Multiple Pop-up Notifications when first when first Powering On.

[michiganmike]

Good evening......After powering up my PC, selecting either IE   or Chrome, I start receiving multiple  MalwareBytes Warning Pop-ups

"Malwarebytes successfully blocked access to a potentially malicious website"   along with Windows Defender showing the same type of Pop up Warnings.  

They sometimes alternate.   This has been happening for around 5 days.   

I assume that I successfully clean up after selecting all threats and rebooting.

Database Version : v2014.06.09.11

 

Thoughts?   more information needed?

[Firefox]

Please read the following topic Diagnostic Logs and post back the logs when ready and we'll see if we can determine what's going on.

Also if you can post your scan logs where items were detected and at least one protection log

NOTE: There is an FAQ section with valuable information located here:

Common Questions, Issues, and their Solutions

[michiganmike]

When I try to attach the files created by Farbar Recovery, I get a message that I am not allowed to upload this type of file.

There are four files in my Downloads.  FRST64, FRST64 (1), FRST64 (2) AND FRST64 (3)

[Firefox]

The files that you should be attaching are txt files and there should be no issues with those.... what type and filename are you trying to attach?

[michiganmike]

I think I'm way over my head here.

After running the Fabar recovery scan tool, I found the files mentioned above in my Downloads.  Looking at the type of file, it says Application (.exe)

Meanwhile, I continue to get pop-ups saying Malwarebyes has blocked access to a malicious website.

[Firefox]

Its going to create two files when you run the tool...

•It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

•The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.

Those are the two files you must upload....

[michiganmike]

Is this what you need  ?

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014

Ran by Michael (administrator) on BASEMENTDESKTOP on 11-06-2014 18:19:22

Running from C:\Users\Michael\Downloads

Platform: Windows 8 (X64) OS Language: English(US)

Internet Explorer Version 10

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

() C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe

(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe

(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe

(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE

(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe

(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe

() C:\Users\Michael\AppData\Roaming\Xiuhytc\tupea.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Maxtor Corporation) C:\Program Files (x86)\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe

(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

() C:\Program Files (x86)\Roxio Creator NXT\Roxio Burn\RoxioBurnLauncher.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

() C:\Users\Michael\AppData\Roaming\Udipuwfe\urcuxii.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

() C:\Users\Michael\AppData\Roaming\Udipuwfe\urcuxii.exe

() C:\Users\Michael\AppData\Roaming\Udipuwfe\urcuxii.exe

(Farbar) C:\Users\Michael\Downloads\FRST64 (3).exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [beatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)

HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [10613760 2013-11-28] (Broadcom Corporation)

HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)

HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)

HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

HKLM-x32\...\Run: [basicsmssmenu] => C:\Program Files (x86)\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe [169328 2007-10-09] (Maxtor Corporation)

HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1517640 2013-05-30] (Seagate Technology LLC)

HKLM-x32\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatchTray14.exe [294032 2012-07-18] (Corel Corporation)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)

HKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694072 2013-10-15] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5563760 2014-06-02] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Foapyxvut] => C:\Users\Michael\AppData\Roaming\Ylyxly\iccoyd.exe [313344 2013-05-26] ()

HKLM-x32\...\Run: [Taatezziefe] => C:\Users\Michael\AppData\Roaming\Xiuhytc\tupea.exe [313344 2014-01-01] ()

HKLM-x32\...\Run: [Keuwud] => C:\Users\Michael\AppData\Roaming\Udipuwfe\urcuxii.exe [306176 2014-01-06] ()

HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-10] (Hewlett-Packard)

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\Run: [uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [122984 2013-05-30] (Seagate Technology LLC)

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\Run: [Luegyr] => "C:\Users\Michael\AppData\Roaming\Ewohuvz\ibisif.exe"

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\Run: [Foapyxvut] => C:\Users\Michael\AppData\Roaming\Ylyxly\iccoyd.exe [313344 2013-05-26] ()

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\Run: [Taatezziefe] => C:\Users\Michael\AppData\Roaming\Xiuhytc\tupea.exe [313344 2014-01-01] ()

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\Run: [xkngvnqx] => C:\Users\Michael\AppData\Local\dvahexhq.exe [147456 2014-06-10] ()

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\Run: [Keuwud] => C:\Users\Michael\AppData\Roaming\Udipuwfe\urcuxii.exe [306176 2014-01-06] ()

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\Run: [itrplnkv] => C:\Users\Michael\AppData\Local\asllllfu.exe [143360 2014-06-11] ()

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\MountPoints2: {67f9585e-5082-11e2-be75-74e543952f6d} - "J:\GSLoader.exe" 

HKU\S-1-5-21-3304380047-1144064881-2346535376-1001\...\MountPoints2: {67f95975-5082-11e2-be75-74e543952f6d} - "J:\GSLoader.exe" 

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

 

==================== Internet (Whitelisted) ====================

 

ProxyServer: http=127.0.0.1:49250;https=127.0.0.1:49250

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS

SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKLM - {F82E0CFA-744D-466E-BCB3-7E1F9C6D75E0} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS

SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKLM-x32 - {F82E0CFA-744D-466E-BCB3-7E1F9C6D75E0} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS

SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKCU - {F82E0CFA-744D-466E-BCB3-7E1F9C6D75E0} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)

BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)

Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

 

FireFox:

========

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2012-12-17]

 

Chrome: 

=======

CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-22]

CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-22]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]

CHR Extension: (Eclipse.TV) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgclhadgalphbjbailpceklmmhebajln [2014-03-15]

CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-22]

CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-22]

CHR Extension: (Logitech SetPoint) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-08-22]

CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-22]

CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2012-12-17]

 

==================== Services (Whitelisted) =================

 

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457360 2012-06-20] ()

R2 Basics Service; C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe [124280 2007-10-09] (Seagate Technology LLC)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2014-03-07] (Broadcom Corporation.)

R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22160 2012-07-11] ()

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Creator NXT\Roxio Burn\RoxioBurnLauncher.exe [535184 2012-07-05] ()

S3 RoxMediaDB14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxMediaDB14.exe [1096848 2012-07-18] (Corel Corporation)

S2 RoxWatch14; C:\Program Files (x86)\Roxio Creator NXT\Common\RoxWatch14.exe [341136 2012-07-18] (Corel Corporation)

R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2013-05-30] (Seagate Technology LLC)

R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [File not signed]

R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-06-02] (Western Digital Technologies, Inc.)

