Jump to content

Lots of Pop-ups and Internet VERY slow


Recommended Posts

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

Link to post
Share on other sites

Downloading the latest Avast! virus definitions was both very slow, and got stuck at 90.66MB. I'm going to try again at work tomorrow just to rule out my network being the issue.
 
Here are the logs from the first step.
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Jesse (administrator) on SKYNET on 08-07-2014 17:52:37
Running from C:\Users\Jesse_000\Downloads
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spotify Ltd) C:\Users\Jesse_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\ace_engine.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Flux Software LLC) C:\Users\Jesse_000\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\ace_update.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Jesse_000\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.)
HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7763256 2013-03-06] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2486296 2014-01-05] ()
HKLM-x32\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-24] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [GoogleChromeAutoLaunch_EEDE4BC0A57ECC9F3BD6EA138F0998CA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-06-05] (Google Inc.)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [steam] => C:\Program Files (x86)\Steam\Steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [spotify Web Helper] => C:\Users\Jesse_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-07-02] (Spotify Ltd)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-06] (Microsoft Corporation)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [AceStream] => C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\ace_engine.exe [27904 2014-07-03] ()
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [f.lux] => C:\Users\Jesse_000\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [Google Update] => C:\Users\Jesse_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-27] (Google Inc.)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\RunOnce: [uninstall C:\Users\Jesse_000\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jesse_000\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\MountPoints2: {21b003a1-1079-11e3-be7a-681729578c98} - "H:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-21-2558357397-3746353904-852755097-1001\...\MountPoints2: {d05ed939-0ccd-11e3-be78-681729578c98} - "F:\OriginInstaller.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuicKeys Engine.lnk
ShortcutTarget: QuicKeys Engine.lnk -> C:\Program Files (x86)\Startly\QuicKeys\QkEngine.exe (Startly Technologies)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
Startup: C:\Users\Jesse_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jesse_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com?cid={EEA013E2-D1C9-41F7-98F7-4843406BC2A8}&mid=87621eb4025f47d39dccb95e6fb3656b-e97d2554b3bc1d4bb39607192a4200b6ba78d6cb〈=en&ds=cm012&coid=avgtbdiscm&cmpid=&pr=sa&d=2013-11-06 10:29:09&v=17.3.0.49&pid=safeguard&sg=0&sap=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={EEA013E2-D1C9-41F7-98F7-4843406BC2A8}&mid=87621eb4025f47d39dccb95e6fb3656b-e97d2554b3bc1d4bb39607192a4200b6ba78d6cb〈=en&ds=cm012&coid=avgtbdiscm&cmpid=&pr=sa&d=2013-11-06 10:29:09&v=17.3.0.49&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jesse_000\AppData\Roaming\Mozilla\Firefox\Profiles\tgru2cat.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com?cid={EEA013E2-D1C9-41F7-98F7-4843406BC2A8}&mid=87621eb4025f47d39dccb95e6fb3656b-e97d2554b3bc1d4bb39607192a4200b6ba78d6cb〈=en&ds=cm012&coid=avgtbdiscm&pr=sa&d=2013-11-06 10:29:09&v=17.0.1.12&pid=safeguard&sg=0&sap=hp
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.1.5 - C:\Users\Jesse_000\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Jesse_000\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Jesse_000\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Jesse_000\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Jesse_000\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jesse_000\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Jesse_000\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2013-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-08-20]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49 [2014-01-05]
FF HKCU\...\Firefox\Extensions: [magicplayer@torrentstream.org] - C:\Users\Jesse_000\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org
 
Chrome: 
=======
CHR HomePage: hxxp://www.mirostart.com/?cfg=2-73-0-1QBoG
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3289847&SearchSource=48&CUI=UN42760865122189912&UM=1", "hxxp://mysearch.avg.com/?cid={A006D99B-50FF-4183-8649-E982803B0128}&mid=ed2e9941974247d081e5f123cce390bf-9aeddaebd05dd57b7309c66009de14b428327dde〈=en&ds=ts024&pr=sa&d=2013-08-16 11:03:07&v=15.4.0.5&pid=safeguard&sg=0&sap=hp", "hxxp://mysearch.avg.com/?cid={EEA013E2-D1C9-41F7-98F7-4843406BC2A8}&mid=87621eb4025f47d39dccb95e6fb3656b-e97d2554b3bc1d4bb39607192a4200b6ba78d6cb〈=en&ds=cm012&pr=sa&d=2013-09-01 22:07:51&v=15.6.1.2&pid=safeguard&sg=0&sap=hp", "https://blink.bethel.edu/", "hxxp://mysearch.avg.com?cid={EEA013E2-D1C9-41F7-98F7-4843406BC2A8}&mid=87621eb4025f47d39dccb95e6fb3656b-e97d2554b3bc1d4bb39607192a4200b6ba78d6cb〈=en&ds=cm012&coid=avgtbdiscm&pr=sa&d=2013-11-06 10:29:09&v=17.1.2.1&pid=safeguard&sg=0&sap=hp"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Simple Pass) - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2013-08-20]
CHR Extension: (HP Product Detection Plugin) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-08-23]
CHR Extension: (Google Drive) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-20]
CHR Extension: (Honey) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2013-08-31]
CHR Extension: (Google Cast) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-06-01]
CHR Extension: (Proxy2k - Fast SSL Online Web Proxy App) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfefklojlbnleofkamngbkfmpfpanmgg [2013-08-20]
CHR Extension: (Adblock Plus) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-01]
CHR Extension: (SearchMark) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cidphbjheamggcklpgfibhdhkkgpnbkm [2014-03-19]
CHR Extension: (Weebly - Website Builder) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb [2013-08-20]
CHR Extension: (Google Search) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-20]
CHR Extension: (ICE Quick Stream) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2013-12-27]
CHR Extension: (Chain Reaction) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa [2013-08-20]
CHR Extension: (Hola Better Internet) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-11-05]
CHR Extension: (Typing Test - KeyHero) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2013-08-20]
CHR Extension: (Cargo Bridge) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2013-08-20]
CHR Extension: (Coupons at Checkout) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegphgaihkjoophpabchkmpaknehfamb [2013-08-31]
CHR Extension: (Little Alchemy) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2013-08-20]
CHR Extension: (Word²) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpibnckjjeaabeepofhfmmpjmnomohee [2013-08-20]
CHR Extension: (Poppit) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-08-20]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2013-08-20]
CHR Extension: (Google Drawings) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2014-06-19]
CHR Extension: (Berzerk Ball) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlhdccfnfabmabdlpmlgmnegfekcpgpb [2013-08-20]
CHR Extension: (AVG SafeGuard) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-08-24]
CHR Extension: (MuteTab) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc [2014-01-09]
CHR Extension: (Google Wallet) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (TS Magic Player) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ochbjojkpcmlfeagbaahkofepalngihg [2013-08-20]
CHR Extension: (Bastion) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid [2014-03-11]
CHR Extension: (Encalc) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\opooonemolkfocjdnppkaadhiejdgghg [2013-08-20]
CHR Extension: (Gmail) - C:\Users\Jesse_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-20]
CHR HKLM-x32\...\Chrome\Extension: [kanflfepiobnpjbljmngfgegijhdpljm] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2013-04-01]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Jesse_000\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.0.49\avg.crx [2014-01-05]
 
