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [201728 2012-12-29] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

SearchScopes: HKLM - {26A5C6F5-525D-4C7C-B682-2A1DFAC2C213} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

SearchScopes: HKLM-x32 - {26A5C6F5-525D-4C7C-B682-2A1DFAC2C213} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

SearchScopes: HKCU - {26A5C6F5-525D-4C7C-B682-2A1DFAC2C213} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKCU - {8E85A92C-0CB8-4B83-B52A-8F7A0774E26E} URL = http://search.conduit.com/Results.aspx?ctid=CT3300018&SearchSource=45&UM=2&q={searchTerms}

SearchScopes: HKCU - {BA419071-2D79-48ED-BE9B-63ADF6613D52} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3314312&CUI=UN42943954081285156&UM=2

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll (Symantec Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Chrome:

=======

CHR DefaultSearchURL: (Conduit) - http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN38046980742489792&ctid=CT3314312&UM=2

CHR DefaultSuggestURL: (Conduit) - http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN38046980742489792&UM=2

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.95\pdf.dll ()

CHR Plugin: (Simple Pass) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof\6.0.100_0\npgcwloplugin.dll (HP)

CHR Plugin: (Simple Pass) - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)

CHR Plugin: (Norton Confidential) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll (Symantec Corporation)

CHR Plugin: (npDefaultTabSearch plugin) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.19_0\plugins/npDefaultTabSearch.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File

CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)

CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

CHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File

CHR Extension: (YouTube) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Google Search) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (Website Logon) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof\6.0.100_0

CHR Extension: (Norton Identity Protection) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0

CHR Extension: (FastestFox for Chrome) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.7_0

CHR Extension: (Gmail) - C:\Users\Rebecca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

CHR HKLM-x32\...\Chrome\Extension: [eibleipkbineaadpnemmalkahodjhdbd] - C:\Users\Rebecca\AppData\Local\CRE\eibleipkbineaadpnemmalkahodjhdbd.crx

CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx

CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

CHR HKLM-x32\...\Chrome\Extension: [jaaieiajnhcnimjgfmjpccjmmfkploci] - C:\Program Files (x86)\HP SimplePass\tschrome.crx

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\Extensions\Chrome.crx

CHR HKLM-x32\...\Chrome\Extension: [pblnockiphmklpghpfcefikkllegeicg] - C:\Program Files (x86)\OApps\chrome-sl.crx

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)

R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)

R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] ()

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)

R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()

S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130116.013\BHDrvx64.sys [1388120 2013-01-16] (Symantec Corporation)

R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)

R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-02-10] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-02-10] (Symantec Corporation)

R3 hswpan; C:\Windows\system32\drivers\hswpan.sys [108288 2011-12-07] (Ozmo Inc)

R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130208.004\IDSvia64.sys [513184 2013-02-08] (Symantec Corporation)

S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130210.008\ENG64.SYS [126192 2013-02-10] (Symantec Corporation)

S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130210.008\EX64.SYS [2087664 2013-02-10] (Symantec Corporation)

S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)

R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [20016 2011-10-13] (Synaptics Incorporated)

S3 SRTSP; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS [729720 2011-08-02] (Symantec Corporation)

R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS [37496 2011-08-02] (Symantec Corporation)

R3 SymDS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)

R3 SymEFA; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [1084536 2011-07-28] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-11-26] (Symantec Corporation)

R3 SymIRON; C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [189560 2011-07-25] (Symantec Corporation)

R3 SymNetS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [401016 2011-07-25] (Symantec Corporation)

S3 uxddrv; C:\nbutils\QuickT\wow64\uxddrv64.sys [7256 2009-05-14] ()

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-25 18:32 - 2013-11-25 18:32 - 00024614 _____ C:\Users\Rebecca\Downloads\FRST.txt

2013-11-25 18:32 - 2013-11-25 18:32 - 00000000 ____D C:\FRST

2013-11-25 18:31 - 2013-11-25 18:31 - 01958474 _____ (Farbar) C:\Users\Rebecca\Downloads\FRST64.exe