R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [6036480 2013-11-28] (Broadcom Corporation) [File not signed]

 

==================== Drivers (Whitelisted) ====================

 

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-03-07] (Broadcom Corporation.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6957744 2013-11-28] (Broadcom Corporation)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)

R3 BTWPANFL; C:\windows\system32\drivers\btwpanfl.sys [44912 2013-11-28] (Broadcom Corporation.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)

R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)

R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2012-06-20] (Corel Corporation)

R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2012-06-20] (Corel Corporation)

R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2012-06-20] (Corel Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-06-11 18:19 - 2014-06-11 18:19 - 00024444 _____ () C:\Users\Michael\Downloads\FRST.txt

2014-06-11 18:19 - 2014-06-11 18:19 - 00000000 ____D () C:\FRST

2014-06-11 18:18 - 2014-06-11 18:18 - 02081792 _____ (Farbar) C:\Users\Michael\Downloads\FRST64 (3).exe

2014-06-11 18:18 - 2014-06-11 18:18 - 02081792 _____ (Farbar) C:\Users\Michael\Downloads\FRST64 (2).exe

2014-06-11 18:17 - 2014-06-11 18:17 - 02081792 _____ (Farbar) C:\Users\Michael\Downloads\FRST64 (1).exe

2014-06-11 18:16 - 2014-06-11 18:16 - 02081792 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe

2014-06-11 17:56 - 2014-06-11 18:00 - 00000842 _____ () C:\windows\Tasks\Security Center Update - 2611310932.job

2014-06-11 17:56 - 2014-06-11 17:56 - 00003818 _____ () C:\windows\System32\Tasks\Security Center Update - 2611310932

2014-06-11 17:56 - 2014-06-11 17:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Heuvan

2014-06-11 17:32 - 2014-06-11 18:00 - 00000852 _____ () C:\windows\Tasks\Security Center Update - 2126033022.job

2014-06-11 17:32 - 2014-06-11 17:32 - 00143360 _____ () C:\Users\Michael\AppData\Local\asllllfu.exe

2014-06-11 17:32 - 2014-06-11 17:32 - 00003828 _____ () C:\windows\System32\Tasks\Security Center Update - 2126033022

2014-06-11 17:32 - 2014-06-11 17:32 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Udipuwfe

2014-06-11 17:21 - 2014-06-11 17:21 - 00000000 ____D () C:\Program Files\Western Digital

2014-06-10 20:40 - 2014-06-10 20:40 - 00147456 _____ () C:\Users\Michael\AppData\Local\dvahexhq.exe

2014-06-10 20:40 - 2014-05-23 22:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-06-10 20:40 - 2014-05-23 22:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-06-10 20:40 - 2014-05-23 22:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-06-10 20:40 - 2014-05-23 22:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll

2014-06-10 20:40 - 2014-05-23 22:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-06-10 20:40 - 2014-05-23 22:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-06-10 20:40 - 2014-05-23 22:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-06-10 20:40 - 2014-05-23 22:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-06-10 20:40 - 2014-05-23 22:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-06-10 20:40 - 2014-05-23 21:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-06-10 20:40 - 2014-05-23 21:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-06-10 20:40 - 2014-05-23 21:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-06-10 20:40 - 2014-05-23 21:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-06-10 20:40 - 2014-05-23 21:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll

2014-06-10 20:40 - 2014-05-23 21:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-06-10 20:40 - 2014-05-23 21:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-06-10 20:40 - 2014-05-23 21:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-06-10 20:40 - 2014-05-23 21:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-06-10 20:40 - 2014-05-23 21:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll

2014-06-10 20:40 - 2014-05-23 21:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-06-10 20:40 - 2014-05-23 21:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-06-10 20:40 - 2014-05-23 21:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-06-10 20:40 - 2014-05-23 21:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-06-10 20:40 - 2014-05-23 21:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-06-10 20:40 - 2014-05-23 18:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll

2014-06-10 20:40 - 2014-05-03 01:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll

2014-06-10 20:40 - 2014-05-02 23:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll

2014-06-10 20:40 - 2014-04-29 18:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll

2014-06-10 20:40 - 2014-04-29 18:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll

2014-06-10 20:40 - 2014-04-03 07:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys

2014-06-10 20:40 - 2014-04-02 23:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys

2014-06-10 20:40 - 2014-03-31 18:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml

2014-06-10 20:40 - 2014-03-24 19:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe

2014-06-10 20:40 - 2014-03-24 18:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe

2014-06-10 20:39 - 2014-05-23 22:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-06-10 20:39 - 2014-05-23 22:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-06-10 20:39 - 2014-05-23 21:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-06-10 20:39 - 2014-05-23 21:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-06-10 20:39 - 2014-05-23 21:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-06-10 20:39 - 2014-05-23 21:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-06-10 20:39 - 2014-05-23 21:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll

2014-06-10 20:39 - 2014-04-03 07:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys

2014-06-10 20:38 - 2014-03-06 20:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll

2014-06-10 20:38 - 2014-03-06 20:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll

2014-06-09 19:54 - 2014-06-09 19:54 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Xiuhytc

2014-06-09 17:02 - 2014-06-09 17:02 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Ylyxly

2014-06-07 17:10 - 2014-06-07 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{224830B8-677C-4A76-95DB-08D88C19336E}

2014-06-04 18:26 - 2014-06-06 21:59 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Ewohuvz

2014-06-04 18:24 - 2014-06-11 17:34 - 00003190 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMichael

2014-06-04 18:24 - 2014-06-11 17:34 - 00000372 _____ () C:\windows\Tasks\HPCeeScheduleForMichael.job

2014-06-02 21:48 - 2014-06-02 21:48 - 00068782 _____ () C:\Users\Michael\AppData\Local\rvxxbgxb

2014-06-02 20:17 - 2014-06-02 20:17 - 00000000 ____D () C:\Users\Michael\Desktop\My CD

2014-06-02 17:18 - 2014-06-02 17:18 - 00000000 ____D () C:\Users\Michael\AppData\Local\{881F8DB9-F1FA-4524-88D9-E9C82B92CDB1}

2014-06-01 20:14 - 2014-06-01 20:14 - 00000000 ____D () C:\Users\Michael\AppData\Local\{15CA1DF9-3AA9-4AB8-90EB-3CBEB1CA2504}

2014-05-30 21:23 - 2014-05-30 21:24 - 00000000 ____D () C:\Users\Michael\AppData\Local\{6ED51D36-00EF-4103-A2B9-E9D209EBD982}