==================== Services (Whitelisted) =================
 
S4 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
S4 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-06-07] (HP)
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-11-06] (SurfRight B.V.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
S4 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [906024 2013-11-26] (AnchorFree Inc.)
S4 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-11-13] ()
S4 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-11-26] ()
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-10] (Intel Corporation)
R2 Intel® Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation)
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
S4 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [907384 2013-09-25] ()
S4 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-02-05] (IDT, Inc.) [File not signed]
S4 TorchCrashHandler; C:\Users\Jesse_000\AppData\Local\Torch\Update\TorchCrashHandler.exe [1206624 2013-07-20] (TorchMedia Inc.) [File not signed]
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-08] (AuthenTec, Inc.)
S4 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [28160 2013-03-19] () [File not signed]
S4 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-05] (AVG Secure Search)
S4 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [File not signed]
S4 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()
S4 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132408 2013-01-21] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1362232 2013-02-14] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-08-24] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2013-11-13] (AnchorFree Inc.)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 NSNDIS5; C:\Windows\SysWOW64\NSNDIS5.SYS [17280 2004-03-23] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [450632 2013-02-22] (RTS Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-04-24] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-07-08] ()
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows ® Win 7 DDK provider)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-01-06] ()
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-08 17:52 - 2014-07-08 17:53 - 00037113 _____ () C:\Users\Jesse_000\Downloads\FRST.txt
2014-07-08 17:52 - 2014-07-08 17:52 - 03404720 _____ () C:\Users\Jesse_000\Downloads\Unconfirmed 941617.crdownload
2014-07-08 17:52 - 2014-07-08 17:52 - 00000000 ____D () C:\FRST
2014-07-08 17:51 - 2014-07-08 17:52 - 02084352 _____ (Farbar) C:\Users\Jesse_000\Downloads\FRST64.exe
2014-07-07 00:11 - 2014-07-07 00:11 - 05661014 _____ () C:\Users\Jesse_000\Downloads\Elite_Lunar_AOSP-05_09_2014.zip
2014-07-05 10:57 - 2014-07-05 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-05 10:56 - 2014-07-05 10:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-05 10:53 - 2014-07-05 10:54 - 41945432 _____ (Apple Inc.) C:\Users\Jesse_000\Downloads\QuickTimeInstaller.exe
2014-07-02 16:20 - 2014-07-02 16:21 - 46025597 _____ () C:\Users\Jesse_000\Downloads\The Matrix Meeting Morpheus Scene HD (720p).mp4
2014-07-02 15:49 - 2014-07-02 15:49 - 00023396 _____ () C:\Users\Jesse_000\Downloads\voicemail.wav
2014-07-02 10:22 - 2014-07-02 10:23 - 01715637 _____ () C:\Users\Jesse_000\Downloads\-- New Tune Idea (2).m4a
2014-07-02 10:21 - 2014-07-02 10:21 - 01715637 _____ () C:\Users\Jesse_000\Downloads\-- New Tune Idea (1).m4a
2014-06-27 14:29 - 2014-06-27 14:33 - 218387963 _____ () C:\Users\Jesse_000\Downloads\ds_m7vzw-6-10-14.zip
2014-06-27 14:29 - 2014-06-27 14:31 - 72353530 _____ () C:\Users\Jesse_000\Downloads\GAPPS-KK-20140609.zip
2014-06-27 10:56 - 2014-06-27 11:02 - 201944840 _____ () C:\Users\Jesse_000\Downloads\LS-KK-v3.0-OFFICIAL-m7vzw_051214.zip
2014-06-26 13:11 - 2014-06-26 13:11 - 01715637 _____ () C:\Users\Jesse_000\Downloads\-- New Tune Idea.m4a
2014-06-25 18:55 - 2014-06-25 18:56 - 00741872 _____ () C:\Users\Jesse_000\Downloads\d-groups 1.pptx
2014-06-25 10:07 - 2014-06-25 10:16 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\mIRC
2014-06-25 10:07 - 2014-06-25 10:07 - 00000918 _____ () C:\Users\Public\Desktop\mIRC.lnk
2014-06-25 10:07 - 2014-06-25 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2014-06-25 10:07 - 2014-06-25 10:07 - 00000000 ____D () C:\Program Files (x86)\mIRC
2014-06-25 10:06 - 2014-06-25 10:07 - 01986960 _____ (mIRC Co. Ltd.) C:\Users\Jesse_000\Downloads\mirc734.exe
2014-06-25 09:54 - 2014-06-25 09:54 - 00225568 _____ (Premium Installer ) C:\Users\Jesse_000\Downloads\setup.exe
2014-06-23 16:55 - 2014-06-23 16:55 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
2014-06-23 16:55 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\Windows\system32\CNCALBN.DLL
2014-06-23 16:53 - 2014-06-23 16:53 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-06-23 16:53 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\Windows\system32\CNMLMBN.DLL
2014-06-21 13:38 - 2014-06-21 13:38 - 01000232 _____ () C:\Users\Jesse_000\Downloads\Player.exe
2014-06-20 01:24 - 2014-06-20 01:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 01:24 - 2014-06-20 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-20 01:24 - 2014-06-20 01:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-20 01:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-20 01:24 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-20 01:22 - 2014-06-20 01:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jesse_000\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-18 16:33 - 2014-06-18 16:33 - 00011223 _____ () C:\Users\Jesse_000\Downloads\MyContacts.csv
2014-06-18 15:47 - 2014-06-18 15:48 - 157694716 _____ () C:\Users\Jesse_000\Downloads\gapps-kk-20140606-signed.zip
2014-06-18 15:47 - 2014-06-18 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2014-06-18 15:42 - 2014-06-18 15:42 - 00268376 _____ () C:\Users\Jesse_000\Downloads\winmd5free.zip
2014-06-18 15:40 - 2014-06-18 15:41 - 24611712 _____ () C:\Users\Jesse_000\Downloads\m7wlv_firmware_3.11.605.1.zip
2014-06-18 15:37 - 2014-06-18 15:40 - 230036129 _____ () C:\Users\Jesse_000\Downloads\cm-11-20140609-SNAPSHOT-M7-m7vzw.zip
2014-06-18 15:37 - 2014-06-18 15:37 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-06-18 15:37 - 2014-06-18 15:37 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-06-18 15:36 - 2014-06-18 15:36 - 02056192 _____ () C:\Users\Jesse_000\Downloads\CMInstaller.msi
2014-06-18 15:30 - 2014-06-18 15:34 - 490708790 _____ () C:\Users\Jesse_000\Downloads\Unconfirmed 912313.crdownload
2014-06-18 13:50 - 2014-06-18 13:50 - 00038119 _____ () C:\Users\Jesse_000\Downloads\2013 Student Ministries Contact.xlsx
2014-06-18 11:01 - 2014-06-18 11:02 - 00267778 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-06-18 00:18 - 2014-06-18 00:18 - 08968192 _____ () C:\Users\Jesse_000\Downloads\recovery-clockwork-touch-6.0.4.8-m7vzw.img
2014-06-18 00:07 - 2014-07-08 16:37 - 00942994 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-17 23:42 - 2014-06-17 23:42 - 04522136 _____ () C:\Users\Jesse_000\Downloads\firewater (1)
2014-06-17 23:29 - 2014-06-17 23:29 - 00000000 ____D () C:\Users\Jesse_000\Downloads\rumrunner_t6wl_1.11.605.4
2014-06-17 23:28 - 2014-06-17 23:28 - 22625105 _____ () C:\Users\Jesse_000\Downloads\rumrunner_t6wl_1.11.605.4.zip
2014-06-17 15:33 - 2014-06-17 15:33 - 01533747 _____ () C:\Users\Jesse_000\Downloads\WeakSauce-1.0.1 (1).zip
2014-06-17 15:18 - 2014-06-18 15:43 - 00000000 ____D () C:\Android
2014-06-17 15:18 - 2014-06-17 15:18 - 09560052 _____ () C:\Users\Jesse_000\Downloads\adb-setup-1.3.exe
2014-06-17 15:18 - 2014-06-17 15:18 - 00000000 ____D () C:\Program Files\DIFX
2014-06-17 15:16 - 2014-06-17 15:16 - 01533747 _____ () C:\Users\Jesse_000\Downloads\WeakSauce-1.0.1.zip
2014-06-17 15:14 - 2014-06-17 15:14 - 21093130 _____ () C:\Users\Jesse_000\Downloads\rumrunner_m7wlv_1.10.605.2 (1).zip
2014-06-17 15:09 - 2014-06-17 16:01 - 00000000 ____D () C:\Users\Jesse_000\Downloads\rumrunner_m7wlv_1.10.605.2
2014-06-17 15:08 - 2014-06-17 15:09 - 21093130 _____ () C:\Users\Jesse_000\Downloads\rumrunner_m7wlv_1.10.605.2.zip
2014-06-17 15:07 - 2014-05-03 00:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-17 15:07 - 2014-05-02 22:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-17 15:07 - 2014-04-29 17:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-17 15:07 - 2014-04-29 17:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-17 15:06 - 2014-04-03 06:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-17 15:06 - 2014-04-02 22:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-17 15:06 - 2014-03-31 17:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-17 15:06 - 2014-03-24 18:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-17 15:06 - 2014-03-24 17:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-17 15:05 - 2014-06-17 15:05 - 01130309 _____ () C:\Users\Jesse_000\Downloads\HTC_drivers_Win7_x64.zip