2013-11-25 18:31 - 2013-11-25 18:31 - 01091605 _____ (Farbar) C:\Users\Rebecca\Downloads\FRST.exe

2013-11-25 18:22 - 2013-11-25 18:25 - 00000000 ____D C:\AdwCleaner

2013-11-25 18:21 - 2013-11-25 18:22 - 01091882 _____ C:\Users\Rebecca\Downloads\AdwCleaner.exe

2013-11-23 19:54 - 2013-11-23 19:54 - 00029160 _____ C:\Users\Rebecca\Desktop\dds.txt

2013-11-23 19:54 - 2013-11-23 19:54 - 00008642 _____ C:\Users\Rebecca\Desktop\attach.txt

2013-11-23 19:53 - 2013-11-23 19:53 - 00688992 ____R (Swearware) C:\Users\Rebecca\Downloads\dds.com

2013-11-16 00:50 - 2013-10-05 14:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2013-11-16 00:50 - 2013-10-05 13:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2013-11-16 00:50 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2013-11-16 00:50 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2013-11-16 00:50 - 2013-10-03 20:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2013-11-16 00:50 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2013-11-16 00:50 - 2013-10-03 19:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-11-16 00:50 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2013-11-16 00:50 - 2013-09-27 19:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2013-11-12 22:48 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2013-11-12 22:48 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2013-11-12 22:48 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2013-11-12 22:48 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2013-11-12 22:48 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2013-11-12 22:48 - 2013-10-02 20:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2013-11-12 22:48 - 2013-10-02 20:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2013-11-12 22:48 - 2013-09-24 20:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2013-11-12 22:48 - 2013-09-24 20:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2013-11-12 22:48 - 2013-09-24 20:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2013-11-12 22:48 - 2013-09-24 20:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2013-11-12 22:48 - 2013-09-24 20:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2013-11-12 22:48 - 2013-09-24 20:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2013-11-12 22:48 - 2013-09-24 20:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2013-11-12 22:48 - 2013-09-24 20:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2013-11-12 22:48 - 2013-09-24 19:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2013-11-12 22:48 - 2013-09-24 19:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2013-11-12 22:48 - 2013-09-24 19:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2013-11-12 22:48 - 2013-09-24 19:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2013-11-12 22:48 - 2013-09-24 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2013-11-12 22:48 - 2013-07-04 06:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2013-11-12 22:38 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2013-11-12 22:36 - 2013-11-12 22:39 - 00007785 _____ C:\Windows\IE11_main.log

2013-11-12 22:36 - 2013-11-12 22:36 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-11-12 22:36 - 2013-11-12 22:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2013-11-12 22:36 - 2013-11-12 22:36 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2013-11-12 22:36 - 2013-11-12 22:36 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-11-12 22:36 - 2013-11-12 22:36 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-11-12 22:36 - 2013-11-12 22:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2013-11-12 22:36 - 2013-11-12 22:36 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2013-11-12 22:36 - 2013-11-12 22:36 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-11-12 22:36 - 2013-11-12 22:36 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2013-11-12 22:36 - 2013-11-12 22:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-11-12 22:36 - 2013-11-12 22:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-11-12 22:36 - 2013-11-12 22:36 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-11-12 22:36 - 2013-11-12 22:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2013-11-10 20:49 - 2013-11-10 20:49 - 00013081 _____ C:\Users\Rebecca\Desktop\ourweddingguests.xlsx

2013-11-02 15:10 - 2013-11-02 15:10 - 00000000 ____D C:\Users\Rebecca\AppData\Roaming\Malwarebytes

2013-11-02 15:09 - 2013-11-02 15:09 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-11-02 15:09 - 2013-11-02 15:09 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-11-02 15:09 - 2013-11-02 15:09 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-11-02 15:09 - 2013-04-04 13:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2013-11-02 15:08 - 2013-11-02 15:08 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Rebecca\Downloads\mbam-setup-1.75.0.1300.exe