2014-05-27 19:23 - 2014-05-27 19:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{B0C134A4-B9BE-4B34-95F3-7F02760A1C87}

2014-05-25 20:16 - 2014-05-25 20:16 - 00000000 ____D () C:\Users\Michael\AppData\Local\{08ED54E1-FB2A-4D04-BC86-0BC777193517}

2014-05-23 22:09 - 2014-05-23 22:09 - 00000000 ____D () C:\ProgramData\Google

2014-05-23 22:09 - 2014-05-23 22:09 - 00000000 ____D () C:\Program Files\Google

2014-05-23 22:08 - 2014-05-23 22:08 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-05-23 22:08 - 2014-05-23 22:08 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-05-23 20:53 - 2014-05-23 20:53 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4C872568-2D59-489B-A519-E985474A498E}

2014-05-18 19:57 - 2014-05-18 19:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{BAD8B963-8125-448B-9EF4-9B6347CABA79}

2014-05-17 19:39 - 2014-05-17 19:39 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D2E02429-F576-4F62-91C9-DE8EC18D884E}

2014-05-13 17:22 - 2014-04-12 05:27 - 00172888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys

2014-05-13 17:22 - 2014-04-12 05:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe

2014-05-13 17:22 - 2014-04-12 05:09 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll

2014-05-13 17:22 - 2014-04-12 05:09 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll

2014-05-13 17:22 - 2014-04-12 05:09 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll

2014-05-13 17:22 - 2014-04-12 05:09 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll

2014-05-13 17:22 - 2014-04-12 05:08 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll

2014-05-13 17:22 - 2014-04-12 05:08 - 00827904 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll

2014-05-13 17:22 - 2014-04-12 05:08 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll

2014-05-13 17:22 - 2014-04-12 05:08 - 00318464 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll

2014-05-13 17:22 - 2014-04-12 03:23 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll

2014-05-13 17:22 - 2014-04-12 03:23 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll

2014-05-13 17:22 - 2014-04-12 03:23 - 00273920 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll

2014-05-13 17:22 - 2014-04-12 03:23 - 00178688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll

2014-05-13 17:22 - 2014-04-12 03:23 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll

2014-05-13 17:22 - 2014-04-12 03:22 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll

2014-05-13 17:22 - 2014-03-28 15:19 - 00035856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdBoot.sys

2014-05-13 17:22 - 2014-03-28 04:23 - 19759104 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll

2014-05-13 17:22 - 2014-03-28 02:18 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll

2014-05-13 17:22 - 2014-03-23 18:11 - 00269592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdFilter.sys

2014-05-13 17:22 - 2014-03-10 23:32 - 06987096 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe

2014-05-13 17:22 - 2014-03-10 23:25 - 00100184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys

2014-05-13 17:22 - 2014-03-10 20:41 - 00559104 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll

2014-05-13 17:22 - 2014-03-10 20:41 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll

2014-05-13 17:22 - 2014-03-10 20:41 - 00038400 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll

2014-05-13 17:22 - 2014-03-10 20:39 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe

2014-05-13 17:22 - 2014-03-10 20:38 - 00982016 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll

2014-05-13 17:22 - 2014-03-10 20:38 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll

2014-05-13 17:22 - 2014-03-10 20:38 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll

2014-05-13 17:22 - 2014-03-10 20:38 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll

2014-05-13 17:22 - 2014-03-10 20:38 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll

2014-05-13 17:22 - 2014-03-10 20:38 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll

2014-05-13 17:22 - 2014-03-10 20:38 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll

2014-05-13 17:22 - 2014-03-09 23:05 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll

2014-05-13 17:22 - 2014-03-09 21:27 - 00099840 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll

2014-05-13 17:22 - 2014-03-03 19:07 - 00570216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys

2014-05-13 17:21 - 2014-04-12 05:07 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll

2014-05-13 17:21 - 2014-04-12 03:22 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll

2014-05-13 17:21 - 2014-04-12 02:58 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\workerdd.dll

2014-05-13 17:21 - 2014-03-28 04:23 - 01287168 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll

2014-05-13 17:21 - 2014-03-01 05:47 - 01258496 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll

2014-05-13 17:21 - 2014-03-01 05:47 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\gpedit.dll

2014-05-13 17:21 - 2014-03-01 04:07 - 01075200 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpedit.dll

2014-05-13 17:21 - 2014-03-01 02:59 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll

2014-05-13 17:21 - 2014-02-26 19:18 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys

2014-05-13 17:21 - 2014-02-26 19:18 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys

2014-05-13 17:21 - 2014-02-26 19:18 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys

2014-05-13 17:21 - 2014-02-15 00:15 - 00078336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys

 

==================== One Month Modified Files and Folders =======

 

2014-06-11 18:19 - 2014-06-11 18:19 - 00024444 _____ () C:\Users\Michael\Downloads\FRST.txt

2014-06-11 18:19 - 2014-06-11 18:19 - 00000000 ____D () C:\FRST

2014-06-11 18:19 - 2012-12-17 12:03 - 00000000 ____D () C:\Users\Michael\AppData\Local\Temp

2014-06-11 18:18 - 2014-06-11 18:18 - 02081792 _____ (Farbar) C:\Users\Michael\Downloads\FRST64 (3).exe

2014-06-11 18:18 - 2014-06-11 18:18 - 02081792 _____ (Farbar) C:\Users\Michael\Downloads\FRST64 (2).exe

2014-06-11 18:17 - 2014-06-11 18:17 - 02081792 _____ (Farbar) C:\Users\Michael\Downloads\FRST64 (1).exe

2014-06-11 18:16 - 2014-06-11 18:16 - 02081792 _____ (Farbar) C:\Users\Michael\Downloads\FRST64.exe

2014-06-11 18:00 - 2014-06-11 17:56 - 00000842 _____ () C:\windows\Tasks\Security Center Update - 2611310932.job

2014-06-11 18:00 - 2014-06-11 17:32 - 00000852 _____ () C:\windows\Tasks\Security Center Update - 2126033022.job

2014-06-11 18:00 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\sru

2014-06-11 17:56 - 2014-06-11 17:56 - 00003818 _____ () C:\windows\System32\Tasks\Security Center Update - 2611310932

2014-06-11 17:56 - 2014-06-11 17:56 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Heuvan