2014-06-17 15:05 - 2014-06-17 15:05 - 00000000 ____D () C:\Users\Jesse_000\Downloads\HTC_drivers_Win7_x64
2014-06-17 15:05 - 2014-05-23 21:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-17 15:05 - 2014-05-23 21:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-17 15:05 - 2014-05-23 21:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-17 15:05 - 2014-05-23 21:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-17 15:05 - 2014-05-23 21:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-17 15:05 - 2014-05-23 21:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-17 15:05 - 2014-05-23 21:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-17 15:05 - 2014-05-23 21:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-17 15:05 - 2014-05-23 21:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-17 15:05 - 2014-05-23 20:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-17 15:05 - 2014-05-23 20:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-17 15:05 - 2014-05-23 20:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-17 15:05 - 2014-05-23 20:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-17 15:05 - 2014-05-23 20:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-17 15:05 - 2014-05-23 20:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-17 15:05 - 2014-05-23 20:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-17 15:05 - 2014-05-23 20:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-17 15:05 - 2014-05-23 20:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-17 15:05 - 2014-05-23 20:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-17 15:05 - 2014-05-23 20:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-17 15:05 - 2014-05-23 17:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-17 15:05 - 2014-03-28 03:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-17 15:04 - 2014-04-03 06:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-17 15:04 - 2014-03-28 14:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-06-17 15:04 - 2014-03-28 01:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-17 15:04 - 2014-03-23 17:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-06-17 15:04 - 2014-03-06 19:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-17 15:04 - 2014-03-06 19:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-17 15:03 - 2014-06-17 15:03 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-17 15:03 - 2014-04-12 04:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-17 15:03 - 2014-04-12 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-17 15:03 - 2014-04-12 04:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-06-17 15:03 - 2014-04-12 04:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-06-17 15:03 - 2014-04-12 04:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-17 15:03 - 2014-04-12 04:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-17 15:03 - 2014-04-12 04:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-17 15:03 - 2014-04-12 04:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-17 15:03 - 2014-04-12 04:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-06-17 15:03 - 2014-04-12 04:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-17 15:03 - 2014-04-12 04:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-17 15:03 - 2014-04-12 02:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-06-17 15:03 - 2014-04-12 02:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-06-17 15:03 - 2014-04-12 02:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-17 15:03 - 2014-04-12 02:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-17 15:03 - 2014-04-12 02:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-17 15:03 - 2014-04-12 02:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-17 15:03 - 2014-04-12 02:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-17 15:03 - 2014-04-12 01:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-06-17 15:03 - 2014-03-28 03:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-06-17 15:03 - 2014-03-10 22:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-17 15:03 - 2014-03-10 22:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-17 15:03 - 2014-03-10 19:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-17 15:03 - 2014-03-10 19:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-17 15:03 - 2014-03-10 19:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-17 15:03 - 2014-03-10 19:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-17 15:03 - 2014-03-10 19:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-17 15:03 - 2014-03-10 19:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-17 15:03 - 2014-03-10 19:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-17 15:03 - 2014-03-10 19:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-06-17 15:03 - 2014-03-10 19:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-17 15:03 - 2014-03-10 19:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-17 15:03 - 2014-03-10 19:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-17 15:03 - 2014-03-09 22:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-17 15:03 - 2014-03-09 20:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-17 15:03 - 2014-03-03 18:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-17 15:03 - 2014-03-01 04:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-17 15:03 - 2014-03-01 04:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-06-17 15:03 - 2014-03-01 03:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-06-17 15:03 - 2014-03-01 01:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-17 15:03 - 2014-02-26 18:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-17 15:03 - 2014-02-26 18:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-17 15:03 - 2014-02-26 18:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-17 15:03 - 2014-02-14 23:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-06-17 15:00 - 2014-06-17 15:02 - 165708080 _____ (HTC Corporation ) C:\Users\Jesse_000\Downloads\setup_3.3.63.exe
2014-06-17 14:54 - 2014-04-19 04:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-06-17 14:54 - 2014-04-19 03:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-06-17 14:54 - 2014-04-19 03:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-17 14:54 - 2014-04-19 01:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-06-17 14:54 - 2014-04-19 01:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-17 14:17 - 2014-06-17 14:17 - 00000005 _____ () C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-06-17 14:16 - 2014-06-17 14:49 - 00000000 ____D () C:\Users\Jesse_000\.android
2014-06-17 14:16 - 2014-06-17 14:17 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\HTC
2014-06-17 14:16 - 2014-06-17 14:17 - 00000000 ____D () C:\ProgramData\HTC
2014-06-17 14:16 - 2014-06-17 14:16 - 00000000 ____D () C:\Users\Jesse_000\Documents\HTC
2014-06-17 14:11 - 2014-06-17 15:04 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-06-17 14:11 - 2014-06-17 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-06-17 14:11 - 2014-06-17 14:11 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-06-17 14:10 - 2014-06-17 14:10 - 00208262 _____ () C:\Users\Jesse_000\Downloads\adb_fastboot_drivers.zip
2014-06-17 14:09 - 2014-06-17 14:38 - 00000000 ____D () C:\sdk
2014-06-17 14:08 - 2014-06-17 14:08 - 00000000 ____D () C:\Users\Jesse_000\Downloads\adt-bundle-windows-x86_64-20140321
2014-06-17 14:06 - 2014-06-17 14:06 - 00918952 _____ (Oracle Corporation) C:\Users\Jesse_000\Downloads\chromeinstall-7u60 (1).exe
2014-06-17 14:05 - 2014-06-17 14:05 - 00005470 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-17 14:05 - 2014-06-17 14:05 - 00000000 ____D () C:\Users\Jesse_000\Downloads\fastboot-win
2014-06-17 14:05 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-17 14:05 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-17 14:05 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-17 14:05 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-17 14:02 - 2014-06-17 14:09 - 136072080 _____ (HTC) C:\Users\Jesse_000\Downloads\setup_3.1.13.0_htc.exe
2014-06-17 14:02 - 2014-06-17 14:02 - 00918952 _____ (Oracle Corporation) C:\Users\Jesse_000\Downloads\chromeinstall-7u60.exe
2014-06-17 14:01 - 2014-06-17 14:08 - 535287324 _____ () C:\Users\Jesse_000\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-06-14 13:55 - 2014-06-14 13:55 - 00442687 _____ () C:\Users\Jesse_000\Downloads\kingdom_come_charts.zip
2014-06-14 12:40 - 2014-06-14 12:42 - 156459280 _____ () C:\Users\Jesse_000\Downloads\Always-Been-About-You-NEW.zip
2014-06-09 12:33 - 2014-06-09 12:33 - 00645729 _____ (WDS Team) C:\Users\Jesse_000\Downloads\windirstat1_1_2_setup.exe
2014-06-09 12:33 - 2014-06-09 12:33 - 00000998 _____ () C:\Users\Jesse_000\Desktop\WinDirStat.lnk
2014-06-09 12:33 - 2014-06-09 12:33 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-06-09 12:33 - 2014-06-09 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-06-09 12:33 - 2014-06-09 12:33 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
 