2013-11-02 14:51 - 2013-11-02 14:51 - 00000000 ____D C:\Users\Rebecca\AppData\Local\NativeMessaging

==================== One Month Modified Files and Folders =======

2013-11-25 18:32 - 2013-11-25 18:32 - 00024614 _____ C:\Users\Rebecca\Downloads\FRST.txt

2013-11-25 18:32 - 2013-11-25 18:32 - 00000000 ____D C:\FRST

2013-11-25 18:32 - 2009-07-13 23:13 - 00727334 _____ C:\Windows\system32\PerfStringBackup.INI

2013-11-25 18:31 - 2013-11-25 18:31 - 01958474 _____ (Farbar) C:\Users\Rebecca\Downloads\FRST64.exe

2013-11-25 18:31 - 2013-11-25 18:31 - 01091605 _____ (Farbar) C:\Users\Rebecca\Downloads\FRST.exe

2013-11-25 18:31 - 2012-11-27 11:45 - 01603317 _____ C:\Windows\WindowsUpdate.log

2013-11-25 18:31 - 2012-02-29 17:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-11-25 18:28 - 2013-07-01 21:37 - 00003348 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3089268158-2338258896-3558577568-1001

2013-11-25 18:28 - 2013-07-01 21:37 - 00003218 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3089268158-2338258896-3558577568-1001

2013-11-25 18:27 - 2013-07-01 21:36 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-11-25 18:27 - 2010-11-20 21:47 - 00079608 _____ C:\Windows\PFRO.log

2013-11-25 18:27 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2013-11-25 18:27 - 2009-07-13 22:51 - 00063336 _____ C:\Windows\setupact.log

2013-11-25 18:25 - 2013-11-25 18:22 - 00000000 ____D C:\AdwCleaner

2013-11-25 18:22 - 2013-11-25 18:21 - 01091882 _____ C:\Users\Rebecca\Downloads\AdwCleaner.exe

2013-11-25 18:15 - 2013-07-01 21:36 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-11-24 23:00 - 2013-01-31 18:20 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7ACD050C-50C0-433D-B810-9CC9B3AD0CF0}

2013-11-23 19:54 - 2013-11-23 19:54 - 00029160 _____ C:\Users\Rebecca\Desktop\dds.txt

2013-11-23 19:54 - 2013-11-23 19:54 - 00008642 _____ C:\Users\Rebecca\Desktop\attach.txt

2013-11-23 19:53 - 2013-11-23 19:53 - 00688992 ____R (Swearware) C:\Users\Rebecca\Downloads\dds.com

2013-11-23 19:50 - 2009-07-13 22:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-11-23 19:50 - 2009-07-13 22:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-11-22 17:42 - 2013-10-17 12:19 - 00000000 ____D C:\Program Files\Microsoft Office 15

2013-11-22 17:32 - 2013-08-15 00:00 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForRebecca.job

2013-11-22 14:18 - 2013-08-15 00:00 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRebecca

2013-11-22 14:16 - 2013-05-04 00:10 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2013-11-22 14:16 - 2013-02-01 18:09 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log

2013-11-22 14:15 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache

2013-11-13 18:18 - 2013-01-31 18:20 - 00001417 _____ C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2013-11-13 18:17 - 2013-07-01 21:37 - 00000000 ____D C:\Program Files\Google

2013-11-13 18:17 - 2013-07-01 21:36 - 00000000 ____D C:\Program Files (x86)\Google

2013-11-13 18:16 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-11-13 18:00 - 2013-08-03 02:02 - 00000000 ____D C:\Windows\system32\MRT

2013-11-13 17:59 - 2013-02-10 20:17 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2013-11-12 22:55 - 2013-09-08 13:48 - 00000000 ____D C:\Users\Rebecca\Documents\Becky

2013-11-12 22:42 - 2013-02-10 21:15 - 00000000 ____D C:\Users\Rebecca\AppData\Local\CrashDumps

2013-11-12 22:39 - 2013-11-12 22:36 - 00007785 _____ C:\Windows\IE11_main.log