2014-06-11 17:55 - 2013-04-23 22:25 - 00000000 ____D () C:\Users\Michael\AppData\Local\CrashDumps

2014-06-11 17:55 - 2013-01-11 23:05 - 00000932 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-11 17:55 - 2013-01-11 23:05 - 00000928 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-11 17:50 - 2012-12-17 12:05 - 00003962 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{4EEA9D32-882F-444D-A469-D56BACDC089C}

2014-06-11 17:34 - 2014-06-04 18:24 - 00003190 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMichael

2014-06-11 17:34 - 2014-06-04 18:24 - 00000372 _____ () C:\windows\Tasks\HPCeeScheduleForMichael.job

2014-06-11 17:34 - 2012-12-17 20:14 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log

2014-06-11 17:34 - 2012-12-17 20:14 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-06-11 17:34 - 2012-12-17 12:03 - 00000000 ____D () C:\Users\Michael

2014-06-11 17:32 - 2014-06-11 17:32 - 00143360 _____ () C:\Users\Michael\AppData\Local\asllllfu.exe

2014-06-11 17:32 - 2014-06-11 17:32 - 00003828 _____ () C:\windows\System32\Tasks\Security Center Update - 2126033022

2014-06-11 17:32 - 2014-06-11 17:32 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Udipuwfe

2014-06-11 17:30 - 2012-12-17 12:13 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3304380047-1144064881-2346535376-1001

2014-06-11 17:28 - 2012-07-26 03:28 - 00876622 _____ () C:\windows\system32\PerfStringBackup.INI

2014-06-11 17:26 - 2013-08-14 16:17 - 00000000 ____D () C:\windows\system32\MRT

2014-06-11 17:25 - 2014-04-14 18:13 - 00008192 _____ () C:\windows\SysWOW64\WDPABKP.dat

2014-06-11 17:24 - 2012-07-26 03:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-06-11 17:23 - 2014-03-14 20:46 - 00034900 _____ () C:\windows\PFRO.log

2014-06-11 17:23 - 2013-02-16 22:58 - 01187337 _____ () C:\windows\WindowsUpdate.log

2014-06-11 17:23 - 2012-12-17 12:06 - 00000000 _____ () C:\windows\system32\Drivers\lvuvc.hs

2014-06-11 17:23 - 2012-07-26 01:26 - 00524288 ___SH () C:\windows\system32\config\BBI

2014-06-11 17:21 - 2014-06-11 17:21 - 00000000 ____D () C:\Program Files\Western Digital

2014-06-11 17:21 - 2014-04-14 18:12 - 00000000 ____D () C:\Program Files\Common Files\Western Digital

2014-06-11 17:21 - 2014-04-14 18:12 - 00000000 ____D () C:\Program Files (x86)\Western Digital

2014-06-11 17:21 - 2014-04-14 18:11 - 00000000 ____D () C:\ProgramData\Western Digital

2014-06-11 17:21 - 2014-03-07 18:14 - 00057554 _____ () C:\windows\DPINST.LOG

2014-06-11 17:21 - 2013-11-28 10:02 - 00000000 ____D () C:\ProgramData\Package Cache

2014-06-10 21:37 - 2012-07-26 03:59 - 00000000 ____D () C:\windows\CbsTemp

2014-06-10 21:35 - 2014-03-14 20:37 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-10 21:31 - 2012-12-21 18:00 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-06-10 20:56 - 2013-12-03 19:26 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\ClassicShell

2014-06-10 20:40 - 2014-06-10 20:40 - 00147456 _____ () C:\Users\Michael\AppData\Local\dvahexhq.exe

2014-06-10 20:38 - 2012-07-26 01:26 - 00262144 ___SH () C:\windows\system32\config\ELAM

2014-06-10 20:32 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\AUInstallAgent

2014-06-09 19:54 - 2014-06-09 19:54 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Xiuhytc

2014-06-09 19:44 - 2014-03-07 18:14 - 00014903 _____ () C:\windows\setupact.log

2014-06-09 17:02 - 2014-06-09 17:02 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Ylyxly

2014-06-08 18:15 - 2013-06-05 18:24 - 00417280 ___SH () C:\Users\Michael\Downloads\Thumbs.db

2014-06-07 17:16 - 2013-04-30 18:29 - 00130560 ___SH () C:\Users\Michael\Desktop\Thumbs.db

2014-06-07 17:10 - 2014-06-07 17:10 - 00000000 ____D () C:\Users\Michael\AppData\Local\{224830B8-677C-4A76-95DB-08D88C19336E}

2014-06-06 21:59 - 2014-06-04 18:26 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Ewohuvz

2014-06-05 21:20 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\NDF

2014-06-02 21:48 - 2014-06-02 21:48 - 00068782 _____ () C:\Users\Michael\AppData\Local\rvxxbgxb

2014-06-02 20:17 - 2014-06-02 20:17 - 00000000 ____D () C:\Users\Michael\Desktop\My CD

2014-06-02 17:18 - 2014-06-02 17:18 - 00000000 ____D () C:\Users\Michael\AppData\Local\{881F8DB9-F1FA-4524-88D9-E9C82B92CDB1}

2014-06-01 20:14 - 2014-06-01 20:14 - 00000000 ____D () C:\Users\Michael\AppData\Local\{15CA1DF9-3AA9-4AB8-90EB-3CBEB1CA2504}

2014-05-31 01:16 - 2013-11-16 07:29 - 00703992 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-05-31 01:16 - 2013-11-16 07:29 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-05-30 21:24 - 2014-05-30 21:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{6ED51D36-00EF-4103-A2B9-E9D209EBD982}

2014-05-27 19:23 - 2014-05-27 19:23 - 00000000 ____D () C:\Users\Michael\AppData\Local\{B0C134A4-B9BE-4B34-95F3-7F02760A1C87}

2014-05-25 20:55 - 2013-08-22 17:59 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-05-25 20:16 - 2014-05-25 20:16 - 00000000 ____D () C:\Users\Michael\AppData\Local\{08ED54E1-FB2A-4D04-BC86-0BC777193517}

2014-05-23 22:48 - 2014-06-10 20:40 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-05-23 22:47 - 2014-06-10 20:40 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-05-23 22:47 - 2014-06-10 20:40 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-05-23 22:47 - 2014-06-10 20:40 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll

2014-05-23 22:47 - 2014-06-10 20:40 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-05-23 22:46 - 2014-06-10 20:40 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-05-23 22:46 - 2014-06-10 20:39 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-05-23 22:46 - 2014-06-10 20:39 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-05-23 22:45 - 2014-06-10 20:40 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-05-23 22:45 - 2014-06-10 20:40 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-05-23 22:45 - 2014-06-10 20:40 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-05-23 22:11 - 2013-08-30 19:57 - 00000000 ____D () C:\ProgramData\Adobe

2014-05-23 22:10 - 2013-08-30 19:55 - 00000000 ____D () C:\Users\Michael\AppData\Local\Adobe

2014-05-23 22:10 - 2012-12-17 12:05 - 00000000 ____D () C:\Users\Michael\AppData\Roaming\Adobe

2014-05-23 22:09 - 2014-05-23 22:09 - 00000000 ____D () C:\ProgramData\Google

2014-05-23 22:09 - 2014-05-23 22:09 - 00000000 ____D () C:\Program Files\Google

2014-05-23 22:09 - 2013-01-02 22:55 - 00000000 ____D () C:\Program Files (x86)\Google

2014-05-23 22:08 - 2014-05-23 22:08 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-05-23 22:08 - 2014-05-23 22:08 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk

2014-05-23 22:08 - 2013-08-30 19:56 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-05-23 21:26 - 2014-06-10 20:40 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-05-23 21:26 - 2014-06-10 20:40 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-05-23 21:26 - 2014-06-10 20:40 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-05-23 21:26 - 2014-06-10 20:40 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-05-23 21:26 - 2014-06-10 20:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll

2014-05-23 21:26 - 2014-06-10 20:39 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-05-23 21:26 - 2014-06-10 20:39 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-05-23 21:25 - 2014-06-10 20:40 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-05-23 21:25 - 2014-06-10 20:40 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-05-23 21:25 - 2014-06-10 20:40 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-05-23 21:25 - 2014-06-10 20:40 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-05-23 21:25 - 2014-06-10 20:40 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll

2014-05-23 21:25 - 2014-06-10 20:40 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-05-23 21:25 - 2014-06-10 20:40 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-05-23 21:25 - 2014-06-10 20:40 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-05-23 21:25 - 2014-06-10 20:39 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-05-23 21:25 - 2014-06-10 20:39 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-05-23 21:25 - 2014-06-10 20:39 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll

2014-05-23 21:09 - 2014-06-10 20:40 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-05-23 21:03 - 2014-06-10 20:40 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-05-23 20:53 - 2014-05-23 20:53 - 00000000 ____D () C:\Users\Michael\AppData\Local\{4C872568-2D59-489B-A519-E985474A498E}

2014-05-23 18:37 - 2014-06-10 20:40 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll

2014-05-21 20:33 - 2012-12-17 12:03 - 00000000 ____D () C:\Users\Michael\AppData\Local\Packages

2014-05-20 20:40 - 2013-04-21 18:57 - 00000000 ____D () C:\ProgramData\Roxio

2014-05-18 19:57 - 2014-05-18 19:57 - 00000000 ____D () C:\Users\Michael\AppData\Local\{BAD8B963-8125-448B-9EF4-9B6347CABA79}

2014-05-17 23:09 - 2014-04-14 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital

2014-05-17 19:39 - 2014-05-17 19:39 - 00000000 ____D () C:\Users\Michael\AppData\Local\{D2E02429-F576-4F62-91C9-DE8EC18D884E}

2014-05-17 18:30 - 2012-12-17 12:05 - 00000000 ___RD () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-17 18:30 - 2012-12-17 12:05 - 00000000 ___RD () C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-05-16 18:20 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\rescache

2014-05-16 17:53 - 2012-07-26 04:12 - 00000000 ___RD () C:\windows\ToastData

2014-05-16 17:53 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-05-16 17:53 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-05-16 17:53 - 2012-07-26 04:12 - 00000000 ____D () C:\windows\system32\SecureBootUpdates

2014-05-16 17:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender

2014-05-16 17:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

 

Some content of TEMP:

====================

C:\Users\Michael\AppData\Local\Temp\Checkupdate.exe

C:\Users\Michael\AppData\Local\Temp\Extract.exe

C:\Users\Michael\AppData\Local\Temp\Foxit Reader Updater.exe

C:\Users\Michael\AppData\Local\Temp\gcapi_dll.dll

C:\Users\Michael\AppData\Local\Temp\gtapi_signed.dll

C:\Users\Michael\AppData\Local\Temp\ose00000.exe

C:\Users\Michael\AppData\Local\Temp\sp64126.exe

C:\Users\Michael\AppData\Local\Temp\SP65397.exe

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite10926.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite11083.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite11575.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite12027.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite13050.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite14093.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite14589.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite16386.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite16414.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite16767.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite16790.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite17876.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite18102.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite18897.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite19881.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite20031.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite20718.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite21606.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite21654.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite22349.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite23361.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite23388.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite24341.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite24360.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite24786.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite25627.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite26840.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite27136.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite28701.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite28904.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite29551.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite30294.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite30353.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite31472.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite33223.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite33828.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite35951.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite37768.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite38996.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite39397.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite40612.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite40635.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite41085.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite41324.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite41654.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite41660.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite42144.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite44223.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite44706.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite45490.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite46316.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite46798.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite47299.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite47423.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite47638.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite47792.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite48236.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite48720.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite49138.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite52268.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite52495.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite52716.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite52807.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite53008.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite55232.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite55421.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite55481.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite56048.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite58327.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite58507.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite59010.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite59834.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite60426.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite60482.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite61463.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite62307.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite62405.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite62935.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite64103.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite64716.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite67222.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite70423.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite70683.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite72209.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite73697.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite75283.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite77468.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite78397.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite79667.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite79723.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite82238.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite83300.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite84753.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite84920.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite84926.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite85373.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite86333.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite86480.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite86610.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite89613.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite92978.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite94020.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite94431.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite95510.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite96326.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite99290.dll

C:\Users\Michael\AppData\Local\Temp\System.Data.SQLite99385.dll

C:\Users\Michael\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\Michael\AppData\Local\Temp\Upd254A_FlashPlayer.exe

C:\Users\Michael\AppData\Local\Temp\update-20140407.exe

C:\Users\Michael\AppData\Local\Temp\UpdateFlashPlayer_47669d1b.exe

C:\Users\Michael\AppData\Local\Temp\UpdateFlashPlayer_a1c5c728.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-06-03 17:15

 

==================== End Of Log ============================

[michiganmike]

and the Addition......