==================== One Month Modified Files and Folders =======
 
2014-07-08 17:53 - 2014-07-08 17:52 - 00037113 _____ () C:\Users\Jesse_000\Downloads\FRST.txt
2014-07-08 17:52 - 2014-07-08 17:52 - 03404720 _____ () C:\Users\Jesse_000\Downloads\Unconfirmed 941617.crdownload
2014-07-08 17:52 - 2014-07-08 17:52 - 00000000 ____D () C:\FRST
2014-07-08 17:52 - 2014-07-08 17:51 - 02084352 _____ (Farbar) C:\Users\Jesse_000\Downloads\FRST64.exe
2014-07-08 17:43 - 2014-02-27 20:18 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2558357397-3746353904-852755097-1001UA.job
2014-07-08 17:18 - 2014-01-21 20:30 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 17:18 - 2014-01-21 20:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-08 17:17 - 2013-08-20 18:34 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-08 17:00 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-08 16:37 - 2014-06-18 00:07 - 00942994 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-08 16:35 - 2014-01-07 18:48 - 00000000 ___RD () C:\Users\Jesse_000\Google Drive
2014-07-08 16:33 - 2013-08-23 19:16 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-07-08 16:33 - 2013-08-23 19:16 - 00000424 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2014-07-08 16:33 - 2013-08-20 18:34 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-08 16:31 - 2013-08-21 18:48 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForJesse.job
2014-07-08 16:31 - 2012-07-26 02:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-08 16:30 - 2012-08-03 17:23 - 00720916 _____ () C:\Windows\PFRO.log
2014-07-08 16:26 - 2013-08-23 19:32 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\Spotify
2014-07-08 10:41 - 2014-02-27 20:18 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2558357397-3746353904-852755097-1001Core.job
2014-07-08 10:27 - 2013-08-20 17:16 - 01803150 _____ () C:\Windows\WindowsUpdate.log
2014-07-07 23:48 - 2013-08-23 19:31 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\uTorrent
2014-07-07 23:47 - 2013-08-23 14:09 - 01303040 ___SH () C:\Users\Jesse_000\Downloads\Thumbs.db
2014-07-07 23:12 - 2013-08-23 19:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-07 20:20 - 2013-08-24 10:01 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\Skype
2014-07-07 18:18 - 2013-08-23 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-07 14:27 - 2013-09-03 10:54 - 00000000 ____D () C:\Users\Jesse_000\AppData\Local\Spotify
2014-07-07 00:11 - 2014-07-07 00:11 - 05661014 _____ () C:\Users\Jesse_000\Downloads\Elite_Lunar_AOSP-05_09_2014.zip
2014-07-05 10:57 - 2014-07-05 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-05 10:57 - 2014-07-05 10:56 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-05 10:54 - 2014-07-05 10:53 - 41945432 _____ (Apple Inc.) C:\Users\Jesse_000\Downloads\QuickTimeInstaller.exe
2014-07-03 15:16 - 2013-08-21 18:48 - 00003160 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJesse
2014-07-03 15:16 - 2013-08-20 17:16 - 00000000 ____D () C:\Users\Jesse_000
2014-07-02 16:21 - 2014-07-02 16:20 - 46025597 _____ () C:\Users\Jesse_000\Downloads\The Matrix Meeting Morpheus Scene HD (720p).mp4
2014-07-02 15:49 - 2014-07-02 15:49 - 00023396 _____ () C:\Users\Jesse_000\Downloads\voicemail.wav
2014-07-02 15:49 - 2013-09-05 19:22 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\.ACEStream
2014-07-02 10:23 - 2014-07-02 10:22 - 01715637 _____ () C:\Users\Jesse_000\Downloads\-- New Tune Idea (2).m4a
2014-07-02 10:21 - 2014-07-02 10:21 - 01715637 _____ () C:\Users\Jesse_000\Downloads\-- New Tune Idea (1).m4a
2014-07-02 10:20 - 2013-08-21 08:59 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-02 10:20 - 2013-08-21 08:59 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-27 14:33 - 2014-06-27 14:29 - 218387963 _____ () C:\Users\Jesse_000\Downloads\ds_m7vzw-6-10-14.zip
2014-06-27 14:31 - 2014-06-27 14:29 - 72353530 _____ () C:\Users\Jesse_000\Downloads\GAPPS-KK-20140609.zip
2014-06-27 14:13 - 2012-07-26 02:21 - 00065009 _____ () C:\Windows\setupact.log
2014-06-27 11:02 - 2014-06-27 10:56 - 201944840 _____ () C:\Users\Jesse_000\Downloads\LS-KK-v3.0-OFFICIAL-m7vzw_051214.zip
2014-06-27 00:36 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-26 17:47 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-26 13:11 - 2014-06-26 13:11 - 01715637 _____ () C:\Users\Jesse_000\Downloads\-- New Tune Idea.m4a
2014-06-25 19:31 - 2013-09-13 01:19 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\vlc
2014-06-25 19:17 - 2014-03-05 15:27 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\dvdcss
2014-06-25 18:56 - 2014-06-25 18:55 - 00741872 _____ () C:\Users\Jesse_000\Downloads\d-groups 1.pptx
2014-06-25 10:16 - 2014-06-25 10:07 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\mIRC
2014-06-25 10:07 - 2014-06-25 10:07 - 00000918 _____ () C:\Users\Public\Desktop\mIRC.lnk
2014-06-25 10:07 - 2014-06-25 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2014-06-25 10:07 - 2014-06-25 10:07 - 00000000 ____D () C:\Program Files (x86)\mIRC
2014-06-25 10:07 - 2014-06-25 10:06 - 01986960 _____ (mIRC Co. Ltd.) C:\Users\Jesse_000\Downloads\mirc734.exe
2014-06-25 09:54 - 2014-06-25 09:54 - 00225568 _____ (Premium Installer ) C:\Users\Jesse_000\Downloads\setup.exe
2014-06-23 16:55 - 2014-06-23 16:55 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
2014-06-23 16:55 - 2013-08-20 17:16 - 00000000 ____D () C:\Users\Jesse_000\AppData\Local\Packages
2014-06-23 16:53 - 2014-06-23 16:53 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-06-23 16:53 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-23 10:36 - 2014-02-27 20:18 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2558357397-3746353904-852755097-1001UA
2014-06-23 10:36 - 2014-02-27 20:18 - 00003496 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2558357397-3746353904-852755097-1001Core
2014-06-21 15:20 - 2013-08-20 17:24 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2558357397-3746353904-852755097-1001
2014-06-21 13:38 - 2014-06-21 13:38 - 01000232 _____ () C:\Users\Jesse_000\Downloads\Player.exe
2014-06-21 12:59 - 2014-03-25 14:24 - 00433640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-21 12:58 - 2012-07-26 02:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-21 12:58 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-21 12:57 - 2012-07-26 03:12 - 00000000 ___RD () C:\Windows\ToastData
2014-06-21 12:57 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-21 12:57 - 2012-07-26 03:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-06-21 12:57 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\WinStore
2014-06-21 12:57 - 2012-07-26 03:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-06-21 12:57 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-21 12:57 - 2012-07-26 03:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-21 03:12 - 2013-08-20 18:34 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-21 03:12 - 2013-08-20 18:34 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 01:25 - 2014-06-20 01:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 01:24 - 2014-06-20 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-20 01:24 - 2014-06-20 01:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-20 01:24 - 2013-09-08 16:44 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-20 01:24 - 2013-09-08 16:44 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\Malwarebytes
2014-06-20 01:24 - 2013-09-08 16:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-20 01:22 - 2014-06-20 01:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jesse_000\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-18 16:33 - 2014-06-18 16:33 - 00011223 _____ () C:\Users\Jesse_000\Downloads\MyContacts.csv
2014-06-18 15:48 - 2014-06-18 15:47 - 157694716 _____ () C:\Users\Jesse_000\Downloads\gapps-kk-20140606-signed.zip
2014-06-18 15:47 - 2014-06-18 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2014-06-18 15:43 - 2014-06-17 15:18 - 00000000 ____D () C:\Android
2014-06-18 15:42 - 2014-06-18 15:42 - 00268376 _____ () C:\Users\Jesse_000\Downloads\winmd5free.zip
2014-06-18 15:41 - 2014-06-18 15:40 - 24611712 _____ () C:\Users\Jesse_000\Downloads\m7wlv_firmware_3.11.605.1.zip
2014-06-18 15:40 - 2014-06-18 15:37 - 230036129 _____ () C:\Users\Jesse_000\Downloads\cm-11-20140609-SNAPSHOT-M7-m7vzw.zip
2014-06-18 15:37 - 2014-06-18 15:37 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-06-18 15:37 - 2014-06-18 15:37 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-06-18 15:36 - 2014-06-18 15:36 - 02056192 _____ () C:\Users\Jesse_000\Downloads\CMInstaller.msi
2014-06-18 15:34 - 2014-06-18 15:30 - 490708790 _____ () C:\Users\Jesse_000\Downloads\Unconfirmed 912313.crdownload
2014-06-18 13:50 - 2014-06-18 13:50 - 00038119 _____ () C:\Users\Jesse_000\Downloads\2013 Student Ministries Contact.xlsx
2014-06-18 11:02 - 2014-06-18 11:01 - 00267778 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-06-18 10:17 - 2013-08-25 14:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-18 10:12 - 2013-08-21 09:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-18 10:09 - 2012-07-26 00:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-18 00:18 - 2014-06-18 00:18 - 08968192 _____ () C:\Users\Jesse_000\Downloads\recovery-clockwork-touch-6.0.4.8-m7vzw.img
2014-06-17 23:42 - 2014-06-17 23:42 - 04522136 _____ () C:\Users\Jesse_000\Downloads\firewater (1)
2014-06-17 23:29 - 2014-06-17 23:29 - 00000000 ____D () C:\Users\Jesse_000\Downloads\rumrunner_t6wl_1.11.605.4
2014-06-17 23:28 - 2014-06-17 23:28 - 22625105 _____ () C:\Users\Jesse_000\Downloads\rumrunner_t6wl_1.11.605.4.zip
2014-06-17 16:01 - 2014-06-17 15:09 - 00000000 ____D () C:\Users\Jesse_000\Downloads\rumrunner_m7wlv_1.10.605.2
2014-06-17 15:33 - 2014-06-17 15:33 - 01533747 _____ () C:\Users\Jesse_000\Downloads\WeakSauce-1.0.1 (1).zip
2014-06-17 15:18 - 2014-06-17 15:18 - 09560052 _____ () C:\Users\Jesse_000\Downloads\adb-setup-1.3.exe
2014-06-17 15:18 - 2014-06-17 15:18 - 00000000 ____D () C:\Program Files\DIFX
2014-06-17 15:18 - 2013-07-06 02:36 - 00038528 _____ () C:\Windows\DPINST.LOG
2014-06-17 15:16 - 2014-06-17 15:16 - 01533747 _____ () C:\Users\Jesse_000\Downloads\WeakSauce-1.0.1.zip
2014-06-17 15:14 - 2014-06-17 15:14 - 21093130 _____ () C:\Users\Jesse_000\Downloads\rumrunner_m7wlv_1.10.605.2 (1).zip
2014-06-17 15:09 - 2014-06-17 15:08 - 21093130 _____ () C:\Users\Jesse_000\Downloads\rumrunner_m7wlv_1.10.605.2.zip
2014-06-17 15:05 - 2014-06-17 15:05 - 01130309 _____ () C:\Users\Jesse_000\Downloads\HTC_drivers_Win7_x64.zip
2014-06-17 15:05 - 2014-06-17 15:05 - 00000000 ____D () C:\Users\Jesse_000\Downloads\HTC_drivers_Win7_x64
2014-06-17 15:04 - 2014-06-17 14:11 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-06-17 15:04 - 2014-02-19 11:49 - 00000000 ____D () C:\Users\Jesse_000\AppData\Local\Downloaded Installations
2014-06-17 15:03 - 2014-06-17 15:03 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-06-17 15:02 - 2014-06-17 15:00 - 165708080 _____ (HTC Corporation ) C:\Users\Jesse_000\Downloads\setup_3.3.63.exe
2014-06-17 14:49 - 2014-06-17 14:16 - 00000000 ____D () C:\Users\Jesse_000\.android
2014-06-17 14:38 - 2014-06-17 14:09 - 00000000 ____D () C:\sdk
2014-06-17 14:17 - 2014-06-17 14:17 - 00000005 _____ () C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-06-17 14:17 - 2014-06-17 14:16 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\HTC
2014-06-17 14:17 - 2014-06-17 14:16 - 00000000 ____D () C:\ProgramData\HTC
2014-06-17 14:17 - 2014-06-17 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-06-17 14:16 - 2014-06-17 14:16 - 00000000 ____D () C:\Users\Jesse_000\Documents\HTC
2014-06-17 14:16 - 2013-08-23 19:38 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\Apple Computer
2014-06-17 14:16 - 2013-08-23 19:38 - 00000000 ____D () C:\Users\Jesse_000\AppData\Local\Apple Computer
2014-06-17 14:12 - 2013-08-23 22:07 - 00221696 ___SH () C:\Users\Jesse_000\Desktop\Thumbs.db
2014-06-17 14:11 - 2014-06-17 14:11 - 00000000 ____D () C:\Program Files (x86)\Spirent Communications
2014-06-17 14:10 - 2014-06-17 14:10 - 00208262 _____ () C:\Users\Jesse_000\Downloads\adb_fastboot_drivers.zip
2014-06-17 14:09 - 2014-06-17 14:02 - 136072080 _____ (HTC) C:\Users\Jesse_000\Downloads\setup_3.1.13.0_htc.exe
2014-06-17 14:08 - 2014-06-17 14:08 - 00000000 ____D () C:\Users\Jesse_000\Downloads\adt-bundle-windows-x86_64-20140321
2014-06-17 14:08 - 2014-06-17 14:01 - 535287324 _____ () C:\Users\Jesse_000\Downloads\adt-bundle-windows-x86_64-20140321.zip
2014-06-17 14:06 - 2014-06-17 14:06 - 00918952 _____ (Oracle Corporation) C:\Users\Jesse_000\Downloads\chromeinstall-7u60 (1).exe
2014-06-17 14:06 - 2013-10-20 23:42 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-17 14:05 - 2014-06-17 14:05 - 00005470 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-17 14:05 - 2014-06-17 14:05 - 00000000 ____D () C:\Users\Jesse_000\Downloads\fastboot-win
2014-06-17 14:05 - 2013-08-23 19:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-17 14:02 - 2014-06-17 14:02 - 00918952 _____ (Oracle Corporation) C:\Users\Jesse_000\Downloads\chromeinstall-7u60.exe
2014-06-14 13:55 - 2014-06-14 13:55 - 00442687 _____ () C:\Users\Jesse_000\Downloads\kingdom_come_charts.zip
2014-06-14 12:42 - 2014-06-14 12:40 - 156459280 _____ () C:\Users\Jesse_000\Downloads\Always-Been-About-You-NEW.zip
2014-06-13 16:13 - 2013-08-20 18:34 - 00002150 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-09 12:33 - 2014-06-09 12:33 - 00645729 _____ (WDS Team) C:\Users\Jesse_000\Downloads\windirstat1_1_2_setup.exe
2014-06-09 12:33 - 2014-06-09 12:33 - 00000998 _____ () C:\Users\Jesse_000\Desktop\WinDirStat.lnk
2014-06-09 12:33 - 2014-06-09 12:33 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-06-09 12:33 - 2014-06-09 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2014-06-09 12:33 - 2014-06-09 12:33 - 00000000 ____D () C:\Program Files (x86)\WinDirStat
2014-06-08 00:34 - 2013-08-23 17:36 - 00000000 ____D () C:\Users\Jesse_000\AppData\Roaming\Mozilla
ZeroAccess:
C:\Users\Jesse_000\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install
 