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014

Ran by Michael at 2014-06-11 18:20:20

Running from C:\Users\Michael\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Control Center (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{CC6CCF1E-F361-910A-E41D-EB5176F1255C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)

AMD Wireless Display v3.0 (Version: 1.0.0.13 - Advanced Micro Devices, Inc.) Hidden

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

AudioLabel (HKLM-x32\...\AudioLabel) (Version: 5.00 (Build 6) - CDCoverSoft)

Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.66.1 - Broadcom Corporation)

Broadcom Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.6950 - Broadcom Corporation)

Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.66.1 - Broadcom Corporation)

Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2013.0819.1343.22803 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2013.0819.1344.22803 - Advanced Micro Devices, Inc.) Hidden

CEBS Practice Exam - RPA2 (Course 4) (HKLM-x32\...\CEBSPracticeExamRPA2 (Course 4)) (Version:  - )

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

CinemaNow Player (HKLM-x32\...\com.bby.cinemanowplayer) (Version: 3.1.2 - Rovi Corporation)

CinemaNow Player (x32 Version: 3.1.2 - Rovi Corporation) Hidden

Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)

Corel KPT Collection (x32 Version: 1.00.0000 - Corel Corporation) Hidden

Corel KPT Collection for PSPX4 (HKLM-x32\...\_{031338C0-4C21-4DAC-875B-26ACD7ADDF23}) (Version:  - Corel Corporation)

Corel PaintShop Pro X4 (HKLM-x32\...\_{00580795-581C-4587-B9F2-37320D7AB37F}) (Version: 14.2.0.1 - Corel Corporation)

Corel PaintShop Pro X4 (x32 Version: 14.3.0.3 - Corel Corporation) Hidden

Corel WinDVD (x32 Version: 10.8.0.201 - Corel Inc.) Hidden

Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden

Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Creator NXT Content (x32 Version: 14.0.024 - Roxio) Hidden

CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)

CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden

CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)

CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden

CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)

CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)

CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)

CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden

CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)

CyberLink PowerDVD (x32 Version: 10.0.8.5511 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)

Drive Manager (HKLM-x32\...\InstallShield_{48B0F38D-1913-44F3-99AA-D4C55A2B038E}) (Version: 1.00.0012 - Seagate Technology)

Drive Manager (x32 Version: 1.00.0012 - Seagate Technology) Hidden

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden

FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden

Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden

FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)

Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden

HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)

HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 25) hp - Meridian Audio Ltd)

HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)

HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)

HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)

HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden

HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)

HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)

HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)

ICA (x32 Version: 14.2.0.1 - Corel Corporation) Hidden

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)

IPM_PSP_COM (x32 Version: 14.2.0.1 - Corel Corporation) Hidden

Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Logitech SetPoint 6.51 (HKLM\...\sp6) (Version: 6.51.8 - Logitech)

Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden

Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden

Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Memorex exPressit Label Design Studio (HKLM-x32\...\MVApplication1) (Version:  - )

Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)

Microsoft Mouse and Keyboard Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden

Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden

Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden

Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden

PSPPContent (x32 Version: 14.3.0.2 - Corel Corporation) Hidden

PSPPHelp (x32 Version: 14.2.0.1 - Corel Corporation) Hidden

PSPPro64 (Version: 14.2.0.1 - Corel Corporation) Hidden

RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden

Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Roxio BackOnTrack (x32 Version: 4.5 - Roxio) Hidden

Roxio Burn (x32 Version: 2.0 - Roxio) Hidden

Roxio Central (x32 Version: 7.0.0 - Roxio) Hidden

Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) Hidden

Roxio Creator NXT (HKLM-x32\...\{CC915001-1639-4D1B-B0A1-A7AC70C99179}) (Version: 14.0.36.0 - Roxio)

Roxio Creator NXT (x32 Version: 1.4.184 - Roxio) Hidden

Roxio VHS Capture Driver (x32 Version: 1.05.0000 - Corel) Hidden

Seagate Dashboard 2.0 (HKLM-x32\...\{43C423D9-E6D6-4607-ADC9-EBB54F690C57}) (Version: 2.2.29.0 - Seagate)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden

Setup (x32 Version: 14.2.0.1 - Corel Corporation) Hidden

SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)

SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden

SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)

SmartSound Quicktracks 5 (x32 Version: 5.1.7 - SmartSound Software Inc.) Hidden

SureThing CD Labeler Deluxe Trial (HKLM-x32\...\{4ED7D297-58F7-45C3-A9BA-A7CD6FA0D373}_is1) (Version: 5.2.693.0 - MicroVision Development, Inc.)

Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden

Triple Scoop Music (x32 Version: 1.0.019 - Roxio) Hidden

Ultra File Opener (HKCU\...\Ultra File Opener) (Version: 4.1.3.77 - CompuClever Systems Inc.)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden

WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)

WD Quick View (HKLM-x32\...\{324C58C7-A292-4523-A943-91DE1EB6A1FE}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)

WD Security (HKLM-x32\...\{90C3D9C7-2F83-4399-8E28-A00228CFFDF8}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)

WD SmartWare (HKLM\...\{F6ABA2F3-9759-48CD-B25B-A07A811E92E4}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)

WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)

WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden

Windows Driver Package - Broadcom Corporation (bcbtums) Bluetooth  (08/09/2013 12.0.0.7620) (HKLM\...\7C5445C0C158E0500C2E0AD361C4CBF4BAB2476C) (Version: 08/09/2013 12.0.0.7620 - Broadcom Corporation)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

 

==================== Restore Points  =========================

 

18-05-2014 03:06:54 WD SmartWare Installer

25-05-2014 15:49:21 Scheduled Checkpoint

03-06-2014 21:19:24 Scheduled Checkpoint

05-06-2014 00:43:27 Windows Backup

08-06-2014 23:00:14 Windows Backup

11-06-2014 21:18:54 WD SmartWare Installer

 

==================== Hosts content: ==========================

 

2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {03CDD9EB-9FC2-47D5-8A1F-F2D024EE0398} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-10] (Microsoft Corporation)

Task: {19762045-0D4E-4CB0-B547-7364482C9B8F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {1B212671-33EE-46FB-B233-349A4A2B1C9B} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)

Task: {1EE5664F-97B8-4CE0-901A-03770FD5B7B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe

Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {23BE2994-20EA-49CD-8B2D-27FDD1FE60E7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)

Task: {2D0F3A23-3D03-4D8E-8B89-4BFF206F652F} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION

Task: {3E991863-80D3-4DD5-8A62-A16F8FB29D27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-11] (Google Inc.)