Some content of TEMP:
====================
C:\Users\Jesse_000\AppData\Local\Temp\Checkupdate.exe
C:\Users\Jesse_000\AppData\Local\Temp\CMInstaller.exe
C:\Users\Jesse_000\AppData\Local\Temp\Extract.exe
C:\Users\Jesse_000\AppData\Local\Temp\ffmpeg16.exe
C:\Users\Jesse_000\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Jesse_000\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Jesse_000\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Jesse_000\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Jesse_000\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Jesse_000\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Jesse_000\AppData\Local\Temp\mirc734.exe
C:\Users\Jesse_000\AppData\Local\Temp\msvcp110.dll
C:\Users\Jesse_000\AppData\Local\Temp\msvcr110.dll
C:\Users\Jesse_000\AppData\Local\Temp\oi_{E1AEEE72-C979-47D3-8F9A-143E1F582862}.exe
C:\Users\Jesse_000\AppData\Local\Temp\pc-decrapifier.exe
C:\Users\Jesse_000\AppData\Local\Temp\setup.exe
C:\Users\Jesse_000\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP60492.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP61413.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP62194.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP62976.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP63224.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP63786.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP64043.exe
C:\Users\Jesse_000\AppData\Local\Temp\sp64126.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP64569.exe
C:\Users\Jesse_000\AppData\Local\Temp\SP65000.exe
C:\Users\Jesse_000\AppData\Local\Temp\sqlite3.dll
C:\Users\Jesse_000\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Jesse_000\AppData\Local\Temp\UninstallHPSA.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-08 10:40
 
==================== End Of Log ============================
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01

Ran by Jesse at 2014-07-08 17:53:37

Running from C:\Users\Jesse_000\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden

Ace Stream Media 2.1.5 (HKCU\...\AceStream) (Version: 2.1.5 - Ace Stream Media)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)

AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden

AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 17.3.0.49 - AVG Technologies)

BBC iPlayer Downloads (HKLM-x32\...\{476A047B-BDA1-4B37-BB40-0710C7E9EB61}) (Version: 1.4.1 - BBC)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

CM Installer (HKLM-x32\...\{E8F42777-958D-4C14-9A42-8DCA1929FD26}) (Version: 1.0.0.0 - Cyanogen Inc.)

CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version:  - CyberGhost S.R.L.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)

Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.88 - NCH Software)

Dropbox (HKCU\...\Dropbox) (Version: 2.2.13 - Dropbox, Inc.)

Equalify v2.2.1 (Stable) (HKLM-x32\...\{FF890228-5396-4BB0-B500-6E2843D7DD63}) (Version: 2.2.1.0 - Equalify)

eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

Eye P.A. (HKLM-x32\...\{4511BBED-79A0-435A-9383-B2982B049420}) (Version: 1.7.0.63 - MetaGeek, LLC)

f.lux (HKCU\...\Flux) (Version:  - )

Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )

Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.8.208 - SurfRight B.V.)

Hotspot Shield 3.20 (HKLM-x32\...\HotspotShield) (Version: 3.20 - AnchorFree Inc.)

HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)

HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)

HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden

HP Documentation (HKLM-x32\...\{7F265322-43A2-4C06-925B-F32F938B102C}) (Version: 1.3.0.0 - Hewlett-Packard)

HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden

HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)

HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)

HP Recovery Manager (x32 Version: 9.00 - Hewlett-Packard) Hidden

HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)

HP SimplePass (HKLM-x32\...\{4BACA3B8-F63A-44ED-9A8D-48B4D02AD268}) (Version: 6.0.100.276 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)

HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)

HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)

HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)

HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)

Hugin 2013.0.0 (HKLM-x32\...\Hugin) (Version: 2013.0.0 hg_0d404a7088e6 - The Hugin Development Team)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6454.0 - IDT)

inSSIDer Office (HKLM-x32\...\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C526}) (Version: 3.1.1.6 - MetaGeek, LLC)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)

Intel® PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)

Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1303-148929CC1385}) (Version: 3.0.1303.0326 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation)

Intel® Rapid Storage Technology (Version: 12.0.7.1002 - Intel Corporation) Hidden

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)

Intel® Smart Connect Technology 4.0 x64 (HKLM\...\{5D1D65C3-E6D3-4751-AEFD-CAB4E3EB85F2}) (Version: 4.0.41.2072 - Intel)

Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)

Intel® WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden

Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)

iTunes (HKLM\...\{427174C0-096E-40D9-9684-9C109BEE2CBF}) (Version: 11.0.5.5 - Apple Inc.)

Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)

Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden

Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )

League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)

Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)

Macrium Reflect Free Edition (Version: 5.2.6399 - Paramount Software (UK) Ltd.) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

mIRC (HKLM-x32\...\mIRC) (Version: 7.34 - mIRC Co. Ltd.)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 23.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version:  - )

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Port Forwarding Wizard Lite 1.5 (HKLM-x32\...\Port Forwarding Wizard Lite_is1) (Version:  - upredsun, Inc.)

Portforward Static IP Address 1.0.47 (HKLM-x32\...\Portforward Static IP Address) (Version: 1.0.47 - Portforward.com)

QuicKeys (HKLM-x32\...\{22B667F6-7EF8-49A6-B652-7F703330CBFD}) (Version: 3.0.3 - Startly Technologies, LLC.)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)

Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)

SharpKeys (HKLM-x32\...\{B6685367-A8AD-4414-A2A3-10B40EC5CF30}) (Version:  - )

Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.1 - PcWinTech.com)

SING & SEE v1.4.9 (HKLM-x32\...\SING & SEE PROFESSIONAL_is1) (Version: 1.4.9 - Cantovation Ltd)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

SlimDrivers (HKLM-x32\...\{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}) (Version: 2.2.30877 - SlimWare Utilities, Inc.)

SmartPixel (HKLM-x32\...\SmartPixel) (Version: 1.0.0.0 - Beyond Magic Limited)

SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)

Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)

StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version:  - )

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)

TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )

Torch (HKCU\...\Torch) (Version: 25.0.0.3831 - Torch Media Inc.) <==== ATTENTION

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)

Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)

Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)

Validity WBF DDK (HKLM\...\{B80C52A3-7666-4068-A371-7867F51E68EB}) (Version: 4.5.122.0 - Validity Sensors, Inc.)

VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)

War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)

WD SmartWare (HKLM\...\{07179D37-D5FE-4373-90D9-A25B992EFB3E}) (Version: 1.4.5.5 - Western Digital)

WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )

Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

WinSCP 5.1.8 (HKLM-x32\...\winscp3_is1) (Version: 5.1.8 - Martin Prikryl)

XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)

 

==================== Restore Points  =========================

 

18-06-2014 20:36:33 Installed CM Installer

02-07-2014 17:51:27 Scheduled Checkpoint

05-07-2014 15:56:14 Installed QuickTime 7

 

==================== Hosts content: ==========================

 

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {0DC82D56-4A03-474D-8030-DCD3B95643C0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {15C0F5CF-341A-40AD-B0A6-A96AA4E48692} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {1EC9D17F-0B29-47E2-9BD1-CD9BF748E0B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-20] (Google Inc.)

Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {2685982F-4FFE-4295-A230-F89A8E364695} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CND1H27738 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)

Task: {2708B9D1-D735-4D37-9653-E3B69DBE6235} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-01] (Microsoft Corporation)

Task: {375E58E4-3036-4190-B022-ADFFA64D92BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)

Task: {3A637613-AC36-4315-A1D8-B3B5624634DE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()

Task: {402A9C7B-E9CE-442C-AF31-079FAED8B0A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {4366FB67-E2EB-4520-A415-74E91C5E374A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)

Task: {5BF6D379-C41B-4D36-BB30-7F26BA83B71A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2558357397-3746353904-852755097-1001Core => C:\Users\Jesse_000\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-27] (Google Inc.)

Task: {635BAE22-810F-4904-AD55-50918BCBCB46} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)

Task: {9BD5AC02-CAB8-4DBB-8C27-5B2294B4342C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()

Task: {A5B00F50-BEB4-4EB6-88C4-19AE6DEF77DA} - System32\Tasks\HPCeeScheduleForJesse => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {AA2D40F1-91ED-4F26-9DF5-3684296C981D} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)

Task: {B20D1A42-6D62-45BC-9A75-375DA451C9E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-20] (Google Inc.)

Task: {C11A21F8-B919-493E-84C7-24360D5AD56C} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-07-10] (SlimWare Utilities, Inc.)

Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {C96725F4-8AC6-4B62-B7C0-111E06CF30E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)

Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {EF7CBFB8-640A-4557-9527-F935383EF978} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {F0C3A463-8DBA-4EA1-A55C-5A757E36ECF1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2558357397-3746353904-852755097-1001UA => C:\Users\Jesse_000\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-27] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2558357397-3746353904-852755097-1001Core.job => C:\Users\Jesse_000\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2558357397-3746353904-852755097-1001UA.job => C:\Users\Jesse_000\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForJesse.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2013-06-07 06:16 - 2013-06-07 06:16 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe

2013-08-20 19:02 - 2013-08-20 19:02 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll

2013-07-23 11:26 - 2014-07-03 00:43 - 00027904 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\ace_engine.exe

2013-03-29 06:18 - 2013-03-29 06:18 - 00026744 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\ace_update.exe

2013-06-07 06:16 - 2013-06-07 06:16 - 00255784 _____ () C:\Program Files (x86)\HP SimplePass\DownloadAD.exe

2014-06-13 16:13 - 2014-06-05 08:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll

2014-06-13 16:13 - 2014-06-05 08:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll

2014-06-13 16:13 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll

2014-06-13 16:13 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

2014-06-13 16:13 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

2013-07-23 11:27 - 2014-07-03 00:43 - 00214016 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd

2011-06-12 08:09 - 2011-06-12 08:09 - 00038400 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\_socket.pyd

2011-06-12 08:09 - 2011-06-12 08:09 - 00720896 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd

2013-03-29 04:57 - 2013-03-29 04:57 - 00018944 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd

2011-06-12 08:06 - 2011-06-12 08:06 - 00287232 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd

2014-01-28 17:01 - 2014-07-03 00:43 - 01171456 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd

2014-01-28 17:01 - 2014-01-28 12:57 - 00036352 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd

2014-01-28 17:01 - 2014-01-28 12:57 - 00053248 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\_blist.pyd

2011-06-12 08:06 - 2011-06-12 08:06 - 00106496 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd

2014-01-28 17:01 - 2014-01-28 12:57 - 00040448 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd

2011-06-12 08:06 - 2011-06-12 08:06 - 00011776 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\select.pyd

2011-01-18 16:56 - 2011-01-18 16:56 - 00334336 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd

2011-06-12 08:06 - 2011-06-12 08:06 - 00152576 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd

2011-02-13 10:02 - 2011-02-13 10:02 - 00031232 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd

2013-07-23 11:33 - 2014-07-03 00:43 - 02919936 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd

2012-02-07 11:37 - 2012-02-07 11:37 - 00098816 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\win32api.pyd

2012-02-07 11:35 - 2012-02-07 11:35 - 00110080 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll

2012-02-07 11:38 - 2012-02-07 11:38 - 00358912 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll

2012-02-07 11:36 - 2012-02-07 11:36 - 00111616 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\win32file.pyd

2012-02-07 11:36 - 2012-02-07 11:36 - 00024064 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd

2010-10-10 17:23 - 2010-10-10 17:23 - 00723968 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\apsw.pyd

2013-01-29 11:20 - 2013-01-29 11:20 - 00082944 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd

2011-07-15 14:37 - 2011-07-15 14:37 - 00981504 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd

2011-07-15 14:38 - 2011-07-15 14:38 - 00746496 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd

2011-07-15 14:38 - 2011-07-15 14:38 - 00670720 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd

2011-07-15 14:38 - 2011-07-15 14:38 - 00966144 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd

2011-07-15 14:38 - 2011-07-15 14:38 - 00674816 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd

2011-06-12 08:06 - 2011-06-12 08:06 - 00688128 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd

2014-01-28 17:01 - 2014-01-28 12:57 - 00061952 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd

2013-01-29 11:20 - 2013-01-29 11:20 - 00066048 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00098816 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32api.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00110080 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\pywintypes27.dll

2014-07-08 16:33 - 2014-07-08 16:33 - 00364544 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\pythoncom27.dll

2014-07-08 16:33 - 2014-07-08 16:33 - 00045568 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\_socket.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 01160704 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\_ssl.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00320512 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32com.shell.shell.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00713216 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\_hashlib.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 01175040 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\wx._core_.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00805888 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\wx._gdi_.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00811008 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\wx._windows_.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 01062400 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\wx._controls_.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00735232 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\wx._misc_.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00128512 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\_elementtree.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00127488 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\pyexpat.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00557056 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\pysqlite2._sqlite.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00007168 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\hashobjs_ext.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00087552 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\_ctypes.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00119808 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32file.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00108544 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32security.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00018432 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32event.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00038912 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32inet.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00070656 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\wx._html2.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00167936 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32gui.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00011264 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32crypt.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00027136 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\_multiprocessing.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00122368 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\wx._wizard.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00010240 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\select.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00024064 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32pipe.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00686080 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\unicodedata.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00025600 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32pdh.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00525640 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\windows._lib_cacheinvalidation.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00035840 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32process.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00017408 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32profile.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00022528 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\win32ts.pyd