Task: {45B9FF87-0A7B-4E04-845A-C7871BA303B5} - System32\Tasks\Security Center Update - 2611310932 => C:\Users\Michael\AppData\Roaming\Heuvan\yqtyze.exe [2013-05-29] () <==== ATTENTION

Task: {4B883E09-F3CB-40B6-99DE-81004D02C346} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {4F0C30EE-EAC5-40CB-B4E2-B68298560767} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {59BA2EBE-5207-477A-8A88-922ECF1BFC94} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)

Task: {5FE7826E-33AF-4BC3-B8E5-C8BE0EDDA5D9} - System32\Tasks\Michael => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2013-05-30] (Seagate Technology LLC)

Task: {604F5EA3-E281-4302-9613-FBAFFB73D687} - System32\Tasks\Michael1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2013-05-30] (Seagate Technology LLC)

Task: {670149DF-C347-41A8-8236-15ED355F88AB} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)

Task: {924D5366-139F-4C72-94EE-BE9C7FFF61A2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\WSCStub.exe

Task: {964747F0-34A0-4C74-9C33-16F452372B04} - System32\Tasks\Michael Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2013-05-30] (Seagate Technology LLC)

Task: {976959AE-32D6-4BD5-8E34-FB4DE193DB2B} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2013-05-30] (Seagate Technology LLC)

Task: {9A638AC0-F266-4475-A5BD-F1427EF5F8D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe

Task: {9BC687D5-37EB-4217-B381-AB67F626A3C7} - System32\Tasks\Michael1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2013-05-30] (Seagate Technology LLC)

Task: {A2230D63-EDFF-41B9-9774-3B2AD59D4D61} - System32\Tasks\Western Digital\SmartWare\____Volume_85498e1f_114e_404b_8437_5d470f1fbe7a______Volume_79f342d3_c364_11e3_bea6_74e543952f6d__ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe [2014-06-02] (Western Digital Technologies, Inc.)

Task: {A26612F3-6A02-4A92-ADBC-4656488E55D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)

Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {AB3EDCD2-4931-4223-B931-2B73810DC1A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)

Task: {BBA801E3-C239-436A-AF40-3816C2522ED7} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\SymErr.exe

Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {D5C8EF3D-AE66-4C66-B9DC-5A7C65F06FCD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)

Task: {D72858DA-1B65-43EA-BE80-E74269F52FEC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)

Task: {DA9C8428-C181-4CAE-8C2C-09ACCF867C76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-11] (Google Inc.)

Task: {E1BA9482-2D39-4755-98A6-EA2B43F91925} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)

Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {EC13228D-68EA-45A4-BEBD-72391D71314C} - System32\Tasks\HPCeeScheduleForMichael => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {F7B6D172-0F94-4764-9E27-E0FA7BB8BB88} - System32\Tasks\Security Center Update - 2126033022 => C:\Users\Michael\AppData\Roaming\Udipuwfe\urcuxii.exe [2014-01-06] () <==== ATTENTION

Task: {FF6DC57D-D6C5-4BB9-BCC9-689CFC0283BE} - System32\Tasks\Michael DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2013-05-30] (Seagate Technology LLC)

Task: {FFD4E82B-807F-497E-B093-D8C6C876B272} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\SymErr.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\HPCeeScheduleForMichael.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\windows\Tasks\Security Center Update - 2126033022.job => C:\Users\Michael\AppData\Roaming\Udipuwfe\urcuxii.exe <==== ATTENTION

Task: C:\windows\Tasks\Security Center Update - 2611310932.job => C:\Users\Michael\AppData\Roaming\Heuvan\yqtyze.exe <==== ATTENTION

 

==================== Loaded Modules (whitelisted) =============

 

2012-06-20 15:48 - 2012-06-20 15:48 - 00457360 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe

2012-07-11 01:04 - 2012-07-11 01:04 - 00022160 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe

2013-05-12 01:10 - 2013-05-12 01:10 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2013-12-03 20:19 - 2013-12-03 20:20 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll

2012-11-04 13:42 - 2012-11-04 13:42 - 00071992 _____ () C:\Program Files\Logitech\SetPointP\WinRTProxy.DLL

2014-01-01 01:17 - 2014-01-01 01:17 - 00313344 _____ () C:\Users\Michael\AppData\Roaming\Xiuhytc\tupea.exe

2013-06-05 16:51 - 2013-06-05 16:51 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll

2012-08-29 13:02 - 2012-08-29 13:02 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll

2012-08-29 13:02 - 2012-08-29 13:02 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll

2012-08-29 13:02 - 2012-08-29 13:02 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll

2012-07-05 19:47 - 2012-07-05 19:47 - 00535184 _____ () C:\Program Files (x86)\Roxio Creator NXT\Roxio Burn\RoxioBurnLauncher.exe

2012-12-17 12:04 - 2012-12-17 12:04 - 00120224 _____ () C:\Users\Michael\AppData\Local\assembly\dl3\V3DZ0ML8.325\Y9HHO8NC.KZW\336638de\00ef7209_0886cd01\HPItunesModule.DLL

2014-01-06 11:24 - 2014-01-06 11:24 - 00306176 _____ () C:\Users\Michael\AppData\Roaming\Udipuwfe\urcuxii.exe

2012-07-11 01:04 - 2012-07-11 01:04 - 03306128 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll

2012-07-11 01:04 - 2012-07-11 01:04 - 00523920 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll

2012-07-11 01:04 - 2012-07-11 01:04 - 00108176 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll

2012-10-13 15:10 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

2014-05-25 20:55 - 2014-05-13 19:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll

2014-05-25 20:55 - 2014-05-13 19:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll

2014-05-25 20:55 - 2014-05-13 19:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll

2014-05-25 20:55 - 2014-05-13 19:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll

2014-05-25 20:55 - 2014-05-13 19:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Users\Michael\Documents\CineMagic.dmsd:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow0.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow1.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow2.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow3.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow4.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow5.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow6.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow7.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow8.dmsm:Roxio EMC Stream