2014-07-08 16:33 - 2014-07-08 16:33 - 00078336 _____ () C:\Users\Jesse_000\AppData\Local\Temp\_MEI39882\wx._animate.pyd

2014-06-13 16:13 - 2014-06-05 08:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

2011-06-12 08:09 - 2011-06-12 08:09 - 00038400 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\_socket.pyd

2011-06-12 08:09 - 2011-06-12 08:09 - 00720896 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd

2011-07-15 14:37 - 2011-07-15 14:37 - 00981504 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd

2011-07-15 14:38 - 2011-07-15 14:38 - 00746496 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd

2011-07-15 14:38 - 2011-07-15 14:38 - 00670720 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd

2011-07-15 14:38 - 2011-07-15 14:38 - 00966144 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd

2011-07-15 14:38 - 2011-07-15 14:38 - 00674816 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd

2011-06-12 08:06 - 2011-06-12 08:06 - 00287232 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd

2011-01-18 16:56 - 2011-01-18 16:56 - 00334336 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd

2011-06-12 08:06 - 2011-06-12 08:06 - 00011776 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\select.pyd

2011-06-12 08:06 - 2011-06-12 08:06 - 00152576 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd

2012-02-07 11:37 - 2012-02-07 11:37 - 00098816 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\win32api.pyd

2012-02-07 11:35 - 2012-02-07 11:35 - 00110080 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll

2012-02-07 11:38 - 2012-02-07 11:38 - 00358912 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll

2012-02-07 11:36 - 2012-02-07 11:36 - 00111616 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\win32file.pyd

2012-02-07 11:36 - 2012-02-07 11:36 - 00024064 _____ () C:\Users\Jesse_000\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd

2013-06-07 06:16 - 2013-06-07 06:16 - 00019240 _____ () C:\Program Files (x86)\HP SimplePass\DownloadManager.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

MSCONFIG\Services: Apple Mobile Device => 2

MSCONFIG\Services: Bluetooth Device Monitor => 2

MSCONFIG\Services: Bluetooth OBEX Service => 2

MSCONFIG\Services: Bonjour Service => 2

MSCONFIG\Services: BrcmSetSecurity => 2

MSCONFIG\Services: CGVPNCliService => 2

MSCONFIG\Services: cphs => 3

MSCONFIG\Services: EvtEng => 2

MSCONFIG\Services: FPLService => 2

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: HitmanProScheduler => 2

MSCONFIG\Services: HP Support Assistant Service => 2

MSCONFIG\Services: hpqwmiex => 3

MSCONFIG\Services: hpsrv => 2

MSCONFIG\Services: HPWMISVC => 2

MSCONFIG\Services: hshld => 2

MSCONFIG\Services: HssTrayService => 3

MSCONFIG\Services: HssWd => 2

MSCONFIG\Services: IAStorDataMgrSvc => 2

MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2

MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3

MSCONFIG\Services: Intel® ME Service => 2

MSCONFIG\Services: iPod Service => 3

MSCONFIG\Services: ISCTAgent => 2

MSCONFIG\Services: jhi_service => 2

MSCONFIG\Services: LBTServ => 3

MSCONFIG\Services: LMS => 2

MSCONFIG\Services: MBAMScheduler => 2

MSCONFIG\Services: MBAMService => 2

MSCONFIG\Services: MozillaMaintenance => 3

MSCONFIG\Services: MyWiFiDHCPDNS => 3

MSCONFIG\Services: ReflectService.exe => 2

MSCONFIG\Services: RegSrvc => 2

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: STacSV => 2

MSCONFIG\Services: Steam Client Service => 3

MSCONFIG\Services: TorchCrashHandler => 2

MSCONFIG\Services: TrueService => 3

MSCONFIG\Services: valWBFPolicyService => 2

MSCONFIG\Services: vToolbarUpdater17.3.0 => 2

MSCONFIG\Services: WDDMService => 2

MSCONFIG\Services: WDFME => 2

MSCONFIG\Services: WDSC => 2

MSCONFIG\Services: ZeroConfigService => 2

HKLM\...\StartupApproved\StartupFolder: => "WDDMStatus.lnk"

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"

HKLM\...\StartupApproved\Run32: => "vProt"

HKLM\...\StartupApproved\Run32: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "APSDaemon"

HKLM\...\StartupApproved\Run32: => "googletalk"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKCU\...\StartupApproved\StartupFolder: => "Dropbox.lnk"

HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_EEDE4BC0A57ECC9F3BD6EA138F0998CA"

HKCU\...\StartupApproved\Run: => "Skype"

HKCU\...\StartupApproved\Run: => "Steam"

HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"

HKCU\...\StartupApproved\Run: => "uTorrent"

HKCU\...\StartupApproved\Run: => "msnmsgr"

 

==================== Faulty Device Manager Devices =============

 

Name: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter

Description: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter

Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Manufacturer: Intel Corporation

Service: BTHUSB

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/07/2014 08:21:51 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program chrome.exe version 35.0.1916.153 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 37c

 

Start Time: 01cf8d7bd6f845d1

 

Termination Time: 4294967295

 

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

Report Id: 34527d92-063e-11e4-beb2-a45d36c0f282

 

Faulting package full name: 

 

Faulting package-relative application ID:

 

Error: (07/05/2014 06:49:50 PM) (Source: Python Service) (EventID: 255) (User: )

Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Read timed out. (read timeout=60)

 

Error: (06/25/2014 11:30:26 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Steam.exe version 2.25.32.45 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 3d6c

 

Start Time: 01cf900458468998

 

Termination Time: 37

 

Application Path: C:\Program Files (x86)\Steam\Steam.exe

 

Report Id: 9463eaea-fcea-11e3-beb2-a45d36c0f282

 

Faulting package full name: 

 

Faulting package-relative application ID:

 

Error: (06/18/2014 11:01:54 AM) (Source: Perflib) (EventID: 1017) (User: )

Description: Outlook

 

Error: (06/18/2014 11:01:54 AM) (Source: Perflib) (EventID: 1021) (User: )

Description: Outlook8

 

Error: (06/18/2014 11:01:52 AM) (Source: Perflib) (EventID: 1017) (User: )

Description: ASP.NET_2.0.50727

 

Error: (06/18/2014 11:01:52 AM) (Source: Perflib) (EventID: 1021) (User: )

Description: ASP.NET_2.0.507278

 

Error: (06/17/2014 02:37:36 PM) (Source: .NET Runtime) (EventID: 1022) (User: )

Description: .NET Runtime version 4.0.30319.18449 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 7308.  Message ID: [0x2509].

 

Error: (06/17/2014 02:35:27 PM) (Source: .NET Runtime) (EventID: 1022) (User: )

Description: .NET Runtime version 4.0.30319.18449 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 20128.  Message ID: [0x2509].

 

Error: (06/17/2014 02:20:06 PM) (Source: .NET Runtime) (EventID: 1022) (User: )

Description: .NET Runtime version 4.0.30319.18449 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 19804.  Message ID: [0x2509].

 

 

System errors:

=============

Error: (07/08/2014 04:31:29 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 2:04:56 PM on ‎7/‎8/‎2014 was unexpected.

 

Error: (07/06/2014 07:22:49 PM) (Source: MTConfig) (EventID: 1) (User: )

Description: An attempt to configure the input mode of a multitouch device failed.

 

Error: (07/03/2014 11:25:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

 

Error: (06/25/2014 07:30:51 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (06/25/2014 07:30:40 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (06/25/2014 07:30:32 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (06/25/2014 07:30:23 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (06/25/2014 07:30:06 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (06/25/2014 07:29:00 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (06/25/2014 07:28:42 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

 

Microsoft Office Sessions:

=========================

Error: (12/10/2013 02:35:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 10268 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error: (10/19/2013 04:08:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 106922 seconds with 660 seconds of active time.  This session ended with a crash.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 48%

Total physical RAM: 8124.02 MB

Available physical RAM: 4216.19 MB

Total Pagefile: 9404.02 MB

Available Pagefile: 4874.31 MB

Total Virtual: 8192 MB

Available Virtual: 8191.77 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:904.81 GB) (Free:478.09 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (RECOVERY) (Fixed) (Total:25.92 GB) (Free:2.62 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 932 GB) (Disk ID: 1E1F4777)

 

Partition: GPT Partition Type.

 

==================== End Of Log ============================

Link to post
Share on other sites

Finally got it.

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-08 23:02:18
-----------------------------
23:02:18.336    OS Version: Windows x64 6.2.9200 
23:02:18.336    Number of processors: 8 586 0x3C03
23:02:18.336    ComputerName: SKYNET  UserName: Jesse
23:02:19.389    Initialize success
23:02:19.390    VM: initialized successfully
23:02:19.391    VM: Intel CPU BiosDisabled 
23:02:21.132    VM: disk I/O iaStorA.sys
23:02:35.861    The log file has been saved successfully to "C:\Users\Jesse_000\Documents\aswMBR.txt"
23:02:37.472    AVAST engine defs: 14070801
23:02:41.586    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000049
23:02:41.588    Disk 0 Vendor: HGST_HTS541010A9E680 JA0OA590 Size: 953869MB BusType: 8
23:02:41.696    Disk 0 MBR read successfully
23:02:41.699    Disk 0 MBR scan
23:02:41.701    Disk 0 unknown MBR code
23:02:41.704    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
23:02:41.725    Disk 0 scanning C:\Windows\system32\drivers
23:02:52.409    Service scanning
23:03:33.459    Modules scanning
23:03:33.465    Disk 0 trace - called modules:
23:03:33.776    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys storport.sys hal.dll iaStorA.sys 
23:03:33.781    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800956e740]
23:03:33.784    3 CLASSPNP.SYS[fffff88000b0ae0a] -> nt!IofCallDriver -> [0xfffffa800956e040]
23:03:33.788    5 hpdskflt.sys[fffff880021d342b] -> nt!IofCallDriver -> [0xfffffa8008136bf0]
23:03:33.792    7 ACPI.sys[fffff88001120a91] -> nt!IofCallDriver -> \Device\00000049[0xfffffa8008136060]
23:03:35.027    AVAST engine scan C:\Windows
23:03:37.116    AVAST engine scan C:\Windows\system32
23:05:53.288    AVAST engine scan C:\Windows\system32\drivers
23:06:06.244    AVAST engine scan C:\Users\Jesse_000
23:47:49.644    AVAST engine scan C:\ProgramData
23:54:20.772    Scan finished successfully
00:04:02.224    Disk 0 MBR has been saved successfully to "C:\Users\Jesse_000\Desktop\Save my PC!\MBR.dat"
00:04:02.233    The log file has been saved successfully to "C:\Users\Jesse_000\Desktop\Save my PC!\aswMBR.txt"
Link to post
Share on other sites

Going over your logs I noticed that you have Torrent programs installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall your Torrent programs, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs
 

Torch


Close the window.

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

 

 

 

 

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01

Ran by Jesse at 2014-07-09 10:38:27 Run:1

Running from C:\Users\Jesse_000\Desktop\Save my PC!

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Jesse_000\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-08-24]

CHR HomePage: hxxp://www.mirostart.com/?cfg=2-73-0-1QBoG

CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3289847&SearchSource=48&CUI=UN42760865122189912&UM=1", "hxxp://mysearch.avg.com/?cid={A006D99B-50FF-4183-8649-E982803B0128}&mid=ed2e9941974247d081e5f123cce390bf-9aeddaebd05dd57b7309c66009de14b428327dde〈=en&ds=ts024&pr=sa&d=2013-08-16 11:03:07&v=15.4.0.5&pid=safeguard&sg=0&sap=hp", "hxxp://mysearch.avg.com/?cid={EEA013E2-D1C9-41F7-98F7-4843406BC2A8}&mid=87621eb4025f47d39dccb95e6fb3656b-e97d2554b3bc1d4bb39607192a4200b6ba78d6cb〈=en&ds=cm012&pr=sa&d=2013-09-01 22:07:51&v=15.6.1.2&pid=safeguard&sg=0&sap=hp", ""http://mysearch.avg.com/?cid={A006D99B-50FF-4183-8649-E982803B0128}&mid=ed2e9941974247d081e5f123cce390bf-9aeddaebd05dd57b7309c66009de14b428327dde〈=en&ds=ts024&pr=sa&d=2013-08-16 11:03:07&v=15.4.0.5&pid=safeguard&sg=0&sap=hp", "http://mysearch.avg.com/?cid={EEA013E2-D1C9-41F7-98F7-4843406BC2A8}&mid=87621eb4025f47d39dccb95e6fb3656b-e97d2554b3bc1d4bb39607192a4200b6ba78d6cb〈=en&ds=cm012&pr=sa&d=2013-09-01 22:07:51&v=15.6.1.2&pid=safeguard&sg=0&sap=hp", "https://blink.bethel.edu/", "http://mysearch.avg.com?cid={EEA013E2-D1C9-41F7-98F7-4843406BC2A8}&mid=87621eb4025f47d39dccb95e6fb3656b-e97d2554b3bc1d4bb39607192a4200b6ba78d6cb〈=en&ds=cm012&coid=avgtbdiscm&pr=sa&d=2013-11-06 10:29:09&v=17.1.2.1&pid=safeguard&sg=0&sap=hp" ],), No Action By User,[7666821bf586fa3cd3b77c4ee321f50b]

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

C:\$Recycle.Bin\S-1-5-21-2558357397-3746353904-852755097-1001\$R9WEO91.exe a variant of Win32/Amonetize.BD potentially unwanted application

C:\$Recycle.Bin\S-1-5-21-2558357397-3746353904-852755097-1001\$RGMTM6R.exe a variant of Win32/Amonetize.BD potentially unwanted application

C:\Program Files (x86)\NCH Software\Debut\debut.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application

C:\Program Files (x86)\NCH Software\Debut\debutsetup_v1.88.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application

C:\Users\Jesse_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TWF6RV39\BiTool[1].dll Win32/Somoto.C potentially unwanted application

C:\Users\Jesse_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TWF6RV39\bi_downloader[1].exe Win32/Somoto.A potentially unwanted application

C:\Users\Jesse_000\Documents\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application

C:\Users\Jesse_000\Downloads\Player.exe Win32/OutBrowse.W potentially unwanted application

C:\Users\Jesse_000\Downloads\Setup (1).exe Win32/OutBrowse.G potentially unwanted application

C:\Users\Jesse_000\Downloads\setup.exe a variant of Win32/AdWare.iBryte.AM application

C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
Link to post
Share on other sites

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

# AdwCleaner v3.215 - Report created 13/07/2014 at 12:56:09

# Updated 09/07/2014 by Xplode

# Operating System : Windows 8  (64 bits)

# Username : Jesse - SKYNET

# Running from : C:\Users\Jesse_000\Downloads\adwcleaner_3.215.exe

# Option : Clean

 

***** [ Services ] *****

 

[#] Service Deleted : hshld

[#] Service Deleted : hsstrayservice

[#] Service Deleted : hsswd

[#] Service Deleted : vToolbarUpdater17.3.0

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\AskPartnerNetwork

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar

Folder Deleted : C:\ProgramData\hotspot shield

Folder Deleted : C:\ProgramData\NCH Software

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield

Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork

Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar

Folder Deleted : C:\Program Files (x86)\hotspot shield

Folder Deleted : C:\Program Files (x86)\NCH Software

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\anchorfree

Key Deleted : HKCU\Software\AVG SafeGuard toolbar

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\torch

Key Deleted : HKLM\Software\AVG SafeGuard toolbar

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\hotspotshield

Key Deleted : HKLM\Software\torch

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.17028

 

 

-\\ Mozilla Firefox v23.0.1 (en-US)

 

-\\ Google Chrome v35.0.1916.153

 

*************************

 

AdwCleaner[R0].txt - [6545 octets] - [13/07/2014 12:55:14]

AdwCleaner[s0].txt - [6322 octets] - [13/07/2014 12:56:09]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6382 octets] ##########

 

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 8 x64

Ran by Jesse on Sun 07/13/2014 at 13:02:02.43

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\\Software\Microsoft\Internet Explorer\Main\\Start Page

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Users\Jesse_000\AppData\Roaming\hotspot shield"

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

 

 

~~~ FireFox

 

Successfully deleted: [File] C:\Users\Jesse_000\AppData\Roaming\mozilla\firefox\profiles\tgru2cat.default\invalidprefs.js

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 07/13/2014 at 13:08:07.01

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.85  

   x64 (UAC is enabled)  

 Internet Explorer 10 Out of date! 

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

 Windows Firewall Disabled!  

Windows Defender   

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 60  

 Adobe Flash Player 14.0.0.145  

 Mozilla Firefox 23.0.1 Firefox out of Date!  

 Google Chrome 35.0.1916.114  

 Google Chrome 35.0.1916.153  

````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbam.exe  

 Malwarebytes Anti-Malware mbamscheduler.exe   

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Your system is clean now! :)

 

 

Internet Explorer out of date

Your version of Internet Explorer is outdated.

  1. Please download IE 11 from here
  2. Save it to your desktop.
  3. Double click on the file on your desktop to start the installation process.
  4. Reboot

 

 

 

Mozilla Firefox out of date

Your Firefox browser is outdated. Please follow these instructions to update it:

  • Get the actual firefox from here.
  • Run setup and follow the instructions on your monitor.
  • Report any problems you have with the update.

 

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.





Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.




Temp File Cleaner

We need to download Temp File Cleaner (TFC) by OldTimer:

  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now

More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.

    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

  • 4 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.