AlternateDataStreams: C:\Users\Michael\Documents\Slideshow9.dmsm:Roxio EMC Stream

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (06/11/2014 05:55:20 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: xwukectn.exe, version: 0.0.0.0, time stamp: 0x53003800

Faulting module name: ntdll.dll, version: 6.2.9200.16578, time stamp: 0x515fac6e

Exception code: 0xc0000005

Fault offset: 0x000650fc

Faulting process id: 0x1e84

Faulting application start time: 0xxwukectn.exe0

Faulting application path: xwukectn.exe1

Faulting module path: xwukectn.exe2

Report Id: xwukectn.exe3

Faulting package full name: xwukectn.exe4

Faulting package-relative application ID: xwukectn.exe5

 

Error: (06/11/2014 05:13:12 PM) (Source: Perflib) (EventID: 1023) (User: )

Description: rdyboost4

 

Error: (06/11/2014 05:13:11 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll4

 

Error: (06/11/2014 05:13:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe_bthserv, version: 6.2.9200.16420, time stamp: 0x505a9a4e

Faulting module name: bthserv.dll, version: 6.2.9200.16384, time stamp: 0x501087af

Exception code: 0xc0000005

Fault offset: 0x000000000000d8f3

Faulting process id: 0x144

Faulting application start time: 0xsvchost.exe_bthserv0

Faulting application path: svchost.exe_bthserv1

Faulting module path: svchost.exe_bthserv2

Report Id: svchost.exe_bthserv3

Faulting package full name: svchost.exe_bthserv4

Faulting package-relative application ID: svchost.exe_bthserv5

 

Error: (06/10/2014 10:00:36 PM) (Source: Perflib) (EventID: 1017) (User: )

Description: Outlook

 

Error: (06/10/2014 10:00:36 PM) (Source: Perflib) (EventID: 1021) (User: )

Description: Outlook8

 

Error: (06/10/2014 10:00:35 PM) (Source: Perflib) (EventID: 1017) (User: )

Description: ASP.NET_2.0.50727

 

Error: (06/10/2014 10:00:35 PM) (Source: Perflib) (EventID: 1021) (User: )

Description: ASP.NET_2.0.507278

 

Error: (06/10/2014 10:00:35 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: .NETFrameworkC:\windows\system32\mscoree.dll8

 

Error: (06/09/2014 08:15:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Seagate.Dashboard.DASWindowsService.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.Management.ManagementException

Stack:

   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)

   at System.Management.SinkForEventQuery.Cancel()

   at System.Management.ManagementEventWatcher.Stop()

   at System.Management.ManagementEventWatcher.Finalize()

 

 

System errors:

=============

Error: (06/11/2014 05:26:40 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)

Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

 

Error: (06/11/2014 05:26:35 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)

Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

 

Error: (06/11/2014 05:24:13 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Roxio Hard Drive Watcher 14 service terminated with the following error: 

%%2147500053

 

Error: (06/11/2014 05:22:25 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)

Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

 

Error: (06/11/2014 05:16:47 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)

Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

 

Error: (06/11/2014 05:15:18 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Store Interface Service service, but this action failed with the following error: 

%%1056

 

Error: (06/11/2014 05:15:18 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Bluetooth Support Service service, but this action failed with the following error: 

%%1056

 

Error: (06/11/2014 05:15:03 PM) (Source: Schannel) (EventID: 4102) (User: NT AUTHORITY)

Description: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.

 

Error: (06/11/2014 05:14:18 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Font Cache Service service, but this action failed with the following error: 

%%1056

 

Error: (06/11/2014 05:13:18 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network List Service service, but this action failed with the following error: 

%%1056

 

 

Microsoft Office Sessions:

=========================

Error: (06/11/2014 05:55:20 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: xwukectn.exe0.0.0.053003800ntdll.dll6.2.9200.16578515fac6ec0000005000650fc1e8401cf85bfd66709e6C:\Users\Michael\AppData\Local\xwukectn.exeC:\windows\SYSTEM32\ntdll.dll14811442-f1b3-11e3-beb7-74e543952f6d

 

Error: (06/11/2014 05:13:12 PM) (Source: Perflib) (EventID: 1023) (User: )

Description: rdyboost4

 

Error: (06/11/2014 05:13:11 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll4

 

Error: (06/11/2014 05:13:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: svchost.exe_bthserv6.2.9200.16420505a9a4ebthserv.dll6.2.9200.16384501087afc0000005000000000000d8f314401cf85b9d21ffe43C:\windows\system32\svchost.exec:\windows\system32\bthserv.dll30982e7e-f1ad-11e3-beb6-74e543952f6d

 

Error: (06/10/2014 10:00:36 PM) (Source: Perflib) (EventID: 1017) (User: )

Description: Outlook

 

Error: (06/10/2014 10:00:36 PM) (Source: Perflib) (EventID: 1021) (User: )

Description: Outlook8

 

Error: (06/10/2014 10:00:35 PM) (Source: Perflib) (EventID: 1017) (User: )

Description: ASP.NET_2.0.50727

 

Error: (06/10/2014 10:00:35 PM) (Source: Perflib) (EventID: 1021) (User: )

Description: ASP.NET_2.0.507278

 

Error: (06/10/2014 10:00:35 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: .NETFrameworkC:\windows\system32\mscoree.dll8

 

Error: (06/09/2014 08:15:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Seagate.Dashboard.DASWindowsService.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.Management.ManagementException

Stack:

   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)

   at System.Management.SinkForEventQuery.Cancel()

   at System.Management.ManagementEventWatcher.Stop()

   at System.Management.ManagementEventWatcher.Finalize()

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 32%

Total physical RAM: 7575.51 MB

Available physical RAM: 5084.66 MB

Total Pagefile: 9559.51 MB

Available Pagefile: 6500.51 MB

Total Virtual: 8192 MB

Available Virtual: 8191.76 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:910.35 GB) (Free:627.17 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (Recovery Image) (Fixed) (Total:19.69 GB) (Free:2.46 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive l: (My Passport) (Fixed) (Total:931.48 GB) (Free:239.62 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 932 GB) (Disk ID: C6696C19)

 

Partition: GPT Partition Type.

 

========================================================

Disk: 5 (MBR Code: Windows XP) (Size: 931 GB) (Disk ID: 703F22F3)

Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

[Firefox]

Yes that is the logs we were looking for....

The logs indicate that multiple processes are crashing or not running correctly...

You also have some items running from temp folders which is not right.

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thanks